New Site Feature!

2004-02-04T03:46:03+11:00

We are happy to announce our new online 'News' section. Our members and visitors are now able to participate on our popular homepage in their own way, by submitting news of different topics to the site. Once the review process is complete (usually an hour or two), the submission is made available on our home page for everyone to read!

We are hoping our community will support this effort and be sure we will be introducing a lot more 'cool' services very soon!

Ferrari goes mobile!

2004-02-04T15:06:12+11:00

The latest Acer notebook, Ferrari 3000, packs the latest passion for technology into a leading edge designer notebook. Apart from the distinctive Ferrari red paint job, the new laptop hides an Athlon XP 2500+ CPU under its hood, along with a generous 512 MB Ram and a whopping 128 MB ATI 9200!

MyDoom worm brings down SCO website

2004-02-04T15:58:21+11:00

The MyDoom email virus (alias Novarg) has succeeded with its Denial Of Service attack against www.sco.com. Microsoft.com is next.. but most people feel it will weather the storm. Click read more for detailed info..

The SCO hostmaster has taken out of the DNS database and it has been replaced with www.thescogroup.com.

Microsoft finally releases url-spoofing patch !

2004-02-04T16:02:29+11:00

Microsoft has released a long overdue patch for the URL spoofing vulnerability that allows an attacker to modify the supposed url of a site to fool users into believing they are somewhere else.

As a side effect of the new patch, users will no longer be able to access sites with a username and password in the url (example: user:pass@site.com)

A registry workaround has already popped up at bugtraq which allows you to use the user:pass@site url format. A lot of debate is also going on on the list about the issue.

Enterprise Networking Products of the Year

2004-02-05T12:00:10+11:00

SearchNetworking has compiled a list of the top enterprise networking products for 2003. The list includes both hardware and sofware. Judgements were made on the basis of innovation, performance, value, ease-of-integration, use and manageability.

The categories in which products were tested are:
Enterprise routers
Enterprise switches
Network performance management software
Enterprise firewall systems
Enterprise VPN solutions
Enterprise wireless applications and systems

We won't spoil things by telling you who the winners are. Once again, the link is :

Best of 2003

IE Security Patch Breaks Some Apps..

2004-02-05T12:24:36+11:00

As a follow-up to our earlier news post about Microsoft releasing a patch for the IE URL-spoofing bug. As we mentioned there is a lot of debate going on as the patch prevents people from using websites with a user:pass@site.com URL format. Programmers are protesting that many of their applications have been broken because of this.

IT Outsourcing To India

2004-02-05T12:25:04+11:00

Wired has an extremely well done 7 page article on the outsourcing of IT jobs to India with the viewpoints from both sides being examined. It presents a very rounded description of the future for both India and the west. A must read... Don't forget to post your comments here.

New Intel P4's Still Trail AMD's Best

2004-02-06T13:37:17+11:00

Intel's new P4 E and P4 EE chips, which run in the 2.8 GHz - 3.4 GHz range appear to perform better than their earlier models, however the P4's still lag behind AMD's best offerings.

New Bill Requires Accurate Whois Information When Registering A Domain

2004-02-06T13:38:12+11:00

In what could be an interesting precedent, the US Congress has passed a bill that requires anyone who registers a domain to provide accurate information for the WHOIS record. Currently, there is no check on whether the information is accurate or not. The Bill seeks to make the internet safer.

At present many registrants (companies included), provide false whois information for various reasons. A common procedure is to list a fake name in the contact information to gaurd against social engineering threats where an attacker may call and ask to speak to the contact listed in the whois database.

Kazaa operator, ISP raided

2004-02-07T04:31:17+11:00

Investigators working for the Australian Recording Industry Association raided the offices of Sharman Networks Ltd., makers of Kazaa peer-to-peer file-sharing software, Friday searching for evidence linking the company to copyright infringement, the company said.

The company was served with a "search and seize" order issued by a judge at the Federal Court of Australia. The homes of two Sharman executives were also searched, according to Sharman. The company's Cremorne, Australia, headquarters was raided by Music Industry Piracy Investigations, a branch of the Australian Recording Industry Association (ARIA) early Friday morning, local time, said Rich Chernela, a Sharman spokesman.

RealNetworks warns of media player security flaws

2004-02-11T13:44:29+11:00

RealNetworks Inc.'s media player software contains vulnerabilities that could let an attacker take control of a PC on which the software is used to download multimedia files, the company confirmed this week.

There are three vulnerabilities: files could be created that will open a Web site on the user's browser, from where remote Javascript can be operated, files could be created that let the attacker download and use their code on a user's machine, or media files can be created that will create buffer overrun errors. The affected software is: RealOne Player, RealOne Player v2 for Windows only (all languages), RealOne Player 8, RealPlayer 10 Beta (English only) and RealOne Enterprise Desktop or RealPlayer Enterprise (all versions, standalone and as configured by the RealOne Desktop Manager or RealPlayer Enterprise Manager).

Yet Another Critical Microsoft Vulnerability

2004-02-11T13:44:59+11:00

Here we go again, the jolly guys at eEye have discovered a critical vulnerability affecting Windows 2000/XP/2003. There is a buffer overflow in Microsoft's ASN.1 library (MSASN1.DLL) that would allow an attacker to run code of his choice on the victim machine. As an interesting note, Microsoft have been sitting on this flaw since July 25th 2003 ! Here is the Microsoft bulletin. Better start patching before we see a new worm.

From the talk on bugtraq :
"If your running, Windows NT 4.0, Windows 2000, Windows XP, or Windows 2003, you are 99.9999% positive to be vulnerable, regardless of what your configuration might be. Don't try to guess if you have any of the affected protocols or applications (lets not forget third party apps using the MS ASN library), just install the patch. "

Microsoft ASN.1 Library Length Overflow Heap Corruption
Software Affected:
Microsoft Internet Explorer
Microsoft Outlook
Microsoft Outlook Express
Third-party applications that use certificates

Services Affected:
Kerberos (UDP/88)
Microsoft IIS using SSL
NTLMv2 authentication (TCP/135, 139, 445)

Not One But Two Critical Vulnerabilities

2004-02-11T13:46:03+11:00

As an update to our earlier news post, eEye have discovered another vulnerability in the same Microsoft DLL, meaning there are now two critical vulnerabilities to be dealt with. According to the eEye team, the dll is 'rife with buffer overrun conditions'. Btw I also noticed this airing on the BBC, but without any real details given. Apparently this vulnerability has been known about since at least September 2003. CERT has released a security alert

Cisco and IBM tie-up for security

2004-02-14T22:36:32+11:00

In a move that suggests how predominant information security is today, industry heavyweights IBM and Cisco have announced that they will "integrate their security and management products to provide businesses with automated tools that protect networks from attack".

The integrated software and hardware products will "talk" to each other and help identify systems that are not compliant with established security policies, the companies said. When noncompliant systems or threats are detected, the IBM and Cisco security technologies can automatically adapt to protect against security breaches, such as hacking, worms and viruses.

Red Hat Delivers Test of Fedora Core 2

2004-02-14T22:37:03+11:00

Red Hat has released a test edition of Fedora Core 2, a version of Linux that incorporates the new 2.6 kernel at the heart of the open-source operating system.

The first beta of Fedora Core 2, introduced on Thursday, also includes new versions of two popular Linux user interfaces, Gnome 2.5 and release candidate 1 of KDE 3.2, Red Hat said. The 2.6 kernel the "test1" version is based on adds support for more powerful servers, a better ability to handle multiple software tasks simultaneously and other features.

Intel Blurs Line Between Desktop and Notebook

2004-02-14T22:37:41+11:00

Intel plans to unveil next week a prototype consumer portable computer that blurs the line between desktops and notebooks by shedding the traditional clamshell laptop design.

The prototype, which acts like an all-in-one desktop, will be one of three models unveiled at Intel's annual spring developer conference in San Francisco. Two concept business notebooks will also be unveiled. Collectively, the machines are known as Florence.

Microsoft Windows Source Code Leaks !

2004-02-14T22:38:44+11:00

Most people know that the Windows source-code is Microsoft's holy-grail. It now appears that several million lines of code dating from around mid-2000 have been leaked onto the net and are circulating through hacker channels on IRC and various sites.

Technology analysts said it was too early to assess the damage the leak may cause to users. The worst scenario is that it will allow hackers to find and exploit new security vulnerabilities in Windows NT4 and Windows 2000 software, the code could also allow rival software companies to gain a better understanding of the inner workings of Microsoft's technology.

The source of the leak remains a mystery: In their official statement ,the company said there was no indication that its corporate network had been breached. Microsoft had previously shared some of its source code with some companies, US government agencies, foreign governments and universities, under tight restrictions.

FA/18 Hornet Jet Sold On e-Bay !

2004-02-17T03:16:39+11:00

As quirky as this may sound, the worlds only privately owned FA/18 Hornet fighter is being auctioned on e-bay!

What does it cost ? $1 million unassembled, or $9 million assembled and certified airworthy 'with your choice of paint'. Any bidders ?

First Bug Found In Leaked Windows Source Code

2004-02-17T03:18:35+11:00

The first vulnerability to emerge from someone looking over the recently leaked Windows source code is out. It appears Internet Explorer 5 is vulnerable to a buffer overflow exploit when an attacker creates a malicious bitmap image.

The researcher who discovered the vulnerability provided proof that he had found it by looking through the leaked source code, by providing the filename 'win2k/private/inet/mshtml/src/site/download/imgbmp.cxx'
and the part of the C code that is vulnerable

Firewall.cx Partners With Searchnetworking.com

2004-02-17T04:34:46+11:00

Firewall.cx is pleased to announce it's content partnership with one of the world's largest IT websites, Searchnetworking.com.

In recognition of our outstanding material and our hardworking team, Searchnetworking.com has offered Firewall.cx a unique opportunity to share content material between the two sites!

