Thursday, August 31, 2006

Who’s Computer is it, Anyway?! (Part 2)

Okay – here’s the scenario (again): Same as Part 1 - Corporate environment, computer is provided by the company, all of the initial software on the computer is installed by the company. The user signed an Acceptable Use Policy statement acknowledging their responsibilities with regard to computer use and security. The company’s acceptable use policy says something about “…only approved software…” The end user is the only user of the computer. Employees are allowed to use the Internet (i.e. the web browser), applications, and email for business purposes and for limited personal use.

null

More on those neat little freebies – but this time, it is not just a seemingly innocent browser toolbar. There are other free tools out there, commonly known as “peer-to-peer” (P2P) applications. Seems our carefree and gadget crazy employee from last time really likes music, so I will just concentrate on the P2P apps that allow you to download music files (MP3s), but there are many others. The way these applications work is that you install some software (free of course) on your computer, which then has the ability to connect to everyone else on the Internet who has that same software. The reason they call it peer-to-peer is because users don’t actually download the files from a central source, but from each other. The user enters the search terms of the music they are looking for, and the P2P software finds the other users who are online that have that music. The user can then choose to download the files they want. When the download is started, parts of the file can actually come from multiple peer users, speeding up the download process. Downloading MP3 files is great – the users can listen to them on their computer at work, providing they aren’t distracting coworkers, and they can even take them home at the end of the day. Ah, piracy has never been so easy!

Well, here’s the catch: For one thing, downloading copyrighted files from any source without paying for them is illegal. Remember last time I mentioned getting your employer in trouble by installing supposedly “free” software that actually had to be licensed? Well P2P software opens your employer up to a whole new batch of liabilities. We can safely assume (my opinion here) that most people that use P2P software to download music know it is illegal, but do it anyway. This makes the crime more blatant and premeditated, in my mind, and seems to result in harsher consequences. Since you are on company time and on company property, you are now (using a legal term here) under the “scope of employment” which allows prosecuting parties to hold your employer accountable as well as you. The employer should have known that the employees were using company network resources and company computers for downloading illegal music. If the employer is practicing due diligence, they would be checking their network for P2P traffic and scanning their servers for potentially illegal file types.

Even if you are using one of the new and improved “pay as you go” services and pay for the music instead of committing piracy, you are still creating problems on a networking infrastructure. So now let’s take the whole “who’s computer is it anyway?” question a little further and ask who’s network is it anyway?” The other thing about P2P software is that it creates network traffic – a LOT of network traffic. When I was teaching, our students were all required to have laptop computers in support of the curriculum. We had full Internet access for them, email, and wide open – no restrictions. Very early on in our experience with student laptops, we found that it didn’t take them long to discover Napster and Kazaa. While teaching class, I could look out and see the sea of dopey looks as these people were downloading tune after tune (not paying attention to the Instructor, of course). The magic question of “Hey!!! How come the network is so slow between the hours of 11:00am and 3:00pm??” popped up. It was because several hundred students were all downloading massive volumes of MP3 files and choking our network. Not only that, but our file servers hard drives were swiftly running out of space because of all the MP3’s being stored in student Home folders. Imagine that same problem, not in an academic setting, but in a business setting where real work is supposed to be getting done. These types of activities have the potential to hog bandwidth, take up valuable file server space, and are probably robbing employers out of productivity from their employees.

So now for the security aspects of this issue: P2P software is known to be a large source of security vulnerabilities and exploits. Software like this creates a pretty big opening into the hosting computer making it possible to spread viruses, WORMS, denial of service attacks, and other attacks that allow full control of a compromised computer. In fact, having this type of software may cause your company to fall out of compliance for various legislative act requirements such as those contained in HIPAA, Sarbanes-Oxley, or GLB.

Again, as in the case of the company owned computer – it’s not the employee’s network, it is the company’s network. The employer has the right – scratch that – the obligation to protect their network from performance degradation and unauthorized use. They also have a legal requirement to ensure that all of their information technology resources are in compliance with various regulations – and that includes making sure that the software installed on company owned workstations isn’t causing security or performance problems. Be a good employee – do what you want to your computer at home (you’re going to anyway), and leave your company resources for doing business. Failure to keep this stuff of your employer’s machines has the potential to hurt them, but also has the potential to hurt you more than you can imagine.


