Your Ad Here

Thursday, April 23, 2009

Green Computing

Green computing is the study and practice of using computing resources efficiently. The primary objective of such a program is to account for the triple bottom line, an expanded spectrum of values and criteria for measuring organizational (and societal) success. The goals are similar to green chemistry; reduce the use of hazardous materials, maximize energy efficiency during the product's lifetime, and promote recyclability or biodegradability of defunct products and factory waste.

Modern IT systems rely upon a complicated mix of people, networks and hardware; as such, a green computing initiative must be systemic in nature, and address increasingly sophisticated problems. Elements of such a solution may comprise items such as end user satisfaction, management restructuring, regulatory compliance, disposal of electronic waste, telecommuting, virtualization of server resources, energy use, thin client solutions, and return on investment (ROI).

Wednesday, April 22, 2009

SecurityOrb.com Advisory: Small HTTP Server MS-DOS Device Denial of Service

Small HTTP Server MS-DOS Device Denial of Service

Affected System(s)
System Operating System:


Unix (Server, [+])

Description:
A vulnerability in Small HTTP Server may allow for a denial of service attack.

Recommendation:
Upgrade to the latest version for remediation available here:

http://home.lanck.net/mf/srv/index.htm


Observation:
Small HTTP Server contains a flaw that may allow for a remote denial of service attack. Successful exploitation would involve sending a malicious URL containing an MS-DOS device name to a vulnerable host. This can cause the service to crash.



Affected Systems:

Small HTTP Server 2.0 3


Common Vulnerabilities & Exposures (CVE) Link:
CVE-2001-0493

Tuesday, April 21, 2009

Ubuntu 9.04 Desktop Edition is free

Monday, April 20, 2009

Facebook Privacy Issues

Facebook users who deleted their accounts did not realize that information that they shared with other users would persist on their Facebook friends' accounts.

Essentially, according to these new terms, if you created a Facebook page, posted content on one, created a link from one, or allowed someone else to do so, you had transferred the intellectual property rights to the content to the company, subject to your privacy settings.

Source: SecurityFocus.com

Saturday, April 18, 2009

Trojan.Bankpatch.D

Trojan.Bankpatch.D
Risk Level 2: Low

Discovered: April 12, 2009
Updated: April 12, 2009 10:50:33 AM
Type: Trojan
Infection Length: 28,880 bytes
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows Vista, Windows XP

Trojan.Bankpatch.D is a Trojan horse that modifies system files and attempts to steal information from the compromised computer.

Protection

* Initial Rapid Release version April 12, 2009 revision 033
* Latest Rapid Release version April 12, 2009 revision 033
* Initial Daily Certified version April 12, 2009 revision 033
* Latest Daily Certified version April 12, 2009 revision 033
* Initial Weekly Certified release date April 15, 2009

Threat Assessment
Wild

* Wild Level: Low
* Number of Infections: 0 - 49
* Number of Sites: 0 - 2
* Geographical Distribution: Low
* Threat Containment: Easy
* Removal: Easy

Damage

* Damage Level: Medium
* Payload: Modifies system files and steals information from the compromised computer.

Distribution

* Distribution Level: Low

Tuesday, April 14, 2009

Microsoft Security Bulletin Summary for April 2009

********************************************************************
Microsoft Security Bulletin Summary for April 2009
Issued: April 14, 2009
********************************************************************

This bulletin summary lists security bulletins released for
April 2009.

The full version of the Microsoft Security Bulletin Summary for
April 2009 can be found at
http://www.microsoft.com/technet/security/bulletin/ms09-apr.mspx.

With the release of the bulletins for April 2009, this bulletin
summary replaces the bulletin advance notification originally issued
on April 9, 2009. For more information about the bulletin advance
notification service, see
http://www.microsoft.com/technet/security/Bulletin/advance.mspx.

To receive automatic notifications whenever Microsoft Security
Bulletins are issued, subscribe to Microsoft Technical Security
Notifications on
http://www.microsoft.com/technet/security/bulletin/notify.mspx.