This new relationship between the two sites will inevitably help our successful network community grow and help more professionals out there get access to our top quality articles!

Defending Earth from Asteroids with MADMEN

2004-02-24T23:33:55+11:00

A partner of Atlanta-based NASA Institute of Advanced Concepts is working on a concept they call MADMEN (Modular Asteroid Deflection Mission Ejector Nodes), which would launch a distributed attack against large Earth-bound objects. Thousands of MADMEN could be built by many nations and when launched, each would land on the object, drill into its surface and remove enough material to change its course.

Microsoft considers releasing Windows XP - Reloaded

2004-02-28T01:26:57+11:00

VnuNet is carrying a story that says that Microsoft is considering releasing an interim version of Windows XP before the release of Longhorn.
Microsoft has come under increasing pressure to ship some form of update, having pushed back Longhorn's scheduled release from 2004 to 2006.

With a final shipping date for Longhorn still some way off, the company risks open source alternatives to its desktop operating system gaining ground.

When previously faced with long intervals between major releases, Microsoft pushed out Windows 98 Second Edition.

A spokeswoman for Microsoft would only say: "Reloaded refers to efforts being made to add value to the XP platform."

MyDoom.F Knocks Down RIAA Website

2004-02-28T01:28:23+11:00

The RIAA (Recording Industry Association Of America) website has apparently been taken down in the denial-of-service attack of the MyDoom variant labelled MyDoom.F.

The RIAA has been on the recieving end of a lot of flak for their aggressive war on music file sharing services and file swappers

A lot of people feel that the RIAA campaign against file sharers is unduly aggressive with them slapping lawsuits on individual swappers. The company has faced PR disasters when they sued a 12 year old girl and a sprightly old grandmother who had never heard of an MP3 in her life.

EFF Produces File-Sharing Plan Where Artists Get Paid

2004-02-28T01:28:42+11:00

The EFF (Electronic Frontier Foundation) has proposed a new plan for file sharing so that file sharing sites can continue to operate while artists also get paid. The plan looks quite promising so far and might just be the push needed to make music trading online legal.

Nmap 3.50 Released !

2004-02-28T01:29:03+11:00

The latest version of what is possibly the worlds most powerful and popular portscanner is now available for download. For those lesser mortals who haven't experienced Nmap, we suggest you get it now..
Nmap 3.50 has been released

There has been a significant update to the remote OS detection fingerprints so that it can now accurately identify over 1000 operating systems.
MS Windows support has improved substantially. Newer features such as version detection are supported, and the Windows port is also faster and more stable.

Mac OS X is now fully supported

Nmap output is more concise and prettier, thanks to a new NmapOutputTable class that reduces extraneous whitespace. This makes it easier to read, and also leaves more room for version info and possibly future enhancements.

And much much more....

Enthusiasts Call Web Feeds 'The Next Big Thing'

2004-03-01T01:56:23+11:00

Yahoo has a story on how RSS and other web-feeds are the technology of the future for getting information out of the web. There are some interesting comments on the article at Slashdot. Personally, I agree, I read all my favourite websites through their news feed and in fact all the news I submit comes from what I pick after reading through a whole lot of feeds.

A Home Users Security Checklist

2004-03-01T12:21:06+11:00

Securityfocus has published a new article called A Home User's Security Checklist. The article lists all the steps a normal non-technical user can take to secure his PC. For each item in the checklist, there is a link which explains why that measure should be taken.

Lord Of The Rings - Return Of The King Sweeps The Oscars

2004-03-01T12:22:01+11:00

The third part of Peter Jackson's epic trilogy "Lord Of The Rings - Return Of The King" swept the Oscars, winning awards in all 11 categories it was nominated for ! It has now matched the record 11 wins of Titanic and Ben Hur. Peter Jackson finally picked up his much deserved Best Director award. Here is the full Oscar winners list.

"One Ring to rule them all, One Ring to find them, One Ring to bring them all and with the Oscars bind them!"

Cisco refers Firewall.cx !

2004-03-04T14:55:07+11:00

We are pleased to mention that Cisco has included links to Firewall.cx within their popular Cisco Network Academy Program.
This was recently brought to our attention and confirms, yet again, the dedication and the invaluable team effort in providing accurate material worthy of such acknowledgement.

The screen shot taken directly from the Cisco Academy program can be viewed by clicking here.

With this opportunity, we would once again like to thank all of you for helping this site become one of the most well known and respected networking sites in the world!!

The Firewall.cx Team

Leaked SCO email suggests Microsoft is funding anti-Linux campaign

2004-03-07T16:59:40+11:00

Open source guru Eric S Raymond has got hold of a leaked SCO email that talks of Microsoft funneling huge amounts of money (to the tune of $86 million) to keep the floundering company and its anti-linux licensing scheme afloat.

The full leaked email with Raymond's own comments can be found here. The memo comes as an embarrasment to both Microsoft and SCO which has been claiming intellectual property infringement from the Linux community.

According to the details, if it wasn't for Microsoft, SCO would be $15 million in debt.

New Book Review Section

2004-03-07T17:59:50+11:00

Our 'Book Review' section is now online!
The Firewall.cx team has undertaken the task of reviewing networking related books to help guide our visitors in their book selections and inform them on recent publications.

Under this new section you will find a detailed analysis of the content and topic that each book covers, providing you with an overall summary which will avoid surprises should you decide to purchase the book.

Firewall.cx Book Reviews

New Worm Poses As Microsoft Security Patch

2004-03-10T11:02:29+11:00

A new worm called Sober.d is doing the rounds masquerading as a security patch from Microsoft. arrives in an e-mail message with a subject that reads "Microsoft Alert: Please Read!" (The worm also comes in a German flavor, with a matching headline of "Microsoft Alarm: Bitte Lesen!")

If the recipient launches the attachment, the worm scans the PC to see if it's already infected. If not, Sober.d displays a dialog box titled "Windows Update --MS-Q4232361791-" with the message: "The patch has been successfully installed."

If the computer has been infected, the dialog's message changes to: "This patch does not need to be installed on this system," giving users an even greater false sense of security

The Command Line - The Best Newbie Interface

2004-03-10T11:04:57+11:00

OSNews has an interesting article on how new computer users find the command line interface relatively easier to use than the GUIs now omnipresent in computer interfaces.

The general impression is normally that command line interfaces are more difficult to use and have been a big stumbling block toward the adoption of Linux and other similar systems.

Microsoft Security Bulletin for March

2004-03-10T11:13:07+11:00

Microsoft has released its security updates summary for March 2004. This month's security updates address newly discovered issues in Microsoft(R) Windows(R), Microsoft Office, and MSN(R) Messenger. LEARN MORE ... To learn about these updates and which software is affected, review these notices on Microsoft.com:
Microsoft Windows

Microsoft Office

MSN Messenger

Europe Stands United on Two Windows.

2004-03-18T13:34:00+11:00

European states have lent their weight to a landmark ruling against Microsoft Corp that could see two versions of Windows shipping in 15 countries. All 15 European Union nations have backed a proposed European Commission final ruling against Microsoft, potentially forcing the company to split Windows into two flavors.

New Sophisticated Windows Trojan Spreading Through P2P Networks

2004-03-18T13:34:18+11:00

A new trojan known as 'Phatbot' is spreading rapidly through the P2P file sharing networks such as Kazaa and Bearshare. The trojan is very sophisticated and can spread spam, steal Windows product keys, AOL accounts and Paypal passwords among other things. Here is a list of some of its known capabilities.

Top Vendors Speak of the Virtues of Open-Source Software

2004-03-18T13:35:08+11:00

If enterprise has any misgivings on the marketability of open source, the major IT vendors are certainly providing testimonials to its value this week.

Companies like IBM, HP and Novell, which have invested in projects such as the Apache Web server, FreeBSD, GNOME, GNU, KDE and of course Linux, say that open source is not only good for their long-term business models but also for their existing products.

Novell vice chairman Chris Stone said those who fear the rise of open source are blind to its benefits.

"There is a misconception that open source is a haven for purple-Mohawked hackers who write sub-standard code. That is not true," Stone said to attendees at this week's Open Source Business Conference 2004 here.

"According to our inquiries, 60 percent of the developer community is working on open source projects -- sometimes on their time, sometimes on your time -- and that is good."

We Are Morons: a quick look at the Win2k source (Technology)

2004-03-19T11:00:00+11:00

Several days ago, two files containing Microsoft source code began circulating on the Internet.
One contains a majority of the NT4 source code, while the other contains a fraction of the Windows 2000 source code, reportedly about 15% of the total.
This includes some networking code including winsock and inet; as well as some shell code. Some other familiar items include the event log, and some of the default screensavers.

Internal Firewall From Checkpoint

2004-03-22T11:00:00+11:00

Check Point Software Technologies has come up with a new product called "InterSpect" which they claim will revolutionize the way customers protect their internal networks.

The appliance is is basically an internal firewall capable of monitoring internal network traffic at packet level, isolating machines or network segments where it detects trouble.

Microsoft FUD Machine Aims at Open Office

2004-03-29T10:18:31+10:00

Microsoft's Fear Uncertainty and Doubt engine is giving a look at OpenOffice - the free, open-source alternative to Microsoft Office. They have released what they call a Competitive Guide which is supposed to show how the expensive Microsoft Office is better than the free Open Office. As usual though the facts are questionable, here is a detailed rebuttal of their 'truths'. Interestingly the Microsoft PDF was made with Acrobat Distiller 4.05 for Macintosh !

I have personally seen a company migrate from using Microsoft Office to Open Office because they were upgrading a lot of MS software and found that after paying all the other licensing, paying for MSOffice was prohibitively costly. They went with Open Office, saved a lot of money, and have never had any compatibility or formatting issues.

The users too adapted very quickly to Open Office since it is very similar in layout and structure to MS Office.