More Information:

SearchSecurity.Com Article: Are P2P Applications Worth the Risk?

DHS: Unauthorized P2P Programs on Government Computers

Article: Instant Messaging and P2P Vulnerabilities in Health Organizations

Who’s Computer is it, Anyway?! (Part 1)

Tuesday, August 29, 2006

Who’s Computer is it, Anyway?! (Part 1)

Okay – here’s the scenario: Corporate environment, computer is provided by the company, all of the initial software on the computer is installed by the company. The user signed an Acceptable Use Policy statement acknowledging their responsibilities with regard to computer use and security. The company’s acceptable use policy says something about “…only approved software…” (more on that in a bit). The end user is the only user of the computer. Employees are allowed to use the Internet (i.e. the web browser), applications, and email for business purposes and for limited personal use.

Having remembered all that (yeah - right!), the employee is out cruising the Internet. They haven’t broken any company policies yet, they come across this site with a really cool toolbar for the browser, and best of all, it is FREE! It blocks pop-ups, gives enhanced search capabilities, even has a news feed reader and chat client. So they install that neat toolbar – free download, couldn't possibly be a problem, who’s gonna know? They may have just crossed over the line with company policy, it’s probably a minor infraction, no big deal.

Now it gets better: One day shortly after installing that cool new toolbar for the web browser, the employee tries to access a web site that they normally need to access to do their job. Certain functionality of that web site depends on scripting and pop-ups (authorized ones), but strangely they don’t work right. Hmmm – they reload the web site, check access to other web sites, and if they’re really savvy, they check pop-up settings and security settings in the native browser. All good, what can be the problem? Frustrated by this time, the angry employee finally calls the company’s help desk and reports the problem. The technician, having seen this problem before, and after checking the normal browser settings that the user just checked themself, asks the five dollar question: “Do you have any other browser toolbars or pop-up blockers installed?” Let’s just assume this employee is at least an honest person and reports the Google or Yahoo toolbar that they just installed. The technician states that the employee will have to uninstall the toolbar for the web site that they are trying to access to work. This infuriates the employee and they state that there must be SOME way to make it work with that toolbar. The technician promptly replies that the toolbar is NOT supported software, and that it is in fact NOT even approved software (remember that acceptable use policy?). “NO! %$#@&* - it, this is MY computer and I will do what I want with it!!!” shouts the now livid end user.

Here’s the bad news, folks: It is NOT the employee’s computer. It is the company’s computer. Those neat little toolbars and all those other cool freebies on the web are great for the computer at home, but have no place on computers at work. And here are the issues: 1) By having to muck about through trying to fix unsupported and unapproved software, we are making our help desk people do extra work that they shouldn’t have to do, and is probably against the service level agreement that the business unit has with the company. 2) By installing these things, we are possibly creating a security risk for our system and our corporate network by inviting in spyware and potential vulnerabilities. 3) We are opening our company up to all kinds of liability issues regarding software licensing (“FREE” does not necessarily mean free for use in a corporate environment), and information assurance (the spyware in that free toolbar may be a blatant violation of security policies).

The reason why there is an approved software list is because some pretty smart people figured out 1) What software licensing would cost for the organization to have certain software, 2) They have a pretty good idea what software works with all the other software on the machine, and 3) They know that there are certain information security “best practices” that need to be followed.

My final rant in today’s post is that the above scenario is all too common in today’s corporate environment. I am sick and tired of hearing about people bitching and whining because their computer is “…always broken,” and that “…these ^&%$#@ computers are no good.” Let me give you my $.02 worth: The reason they are always broken is because of security unaware and clueless computer users constantly installing this kind of crap on their company’s computers, and then ragging on tech support for not fixing it for them. I take exception to some blathering idiot taking out their rage on tech support people who had nothing to do with that user mindlessly horking up their computer. These morons break their computers, some do it every time they touch one – the help desk should make THEM re-image and reconfigure that machine once. That will give these people a good idea what it’s like to have to deal with and clean up after clueless people who break computers because of their own ignorance and gadget lust. Go see my "Know Your Computer" and "Are You a 'Responsible' Computer User?!" articles for more about what users can do to improve their own computing experience.