Microsoft will host a webcast to address customer questions on
these bulletins on Wednesday, April 15, 2009,
at 11:00 AM Pacific Time (US & Canada). Register for the April
Security Bulletin Webcast at
http://www.microsoft.com/technet/security/bulletin/summary.mspx.

Microsoft also provides information to help customers prioritize
monthly security updates with any non-security, high-priority
updates that are being released on the same day as the monthly
security updates. Please see the section, Other Information.


Critical Security Bulletins
===========================

Microsoft Security Bulletin MS09-010

- Affected Software:
- Microsoft Windows 2000 Service Pack 4
- Windows XP Service Pack 2 and
Windows XP Service Pack 3
- Windows XP Professional x64 Edition and
Windows XP Professional x64 Edition Service Pack 2
- Windows Server 2003 Service Pack 1 and
Windows Server 2003 Service Pack 2
- Windows Server 2003 x64 Edition and
Windows Server 2003 x64 Edition Service Pack 2
- Windows Server 2003 with SP1 for Itanium-based Systems and
Windows Server 2003 with SP2 for Itanium-based Systems
- Microsoft Office Word 2000 Service Pack 3
- Microsoft Office Word 2002 Service Pack 3
- Microsoft Office Converter Pack

- Impact: Remote Code Execution
- Version Number: 1.0

Microsoft Security Bulletin MS09-013

- Affected Software:
- Microsoft Windows 2000 Service Pack 4
- Windows XP Service Pack 2 and
Windows XP Service Pack 3
- Windows XP Professional x64 Edition and
Windows XP Professional x64 Edition Service Pack 2
- Windows Server 2003 Service Pack 1 and
Windows Server 2003 Service Pack 2
- Windows Server 2003 x64 Edition and
Windows Server 2003 x64 Edition Service Pack 2
- Windows Server 2003 with SP1 for Itanium-based Systems and
Windows Server 2003 with SP2 for Itanium-based Systems
- Windows Vista and
Windows Vista Service Pack 1
- Windows Vista x64 Edition and
Windows Vista x64 Edition Service Pack 1
- Windows Server 2008 for 32-bit Systems
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for x64-based Systems
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for Itanium-based Systems

- Impact: Remote Code Execution
- Version Number: 1.0

Microsoft Security Bulletin MS09-011

- Affected Software:
- DirectX 8.1 on Microsoft Windows 2000 Service Pack 4
- DirectX 9.0 on Microsoft Windows 2000 Service Pack 4
- DirectX 9.0 on Windows XP Service Pack 2 and
Windows XP Service Pack 3
- DirectX 9.0 on Windows XP Professional x64 Edition and
Windows XP Professional x64 Edition Service Pack 2
- DirectX 9.0 on Windows Server 2003 Service Pack 1 and
Windows Server 2003 Service Pack 2
- DirectX 9.0 on Windows Server 2003 x64 Edition and
Windows Server 2003 x64 Edition Service Pack 2
- DirectX 9.0 on
Windows Server 2003 with SP1 for Itanium-based Systems and
Windows Server 2003 with SP2 for Itanium-based Systems
Note: The update for DirectX 9.0 also applies to DirectX 9.0a,
DirectX 9.0b, and DirectX 9.0c