Witty worm frays patch-based security

2004-03-30T10:00:00+10:00

The Witty worm first hit computers known to be vulnerable and emerged so quickly that most companies had no time to apply a patch, according to an analysis of the program. Click here for more information.

Code attacks Cisco vulnerabilities

2004-03-31T10:56:25+10:00

Cisco Systems issued a security warning this weekend to customers after new software code was published on the Internet that targeted certain vulnerabilities on several of its networking products.

Microsoft defaced again!

2004-03-31T14:02:57+10:00

Microsoft web site ( http://register.microsoft.co.kr ) was compromised and defaced on the Microsoft Korea (microsoft.co.kr) network. The machine was defaced (and is still defaced 15.25 GMT) initially (...) by a Brazilian defacer/group know as "c0derz".

The funny thing is that also Microsoft is defaced by using a very common error in the configuration of the Frontpage Extensions, we must consider the following: where is the security if also Microsoft is hacked by using a misconfiguration in their own product while they should know everything about it?

Spammer Loses Porsche

2004-04-01T11:00:24+10:00

AOL gets luxury car as anti-spam lawsuit is settled! NEW YORK - Finally, some payback for all that spam.

It's a 2002 Porsche Boxster S and it will be the grand prize in an America Online sweepstakes that started on Tuesday.

AOL obtained the car in settling a lawsuit against 'a guy who by our estimates made more than a million dollars from spamming', said Mr Randall Boe, AOL's executive vice-president and general counsel.

Supermarket giant promotes Linux

2004-04-02T14:41:33+10:00

US retail giant Walmart has expanded the range of PCs running Linux it sells through its online store. The supermarket chain has begun selling PCs running Sun's version of Linux, called Java Desktop, for about $300.

This is the first time that Sun's version of Linux has been sold on consumer machines though Walmart has sold open source PCs since 2002.

Gmail… Googles answer to web-based email

2004-04-04T13:25:42+10:00

The worlds most popular search engine GOOGLE has stepped forward to provide users with free web-based email- Gmail.

Unlike other free web-based emails Google will interconnect its email with its advanced searching functions as well as to provide a whopping one gigabyte of storage.

"Google believes people should be able to hold onto their mail forever", the company said. That's why Gmail comes with 1,000 megabytes (one gigabyte) of free storage - more than 100 times what most other free webmail services offer."

You can check it out at http://gmail.google.com/

However it is only in its beta stages and not yet widely available.

Pioneer To Introduce High Precision Electron Beam Recorder

2004-04-06T00:57:22+10:00

Pioneer has come up with a new technology where the electron beams are of high precision...and this can actually be used to produce discs of 50GB capacity!
Yipppe! All my 'friends' seasons on one cd! Hopefully someday..

Pioneer FA expects that the market will expand and plans on promoting the development of next generation EBRs to realize even higher-density recording together with Pioneer.

Main Features:
1) Stable electron beam emission with a large current by utilizing a thermal/field type emitter.
2) Large, high-density recording capacity of 50GB or more on one side of a 12 cm disc.
3) High track-pitch accuracy.
4) High productivity with a load-lock chamber

Doubts cast on Yankee Linux-Windows TCO survey

2004-04-08T11:48:24+10:00

Doubts have emerged about a recent survey by a US research group, which claimed that if most mid-sized or large organisations moved from Windows to Linux it would be "prohibitively expensive, extremely complex and time consuming, and wou�ÑDàot provide any tangible business gains for the organisation."

At the time the Yankee Group made its findings publicly known, it made no mention of the fact that the survey had been done in association with Sunbelt Software, a Windows NT/2K/XP Tools Provider.

Click 'Read More' for more details.

It now turns out that Sunbelt publicised the survey on February 16 through an online newsletter, W2KNews, which it runs.

The survey was done through an online form, which is not a medium known to generate reliable data. It's all multiple choice and takes less than 5 minutes.

IBM snags outsourcing firm in India

2004-04-08T11:48:44+10:00

IBM will acquire Daksh, India's third-largest back-office services company, in the biggest acquisition yet in that nation's booming $3.5 billion sector.

Both companies declined to give financial details, but industry sources estimated the buyout--the U.S. giant's first in India--at $150 million to $200 million. That would make it one of the biggest foreign acquisitions in India in the past few years.

The deal, announced Wednesday, is expected to close in May. It will give the world's largest computer maker access to privately held Daksh's 6,000 employees, who mainly offer call center services to 13 clients including Internet retailer Amazon.com.

SCO bid to get Red Hat case dismissed fails

2004-04-08T11:49:55+10:00

A judge in the US district court of Delaware has denied a bid by the SCO Group to get a case filed against it by Red Hat dismissed.

The case was filed in August last year and aimed at getting the SCO Group to stop making "unsubstantiated and untrue public statements attacking Red Hat Linux and the integrity of the Open Source software development process."

Dan Gillmor Reconsiders Linux on the Desktop

2004-04-08T11:50:27+10:00

Influential San Jose Mercury News tech columnist Dan Gillmore has reconsidered his stance against Linux. He now says it's rapidly converging to a viable desktop OS for the masses. "While I wasn't paying sufficient attention, the proverbial tortoise has been playing some serious catch-up."

XPde 0.5 - A Linux Desktop for Windows Users

2004-04-08T11:50:57+10:00

The XPde Team today announced the immediate availability of XPde 0.5.0, a complete rewrite of the XPde desktop environment...XPde aims to recreate the Windows XP desktop environment on Linux in order to allow Windows users to "feel at home" in front of a Linux computer.
Since pictures speak a thousand words, here are the screenshots.

Hackers hit university supercomputers.

2004-04-15T02:46:56+10:00

Stanford, along with a large number of research institutions and high performance computing centers, has become a target for some sophisticated Linux and Solaris attacks. An unknown attacker (or group) has compromised numerous multi-user Solaris and Linux computers on Stanford's campus using a variety of mechanisms. In most cases, the attacker gets access to a machine by cracking or sniffing passwords.

PCs infested with 30 pieces of spyware

2004-04-17T10:58:32+10:00

The average home user's PCs carries nearly 30 'spyware' programs secretly forwarding information about a user's online activities to others without their knowledge. You can read the full story at VNUNet or BBC News.

The story also hit Slashdot, where you can see people comments about it. If you want to check your machine for spyware and remove it, try the following tools

Spybot - Search & Destroy

Ad-Aware.

Sneak Peek at Gmail -- Google Mail

2004-04-17T11:12:21+10:00

All of you have probably heard of Gmail, the new email service about to be launched by Google. Most people have been attracted to it because of the free 1GB of space they will give you for your mail as opposed to 2-5MB provided by other hosts like Hotmail and Yahoo. However G-mail is also exciting because of the incredible search functionality built in, allowing you to quickly find messages in ways you never could before. Here are a couple of screenshots

Google has done their homework and has taken a lot of very nifty features such as labeling emails and 'conversations' (threaded messages with their replies) from Mozilla Thunderbird the mind-blowing open source email client. If you use Outlook or any other email client, you owe it to yourself to check out Thunderbird. You will not look back.

Serious TCP/IP Vulnerability Exposed

2004-04-22T12:35:26+10:00

In a rather startling revelation, the UK's National Infrastructure Coordination Centre has discovered a major flaw in TCP/IP that could allow hackers to crash vulnerable routers and severely disrupt Internet traffic. The problem stems from the fact that it's far easier to reset TCP/IP sessions using spoofed packets than previously thought.

In short, the exact sequence number need not be predicted as most TCP/IP implementations will accept any sequence number that falls in a particular range! This makes predicting the sequence number much easier, and thus spoofing RST packets is possible. Vendors such as Cisco are rushing patches.

DOJ Strikes at Global Online Piracy

2004-04-26T04:36:46+10:00

Law enforcement officials took a swing at international online piracy Thursday in what the U.S. Department of Justice (DOJ) is characterizing as the largest multi-national effort ever directed at intellectual property theft.

No arrests were made but 120 search warrants were executed in 27 states and 10 foreign countries.

The raids hit groups that specialize in the distribution of pirated works including utility and application software, movies, music and games and resulted in the seizure of more than 200 computers. According to the DOJ, one of the storage and distribution servers seized in the United States contained 65,000 separate pirated titles.

FOOT-AND-MOUTH BELIEVED TO BE FIRST VIRUS UNABLE TO SPREAD THROUGH MS OUTLOOK.

2004-04-27T06:00:00+10:00

FOOT-AND-MOUTH BELIEVED TO BE FIRST VIRUS
UNABLE TO SPREAD THROUGH MICROSOFT OUTLOOK
Researchers Shocked to Finally Find Virus That Email App Doesn't Like

Atlanta, Ga. (SatireWire.com) — Scientists at the Centers for Disease Control and Symantec's AntiVirus Research Center today confirmed that foot-and-mouth disease cannot be spread by Microsoft's Outlook email application, believed to be the first time the program has ever failed to propagate a major virus.

"Frankly, we've never heard of a virus that couldn't spread through Microsoft Outlook, so our findings were, to say the least, unexpected," said Clive Sarnow, director of the CDC's infectious disease unit.

Firewall.cx gets noticed by the world's largest sites!

2004-04-29T03:40:45+10:00

It's no new news that Firewall.cx is starting to really get noticed by the world's largest websites and companies.

Only recently, we found out that Cisco placed direct links to our site, within their popular CCNA Academy Program.
Searchnetworking.com has become a website partner, publishing our unique material on their site, while other websites like ITPRC.com acknowledge our efforts and top material by awarding us the 'Link of the Week' award!

So with all the above, you can see that the word is getting around and we are aiming to continue providing the Internet with Top-Notch security and network articles, and hopefully soon, online security services - Free of charge! :)

If you would like to check out the screen shots -proof to all the above- please visit our awards page!

Sasser.B Worm

2004-05-04T16:41:45+10:00

For people who haven’t been paying attention there is another outbreak, this time it is the Sasser Worm.

