Thursday, September 30, 2004

Microsoft, Amazon Take Phishers to Court

Microsoft, Amazon Take Phishers to Court Microsoft and have joined forces against perpetrators of phishing scams, filing a lawsuit against a Canadian company that they say ran a spamming campaign using Microsoft's Hotmail services and forging Amazon's name.
Security experts cheered the move.

Phishing scams logs :

Phishing Scam Threatens Online Customer Relationships
Phishing for More Jail Time for Identify Thieves
Phishing Attacks Increase Sevenfold
MasterCard Cracks Down on Phishing
Report: Phishing Scam Hits 57 Million Users

Tuesday, September 28, 2004

Hotmail Outlook Access Charged, Courtesy : Spammers

Mine & 18 million Hotmail subscribers, HATE for Spammers are now @ very elevated levels, the reason: Microsoft is charging hotmail outlook access to CUT OFF SPAMMERS, Microsoft says spam abuse of the WebDAV protocol is forcing it to charge.
"We've seen spammers exploiting this Web DAV protocol, and we're going to make a change to help curb its abuse. New spammers won't be able to set up of free accounts" to send junk e-mail,we felt we needed to make a decision for the greater good, not only for Hotmail users, but also for the whole e-mail ecosystem," said Brook Richardson, lead product manager for MSN communications services.
Hotmail becomes even less a free
Microsoft Adds New Hotmail Fee PC World - CNET - eWeek - Digital Connect News (subscription)

JScript Anti Spoof

Jscript commands to try to identify the actual URL for the current Web site

Use a JScript command in Internet Explorer. In the Address bar, type the following command, and then press ENTER:

javascript:alert("Actual URL address: " + location.protocol + "//" + location.hostname + "/");

Caution Use caution when you type script directly in the Address bar. Script that you type directly in the Address bar can take the same actions on the local system as the user who is currently logged on.

The JScript message box shows the actual URL Web address for the Web site that you are visiting.

You can also copy the following JScript code and paste it in the Address bar for a more verbose description of the Web site URL:

javascript:alert("The actual URL is:\t\t" + location.protocol + "//" + location.hostname + "/" + "\nThe address URL is:\t\t" + location.href + "\n" + "\nIf the server names do not match, this may be a spoof.");

Compare the actual URL with the URL in the Address bar. If they do not match, the Web site is likely misrepresenting itself. In this case, you may want to close Internet Explorer.
" Its safe n fun, try it out ! "

How to force Kerberos to use TCP instead of UDP

Kerberos is the default security provider for Windows 2000 & XP, computers that are connected to a Windows Domain. By default, Kerberos uses UDP Port 88 to contact a Domain Controller (DC) and log on.

In some cases, it can happen that those UDP packets are blocked (e.g. because a firewall) and thus the Client will either be not able to connect to the DC, or use a weaker security provider like NTLM (because NTLM does not use UDP on Port 88).

How to force Kerberos to use TCP instead of UDP

Microsoft Security Glossary

Microsoft Security Glossary helps to explain the core concepts, technologies, and products associated with computer security.

A | B | C | D | E | F | G | H | I | K | L | M| N | O | P | Q | R | S | T | U | V | W | X

Top Security tips

Instant messaging safety and privacy tips.
What you need to know about phishing.

Spam & Spim

From the folks who brought you spam, now comes a faster, even more annoying alternative: Spim. Spim is the new name for unsolicited instant messages. (Get it, SpIM?) You can go a long way towards preventing Spim by blocking all messages that don't come from people on your contact list.

If advertisements are opening in your computer in a window titled Messenger Service, this is also Spim, but not from Windows Messenger. Read Disabling Messenger Service in XP to find out how to get rid of this problem.

Friday, September 24, 2004

Microsoft sues Web hoster over spam

Microsoft sues Web hoster over spam
Microsoft has filed nine new lawsuits against those it says are responsible for spam, including a Web-hosting company that caters to people who send unsolicited e-mail, the software giant said Thursday.

