background preloader

Security_Intelligence

Facebook Twitter

Exploits

Center for Internet Security. Computer Cops. CERT. WindowsSecurity. TechNet Security. Frequently Asked Questions. Computer Security. Computer Security The web is like a large city, exciting, wonderful, but with a few dangers.

Computer Security

Most teachers do not have the time to research and find the best security products to safeguard their computers from attack by vandals, including students. I have attempted to give a few basic recommendations that can help you safeguard your personal computer. Most of these recommendations are for PCs with windows. The recommended procedures are similar for other machines, and there are similar software products available for Macs and Linux machines. Your first line of defense is to make sure that you operating system is up to date. Any computer you use at school should be protected from malicious usage by students. If you have a specific account always log off before leaving it unattended. While software products can be helpful, do not depend on them. Learn to Manage Default Shares. Recently, I received a phone call from a former coworker who left a small Independent Software Vendor (ISV) to take a job in a large corporate IT department.

Learn to Manage Default Shares

He had some questions about Microsoft Systems Management Server (SMS) that he hoped I could answer. We chatted about the product and his computing environment, then he signed off to install SMS on his test network. Twenty-four hours later, I received a somewhat panicky phone call: SMS wouldn't install on some of the computers on his test network, and my friend couldn't figure out why. Coincidentally, I had just answered a reader question that indirectly provided me with the solution to the SMS problem: My friend needed to reinstate Windows' default shares on the computers in his network. Many users, very reasonably, are concerned about the overall security of networked computers. However, disabling default shares has a major downside. Managing administrative shares is simple.

Safe Computing Tips. Please note that this document is quite dated (last updated in 2008).

Safe Computing Tips

Some of the infomation is still of interest so I'm keeping the document up for posterity only. Some of the old links have been removed. Safe Hex - A collection of suggestions intended to help you defend against viruses, worms, trojans (oh my!) , malware and other questionable code. You can use the Windows Update and Office Update sites to keep your system up-to-date. 3. Note that security holes may be discovered in these programs as well (though probably less frequently), so it's a good idea to check for updates regularly.

ACK Tunneling Trojans. Summary A firewall between the attacker and the victim that blocks incoming traffic will usually stop a trojan client on the outside from contacting a trojan server on the inside.

ACK Tunneling Trojans

ICMP tunneling has existed for quite some time now, but if you block ICMP in the firewall you will be safe from that. This paper describes another concept that I call ACK Tunneling. ACK Tunneling works through firewalls that don't apply their rule sets on TCP ACK segments. Ordinary packet filters belong to this class of firewalls while stateful firewalls do not. A short description of TCP and the way firewalls handle it TCP is a protocol that establishes virtual connections on top of IP. Ordinary packet filtering firewalls rely on the fact that a session always starts with a SYN segment from the client. When ACK Tunneling can be applied. Security Links. NSA Security Recommendation Guides. Shortcut and WinHelp Commands in HTML Help. IMPORTANT: This article contains information about modifying the registry.

Shortcut and WinHelp Commands in HTML Help

Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base: ( ) Description of the Microsoft Windows Registry WARNING: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. With features in HTML Help, you can run executable programs from a help (.chm) file.

HTML Help has implemented a new system policy (available for Windows NT 4.0, Windows 2000, and Windows XP systems) that is named "Restrict potentially unsafe HTML Help functions to specified folders". Important Note Only folders on the local computer can be specified in this policy. HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System\ Security Notification Service. Help protect your computing environment by keeping up to date on Microsoft technical security notifications.

Security Notification Service

Notifications are available in RSS, mobile device, or e-mail format, and are also available online at the TechNet Security Bulletin Search page. Basic Alerts Microsoft's free monthly Security Notification Service provides links to security-related software updates and notification of re-released Microsoft Security Bulletins. The goal of this service is to provide accurate information you can use to protect your computers and systems from malicious attacks. These bulletins are written for IT professionals, contain in-depth technical information, and e-mails are digitally-signed with PGP.

Comprehensive Alerts The free Comprehensive alerts serve as an incremental supplement to the Basic Alerts. Information Security Magazine. Internet Storm Center. Razor.