People running Windows are urged to update their virus definitions and run Windows Update.

More information can be found here:

Trend Micro - http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_SASSER.B
Symantec Security Response - http://securityresponse.symantec.com/avcenter/venc/data/w32.sasser.b.worm.html
Microsoft - http://www.microsoft.com/security/incident/sasser.asp

'Laser vision' offers new insights

2004-05-07T21:17:00+10:00

A system that projects light beams directly into the eye could change the way we see the world.
US firm Microvision has developed a system that projects lasers onto the retina, allowing users to view images on top of their normal field of vision.

It could allow surgeons to get a bird's eye view of the innards of a patient, offer military units in the field a view of the entire battlefield and provide mechanics with a simulation of the inside of a car's engine.

German Police Arrest Sasser / Netsky Worm Author

2004-05-09T01:03:39+10:00

The programmer of the Sasser worm has been arrested by German police. The Sasser author is an 18-year-old man who was arrested on Friday in Rotenburg, Germany. With the Sasser worm being the latest among worms that spread like wildfire among unpatched windows boxes, and apparently also caused serious computer outages and cost to the economy. The 18-year-old author of Sasser is responsible for Netsky, too. The German police is talking about 'a milestone in war against cybercrime'."

Stinger for Sasser Worm

2004-05-12T12:48:01+10:00

Following the break out of Sasser, most antivirus companies have provided custom made scanners to locate infected files and remove them. One of these popular programs is Stinger, by Network Associates

Stinger is a stand-alone utility used to detect and remove specific viruses. It is not a substitute for full anti-virus protection, but rather a tool to assist administrators and users when dealing with an infected system.
You can grab a copy of the latest version by clicking here and then proceed to Microsoft and download the appropriate patch for your system.

CISCO IOS code leaked

2004-05-17T21:36:12+10:00

After Microsoft it's Cisco's turn. A code is leaked. As it became known by SecurityLab, on 13 May, 2004, approximately 800Mb of the operating system CISCO IOS 12.3, 12..3t, which is used in the majority of the net devices of company CISCO.
Securitylabs also provides 100 first lines of the initial code of file ipv6_.tcp.c and ipv6_.discovery_.test.c.

According to the information available,

the leakage of the fragments of the initial code occurred because of the breaking of the corporate Cisco network. Representatives Cisco Systems so far have not commented on the incident.

Sample of the original code:
http://www.securitylab.ru/45222.html
http://www.securitylab.ru/45223.html

Original artricle:
http://www.securitylab.ru/45221.html

XP pirates barred from critical upgrade

2004-05-17T21:53:10+10:00

People who bought illegal copies of Windows XP will not be able to install software designed to make the operating system more secure.
Most pirate versions of Windows XP are copied from a small number of legal discs and Microsoft has worked out the serial numbers...of the 20 most copied. Service Pack 2 adds new security features to Windows XP. It will be available from July as an 80Mb download or on CD from leading retailers.

The same tactic was used to stop pirate copies from installing SP1, although pirates then launched a tool to get round the anti-piracy measures.

Users who have versions of XP bearing any of those serial numbers will be blocked from installing Service Pack 2.

Source: http://www.vnunet.com/News/1155215

Fedora Core 2 Released !

2004-05-21T01:43:37+10:00

Get yourself the freshest latest version of Fedora Core right from here.

For the uninitiated, Fedora Core is Redhat's community supported Linux distribution that is touted as being one of the most serious contenders to the desktop Linux throne. Here's a review on FC2

A lot of first time Linux users have been quite impressed wiith Fedora Core, with its polished GUI and intuitively laid out menus.

Taiwanese virus writer arrested

2004-05-30T05:55:15+10:00

Following on from our report yesterday on the author of the Randex worm being arrested, it has been revealed today that a Taiwanese computer engineer has been arrested for allegedly writing and distributing a Trojan horse.

The Trojan horse, known as Peep, which has allowed hackers access to sensitive government information, is alleged to have been written by 30 year old

Wang Ping-an. Ping-an has been charged with vandalising public and corporate property, and faces a five year jail sentence if convicted.

Graham Cluley, senior technology consultant for Sophos, made the following statement regarding the virus:

"A 30-year-old computer engineer can't use the excuse that he didn't know what he was doing if he writes and distributes a malicious piece of code." If found guilty it's quite possible that he will receive a tough sentence - particularly as it is being suggested that the Trojan may have left open a backdoor for Chinese hackers to exploit.

Taiwanese computer crime authorities began investigating a few months ago when it became clear that confidential government data was being stolen by hackers. The virus was discovered on goverment systems, and it is claimed that it is responsible for the theft of data from hundreds of government agencies, schools and companies across Taiwan.

The worldwide police community is clearly stepping up its efforts against writers of viruses, worms and trojans, with more arrests being reported than ever before. Whether or not this will deter virus writers from creating more illegal software is something that only time will tell. We'll keep you posted.

Source: http://itvibe.com/default.aspx?NewsID=2556

First 64-bit virus is discovered by Symantec

2004-05-30T05:56:20+10:00

Symantec in Canada have discovered the first known virus for the 64 bit version of Microsoft Windows.

Called W64.Rugrat.3344, the virus is a direct action infector, which means that it quits the system memory once it has executed. The virus infects....

what are known as IA64 Windows Portal Executable files.

Although the virus is not capable of infecting a 32 bit Portable Executable file, or indeed of running on a 32 bit Microsoft Windows platform natively, it is possible to run it on a 32 bit machine using a 64 bit emulator.

Although the virus is rated by Symantec as being low risk, and is more of a proof of concept than anything else, it is worrying that 64 bit viruses for Microsoft Windows are already emerging. Symantec's latest virus definitions will remove the virus, and other virus companies will follow suit shortly we would imagine. Full virus information and removal instructions are available here.

Source: http://itvibe.com/default.aspx?NewsID=2552

WT*!! Microsoft granted patent on button clicking.

2004-06-04T02:41:05+10:00

Microsoft Corp. has been granted a patent relating to the use of buttons on hardware devices that form part of a user interface.
U.S. patent 6,727,830, granted April 27, is described as a "time-based hardware button for application launch."

The patent abstract goes on to explain that the patent relates to how different functions can be invoked depending on whether a button is clicked once, clicked and held down for a period of time, or double-clicked within a short period of time.

A Microsoft spokesman confirmed that the patent was granted by the U.S. Patent and Trademark Office to Microsoft and that it was developed by employees working in the company's Pocket PC group. He couldn't say whether or not the patent applied to desktop applications, or how Microsoft planned to enforce the patent.

All-in-One solution for security professionals

2004-06-09T12:29:26+10:00

F/X Communications (www.fx.dk) in Denmark has released version 3.0 of their Multi-Platform "Deep Packet Inspection" Firewall.

The uniquely powerful InJoy Firewall 3.0 delivers cutting-edge Firewall and IPSec VPN technology for Enterprise Servers and SOHO Networks -- and as the ONLY software-based firewall in the world, it delivers the exact same feature-set for Linux, Windows 2000/2003/XP, OS/2 Warp and eComStation!<

The feature-set includes enterprise-class next-generation security, 10+ preconfigured policy templates (including full customization options), seamless IPSec VPN integration, network monitoring, traffic shaping, e-mail server protection, gateway capability, remote management and much more! For further details, please visit:F/X Communications and InJoy Firewall

New cellphone worm spreads via Bluetooth.

2004-06-17T11:45:10+10:00

PARIS - The first computer 'worm' that can spread between cellphones has been developed but so far there is no cause for panic.

Experts say that the virus, called Cabir, should not alarm the public because it has been circulated by researchers in a controlled laboratory setting only.

The French unit of Russian security software developer Kaspersky Labs said that the virus appears to have been developed by an international group, 29a, which aims to show 'that no technology is reliable and safe from their attacks'.

New use for iPod -- iPod Used In Domestic Homicide.

2004-06-19T01:00:28+10:00

MEMPHIS, TENNESSEE (HLN) - A Memphis woman was arrested and charged with first-degree murder after she bludgeoned her boyfriend to death with an iPod.

Arleen Mathers, 23, was arrested Thursday morning after she called Memphis Police and said she had killed her boyfriend, according to a Sheriff’s Department report.

When deputies arrived at Mathers’ apartment at 528 Poplar Avenue, Mathers led them to the body of her boyfriend, Brad Pulaski, 27.

Brad Pulaski had died of blunt trauma to the head after being repeatedly bludgeoned with an iPod, a popular MP3 player produced by Apple.

Police said no motive has been confirmed, although evidence suggested the murder was the result of a domestic dispute after Pulaski erased the contents of Mathers’ iPod.

According to law officers, Mathers was hysterical when police arrived and told them that she killed her boyfriend only after he accused her of illegally downloading music and erased about 2,000 of her MP3s. Mathers complained that it took 3 months to build her music collection.

An autopsy performed Friday afternoon at Methodist Hospital showed that Brad Pulaski had been beat multiple times in the face and chest by a blunt metal object, and died of internal bleeding, said Dr. Felix Klamut, deputy coroner.

According to Apple’s website, the iPod is partially made of a hard metal plate that’s been praised for it’s resistance to regular wear and tear, like drops and coffee spills.

“It took him a while to die,” Dr. Klamut said. “She must have stabbed him 40 to 80 times with that iPod. His death was not instantaneous, that’s for sure”

Arleen Mathers was arraigned Friday night by a video hookup from the county jail. Municipal Court Judge Simon Lambert set her bond at $600,000 and scheduled a preliminary hearing for March 9.

Source w/pix: http://www.liquidgeneration.com/rumormill/ipod_killing.html

This is just dumb! -- Surf the net while surfing waves.

2004-06-19T01:02:26+10:00

For a decade, "surfing" has come to mean browsing the net rather than riding ocean waves on a plank.
But a surfboard has now been developed that lets surfers surf while surfing. The prototype board has been built by Devon "shaper" Jools Matthews.

