Peewitsol I.T. Pro Services: June 2005

Steve Lamb's Blog : Don't fall for the email scam titled "I EXPECT YOUR REPLY"

Steve Lamb's Blog : Don't fall for the email scam titled "I EXPECT YOUR REPLY"

New email scam

Security Problem !

In Focus: So You Found a Security Problem, Now What? ==== by Mark Joseph Edwards, News Editor, mark at ntsecurity / net
Lots of people find security problems with hardware and software products, network services, Web sites, and more. Some find problems through day-to-day computer use; others search for security problems purposely either as a hobby or as part of their job. When you find a security problem, what do you do? The obvious answer is to contact the company that produced the product. However, alerting a company to your discovery of a problem in one of its products can be a challenge. Lots of companies simply don't prepare for reports of problems in their products and services. Their employees don't know what to do when people try to report problems. Nor do their Web sites or product documentation provide any information about who to contact for security matters. Like many of you, I subscribe to a lot of security mailing lists. I can't even begin to remember the number of times I've read a message to one of those lists from someone asking how to contact a given company. The messages typically say something like, "I found a security problem in Product XYZ. I tried to contact the company via email and received no response. Does anybody have security contact info for the company?" A good case in point happened last week. Someone found a problem in a widely used product and tried to contact the company via email and by phone. The person couldn't make it past the receptionist and so couldn't offer the information about the security problem to anybody in a position to do something about it. The person posted a description of the experience to a popular security mailing list, and now the company has to endure the embarrassment that comes along with public knowledge of its shortcomings--and the company's customers are more exposed to someone exploiting the publicized vulnerability. Had the company trained the receptionist to handle calls regarding security matters, the incident probably wouldn't have happened. As it turns out, the company in question read the message on the popular mailing list and quickly contacted the researcher. The company also quickly established a "security@" mailbox to which future reports can be sent.Of course, in other cases, it turns out that the person who posted the vulnerability details didn't try very hard to contact the vendor. I'll sidestep the endless debate about whether vulnerability information should be publicly posted and say that these situations point out that every company that provides products and services should have information listed in plain sight in the product documentation and on the company Web site that shows who to contact about security matters. Even if a company's Web site serves only as an advertising vehicle and not as an ecommerce site, the company should include such contact information. Likewise, when you're shopping for products, you should check whether a vendor lists security contact information. After all, you want the most secure products you can get, right? If a company doesn't provide a highly visible contact for security problems, the company is making it more difficult than necessary for people to report security problems directly to the company. And as I pointed out earlier, such difficulty can lead to vulnerabilities being publicly disclosed. The trend seems to be to establish a "security@" or possibly a "secure@" email address that people can use to report potential security problems. Vendors should consider establishing such an address, if they haven't already.

Apple - QuickTime - Download - QuickTime 7 for Windows Public Preview

The latest Quicktime player No7 for Xp & 2000 users only though.

Apple - QuickTime - Download - QuickTime 7 for Windows Public Preview

Disable the Windows XP Pro tour and .NET passport nags with this VBScript - TechRepublic

After installing Windows XP Professional on a computer you'll encounter several annoying prompts that appear as balloons in the notification area of the taskbar. The first balloon prompts you take the Windows XP Tour. This balloon will return on subsequent logons until you've either taken the tour or dismissed the prompt at least three times.

The second balloon will prompt you to create an .NET Passport account. This balloon will return on a regular basis until you either create a .NET Passport account or dismiss the prompt at least 10 times.

If you don’t want to take the Windows XP Tour nor want to create an .NET Passport account, you can instantly and permanently disable both of these nagging prompts right after you install Windows XP by running the XP Nag Disabler VBScript

Disable the Windows XP Pro tour and .NET passport nags with this VBScript - TechRepublic

Home Users

Do summink or don't !.......... it's up to you.
An online business based in Russia will pay Web sites 6 cents for each machine they infect with adware and spyware,iframeDOLLARS.biz, which according to a WHOIS lookup, is registered to a Nick Fedorov in Nizhny Novgorod, a Russian city on the Volga about 240 miles east of Moscow, will pay Webmasters to place a one-line exploit on their sites.
The code exploits a number of patched Windows and Internet Explorer vulnerabilities, including some that go back as far as 2002. Systems that haven't been updated, however, would still be vulnerable to the exploit.
According to analysis done by the SANS Institute's Internet Storm Center, the exploit drops at least nine pieces of malicious code, including backdoors, other Trojans, spyware, and adware, on any PC whose user surfs to a site hosting the exploit code. but do read the full script first........... here
You can try to put " iframeDOLLARS.biz " into Restricted sites ( IE6 users only) but I think that Adaware & Spybot have blocked it, so it may not go into Restricted Sites.Please Note that Adaware & Spybot both block site names only & NOT the IP addresses of these type of scum.

To block the IP address for (iframeDOLLARS.biz) or any of the other disguises originating from this address, you can if you feel ok with it, block it through your firewall. IP address 81.222.131.59. usually through advanced rules.