Unpatched Machines Seen As Major Security Threat

March 8, 2008 – 4:03 PM

Hackers will keep cranking out exploits that take advantage of known software vulnerabilities because, although patches are available, a minority of machines are fixed, security vendor McAfee said Monday. In releasing its quarterly security analysis, McAfee’s “AVERT” virus research team noted that exploited vulnerabilities are becoming a dominant threat to both consumers and enterprises.

“The day of the virus may have come and gone,” said Vincent Gullotto, the vice president of AVERT. “One day it may swing back, but now we’re looking at different types of programs, not viruses, that threaten computers. And many of them are exploiting machines’ vulnerabilities.”

According to AVERT’s estimates, half or more of the computers connected to the Internet aren’t properly patched or updated. Not good, especially when the number of vulnerabilities spotted in the first quarter of 2005 was up 6 percent over the same quarter last year.

Because there are so many unpatched PCs, said Gullotto, the hacker’s job is made easier: rather than have to dig up vulnerabilities on his own — extremely challenging, technically — he can sit back and wait for patches to be posted, then reverse engineer the patch to find the vulnerability.

While traditional viruses may be on the way out, other threats have stepped in to fill the gap, and more. Phishing for one, said Gullotto, although what we now think of as phishing may be old news — and not much of a threat — someday soon.

“Today’s phishing is what I consider to be spyware,” said Gullotto, because many of the most effective attacks now use password stealers and other such software — like in-the-background screen capture programs — to swipe identities or account access.

“But I think we’ll see a reduction in the number of traditional phishing sites that entice people to divulge information,” he said. “Instead, we’ll see programs that are pure spyware that can directly target the clientele they want, to get the data they need.”

Rather than scatter-shot a deluge of bogus messages spoofing Citibank, for instance — which delivers mail to people who aren’t Citibank customers — phishers will focus their efforts by either fine-tuning their spam lists or plant bank- or company-specific spyware on users’ PCs, then wait to snatch usernames and passwords.

“They’ll want to specifically get on a machine for a specific customer and specific bank,” said Gullotto. “They want to leave that spyware on the computer until it gives them the identity information they’re after.”

Speaking of spam, Gullotto and his AVERT group see spam tailing off, volume-wise, perhaps as soon as the next quarter or two, and spammers coming under attack from an unlikely source: phishers.

“We’ll see identity thieves spoof spammers,” he said. “Phishers will increase their use of spam-like offers to take advantage of those people who respond to spam. They’ll send out e-mail, for instance, supposedly selling Viagra, but they’ll be after the credit card and identity, not the sale. Two days later the ‘buyer’ is still waiting for his Viagra. And 30 days later, when he gets his credit card bill and sees it’s been hijacked, it’s too late.”

If phishing identity thieves really step up this strategy, as Gullotto expects, “spammers themselves could be in the situation that banks are today. No one will believe spammed offers are legit.”

Not that too many of us will be feeling sorry for spammers.

“No one will cry over spammers if they get spoofed,” said Gullotto. “After all, there’s a bit vigilante in all of us.”

http://www.securitypipeline.com/161502339

Use the HOSTS File to Assist Privacy

March 8, 2008 – 4:03 PM

Everyone likes to be a good host, but bad guests get carried away. They?ll stay too late or empty bottles too soon. They could even break something along the way. That?s why you take precautions as a host.

Think of your Windows HOSTS file in the same way. By properly setting up your HOSTS file, you can save yourself grief from bad Internet visitors. This is done by circumventing the source of pop-up ads and banners.

Keep this in mind: A proper HOSTS file is just one of many defenses needed to thwart unwanted Web visitors. You still need virus protection, ad blockers and spy scans to bar the bad stuff. You also need them to detect any currently lurking on your computer.

The Preliminaries
The HOSTS file resides in your Windows folder, or a subfolder, depending on your Windows version. The domain names and Internet Protocol (IP) addresses of other computers can be listed there. So, the HOSTS file can act as an address book when your computer wants to call another machine.

The Problem
Advertisers use your surfing habits to target products that match your interests. That’s why pop-up ads, banners, adware and spyware have become so invasive.

The HOSTS file works like this. When you type a Web site into your browser–say, www.komando.com–your browser first checks the HOSTS file for the IP number. If the HOSTS file contains this address, your computer stops looking and ?calls? the number. If not, your computer goes to the Internet and finds the IP number there.

Spyware works the same way. So you can use the HOSTS file to trick the spyware.

The Patch
This is actually pretty simple. Redirect the connection back to your own computer. To do that, put the spyware entry in the HOSTS file. The entry looks like this:

127.0.0.1 www.badnews.com

So let’s say that spyware on your computer is trying to contact the Bad News Advertising Co. It tries to go to www.badnews.com. Your computer first goes to the HOSTS file, looking for the IP number. Sure enough, it is there. But the number (127.0.0.1) is your computer, not the address of the Bad News Advertising Co. Because it is your computer, the request simply dies. The spyware is marooned inside your computer.