It houses a laptop, solar panels, and video camera, and is to launch at the Intel GoldCoast Oceanfest on 18 June. The world's first wi-fi board uses a high-speed net connection point - hotspot - positioned on the beach.

Chip makers Intel has commissioned the unusual surfboard as part of the free sports and music festival in North Devon to show off how technology can be brought to the sea and sand.

The board will have its maiden outing on the waves when it is used by international pro surfer Duncan Scott at the event.
More w/pix: http://news.bbc.co.uk/1/hi/technology/3812357.stm.

Father of ASCII and the Escape key dies.

2004-06-26T12:00:58+10:00

Bob Bemer was behind the escape key. The man who invented the Esperanto of the technology world enabling computers to swap information freely has died.
Bob Bemer developed the Ascii coding system to standardise the way computers represent letters, numbers, punctuation marks and some control codes.

He also introduced the backslash and escape key to the world of computers and was one of the first to warn about the dangers of the millennium bug.

Mr Bemer died on 22 June at his home in Texas following a battle with cancer.

Apple previews Mac OS X 'Tiger' Server

2004-06-30T18:48:25+10:00

SAN FRANCISCO -- Apple Computer Inc. is giving attendees of this week's Worldwide Developers Conference (WWDC) 2004 in San Francisco, a first look at the next major revision to Mac OS X v10.4, known by its code-name "Tiger." Version 10.4 is the forthcoming release of the company's operating system that is expected to be released some time in the first half of 2005, and it touts more than 150 new features, according to Apple CEO Steve Jobs, who took the wraps off the software at a keynote address on Monday morning.

For more information on this post, please visit: http://www.infoworld.com/article/04/06/29/HNtiger_1.html.

Security Group Warns Of Newly Discovered IE Flaw

2004-07-01T11:25:21+10:00

Internet security research group Secunia issued a warning Wednesday about a security vulnerability it says it has discovered within Microsoft's Internet Explorer Web browser. The flaw, which Secunia has ranked as "moderately critical," is found within Internet Explorer versions 5.01, 5.5, and 6, Secunia says in an advisory. Internet Explorer doesn't block malicious Web sites from inserting "arbitrary content" in an arbitrary frame in a browser window, the Danish security firm says. Secunia says the malicious content will appear as if it originated from a trusted site, which is an attack commonly known as spoofing.

Secunia says it has verified the flaw in "a fully patched Internet Explorer 6 running on Microsoft Windows XP" and that other versions of Internet Explorer could also be affected by this vulnerability.

Secunia's only advice is that Internet Explorer users not visit untrusted Web sites or select a different browser.

Microsoft was not immediately available for comment.

Source: http://www.informationweek.com/story/showArticle.jhtml?articleID=22103094.

Greece is the word

2004-07-06T22:27:59+10:00

Greece's improbable but deserved victory at UEFA EURO 2004™ has stunned the whole of Europe. euro2004.com rounds up media reaction from the 14 other nations who took part in these finals and finds a shared disbelief in the success of Otto Rehhagel and his players.

It's not a dream. Greece are the champions! Charisteas's goal made eleven million Greeks the happiest nation in the world. The 4th of July must be Greece's new national holiday. Otto's warriors marched on to a surprising but well deserved triumph. Eusébio was among the spectators and he would probably have needed to come on to the pitch if his compatriots were to ever get past the resilient Greek defence. That defence was the best at EURO 2004 and no one could beat them. Sensational.
(Bulgaria - Meridian Match)

Greece are European champions! Believe it or not! Sensational, a real football miracle, unbelivable. Otto Rehhagel set the unbreakable defence and Greece deserved this unbelievable triumph. Like before at EURO 2004, Greece played with very high discipline, and with a strong and solid defence they didn't allow Portugal to get near their goal and produce any serious threat. Figo and company were weak, short of ideas and creativity. The Greeks were like football gods at the Luz last night.
(Croatia - Sportske novosti)

Charisteas sent shockwaves through the 62,000 in Estádio da Luz in Lisbon, as he headed the ball powerfully past the Portuguese keeper Ricardo. The Greek way of playing may and will be criticised but, the fact is, this underestimated Greece team are European champions."
(Denmark - Ekstra Bladet)

A tear flowed down the face of the beautiful game last night. An evening that was heaven for Hellas will be remembered as a triumph of tactics over instinct, of set-piece preparation that saw Angelos Charisteas head the Greeks, the 100-1 outsiders as EURO 2004 opened, to the most improbable of victories. If Greece's moment in the international sun was a success for organisation, good coaching and supreme fitness, last night's showdown of European football will trigger too many laments.
(England - Daily Telegraph)

Greece, heroes of a modern mythology, caused one of the biggest surprises ever in football history at the Luz stadium. Winning the EURO 2004 final against the arch-favourites of Portugal, Otto Rehhagel's players achieved their Olympus. Their success can be compared with Uruguay's victory against Brazil in the 1950 World Cup or Germany's win over Hungary in 1954 or even to Denmark's achievement at EURO 92.
(France - Le Parisien/Aujourd'hui en France)

50 years after the 'Wunder von Bern', Otto Rehhagel led Greece to the biggest sensation in the history of the European Championship. A goal from Bremen striker Angelos Charisteas on 57 minutes gave the Hellenic outsiders a surprising 1-0 win over favourites Portugal. The 15,000 Greek fans among the 62,865 spectators in the sold-out Estádio da Luz celebrated their side's first-ever trophy in a major tournament as Portugal failed to avenge their 2-1 defeat in the opening match.
(Germany - Frankfurter Allgemeine Zeitung)

Spoilsports from the start to the finish. Greece go into the book of the most sensational achievements in football history. More sensational than Denmark, the European champions in 1992, this win can be compared to the legendary triumph of Uruguay, who in 1950 in Rio de Janeiro took the World Cup from Brazil. But that Uruguay was full of great players and this Greece has no stars. They haven't stolen anything - to be clear, they just prefer to destroy the opponent's play instead of playing their own game.
(Italy - Gazzetta dello Sport)

Many do not appreciate the tactics of the new champions but still there is no reason to doubt their right to this success as they defeated Portugal twice and sent reigning champions France and the Czech Republic home. It would be very difficult to grasp the size of the subsequent party in Athens.
(Latvia - Diena)

The triumph of Greek football was confirmed on Sunday night. In Lisbon, FC Hellas were stronger once again than the host team. Charisteas scored the winning goal in the second half. As in the opening game, the Portuguese weren't able to get to grips with the Greeks' 'cement' football. With that, Greece have become European champions.
(Netherlands - De Telegraaf)

Just think - had Russia converted a single chance of the many they created against Greece the future winners would have been stopped in their tracks. But there is no sense in recalling that now. Let us think about another thing - that 65-year-old Otto Rehagel is the main hero of the championship. He did not possess the strongest team in the competition, but it proved not to be decisive. Because this team had the wisest and the most cunning head coach, a head coach who outplayed everyone.
(Russia - Sport-Express)

Greece are champions of Europe. Believe me, it is not a dream. It is true, it is a reality. The captain, Theodoros Zagorakis, the best player in the stadium, raised the cup to the sky in Lisbon. These celebrations may be the first and only ever time for the Greeks. Angelos Charisteas was already the hero against Spain and France and, from yesterday, he is the seventh Greek god. Zeus, Apollo, Hermes, Ares, Poseidón, Ifestos, now Charisteas.
(Spain - Marca)

Greece are the top team. The genius behind Greece is already royalty in Germany. It is King Otto, who has for a long time demonstrated his ability of saving teams that appear to have lost before the start of the game. He was unpopular in Greece for a long time but by making them Europe's top football nation last night, King Otto has become royalty in another football kingdom. He is the man who achieves the impossible.
(Sweden - Aftonbladet)

The sensation is complete: football minnows Greece have beaten Portugal 1-0 in the European Championship final. Angelos Charisteas scored the golden goal. Exactly 50 years to the day after the 'Miracle of Berne', when Germany beat Hungary 3-2 in the World Cup final, football has written a new fairy tale - this time the 'Miracle of Lisbon'. It is even more remarkable than the 1992 European Championship (which had only eight teams), when Denmark became European champions after coming straight from their holidays because Yugoslavia were unable to take part.
(Switzerland - Blick)

Guinness World Records Recognizes Cisco Router

2004-07-10T11:13:56+10:00

CHICAGO (Reuters) - The same book that boasts the world records for most glasses balanced on a chin, the tallest snowman and longest continuous clapping session, now includes Cisco Systems Inc.'s (CSCO.O: Quote, Profile, Research) new machine that directs Internet traffic.

Guinness World Records certified Cisco's CRS-1 router as the highest capacity Internet router at 92 terabits -- 92 trillion bits per second -- of total throughput.

That makes it the first networking technology to be recognized by Guinness World Records, which has tracked record-breaking achievements around the world for almost 50 years.

"As the world advances technologically, it is important that we recognize the innovations that will revolutionize global communications," said David Hawksett, science and technology editor at Guinness World Records.

"The reason we like this one is purely because of the numbers involved. The statistics about what this piece of hardware can do were really mind blowing," he said in a telephone interview on Thursday.

The CRS-1, which Cisco unveiled in May, is capable of downloading the entire printed collection of the U.S. Library of Congress in 4.6 seconds, as opposed to a dial-up modem transfer rate that would take 82 years. It is designed for telephone companies to deliver data, voice and video services over the Internet.

Cisco submitted its claim several weeks ago, said Hawksett, who usually deals with 200 claims at any one time. Guinness World Records does not have many business-oriented records like it, but Hawksett hopes to change that.

"Not enough people contact us for science and technology records and what I'd like to say to them is 'Please bombard us,"' he said.

First available in 1955, Guinness World Records now publishes its annual book in more than 100 countries and 37 languages. It recognizes over 60,000 world records in its book and online at www.guinnessworldrecords.com.