With the latest batch of lawsuits, Redmond, Wash.-based Microsoft said, it is involved in more than 100 legal cases against spammers. Those cases include more than 70 lawsuits filed in the United States.

E-Biz sites hit with targeted attacks, extortion threats

E-Biz sites hit with targeted attacks, extortion threats

A distributed denial-of-service attack that disrupted Web-based systems at credit card payment processing firm Authorize.Net Corp. earlier this week is indicative of a sharp increase in the number of cyberattacks being targeted at specific companies and driven by profit motives on the part of the hackers who launch them. (see story)

The DDoS attack against Authorize.Net coincided with the release of a report by IT security software vendor Symantec Corp. ( check my post Horrible factoids ) of this year shows that malicious hackers appear to be moving away from mass attacks to more focused ones aimed at e-commerce sites.

Scanner Tool Released To Thwart JPEG Attack

Scanner Tool Released To Thwart JPEG Attack
With security experts predicting a large-scale worm attack is only a matter of days away, Microsoft has released a scanning tool to help users identify vulnerable versions of the GDI libraries that handle JPEG processing.

The Microsoft GDI+ Detection Tool (available for download here) helps detect the presence of non-Windows Microsoft products that contain the GDI+ component and determines whether a security fix should be applied.

The scanning tool was released along with the MS04-028 patch, which plugs a "critical" flaw in the way JPEG image files are processed.

The Internet Storm Center (ISC) has also issued a scanner (download here) for non-Windows users.

Thursday, September 23, 2004

Code to exploit Windows graphics flaw now public !

Code to exploit Windows graphics flaw public !
but not b'fore a patch :)

A sample program hit the Internet on Wednesday, showing by example how malicious coders could compromise Windows computers by using a flaw in the handling of a widespread graphics format. ( jpeg )

Security professionals expect the release of the program to herald a new round of attacks by viruses and Trojan horses incorporating the code to circumvent security on Windows computers that have not been updated. The flaw, in the way JPEG graphics is processed, could allow a program to take control of a victim's computer when the user opens a JPEG file.

windows users could fall prey to an attack just by visiting a Web site that has JPEG images.

" incidentally the exploit became public after the patch was released! users on SP2 rest easy ur systems are by now updated :) "

Wednesday, September 22, 2004

Security Fears Still Blocking WLAN Adoption

Security Fears Still Blocking WLAN Adoption

Despite the best efforts of the Wi-Fi industry to assure companies wireless networking is safe in the workplace, a new survey of executives finds security remains the leading barrier to WLAN adoption.

Although 84 percent of companies have not had their WLAN breached, "security is the top barrier, cited by nearly half of all companies" as the reason they are not deploying or expanding Wi-Fi networks, according to the report Understanding Corporate WLAN Architecture Choices, conducted by Jupiter Research (a division of Jupitermedia, owner of Wi-Fi Planet).

Companies which spent a lot of time in 2003 producing white papers and talking about WLAN security problems, says research director Julie Ask, are fueling an image of Wi-Fi being insecure.

AOL Offers Added Security

Online giant teams up with RSA Security to keep users' account info safe.

America Online is teaming up with RSA Security in an effort to keep its users safe from online fraud and identity theft. RSA and AOL are announcing a new program called "AOL PassCode" that will encourage AOL customers to use secure tokens to protect account information.
The PassCode program will offer AOL-branded SecurID tokens from RSA to AOL customers for added account protection, says John Worrall, vice president of worldwide marketing at RSA of Bedford, Massachusetts.

Nokia bolsters SSL VPN security

Secure Access System 2.1 boosts cache cleaning for better data protection

Nokia has boosted the security and functionality of its Secure Access System Secure Socket Layer virtual private network (VPN) platform.

Secure Access System provides secure remote access to email, personal information management data, corporate intranets and applications from any public internet kiosk, terminal, laptop or wireless device.

The latest version, 2.1, introduces a Secure Workplace feature designed to maximise security by boosting traditional cache cleaning or application wiping to better ensure the security of important information.