Disclaimer: I used the term “Help Desk” in this article ONLY because it is the term that most people are still familiar with. The correct term is “Service Desk.” I mention this disclaimer lest the ITIL folks come find me and revoke my ITIL certification :) For more information on ITIL, please go here. You will find a wealth of things in the ITIL world about service desks, service support and delivery, and best of all service level agreements, service security, and service management. Solid ITIL practices are why the service desk people are not your enemy - they are doing their job!

More ITIL Links

Who's Computer is it, Anyway?! (Part 2)

Upgrade to Firefox 1.5!

Saturday, August 26, 2006

Using a Host Based Firewall

Even if you have a hardware router, you could still benefit from a host based firewall on each of your computers. Host based firewalls also go by the familiar name of “personal firewall.” You already have a pretty good one built in if you have installed Service Pack 2 on your Windows XP computer. However, the built-in Windows Firewall lacks some features that some of the other third-party firewalls, such as ZoneAlarm or McAfee have.

So why do you need a host-based firewall anyway? Three words: Defense-in-Depth! A basic tenet of computer security is that no one measure will be able to prevent every type of attack. But having a variety of measures (layers) in place will be able to stop most of them. You have a router at the perimeter, you keep your patches up to date, you use antivirus and anti-malware solutions, and you have a host based firewall in place to intercept all other traffic. Here is an example: I have a Linksys router performing firewall duties at my perimeter. However, looking at my McAfee firewall logs I see that certain events got through, but were intercepted and stopped by my host based firewall.




Some of the added features of the other third-party products are the ability to more granularly configure program exceptions for allowed behavior, configure outbound as well as inbound blocking, and collect event log information. As far as the inbound events, the Windows Firewall allows you to configure applications and ports to allow. But as far as outbound events, the Windows Firewall won’t be able to allow configuration of those until Windows Vista hits the streets.

Installing a host based firewall doesn’t come without some complexity. You are going to have to be a little patient while the firewall is learning. It will alert and prompt you many times when something is trying to go outbound, and you will have to tell it to remember whether or not each item is acceptable. Likewise, on the inbound events, most firewalls will just outright block them, but will alert you. You will then have to see what it is and make appropriate configuration adjustments. Once you have done all this for several days, however, you will find that the alerts are les and less frequent, and the firewall will be pretty low maintenance after that. You will also need to keep your firewall up to date, just like your antivirus software and patches.

Defense-in-depth is a vital necessity for keeping your computer and your data safe. Host based firewalls will add to your other protective measures and help keep the threats minimized.

SANS Handler Diary Article

Thursday, August 24, 2006

Another Firefox Vulnerability - Already?!

Firefox’s latest browser, version 1.5.0.6, already has a new vulnerability.

National Vulnerability Database Article

Look to the left of this article – below my profile, and you will see that I am a big Firefox fan. I still use Internet Explorer, and Opera, and Netscape, yada yada yada, however, because I do a lot of testing. I just want to say that I am not writing this post to slam any particular browser or boost one over the other. But I have to wonder – and this is for all the little computer nerds who work in Best Buy, constantly parroting the virtues of Firefox to every customer they see – why is it that all these new vulnerabilities in Firefox practically go unnoticed while the Internet Explorer vulnerabilities get all the press?

In the last three weeks or so, Firefox has released two new versions, presumably to cover security holes and add features. The only reason I found out about the latest Firefox vulnerability is some micro-font text on a Dark Reading Weekly page – not a front page press item to be sure. I’m sure this will be published on Secunia and SANS very soon. But because the kids at Best Buy tell you matter-of-factly that Firefox is the only way to go, and just because Firefox doesn’t get the big press, doesn’t mean you are always safe and never need to pay attention to staying up to date.

Anyway, my point in all this is that people fall into a false sense of security because they hear so-called “experts” blather on about how Firefox is far superior to Internet Explorer from a security standpoint. People blindly follow this advice, thinking that they will never, ever, ever, ever have to worry about anything from now on. This notion is putting a patently false idea into your heads. Regardless of what products you use, you always need to stay vigilant for security flaws and apply updates when they are available.

The bad guys are getting bored with Microsoft – due diligence and proper risk analysis means that you are evaluating all of your software and keeping them up to date. Stay safe with all parts of your system!