- Impact: Remote Code Execution
- Version Number: 1.0

Microsoft Security Bulletin MS09-014

- Affected Software:
- Internet Explorer 5.01 Service Pack 4 when installed on
Microsoft Windows 2000 Service Pack 4
- Internet Explorer 6 Service Pack 1 when installed on
Microsoft Windows 2000 Service Pack 4
- Internet Explorer 6 for
Windows XP Service Pack 2 and
Windows XP Service Pack 3
- Internet Explorer 6 for
Windows XP Professional x64 Edition and
Windows XP Professional x64 Edition Service Pack 2
- Internet Explorer 6 for
Windows Server 2003 Service Pack 1 and
Windows Server 2003 Service Pack 2
- Internet Explorer 6 for
Windows Server 2003 x64 Edition and
Windows Server 2003 x64 Edition Service Pack 2
- Internet Explorer 6 for
Windows Server 2003 with SP1 for Itanium-based Systems and
Windows Server 2003 with SP2 for Itanium-based Systems
- Internet Explorer 7 for
Windows XP Service Pack 2 and
Windows XP Service Pack 3
- Internet Explorer 7 for
Windows XP Professional x64 Edition and
Windows XP Professional x64 Edition Service Pack 2
- Internet Explorer 7 for
Windows Server 2003 Service Pack 1 and
Windows Server 2003 Service Pack 2
- Internet Explorer 7 for
Windows Server 2003 x64 Edition and
Windows Server 2003 x64 Edition Service Pack 2
- Internet Explorer 7 for
Windows Server 2003 with SP1 for Itanium-based Systems and
Windows Server 2003 with SP2 for Itanium-based Systems
- Internet Explorer 7 in
Windows Vista and
Windows Vista Service Pack 1
- Internet Explorer 7 in
Windows Vista x64 Edition and
Windows Vista x64 Edition Service Pack 1
- Internet Explorer 7 in
Windows Server 2008 for 32-bit Systems
(Windows Server 2008 Server Core installation not affected)
- Internet Explorer 7 in
Windows Server 2008 for x64-based Systems
(Windows Server 2008 Server Core installation not affected)
- Internet Explorer 7 in
Windows Server 2008 for Itanium-based Systems

- Impact: Remote Code Execution
- Version Number: 1.0

Microsoft Security Bulletin MS09-009

- Affected Software:
- Microsoft Office Excel 2000 Service Pack 3
- Microsoft Office Excel 2002 Service Pack 3
- Microsoft Office Excel 2003 Service Pack 3
- Microsoft Office Excel 2007 Service Pack 1
- Microsoft Office 2004 for Mac
- Microsoft Office 2008 for Mac
- Microsoft Office Excel Viewer 2003 Service Pack 3
- Microsoft Office Excel Viewer
- Microsoft Office Compatibility Pack for Word, Excel, and
PowerPoint 2007 File Formats Service Pack 1
Note: For Microsoft Office Excel 2007 Service Pack 1, customers
also need to install the security update for Microsoft Office
Compatibility Pack for Word, Excel, and PowerPoint 2007 File
Formats Service Pack 1 to be protected from the vulnerabilities
described in this bulletin

- Impact: Remote Code Execution
- Version Number: 1.0

Important Security Bulletins
============================

Microsoft Security Bulletin MS09-012

- Affected Software:
- Microsoft Windows 2000 Service Pack 4
- Windows XP Service Pack 2 and
Windows XP Service Pack 3
- Windows XP Professional x64 Edition and
Windows XP Professional x64 Edition Service Pack 2
- Windows Server 2003 Service Pack 1 and
Windows Server 2003 Service Pack 2
- Windows Server 2003 x64 Edition and
Windows Server 2003 x64 Edition Service Pack 2
- Windows Server 2003 with SP1 for Itanium-based Systems and
Windows Server 2003 with SP2 for Itanium-based Systems
- Windows Vista and
Windows Vista Service Pack 1
- Windows Vista x64 Edition and
Windows Vista x64 Edition Service Pack 1
- Windows Server 2008 for 32-bit Systems
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for x64-based Systems
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for Itanium-based Systems

- Impact: Elevation of Privilege
- Version Number: 1.0


Microsoft Security Bulletin MS09-016

- Affected Software:
- Microsoft Forefront Threat Management Gateway,
Medium Business Edition
(Delivered both as a standalone product and as a component of
Windows Essential Business Server 2008)
- Microsoft Internet Security and Acceleration Server 2004
Standard Edition Service Pack 3
(Delivered as a standalone product. Also delivered as a
component of Windows Small Business Server Premium Edition
Service Pack 1 and
Windows Small Business Server 2003 R2 Premium Edition)
- Microsoft Internet Security and Acceleration Server 2004
Enterprise Edition Service Pack 3
- Microsoft Internet Security and Acceleration Server 2006
- Microsoft Internet Security and Acceleration Server 2006
Supportability Update
- Microsoft Internet Security and Acceleration Server 2006
Service Pack 1