For those who were wondering, Ashrita Furman balanced 75 20-ounce beer glasses on his chin for 10.6 seconds in his New York City backyard in 2001; the residents of Bethel, Maine, and surrounding towns over 14 days in 1999 built a snowman measuring 113 feet, 7-1/2 inches; and V Jeyaraman of India in 1988 clapped continuously for 58 hours and 9 minutes.

Source: http://www.reuters.com/newsArticle.jhtml?type=technologyNews&storyID=5567384.

Microsoft heads toward perimeter collision with Cisco

2004-07-14T09:24:19+10:00

TORONTO -- Microsoft is developing perimeter security technology that could put it in direct competition with networking giant Cisco Systems Inc.

The software maker this week outlined plans to build technology into Windows Server that checks the health of PCs entering a network.

Microsoft's Network Access Protection (NAP), outlined by Mike Nash, vice president of the Microsoft's security business unit at the Worldwide Partner Conference, does essentially the same thing as technology planned by San Jose, Calif.-based Cisco.

Cisco's Network Admission Control (NAC) program was introduced in November as a means to combat worms and viruses by restricting network access control. Its first phase, which is rolling out this year, will only be supported on its routers, according to Cisco, but other devices will be supported in subsequent phases.

But Steve Anderson, Microsoft's director of the Windows Server group said Microsoft is currently in "deep discussions" with Cisco. "The ideal is to bring them together."

For more information, visit: http://searchwin2000.techtarget.com/originalContent/0,289142,sid1_gci992537,00.html.

Firewall.cx reviews award winning LANGuard 5

2004-07-14T09:33:23+10:00

The LANGuard network security scanner is no new news in the IT market as it has become most Administrators and IT Managers best companion in the endless fight to keep their Windows Network safe and patched.
If you work in a Windows powered environment, then take a look at our review of LANGuard's latest offerings and see how you too can unleash the power of this excellent tool!

Osama 'Death' Pics Hide Trojan Threat

2004-07-25T12:47:19+10:00

Internet users have been warned that messages about the 'suicide' of Osama Bin Laden posted on internet message boards and usenet groups are hoaxes masking an attack on their computer.

The messages attempt to persuade readers to download a file which contains the Hackarmy Trojan.

The infection allows hackers to gain control of a computer remotely, and lurks in a file posing as photographic evidence that Osama Bin Laden has killed himself. Thousands of messages have already been posted claiming that journalists from CNN found the terrorist leader's body earlier this week.

Typically they read: 'Osama Bin Ladin [sic] was found hanged by two CNN journalists early Wedensday [sic] evening. As evidence they took several photos, some of which I have included here. 'As yet, this information has not hit the headlines due to Bush wanting confirmation of his identity, but the journalists have released some early photos over the internet.'

Graham Cluley, senior technology consultant at antivirus firm Sophos , said in a statement: "Hackers and virus writers will try all kinds of tricks to entice people into downloading their malicious code.
"It seems this time that the hacker has focused on the public's morbid curiosity and appetite for news on the war against terror."

Source: http://www.ecommercetimes.com/story/networking/35326.html.

The release of Armor2net Personal Firewall

2004-07-26T21:52:55+10:00

Armor2net Personal Firewall software provides a complete spectrum of Internet security and Internet privacy for computers. The program protects the computer from hackers, data thieves, and other Internet-based dangers. For more information, please visit: http://www.armor2net.com.

Internet Attack Targets DoubleClick

2004-07-28T22:30:17+10:00

DoubleClick Inc., the company that provides online advertising services for some of the nation's most popular Web sites, was the target of a sophisticated attack today, the third time in two months that hackers have targeted a major player in the commercial Internet.

Beginning at roughly 10:30 a.m. ET, unknown attackers overwhelmed DoubleClick's Internet servers with a flood of bogus Web page requests, blocking many major sites from loading ad images on their sites.

The attack made it difficult for Internet users to load pages at nearly all of the 40 most-visited Web sites. At the height of the assault, affected Web pages were available less than 25 percent of the time, according to Keynote Systems Inc., a Web performance monitoring company in San Mateo, Calif.

DoubleClick spokeswoman Jennifer Blum said the attack targeted the company's domain name servers (DNS) -- machines that help direct Internet traffic -- causing "severe service disruptions" for all 900 of its customers. Blum said the outage was caused by a distributed denial-of-service attack, in which hackers use the firepower of thousands of hijacked computers to flood a Web site with so many bogus Web page requests that it renders the site unavailable to legitimate users.

"Beginning this morning our DNS infrastructure came under a denial-of-service attack from outside sources," Blum said. "The situation has improved over the last few hours and we continue to take steps to resolve the situation permanently."

Blum said that the company has contacted the "proper authorities" but would not say which ones DoubleClick contacted. FBI spokeswoman Megan Baroska said that DoubleClick did not report the incident to the bureau. Officials at the U.S. Department of Homeland Security did not return telephone calls seeking comment.

Among the sites hardest hit were those of Nortel Networks, Gateway Inc., MCI Inc., CNN.com and Schwab.com, according to Keynote. washingtonpost.com also was loading slowly for several hours earlier today before the company blocked DoubleClick's ads from running on the site.

CNN.com Senior Vice President Monty Mullig said that several ads did not appear properly on the site, but said the news content is run on a different network. Officials at several other companies were unavailable for comment.

The attack on DoubleClick happened less than 24 hours after hackers released a new version of the "MyDoom" worm, which harnessed the power of Google, Yahoo and two other Internet search engines to aid in its spread. The massive number of queries from MyDoom-infected computers left many Internet users unable to reach those sites, although security experts said that impact on the search engines probably was unintentional.

But security experts said the DoubleClick attack today appears similar in nature to the assault hackers waged last month against Akamai Technologies, a company that distributes Web content for companies such as Google, Microsoft and Yahoo. In that attack, hackers used tens of thousands of enslaved computers to overwhelm Akamai's DNS servers, blocking access to many of the company's customers for nearly two hours.

"One of the things that makes the Internet so survivable is that no one company or technology runs the whole thing," said Lloyd Taylor, Keynote's vice president of technology. "In this case, as with the Akamai problem, the attackers targeted a common infrastructure relied upon by many companies."

The attack on DoubleClick is another sign that attackers are beginning to target key Internet pressure points that -- when squeezed -- darken the Internet for most users, said Johannes Ullrich, chief technology officer for the SANS Institute's Internet Storm Center.

"The hackers don't need to attack the Internet. If you attack Akamai or DoubleClick you can take out 95 percent of what most people consider to be the Internet," Ullrich said.

Virus targeting Google subsiding

2004-07-30T07:53:59+10:00

The computer virus which targeted Google and other search engines is on the way, say net security experts.
But they warn that net users should be on the lookout for a new variant of the worm appearing in the next few days.

The MyDoom.O virus spread quickly on Monday, causing some outages on Google, as well as a slight slowdown in internet traffic.

It used a sneaky new technique to spread itself, scanning search engines for additional e-mail addresses.

Virus evolution

The MyDoom.O variant spreads in the form of an e-mail attachment.

The attached message pretended to be from the user's net provider's or company's support team saying that their PC has been used by hackers to send spam.

A virus is famous for 15 minutes, or in this case for 15 hours, and then there is a big drop off the next day as people update their anti-virus software

Jack Clark, McAfee
It first emerged early on Monday and quickly spread, with e-mail filtering firm MessageLabs stopping 23,000 copies within first five hours.

The latest version marked a worrying evolution of the MyDoom worm that infected hundreds of thousands of computers earlier this year.

This latest variant, MyDoom.O, not only scanned infected machines for e-mail addresses, but it also used search engines to look for even more addresses.

Google, as well as Lycos, AltaVista and Yahoo were bombarded with requests until they could not cope.

"This virus has introduced a new technique in e-mail propagation, in this case using search engines," said Jack Clark, McAfee anti-virus expert.

"You had potentially ten of thousands of machines, each generating tens of thousands of request to Google. That would be enough to bring Google to its knees," he told BBC News Online.

'Warhol effect'

In a statement, Google confirmed it had been flooded with automated searches generated by the MyDoom virus.

Microsoft Latest Target Of Virus Attack

2004-07-30T07:54:57+10:00

Security firms are warning that a new virus is on the loose, and its target appears to be Microsoft.com.

The new virus, named Zindos, piggybacks on the success of the recent MyDoom.O virus.

Zindos compromises computers infected with the earlier virus and is programmed to visit the Microsoft home page every 50 milliseconds.

Earlier this week Google, Lycos, Altavista and Yahoo all struggled to cope with the MyDoom.O virus, which created endless loops of requests directed at the targeted Web sites.

So far, the Microsoft web site appears to be unaffected by the attack. In a statement released on Wednesday, Microsoft said it had "taken steps" to ensure its Web site remains online.

Zindos is spread from infected computer to infected computer, via a "back-door" in the MyDoom.O virus. That opening allows Zindos to bypass other virus protections and infect a computer. It then uses the comprised machine to attack the Microsoft site and search for other computers to infect.

The virus affects Windows systems but not computers running the Linux or Apple operating systems.

Computers users who suspect they might have a comprimised machine can download a free removal tool from Symantec's web site.

New book reviews now available!

2004-07-31T20:07:44+10:00

Hungry for more information?
If so, then make sure you check out our new book review section which includes the most popular network and security books around the world!

For more information, click here.

New Protection Modules For Firewall.cx !

2004-08-04T03:21:26+10:00

We would like to inform our visitors that due to quite a few havesters and wannabe hackers, we have been forced to enable our auto-protection module which will automatically ban for one day any web browser with 'site copy' type software installed.

All IP Addresses banned will be reported to their ISP's as a breach of our copyright protection.

If you would like to express your opinion or complain, please visit the appropriate forum.