Thursday, August 17, 2006

UltraVNC Updated Due to Vulnerability

For those of you that use UltraVNC for remote computer control, you should know that you need to update now. There is a critical security vulnerability in UltraVNC 1.0.1. A new version, UltraVNC 1.0.2 is now available for download.

The upgrade is painless and installs right over the top of version 1.0.1. I also tested my current version of UltraVNC SC (Single Click), which is a simple utility that you can configure and send to your family, friends, and customers to make remote connection easy. The old SC works just fine with the new version of UltraVNC.

For more information and to download the new version, see the Sourceforge UltraVNC web site.

For information on the vulnerability, see this Neohapsis article.

Wednesday, August 16, 2006

Random Lockups and Restarts - Means Your Computer is Getting "Stupid?"

There is nothing more frustrating than working on an elaborate document and all of a sudden the computer reboots. I told you to save often, right? Well, that's another story. You can't possibly anticipate every single type of computer failure. You can only do your best, save your work when you can, and plug along like the rest of us.

Computer lockups (crashes) and especially random and sudden reboots are very difficult to troubleshoot and solve. Usually, however, these symptoms are an indication that you have a failing hardware component somewhere. Either the hardware is failing outright or the software drivers that make the hardware work have become incompatible. In some instances viruses and malware can corrupt drivers, make pieces of software incompatible with the system, or wipe out critical system files.

Read More

Friday, August 11, 2006

U.S. Tops Porn and Spam Proliferation

Awhile ago I mentioned an article that talked about how the United States was tops in SPAM and forwarding SPAM type email. Well, here we are again with a related article, and the United States ranks number one in another area – child porn sites!

Let’s take a look at the security side of this whole thing. Whether you are forwarding SPAM, or visiting porn sites, you are putting yourself (and others) at risk for a whole myriad of things, including the risk of being caught with illegal files on your computer and the proliferation of viruses. Besides being just plain disgusting, many porn sites contain malicious code that can install malware on your system, hijack your address book, and email infected messages to you and everyone you know. From there it is an endless cycle of being infected and trying to clean it all off of your system, getting re-infected, cleaning it off again, and on and on.

What – did you think the creators of porn sites were just a bunch of stupid sex addicts, pedophiles and womanizers? They use clever coding in their site pages, and employ crafty and malicious tactics to get more traffic to visit their sites. They generate revenue because they know that some desperate person will sign up and are a regular (often paying) visitor. But what about that single new customer (should we call these creeps “customers?”) who signs up? They now have an email address book that can be used to email malicious, if not disgusting emails to others. And those recipients have address books, and so on, and so on, and……. I think you get the picture. The actions of one potentially affect the many.

You already know my stance on mindlessly forwarding every single email you get. Not only does it fill up my email box, but in many instances you are sending me unsubstantiated garbage with half truths and bogus tales. But all that aside, I don’t need the viruses and malware, and I suspect neither does anyone else. All my ranting aside – if you are going to forward that stuff, at least do us all a favor and use an antivirus package that scans your emails and attachments. When the viruses are stopped, at least then the plethora of forwarded emails is a little easier to put up with.

What you do in the privacy of your own home is your business. But make sure your email address book doesn’t have my address in it, and please don’t send me any SPAM. I don’t need any pictures of wanna-be porn stars, and I don’t need the viruses.


More Information:

Thursday, August 10, 2006

“Bring Your Computer in For a FREE Health Check – a $40 Value!”

Okay – so I was watching TV and this commercial came on for some store (probably an electronics store or something). I wasn’t paying attention, when all of a sudden they blurted out “Bring in your computer for a free health checkup, a $40 dollar value.” That got my attention because I am wondering just what it is that Geek Squad (or whomever) is going to do to my computer to justify $40 worth of work. Obviously this is a “loss-leader” to get you in the door to buy more stuff. Or perhaps – you get the health checkup only to find out that your pathetic computer is just short of dead and you desperately need a brand new one!

Let's talk about computer "health" just for a second. Many equate computer health with its ability to run like the wind. Computer health is as much a matter of security as it is performance. Many of the tools I mention in this article will help speed up your computer because they get rid of viruses and malware, as well as to eliminate clutter and organize your file structure. Viruses, malware and unpatched systems all contribute to vulnerabilities that can allow your computer to be open to attacks that affect safety as well as speed. These vulnerabilities can enable an attacker to inject clutter and unwanted services, not to mention processes meant to do you harm. Likewise, fragmented hard drives and unneeded temporary files can make your computer work harder and slow it down over time. Computer health, then, is a matter of looking at the whole system and optimizing all aspects of its operation.