Windows comes with a HOSTS file, but there is only one line in it:

127.0.0.1 localhost

Localhost is your computer. To make the HOSTS file a worthwhile spyware fighter, you would have to enter hundreds of evil domain names, such as www.badnews.com, along with your IP number (127.0.0.1). Fortunately, there?s another way. Custom HOSTS files are available on the Web. You can get a good one at: http://www.mvps.org/winhelp2002/hosts.htm

Can the spyware people get around this? There are ways. But so far, at least, they haven?t bothered. If you install a HOSTS file, along with programs to block and eradicate spyware, you?ll be much more secure. You can find programs to block and eradicate spyware on my site at: http://www.komando.com/bestshareware.asp

Stick with me. We can defeat these people.

http://www.komando.com/tips_show.asp?showID=8510

Tomorrow’s Net speeds could be up to 1,600% faster

March 8, 2008 – 4:01 PM

If you think that today’s high-speed Internet connections are fast, wait till you see what cable operators plan. The industry’s standard-settings unit, CableLabs, plans to endorse this month technology that will let operators boost speeds 400% to 1,600%, over their existing lines.

Motorola and Cisco are among the companies offering alternative methods to increase broadband speeds by linking together the bandwidth used for four or more conventional TV channels.

What would the faster speed bring?

“The sky’s the limit,” says CableLabs CEO Dick Green. “There are a lot of high-data-rate services lurking out there ? including a lot that we haven’t even thought of.”

While cable operators now usually transmit broadband at 3 million bits per second (3MB), a download of “a billion bits per second is completely doable,” Comcast CEO Brian Roberts told the industry’s annual convention here this week. “The network could do this quite easily.”

That could dramatically affect how people use the Internet when the new modems to handle the speeds arrive, which is expected to be in 2008.

“This will change our lives well beyond entertainment,” says Cisco Systems CEO John Chambers. For example, when speeds allow quick sending of detailed images. such as X-rays, he says, “You’ll do the majority of your health care straight from the home.”

Others envision a host of other applications. For example, businesses could easily arrange video conferences with high-definition TV. Consumers could download an entire HD movie in about five minutes vs. today’s 22 minutes.

And, “There will be a need for higher speeds as games become more graphics-intensive,” says Adelphia Chief Technical Officer Marwan Fawaz.

Hospitals and schools also may be among the first to take advantage of the additional transmission capacity, which is expected to cost more than current high-speed Internet services.

Operators want to get moving to keep ahead of phone companies, led by Verizon, that are building communications systems with more fiber-optic lines ? and therefore more transmission capacity ? than cable.

“There’ll be a speed arms race,” says RealNetworks CEO Rob Glaser.

But the new cable standard, known as DOCSIS 3.0, also will make it easier for operators to handle other chores.

“I could take a cell phone and program my digital video recorder,” says Richard Doherty, who is with The Envisioneering Group. “Quality of service is a big part of it.”

http://www.usatoday.com/money/industries/technology/2005-04-05-speed-usat_x.htm?csp=15

Seven Myths About Network Security

March 8, 2008 – 4:01 PM

Hacker tools are growing more sophisticated and automated. Hackers can now quickly adapt to new security vulnerabilities as they are uncovered and distribute the fruits of their exploits more widely with the help of automated toolkits. And they’re employing an ever-increasing range of methods to find individuals’ and companies’ private information and use it to their own advantage. And yet many of us have a false sense of security about our own data and networks. We install a firewall at the perimeter, put anti-virus and anti-spyware tools on our desktops, and use encryption to send and store data. Microsoft and the big security companies provide ever-improving tools and patches to protect us. Although others who are less careful might be at risk, we’re safe, right?

Maybe not. Take a look at these seven security myths and see if your data is as secure as you think.

http://techweb-pipelines.com/trk/click?ref=zp7waa8wo_0-6cax33c79x115392

Keeping Intruders Out Of Your WLAN

March 8, 2008 – 4:00 PM

Wireless LANs utilize radio waves for transporting information, which results in security vulnerabilities that justifiably worry network managers. To assuage those worries, most companies implement authentication and encryption to harden security. However, WLANs have a whole host of other vulnerabilities that can be more difficult to completely smother such as illicit monitoring, unauthorized access, and denial of service (DoS) attacks. For example, someone using a wireless sniffer, such as the freely-available NetStumbler, can easily monitor wireless traffic for fun or malicious intent while sitting in their car next to your office building.

Fortunately, intrusion detection systems (IDSs) can secure networks against these threats.

http://www.networkingpipeline.com/worksforme/160403696