Horrible factoids !

Horrible factoids: Symantec spins the web of doom
Stuffed with as many horrifying factoids and their spawn as LOTR 3 is with Orcs, a new Internet Security Threat Report is out and it is anything but pretty reading.

Horrible factoid #1: During the reporting period, new system vulnerabilities appeared at the rate of 48 per week.

Horrible factoid #2: Exploits of those vulnerabilities appeared, on average, in 5.8 days after the vulnerabilities became known.

Horrible factoid #3: Bots are getting brainer.

Horrible factoid #4: Bot networks are growing.

Horrible factoid #5: 40% of Fortune 100 companies are wormy.

Horrible factoid #6: Doing business online make you the hottest type of target.

Horrible factoid #7: Those attacks on e-commerce websites are motivated by money.

Horrible factoid #8: Perimeter security alone won't do the job.

Horrible factoid #9: Linux won't save you

Positive factoid #1: Don't despair, really.

Would you hire a hacker?

Sven Jaschan
Sven Jaschan (sasser worm writer )

The 18-year-old virus writer facing criminal charges for creating the Sasser worm has been offered a job by a German IT security firm, a move that divided the opinion of security industry experts at Gartner's IT Security Summit
"These guys obviously have the ability to be effective," said Peter Rya, security manager for ITNET, an outsourcing firm. "But it's almost encouraging youngsters to write viruses so they can get a job. I can understand the short-term business benefits, but it's a bit worrying when you think that there's nothing to stop them doing it again."

The managing director of security firm Utimaco said she would not employ an ex-virus writer: It wouldn't be our policy to recruit ex-hackers," she said.

"If they had written malicious code, how could you ensure that they didn't do it again? It certainly wouldn't be for us."

But other security experts seemed to think it was good business sense to hire ex-virus writers.

"This is an issue that relies on ethics," said Claudia Aguire, security specialist for SAP Switzerland. "But the company has to take into account that these people know where to be focused to see problems. And if they know that, they know how to protect you. Functionally, it would not be such a bad thing."

Peter Higginson, security executive for Coors Brewers, agreed: "It's better to have them on the inside than on the outside. I think it's a good thing, but you'd have to keep them happy to stop them doing what they might have done before. It comes down to how much you trust your employees. But it could put HR in a tough spot for not employing someone on the basis of their background."

Firewall company Securepoint has offered Sven Jaschan, who is reported to be responsible for more than 70 percent of viruses in the first half of this year, a position because of his abilities, according to press reports.

" Not a new thing, hackers are hired since ages to protect companies sites and softwares even by many govt agencies & if one is still so woried, then hire whitehats btw did i mention, i am available :D "
Links : 1, 2, 3, 4.

Tuesday, September 21, 2004

Indian Navy WEBSITE HACKED !!!

i am angry Hackers defacing the military websites of the United States and posting anti-war and anti-U.S. messages are not very uncommon, but a website owned by the Indian Navy has been made the target of cyber intruders.

The Navy website went off the servers after a hacker Mowber posted anti-war messages.

The site defaced on Sunday was back with the original homepage by Monday evening.
Interesting facts about their server (From NetCraft)

OS : Linux
Server :
Apache/1.3.27 (Unix) mod_ssl/2.8.12 OpenSSL/0.9.7a
NetBlock Owner :
Sterling Capital Pvt. Ltd

source: the hindu, sudha
wondering what server is blogger runnin on ? click here .

Wednesday, September 15, 2004

Guide for deploying XPSP2's firewall

hii, ( i am back into action! long story! )

Microsoft has released a guide for deploying Windows firewall settings for XP with Service Pack 2.

btw u can order Windows XP Service Pack 2 in a CD for free here

Thursday, September 02, 2004

India's First User Group Wap Site

[time blog]

A simple idea when executed results :
" India's first User Group Wap site ! "

Yep, i made India's First Microsoft User Group wap site :

Click Here for more details and comments.
[Update/Upgrade] Details Here.

[/time blog]