So now to the heart of the article - If you are feeling generous, just send me the $40 because I am about to save you the money many times over. Remember awhile back, I said something about “knowing thy computer?” Well – that includes knowing how to do the basic things to take care of that expensive, electronic door-stop of yours. You should know how to do basic things such as making sure your virus definitions are up to date, doing a virus scan regularly, making sure your patches are applied, and checking for spyware. Given the threats these days, the aforementioned items should be done daily. Some less frequent, but still needed computer “health” activities involve running a Disk Cleanup and a defrag now and then.

All of the above have been made extremely easy for you. Virus signatures, scans, anti-malware maintenance, and applying security patches have practically automated themselves – all you have to do is set them and forget them.

You can do all these things yourself; forget about lugging your computer down to the pimply kid at Geek Squad, and save yourself $40 in the process. Here’s your computer “health checkup” routine:

  • Visit Windows/Microsoft Updates and make sure your patches are up to date. Just open a web browser, select “Tools” and then select “Windows Update.”
  • If you haven’t installed Microsoft Updates, do so now – you will see the link on the left side of the Windows Updates screen using the procedure above.
  • Open your antivirus program and make sure your virus signatures are up to date. Given the number of AV programs out there, the procedure for this will vary.
  • Open your antivirus program and do a scan on your system. Better yet, make sure it is scheduled to do the scan regularly.
  • Open your anti-malware program and make sure your malware detection signatures are up to date. Given the number of anti-malware programs out there, the procedure for this will vary.
  • Open your anti-malware program and do a scan on your system. Better yet, make sure it is scheduled to do the scan regularly.
  • Go through your “My Documents” folder and archive everything you haven’t used in awhile.
  • Copy all that stuff to CDs, external storage, or a secondary hard drive. Make sure it copied successfully and then delete it from your computer’s main (system) hard drive.
  • Do a Disk Cleanup – see my procedures article for doing that. Better yet - Automate it!
  • Run a Check Disk – Right click on My Computer, select Properties, right click on your disk drive(s), select Properties, then Tools, then click the Check Now button under error checking.
  • Do a DEFRAG – see my procedures article for doing that. Better yet – Automate it!

These are some extremely easy things you can do to keep your computer healthy. Do them regularly and better yet make your computer do them on its own. Performing these things on a regular basis will keep your computer running well, and save you $40 trips to the neighborhood computer store.

P.C. Health Checkup Summary Checklist (Do these things in this order):

  • Windows/Microsoft Updates – set to automatically download and install.
  • Virus signatures current and scan computer – set to automatic, periodic scan.
  • Anti-malware signatures current and scan computer – set to automatic, periodic scan.
  • Archive all unneeded files and clean out “My Documents” folder
  • Disk Cleanup – you can automate this also.
  • Run a Check Disk to make sure your hard drive is healthy.
  • Disk Defragmentation (DEFRAG) - you can automate this also.
  • Mail me the $40 the first time you do this, but then it’s free after that :) – I am kidding, of course.

Wednesday, August 09, 2006

URGENT: Patch for MS06-040 Immediately

Microsoft Critical Patch MS06-040 is being listed as a "Patch Now" patch by SANS Internet Storm Center.



Microsoft is listing MS06-040 as "Addresses a critical security problem."





Test and patch your systems as soon as possible. If you have to prioritize your patches (because there are so many this month), test and apply MS06-040 first, and then test and apply MS06-042. More info as I get it. You can read more about this also at:

http://www.patchmanagement.org

http://isc.sans.org/diary.php?storyid=1573

http://isc.sans.org/diary.php?storyid=1574

Tuesday, August 08, 2006

Are You “Giving Away” Your Personal Information?

Sooner or later you have to dispose of that old computer. Maybe you will throw it away (shame on you!), or you will do the right thing and recycle it (much better), or you are giving it away to a non-profit organization (bless your soul). Just a sidebar plug here – but if that old computer is still serviceable and in working order, why NOT give it to a non-profit agency or a needy family? Many agencies will gladly take that old computer, go through it to make sure it is good to go, and give it to someone who needs it. Think of the disadvantaged kid who gets your old computer, gets more out of their education, and then one day becomes a doctor who saves your life.