- Impact: Denial of Service
- Version Number: 1.0

Moderate Security Bulletins
===========================

Microsoft Security Bulletin MS09-015

- Affected Software:
- Microsoft Windows 2000 Service Pack 4
- Windows XP Service Pack 2 and
Windows XP Service Pack 3
- Windows XP Professional x64 Edition and
Windows XP Professional x64 Edition Service Pack 2
- Windows Server 2003 Service Pack 1 and
Windows Server 2003 Service Pack 2
- Windows Server 2003 x64 Edition and
Windows Server 2003 x64 Edition Service Pack 2
- Windows Server 2003 with SP1 for Itanium-based Systems and
Windows Server 2003 with SP2 for Itanium-based Systems
- Windows Vista and
Windows Vista Service Pack 1
- Windows Vista x64 Edition and
Windows Vista x64 Edition Service Pack 1
- Windows Server 2008 for 32-bit Systems
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for x64-based Systems
(Windows Server 2008 Server Core installation affected)
- Windows Server 2008 for Itanium-based Systems

- Impact: Elevation of Privilege
- Version Number: 1.0


Other Information
=================

Microsoft Windows Malicious Software Removal Tool:
==================================================
Microsoft has released an updated version of the Microsoft Windows
Malicious Software Removal Tool on Windows Update, Microsoft Update,
Windows Server Update Services, and the Download Center.

Non-Security, High-Priority Updates on MU, WU, and WSUS:
========================================================
Please see:
* http://support.microsoft.com/kb/894199: Microsoft Knowledge Base
Article 894199, Description of Software Update Services and
Windows Server Update Services changes in content.
Includes all Windows content.
* http://technet.microsoft.com/en-us/wsus/bb466214.aspx: New,
Revised, and Released Updates for Microsoft Products Other Than
Microsoft Windows

Microsoft Active Protections Program (MAPP)
===========================================
To improve security protections for customers, Microsoft provides
vulnerability information to major security software providers in
advance of each monthly security update release. Security software
providers can then use this vulnerability information to provide
updated protections to customers via their security software or
devices, such as antivirus, network-based intrusion detection
systems, or host-based intrusion prevention systems. To determine
whether active protections are available from security software
providers, please visit the active protections Web sites provided by
program partners, listed at
http://www.microsoft.com/security/msrc/mapp/partners.mspx.

Recognize and avoid fraudulent e-mail to Microsoft customers:
=============================================================
If you receive an e-mail message that claims to be distributing
a Microsoft security update, it is a hoax that may contain
malware or pointers to malicious Web sites. Microsoft does
not distribute security updates via e-mail.

The Microsoft Security Response Center (MSRC) uses PGP to digitally
sign all security notifications. However, PGP is not required for
reading security notifications, reading security bulletins, or
installing security updates. You can obtain the MSRC public PGP key
at
https://www.microsoft.com/technet/security/bulletin/pgp.mspx.

To receive automatic notifications whenever Microsoft Security
Bulletins are issued, subscribe to Microsoft Technical Security
Notifications on
http://www.microsoft.com/technet/security/bulletin/notify.mspx.

Tuesday, April 7, 2009

Windows 7 is opportunity for Linux

“Windows 7 is opportunity for Linux” is an interesting article written by Nick Farrell at theinquirer.net. I was doing some research for the next version Ubuntu Linux 9.04, "Jaunty Jackalope" which comes out in April 20 and ran across it. Enjoy…

Source: The Inquirer - http://www. /inquirer/news/646/1051646/windows-opportunity-linux

Monday, April 6, 2009

Hathaway to Head Cybersecurity Post

President Barack Obama will tap a top aide to President George W. Bush's intelligence director to head his cybersecurity effort, according to government officials familiar with the decision. An announcement is expected as early as Monday.