Thank you
The Firewall.cx Team

Trojan Horse Charges PDAs

2004-08-09T08:13:36+10:00

The world of viruses finally reached out and touched handheld computers Thursday with Symantec and Kaspersky Labs reporting a backdoor Trojan horse program that can take control over a mobile device.

The program, known as Backdoor.Brador.A, attacks PDAs running the Windows CE operating system. Once installed, the program activates when the PDA is restarted and begins to search for a remote administrator to take control of the machine.

In a security alert, Symantec calls Brador the first known Windows Mobile backdoor Trojan horse. The security firm says the program, like all backdoors, cannot spread by itself. Backdoors arrive as an e-mail attachment and must be downloaded from the Internet.

"We're not seeing it widely and its only effected a very, very small number of systems," Oliver Friedrichs, a senior manager for Symantec's security response team. "The significance is that it is the first to attack CE Windows."

Friedrichs said it is hardly surprising that viruses would make their way to mobile devices.

"It's a natural trend. Where technology goes, viruses will follow," he said. "The perception is that as new technology moves into the mobile market, these threats will move in that direction also."

Kaspersky Labs said Brador was probably written by a Russian virus coder since it was attached to an e-mail with a Russian sender address and contained Russian text.

Eugene Kaspersky, head of anti-virus research at Kaspersky Labs, was expecting a PDA attack given the recent attacks against other mobile devices.

"We were certain that a viable malicious program for PDAs would appear soon after the first proof of concept viruses emerged for mobile phones and Windows Mobile," said Kaspersky in a statement. "[The program] is a full-scale malicious program ready to go; unlike proof of concept malware, Brador has a complete set of destructive functions typical for backdoors."

The Russian security firm added that the author is offering to sell the client portion of Brador to all interested parties, increasing the likelihood the backdoor will be used commercially.

"PDA users face a real danger and we can be sure that the computer underground will snatch at the chance to attack PDAs and mobile phones in the near future," Kaspersky said. "Malware development for mobiles is passing through the same stages as malware for desktops. We'll probably see a serious outbreak of viruses for handhelds sometime soon."

Symantec, which rated Brador's threat containment and removal as "easy," has updated its database to deal with the virus.

Last month, Kaspersky Labs detected the first computer virus spreading via cell phone networks.

Source: http://www.internetnews.com/security/article.php/3391811

XP Service Pack 2 Imminent

2004-08-10T19:18:08+10:00

XP Service Pack 2 is reported to be about to ship to OEMs and should be available for download around the end of this month. Among other changes, the service pack turns the built-in firewall on by default. Source: http://www.vnunet.com/news/1157187

Firewall.cx Offline For The Past 40 Hours!

2004-08-17T05:49:21+10:00

We have just corrected a major problem that kept our site offline for at least 40 hours.

Unfortunately the problem occurred while most of us were on holidays and away from our computers, making it impossible to detect and repair.

We also found one of our services - Webmail - being abused by a few users, who attempted to send out more than 412,000 spam emails, so we have placed a permanent ban on their whole network, deleted their accounts and disabled the webmail service until further notice.

We are sad to see people trying to use our free services and resources in such a way, and therefore have been forced to place these restrictions until we can find a way to avoid these problems in the future.

Closing, we would like to apologise for the delays and problems and hope we will not see these problems visiting us again.

The Firewall.cx Team.

New Addition To The Site - VLANs & Security

2004-08-23T08:38:48+10:00

You've all been asking for them and patiently been waiting.
Now they are here for you to read - our first part of the popular VLAN topic!!

This analysis brings you 13 pages and over 50 of our 'New Generation' 3D diagrams to assist you in the learning process.

The new VLAN section can be found under the 'Networking' menu option in both java based and 'Alternative Menu' system.

You will also find our new guide on 'Securing Your Home Network' here.

Orion puts 'super' into the personal computer. [But can it play Pong!]

2004-09-01T09:47:59+10:00

A startup computer maker is putting 'super' into the personal computer. Orion Multisystems said it would have two models of its Orion Cluster Workstation available at the end of the year that use up to 96 chips in a desktop-sized machine.

The company is led by two of the co-founders of chip maker Transmeta and the personal supercomputers will use the low-power, cool-running Efficeon chips to power them. It has received an undisclosed amount of funding by Battery Ventures.

'We already have strong demand for our Cluster Workstations from major corporations and institutions in a variety of industries,' said Colin Hunter, president and CEO, Orion Multisystems. 'We expect to take full advantage of the multi-billion dollar business opportunity that exists for high performance technical computing.'

Orion's closest competitors are the likes of SGI, IBM, HP and Sun that build Unix- and Linux-based workstations using one or two processors.

But using clustering technology, Orion's machines incorporate a special motherboard that harnesses the power of up to 12 chips in the 'desktop' model, and up to 96 such 'nodes' using 12 boards in the 'deskside' version.

The company claims the DT-12 desktop offers 36 Gflops peak performance (18 Gflops sustained), with up to 24GB of DDR SDRAM memory and up to 1TB of internal disk storage. Yet with a sub 220 Watt power draw it can be plugged into a standard power supply.

The DS-96 deskside Cluster Workstation boasts 300 gigaflops (Gflops) peak performance (150 Gflops sustained), up to 192GB of memory and up to 9.6TB of storage. However, the company claims the system is still small enough to fit under a desk.

Both models run Linux-based operating systems and will support software written for Linux clustered environments.

Key targets for the personal supercomputers will be those working with computationally complex tasks such as engineering, scientific, financial and creative professionals.

'An important need exists in research and industry for very high performance computers for individual users, because currently available systems are either ad hoc collections of commodity PCs or data center-sized shared resources with expensive power and cooling costs, and systems software that lacks functionality and maturity,' said Dr. Horst Simon, director, National Energy Research Scientific Computing Center (NERSC) at Lawrence Berkeley National Laboratory.

The desktop is expected to cost less than $10,000, while the deskside will cost less than $100,000, according to the company.

Source: http://www.pcpro.co.uk/?http://www.pcpro.co.uk/news/news_story.php?id=62614

Kerberos Flaws Allow Access to Protected Networks

2004-09-03T19:05:22+10:00

The Massachusetts Institute of Technology has disclosed a number of serious security flaws in the Kerberos v5 authentication system, the worst of which could give unauthorized users access to protected corporate networks.

Various bugs in the Kerberos key distribution center, or KDC, which is used to authenticate users, may allow an attacker to run malicious code on a KDC host, compromising the entire realm served by the KDC, MIT researchers said. Similar flaws affect the krb524d component, also potentially allowing the compromise of an entire authentication realm, and the "krb5_rd_cred()" function, with a more limited impact. A bug in the KDC's ASN.1 decoder can be exploited to cause a vulnerable system to hang, security researchers said.

Kerberos, developed at MIT, is one of the most widely deployed authentication protocols on the Internet, and is implemented in many commercial products; Windows 2000 uses Kerberos v5, for example. MIT's advisories on the bugs contain instructions on patching. Kerberos v5 version 1.3.5 will also fix the bugs when it is released, according to MIT.

Cisco has issued a patch for the implementation of Kerberos v5 in its VPN 3000 Series Concentrator product fixing the bugs. Linux developers Red Hat, MandrakeSoft and Debian are among the other vendors distributing patches.

Most of the vulnerabilities are double-free errors, where a component attempts to free a buffer that has already been freed; this error can be exploited to execute malicious code and take control of a system, researchers said. Double-free vulnerabilities were identified in Kerberos v5's KDC cleanup code and several client libraries, allowing unauthenticated users to compromise a system, according to an advisory from Danish security firm Secunia.

A double-free bug in krb524d may also allow the execution of malicious code, Secunia researchers said.

Other double-free errors in the "krb5_rd_cred()" function can only be exploited by authenticated users, via services calling on the function, such as krshd, klogind and telnetd, according to Secunia.

Unlike some previous Kerberos flaws, no working exploits have yet been discovered for the flaws, and MIT officials said such exploits would require a high degree of sophistication. "Exploitation of double-free bugs is believed to be difficult," MIT's researchers said in the advisory.

On the other hand, exploiting the ASN.1 bug is "trivial," MIT researchers said. The problem is in the way the decoder handles indefinite-length BER encodings. An attacker can send a corrupt encoding which will send the component into an infinite loop, hanging the system, MIT said.

The vulnerabilities are the most serious in Kerberos v5 since early 2003, when multiple issues allowed remote system access, impersonation and denial of service. In October 2002, a flaw in kadmind4 (Kerberos v4 compatibility administration daemon) allowed unauthenticated attackers to gain root privileges on Kerberos v4 and v5 machines; at that time, MIT researchers said an exploit was already circulating when the patch was released.

------------------------------------------

Source: http://www.eweek.com/article2/0,1759,1641644,00.asp

MIT Advisories:
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-002-dblfree.txt
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-003-asn1.txt

Database filesystem for Linux a la WinFS

2004-09-07T17:58:43+10:00

With all the hype Microsoft is generating over their proposed database file system (WinFS), most people don't know that a working project on these lines exists in the Linux world. It's called DBFS, and it represents a revolutionary approach to the way we think about files on a computer. There is a fully operational implementation for KDE.

Floppy disk spins its way toward graveyard.

2004-09-13T21:01:52+10:00

Long the most common way to store letters, homework and other computer files, the floppy disk is going the way of the horse upon the arrival of the car: it'll hang around, but never hold the same relevance in everyday life.

And good riddance, say some home computer users. The march of technology must go on. Like the penny, the floppy drive is hardly worth the trouble, computer makers say.

Dell Computer Corp. stopped including a floppy drive in new computers in spring 2003, and Gateway Inc. has followed suit on some models. Floppies are available on request for $10 to $20 US extra.

"To some customers out there, it's like a security blanket," said Dell spokesman Lionel Menchaca. "Every computer they've ever had has had a floppy, so they still feel the need to order a floppy drive."