I have digressed. Anyway – when you give that computer away, what was on the hard drive when you gave it away? Tax records, some private letters, account numbers and passwords? Oh – but you deleted all of your files, all of the stuff in “My Documents” and it is all set to give away. Well alrighty then – no worries. Here’s the bad news. When you deleted all those files, you only deleted the reference to them in the part of the hard drive that indexes them for retrieval by your system. The data is still there, and anyone with the right tools can retrieve it. In other words, it’s like ripping out the table of contents in a book you plan to give away. You have torn out the pages that tell you where to easily find what you are looking for. But if you keep turning the pages in the book, you will see that all of the words are still there, and you can read the pages just as if nothing else were missing from that book.

It is absolutely necessary that you completely delete anything on your computer that might disclose personal data, such as social security numbers, birth dates, tax records, or even personal letters. Either that or remove the hard drive and destroy it. But you want to give away a complete computer, don’t you? So the lucky recipient will be able to put together a complete system for someone to use, and spend less money doing it.

Well – here’s the good news. Many of the tools you need to obliterate all of your personal data are free or very inexpensive. Many of them will even erase a hard drive to strict Department of Defense (DoD) standards for disk erasure. I can’t emphasize enough: you MUST obliterate everything on that hard drive before you get rid of it. Anything and everything can be used against you by a crafty hacker. There are things buried deep in your operating system that contain information that you may not be aware of.

If that hard drive has failed, be sure to remove it before you give the computer away. Even if the electronics have failed, the drive can still be opened up and all of the contents retrieved. Remove it and destroy it. Take the drive apart and completely destroy the platters. You can use strong magnets or better yet a device called a “degausser” to erase the data if necessary. Whatever you do, be sure you are not giving away your personal data just because you thought you erased everything on that ard drive.


Additional Resources:

http://www.pcworld.com/downloads/file/fid,22920;order,1;page,1;c,All%20Downloads/description.html (PC World Article)
Church Crosstalk Killdisk
Darik’s Boot & Nuke

Sunday, August 06, 2006

Do You Have a Method For Testing Patches in the Enterprise?

In light of Microsoft’s release of over thirty patches this summer, I figured it was time to discuss security patch testing methodologies. There are at least two basic schools of thought about when, how and even why to test new patches when they are released by the vendors. It all boils down to risk analysis. You are weighing the risks of being hit with an attack that one of these patches could have prevented with the risk of potential damage that the patch itself could cause when applied. After all, the business of business is business. Either one of those risks could cause your network or individual computers to be inoperative and keep your customers from doing their work and adversely affect your business.

Read the full article

Friday, August 04, 2006

Hotfixes, Patches and Updates – Oh My!

This has been a very busy week in the world of computer patching and updates. And we can’t just blame it on Microsoft.

Well – we can credit a huge share of upcoming patches to Microsoft. Next week on “Patch Tuesday” Redmond is releasing ten security patches for Windows, two for Office products, two non-security patches, and the regular Malicious Software Removal Tool release. In case you haven't been keeping track - that's over 30 new patches this summer alone!


Summary
=======
On 8 August 2006 Microsoft is planning to release:

Security Updates
. Ten Microsoft Security Bulletins affecting Microsoft Windows.
The highest Maximum Severity rating for these is Critical. These
updates will be detectable using the Microsoft Baseline Security
Analyzer and the Enterprise Scan Tool. Some of these updates will
require a restart.
. Two Microsoft Security Bulletins affecting Microsoft Office.
The highest Maximum Severity rating for these is Critical. These
updates will be detectable using the Microsoft Baseline Security
Analyzer. These updates may require a restart.

Microsoft Windows Malicious Software Removal Tool
. Microsoft will release an updated version of the Microsoft
Windows Malicious Software Removal Tool on Windows Update, Microsoft
Update, Windows Server Update Services and the Download Center.
Note that this tool will NOT be distributed using Software Update
Services (SUS).

Non-security High Priority updates on MU, WU, WSUS and SUS
. Microsoft will not release any NON-SECURITY High-Priority
Updates for Windows on Windows Update (WU) and Software Update
Services (SUS).
. Microsoft will release two NON-SECURITY High-Priority Updates
on Microsoft Update (MU) and Windows Server Update Services (WSUS).