The appointment of Melissa Hathaway, a former consultant at Booz Allen Hamilton, is the president's first major decision on cybersecurity. She will lead a review of the government's efforts to secure computer networks against spies, terrorists and economic criminals and is expected to then head a new White House office of cybersecurity.

Ms. Hathaway helped develop a Bush administration cybersecurity initiative, which was expected to cost around $30 billion over five years, with spending this year of about $6 billion. Ms. Hathaway's new job is to carry out a 60-day review of the initiative and recommend a path forward.

On the campaign trail, Mr. Obama criticized the Bush administration for being too slow to address cyber threats and said he would create a "national cyber adviser" who would report directly to the president. "As president, I'll make cyber security the top priority that it should be in the 21st century," he said in a speech in July. He equated cyber threats with those of nuclear and biological weapons in a campaign ad he ran at the time.?

The decision to hold a review, however, suggests that any big moves are being put off for the time being.

After his election, Mr. Obama established a transition team dedicated to tackling cybersecurity. Some experts on the team were members of a national commission that recommended consolidating government cyber efforts into one office that would report directly to the president. It would remove major responsibilities from the Department of Homeland Security.

National Security Adviser James Jones, however, wanted more study of the issue and ordered an independent review, which resulted in the appointment of Ms. Hathaway to the White House post to conduct the review, according to one person familiar with the matter.

Ms. Hathaway will be a senior director at the National Security Council, which puts her at the same level as her predecessor in the Bush administration and a few rungs down from directly reporting to the president. Roger Cressey, a former top security aide in the Clinton White House, said he was disappointed the post isn't higher-level. "They need a nationally known person to run cyber from the White House," he said. "Otherwise it's just old wine in a new bottle."

A senior intelligence official said the review is part of Mr. Jones's effort to reorient the National Security Council to address more comprehensively problems such as cybersecurity and climate change that span government agencies. Before joining the Obama administration, Mr. Jones was part of a group called the Project on National Security Reform, which is working with the administration on bridging agency divides on national-security issues ranging from terrorism to pandemic flu.

National Security Council spokesman Ben Chang said he couldn't comment on personnel decisions that haven't been announced.

Ms. Hathaway was one of a few trusted aides whom Mr. Bush's director of national intelligence, Mike McConnell, brought with him from Booz Allen Hamilton. Mr. McConnell left the McLean, Va., consulting firm for the top intelligence post in 2007.

At Booz Allen, Ms. Hathaway specialized in cybersecurity strategies. Mr. McConnell asked her to lead his cybersecurity study effort, which grew into the Comprehensive National Cybersecurity Initiative that President Bush started a year ago.


Source: http://online.wsj.com/article/SB123412824916961127.html

Wednesday, April 1, 2009

Computer Hack - Google News

FBI still investigating Cyrus 'hacker'
KIMT - Mason City,IA,USA
Josh Holly, 19, was named as a prime suspect in the police investigation after detectives raided his Tennessee home in October and seized his computer ...
See all stories on this topic
A Chinese hack-job
OneNewsNow - Tupelo,MS,USA
The researchers, who initiated the study at the request of Tibetan exiles, say they observed documents being stolen from the Tibetan computer network and ...
See all stories on this topic
April Fools' may be no joke for computer users
CNN - USA
"If someone says, 'I want to try to hack some system and try millions of combinations of Social Security numbers,' they could purchase this computing power ...
See all stories on this topic
Computer Worm To Attack Millions Of pc's
ABC2 News - Baltimore,MD,USA
Here's how it works: The worm is created and sent out through the internet landing in servers then searches for computers on the network to hack into. ...
See all stories on this topic
Computer Worm Threat Or Hoax On April 1st
KIVI-TV - Boise,ID,USA
... which is a complex computer program is created and sent out through the internet landing in servers searching in computers on the network to hack in to. ...
See all stories on this topic
Computer Virus May Strike April 1st
WCTV - Tallahassee,FL,USA
Microsoft is warning computer owners that a virus could possibly hack into your private information on Wednesday. Officials say the Conficker cun-fick-er ...
See all stories on this topic
Beijing rejects China spy ring report as `lies'
The Associated Press
... attention to computer network security and resolutely opposes and fights any criminal activity harmful to computer networks, such as hacking," Qin said. ...
See all stories on this topic
AFP
EDF bosses probed for spying on Greenpeace
AFP
EDF security chiefs Pierre Francois and Pierre Durieux are charged with conspiring to hack into computer systems including at the environmental group, ...
See all stories on this topic
Suspect in Internet sex case appears in court
Orlando Sentinel - Orlando,FL,USA
Patrick Connolly, 36, a citizen of Northern Ireland, was arrested earlier this month in Atlanta on a federal computer hacking charge. ...
See all stories on this topic
Convicted Trojan author in new hacking charge
Register - London,England,UK
Van T. Dinh, 25, was charged with two counts of computer hacking last Friday over accusations he hacked into an online currency exchange service before ...
See all stories on this topic

MS08-067 Attacks : Conflicker Worm

MS08-067 worm developments have continued by malicious authors, since Microsoft made this security patch available on October 23, 2008. The latest development ramps up the danger, as this new worm will delete system restore points, creates a backdoor to download more malicious code, and it even patches the RPC vulnerability to further disquise it's presence.

While AV protection and firewalls can mitigate attacks to port 445, the best defense is to ensure all PCs are up-to-date for Microsoft security changes. For example, an unpatched PC might become infected if their firewall fails or isn't active when connected to the Internet. If this worm were present on a laptop, it could infect unpatched corporate web servers and PCs if Intranet firewall controls are missing.

This new worm represents the most advanced MS08-067 attacks to date. As noted in every link, it's important to PATCH NOW if you have any systems that don't have this update.

New malware using an ms08-067 exploit gained momentum
http://blogs.technet.com/mmpc/archive/2008/11/25/more-ms08-067-exploits.aspx
http://www.avertlabs.com/research/blog/index.php/2008/11/25/further-067-woes/
http://blog.trendmicro.com/ms08-067-vulnerability-botnets-reloaded/
http://isc.sans.org/diary.html?storyid=5401

QUOTE: First let me say, “PATCH your systems” if you have not done so already! Seriously, you and your machines are sitting ducks for attacks such as MS08-067, which we learned about from Microsoft last month. This type of attack is especially dangerous if your Windows Updates or security products are not up to date. Microsoft released its out-of-cycle emergency patch on the 23rd of October–more than one month ago–so you have no excuse today for being at risk!

According to the description in our Virus Information Library, W32/Conficker.worm decides how it will load itself as a Windows Service depending on whether the compromised version of Windows is Windows 2000. Once loaded in the service space, the worm attempts to download files from the Internet.

The worm continues by setting up an HTTP server that listens on a random port on the victim’s system while hosting a copy of the worm. It then scans for new vulnerable victims to exploit, at which point the new victim will download the worm from the previous victim and so on.

W32/Conficker.worm Detailed Information
http://vil.nai.com/vil/content/v_153464.htm
http://www.f-secure.com/v-descs/worm_w32_downadup_a.shtml
http://www.ca.com/us/securityadvisor/virusinfo/virus.aspx?id=75911
http://www.symantec.com/security_response/writeup.jsp?docid=2008-112203-2408-99&tabid=2
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM%5FDOWNAD%2EA&VSect=P
http://www.microsoft.com/security/portal/Entry.aspx?Name=Worm%3aWin32%2fConficker.A

Trend - Behavioral Diagram
http://www.trendmicro.com/vinfo/images/blog/DOWNAD123.jpg


Time PATCH NOW - if there are any servers or PCs that are not update for Microsoft security releases. Home users can employ the Windows Update process. More information can be found in the link below:

MS08-067 Security Patch Information
http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx


Source: Harry Waldron - Corporate and Home Security(Blog)