Although we do not anticipate any changes, the number of bulletins,
products affected, restart information and severities are subject to
change until released.



Can’t let Microsoft have all the fun. The Firefox browser people have released yet another update for their ever-growing-in-popularity browser. This makes two updates in as many weeks.

Mozilla has released version 1.5.0.6 of Firefox, approximately 1 week after releasing version 1.5.0.5. This release addresses an issue with playing windows media content in the Firefox browser. More information
here:
http://www.mozilla.com/firefox/releases/1.5.0.6.html


McAfee has released an update for their security center products:

McAfee has released a patch for Security Center products including:
antispyware, internet security suite, personal firewall plus, privacy service, quickclean, spamkiller, virusscan, and wireless home network security. Description of the issue from McAfee:

"This attack requires the consumer to perform certain actions in order to be exploited. For example receiving an e-mail from an un-trusted source and clicking on a malicious URL. McAfee suggests that a consumer not click on any URLs in an email that comes from an unknown or non-trusted source. A successful exploit of the security flaw would allow an attacker to remotely execute arbitrary code on the machine running the indicated software. These arbitrary commands would be limited to the privileges of the user which the product is running as on the machine. In order to accomplish this exploit, a user would have to force internet explorer to render a malicious web page which has been generated by the attacker. The attack requires reverse engineering of the software as well as the assistance of the user."

More information in their security bulletin here:
http://ts.mcafeehelp.com/faq3.asp?docid=407052


And finally, if you have a laptop (or other computer) that uses the Intel/PRO series of wireless chipsets, your drivers are likely to be vulnerable to attack. Follow the links below to find the correct driver download for your affected products.

This is not going to be fun or easy to fix. On 8/1 Intel released information about wireless driver and proset software vulnerabilities which affect the 2100 and 2200 Intel wireless components which are in every single Dell laptop we have. The driver vulnerabilities are critical and can be used to take over full control of a machine. Details at:
http://support.intel.com/support/wireless/wlan/sb/CS-023068.htm

Anyone doubting their criticality should read:
http://www.theregister.com/2006/08/03/wifi_driver_hack/
It is recommended by Intel that users check with their manufacturer (Dell) to see if they are going to release their own version of the drivers since manufacturers have the option of making changes which could cause problems with the Intel OEM drivers. I checked Dell's website and as of today they don't have a new version so communication needs to be made with Dell to determine if and when they will be releasing new ones, and if they aren't, whether their will be any problems with the OEM drivers.


Happy patching, folks. Be sure to test these patches and patch quickly.

Thursday, August 03, 2006

My Computer is Really Slooooooow!

You may have heard before, from me or others, about doing periodic maintenance on your computer, including running Disk Cleanup and Defrag. These built-in tools will help speed up your computer and make disk operations more efficient. You may also know that viruses and malware can slow your computer down. So just to be extra careful, you keep you keep your antivirus definitions up to date, and do regular virus and spyware scans. An overly full hard drive makes it hard for your virtual memory to work efficiently. You need disk drive space so that your physical memory can “swap” paging files with the virtual memory set aside on your hard drive. So you clean off some unwanted programs and archive those documents and pictures that you want to save but no longer use frequently.

You have checked all those things, so why is your computer still running slow and sluggishly? Now it may be time to do a little troubleshooting to find out what is slowing down your system. You could have an application causing problems, or it could be a virus or other malware. A recently applied patch could also be causing an application to run improperly. To find out what is going on, you will have to take a look at graphical performance indicators as well as a list of running processes. This is tricky, because even if you see which process is causing your problems, you won’t know if it is good (normal) or bad (caused by a virus) unless you do some additional research and find out what they are. Even I don’t pretend to know what they all are just by looking at them. I spend a lot of time researching processes to find out what they are and how to fix them if they are causing a problem. Troubleshooting computer problems is not always easy – that’s why us computer geeks aren’t worried about job security quite so much :) I have listed some resources below for you, however, so you won’t have to spend so much time researching these things.

Read the full article

Wednesday, August 02, 2006

My Loooooooong Email Has Gone Missing!

Email is the medium of choice these days for corresponding. What used to be an informal method of messaging has evolved into a more formal means of sending communications. We used to send off those one-liners that took only minutes to write. Now we are sending entire letters via email. With the advent of the digital signature and the return receipt, we now even have the proof of delivery and non-repudiation issues covered. People are even organizing their email folders filing their emails away for later reference and for keeping track of long threads of discussion.

Having said that, I notice that more and more I will hear someone say that they had spent the last hour or so composing an email only to hit a wrong key and have it disappear before their very eyes. This has more to do with the way many email programs save works in progress. Many of the less sophisticated programs, which many people use, do not automatically save the email as you go along. I use Microsoft Outlook at home, which will save my work in progress in the “Drafts” folder, even if I don’t consciously save it myself. If I accidentally exit out of the email program, I will be prompted to save it before the exit. I also use Lotus Notes at work, which does not save my drafts unless I make a conscious decision to save it before I exit. I have lost a few emails myself with Notes, whereas my Outlook at home has been fairly safe. The other thing to worry about is whether or not you can maintain a permanent copy of your email, or whether or not you can get to it to edit it, even if you are offline. Many web-based emails such as Yahoo and HotMail are convenient, but they don’t store anything on your local computer. Te service provider may even purge documents after a certain length of time.

Rather than scramble around to find an email program that will keep you safe from your own fat fingers, there are some measures you can take to keep from losing a long email. First of all, if you know you are going to write a long email, and your email program doesn’t auto-save for you, save it into your “Drafts” folder right away, and then hit “Save” periodically as you go along. One even better way to do it, especially if you have a long, formal email that you need to draft, is to not draft it using your email program at all. Compose your lengthy message with a word processor, such as Microsoft Word, or whatever word processing program you have installed. Save your letter right away in a “Letters” folder or something. When you are all done, simply highlight all the text and copy it into a new email document. This will give you two benefits: 1) You will now have a permanent copy of your long letter somewhere on your computer besides your mail file (which may or may not be resident on your machine). 2) Your word processing software probably has better spell and grammar checking features than your email program – which means your formal letter is sure to be correct in every way. If you lose your outgoing email, or need another copy of what you wrote, you can retrieve your permanent document and even resend it if necessary.

Just a little tip to help you keep from losing your mind when typing (and losing) those long emails. Save immediately and save often. If you can’t do that in your present email program, then break out the word processor!

Tuesday, August 01, 2006

Oh No – You Mean My Wireless Home Network is At Risk?

If you are like me, you were too lazy to run network wiring in your house when you moved in. You have a computer, kids have computers, spouse has a computer. Cripes, these days even the dog has his own computer. So what to do about all of these connectivity issues? In my last house, I took the time to run network cabling so that there were data jacks everywhere. I thought we would need them – even in the kitchen (I’m such a geek!). Well, never again. The wireless age is here, and that was just too much work. I guess it is time to finally get with the program and make all my computers wireless. All my neighbors have: From where I sit in my office on the second floor of my house, I can see at least five networks from here. I wanna be wireless too. That way I can be like those cool yuppies, and sit on the deck with my suntan lotion, a cool frappuccino, and my laptop – surfin’ the Internet and checkin’ stock quotes.

So now that my wireless network is all set up, no worries, right? I mean so what if someone in the ‘hood steals a little of my signal, connects to my network and surfs for themselves. The cable company won’t know and the bandwidth they steal probably won’t affect me! Well – here’s the deal with that: If anyone can get on your network and surf the web, then that means that they can also get to the files on your computer(s) if they are smart enough – and these days it doesn’t take much to hack into an unprotected system. They are completely bypassing your firewall and they are now on the inside. Inside and free to get to all of your personal information, tax records, personal letters, email files, you name it.

Wireless security is such a big deal these days because everyone is setting one up. Let’s face it, setting up a wireless network in your home or small office is waaaay easier than running network cabling and making all that mess. But they key thing to remember is that your network traffic is now traveling over free space. Anyone with a laptop and some wireless sniffer software can eaves-drop on you and steal your signal, your data, or hack into your computer.

The subject of wireless security is far more involved than I can write in this little blog. I thought it worthy of a full-page article on my main web site. Check it out – I think there may be a few tips you can use to make your new wireless network more secure. There's a lot more to consider than you would think - and many creative ways to help keep the bad guys out.

Read The Full Article