A few customers have complained when they found their new computers don't have floppy drives, but it's becoming uncommon as they realize the benefits of newer technologies, Menchaca said.
Most new laptops don't come with a floppy.

More and more people are willing to say goodbye to the venerable floppy, said Gateway spokeswoman Lisa Emard.

But, "As long as we see customers request it, we'll continue to offer it," she said. "We'll be happy to move off the floppy once our customers are ready to make that move."

Some people may hesitate to abandon the floppy just because they're so comfortable with it, said Tarun Bhakta, president of Vision Computers near Atlanta.

At his store, the basic computer model comes with all necessary equipment, but no floppy.

"People say they want a floppy drive, and then I ask them, `When was the last time you used it?' A lot of the time, they say, `Never,"' Bhakta said.

But plenty of regular, everyday computer users don't want to let their floppies go.

"For my children, they can work at school and at home. I think they're a pretty good idea," said shopper Mark Ordway.

"I just want something simple for me and my husband to use," said Pat Blaisdell.

The floppy disk has several replacements, including writeable compact discs and keychain flash memory devices. Both can hold much more data and are less likely to break.

Even so, floppies have been around since the late 1970s. People are accustomed to them. They were the oldest form of removable storage still around.

In a sense, it's amazing floppy disks have hung around for this long.

They only hold 1.44 megabytes of space — still enough for word processing documents, but little else.

By comparison, CDs store upward of 700 megabytes, and the flash memory drives typically carry between 64 and 256 megabytes.

And it's been a long time since floppy disks were even floppy. They used to come in a bendable plastic casing and were 5.25 inches wide, but Apple Computer Inc. pioneered the smaller, higher density disks with its Macintosh computers in the mid-1980s.

Then Apple become the first mass-market computer manufacturer to stop including floppy drives altogether with the release of their IMac model in 1998.

"It's not officially dead, but there's no question it's a slow demise," said Tim Bajarin, principle analyst for Creative Strategies, a technology consulting firm near San Jose, Calif.

"You had a few people . . . who were screaming, but in a short time, they adjusted."

It may not be too many years before floppy disks are joined by DVDs. Microsoft founder Bill Gates recently predicted the DVD would be obsolete within a decade.

Source: http://www.thestar.com/NASApp/cs/ContentServer?pagename=thestar/Layout/Article_Type1&c=Article&cid=1095027008938&call_pageid=968350072197&col=969048863851

Microsoft works to block iPod

2004-09-13T21:02:56+10:00

BOFFINS AT the company which prides itself on its security excellence, Microsoft, are working out ways of keeping Apple's iPod users from plugging into networks.
The Vole is developing more ways to prevent owners of the reassuringly expensive juke boxes using their designer toys to nick data.

According to Associated Press reports, the new technology will be one of the few new things that will appear in Shorthorn which is set to appear in 2006.

But, Microsoft claims, companies are very worried that as devices such as Apple iPods become capable of holding more data, they could be used to steal data or unleash virus attacks on business networks.

What the Shorthorn designers want is to have a system where people can use devices that help them in their work - such as a smart phone full of professional contacts - but not storage devices that could be used to quickly steal data.

Apparently there is an early version of this technology in SP2, which does something similar. Not that anyone seems to have noticed. If it had been effective not only eye pods but USB storeage devices would have been affected and then there would be rioting in the IT streets.

Source: http://www.theinquirer.net/?article=18395

Sasser/Netsky creator charged.

2004-09-13T21:04:58+10:00

GERMAN PROSECUTORS have formally charged the teen they say created the Sasser virus.
Sven Jaschan has been charged with computer sabotage, data manipulation and disruption of public systems.

More than 143 Sasser victims have contacted prosecutors to report the damage they suffered in the vague hope of compensation.

The damage claims of the 143 victims of the Sasser virus totals US$157,000 (£88,000) although worldwide the damage was more likely to be millions.
Jaschan could face up to five years in jail. He was arrested in May following a tip-off passed to Microsoft which put up a cash reward of $250,000 for information leading to the arrest of whoever was behind the virulent worm.

Once arrested Jaschan reportedly confessed to creating Sasser and is also alleged to be responsible for the Netsky virus.

Source: http://www.theinquirer.net/?article=18399

Thousands of zombie PCs created daily

2004-09-21T16:02:50+10:00

Jack Writes: The rate at which personal computers are being hijacked by hackers rocketed in the first half of 2004, reveals a new report. An average of 30,000 computers per day were turned into enslaved “zombies”, compared with just 2000 per day in 2003.

US computer security company Symantec says efforts to build so-called "botnets" - networks of zombies used to launch attacks on corporate websites or as anonymous relays for sending out spam - from hacked computers have intensified dramatically in recent months. The company's latest biannual report shows that recruitment of "zombie" machines peaked at 75,000 computers per day.

Jeremy Ward, service development manager at Symantec, says virus writers can make good money by selling botnets to online extortionists and spammers.

"What we're seeing now is malware, or malicious software, that is truly professional," Ward told New Scientist. "You have the ability to set up botnets for a number of money-making schemes."

Turf war

The Symantec report is based on information gathered from 20,000 network sensors based in 180 countries around the world. They also collected information from anti-virus software installed on desktop machines and corporate networks.

The study shows that overall virus activity increased between January and June 2004. In all, 4496 Windows computer viruses were released during this time - a fourfold increase on the same period the previous year.

Enlistment of zombie machines reached an all-time high during a turf war between two virus-writing groups in the first few months of 2004. Those behind the worms MyDoom and Bagle fought against the creator of the Netsky virus for ownership of the infected computers.

During this feud, a version of Netsky was released which was designed to deactivate the Bagle and MyDoom viruses within infected computers.

Draining resources

Richard Archdeacon, director of technical services at Symantec, adds that virus writers have developed new programming tricks to thwart current anti-virus scanning technology.

Anti-virus scanners examine the contents of files for pieces of data that match those of a known threat. Many viruses, for example, insert themselves at the beginning or end of code for a legitimate programme.

But recent strains of virus have made scanning more difficult. A virus called Impanate, for example, buries portions of its code in an unexpected region of a software file.

Another virus, known as Gastropod, rewrites its own code entirely between replications to complicate detection. Spotting these viruses requires considerably more computing power, draining system resources.

"These advanced infection mechanisms may render many traditional antivirus scanning techniques ineffective," Archdeacon says.

But law enforcers have also made progress. On 9 September, an 18-year-old German programmer was charged with creating Netsky and another worm, Sasser.

Source: http://www.newscientist.com/news/news.jsp?id=ns99996420

German Security Firm Hires Hacker Awaiting Trial

2004-09-21T16:17:55+10:00

Jack Writes: A German security firm has hired the teen accused of writing the Sasser and Netsky worms, a move that sends a dangerous message to hackers, anti-virus firms said Monday.

Firewall provider Securepoint, which is based in a city in northern Germany not far from the hometown of admitted hacker Sven Jaschan, hired the 18-year-old to work on its products because "he has a certain know-how in this field," a company spokesman said in a statement.

The rehabilitation didn't go down well with Sophos, the U.K.-based anti-virus vendor.

"It's very important that the security community does not send out a message that writing viruses or worms is cool, or a route into employment," said Graham Cluley, senior technology consultant for Sophos, in a statement.

Although Finnish security company F-Secure was kinder in its take on Jaschan -- "he wasn't that bad," one of the company executives wrote on the firm's blog -- it, too said the hire was out of line. "We here at F-Secure wouldn't hire him."

There's a good chance Jaschan won't work long for Securepoint. The teen will be tried on charges including computer sabotage that could land him in jail for up to five years.

Coincidentally, a new variation of the Sasser worm, dubbed Sasser.g by Sophos, appeared Monday. Like earlier editions, it exploits Windows PCs not patched against the LSASS vulnerability, and opens them to further attack by planting a backdoor component on compromised machines

Source: http://www.internetweek.com/allStories/showArticle.jhtml?articleID=47900427

Cisco Announces Its New Integrated Services Routers

2004-09-25T07:33:04+10:00

Cisco Systems redefines best-in-class routing with a new portfolio of integrated services routers that are engineered for secure, wire-speed delivery of concurrent data, voice, and video services.

By taking an integrated systems approach to embedded services application deployment is speeded up to help reduce operating costs and complexities.

Founded on more than 20 years worth of innovation and leadership—Cisco is the first in the industry to embed security and voice services into a single routing system for fast, scalable delivery of mission-critical business applications.

The new routers (1800, 2800 and 3800) will ship with integrated Security, Voice and Wireless services - making them very attractive and at reasonable prices.

Announcing LANRAPTOR/PROTOCOLMAKER

2004-09-26T16:59:09+10:00

Shakti-Software announces the release of LanRaptor, an innovative Protocol Analyzer with unique features.

LanRaptor provides a tree structured display of packets captured for easy and quick access to any packet no matter how large the capture file. Filtering packets is form driven and easy, no complicated "filter language" to learn or remember.

Along with LanRaptor, purchasers will recieve a free copy of ProtocolMaker. ProtocolMaker is a form driven tool for creating protocol descriptions. LanRaptor uses these descriptions to interpret captured packets.

You can now analyze any protocol by creating your own protocol description.

Until January 1,2005, LanRaptor and ProtocolMaker are available for the introductory price of $69.95.

Hacker Tools Mean JPEG Worm Coming Soon

2004-09-27T04:17:25+10:00

Jack Writes: A tool that makes it easy to craft malicious JPEG images then let them loose against vulnerable Windows PCs has appeared, security experts said Friday, leading many to believe an MSBlast-style attack may not be far in the future.

Dubbed JPGDown.a or JPGDownloader, the tool lets hackers designate a download Web site, and then builds a malformed JPEG image file that can be distributed to attack Windows machines open to the now-patched vulnerability Microsoft announced last week. When the victim views the image file -- sent as an attachment, say, to an e-mail message -- a download's begun from the site the hacker specified. Any code can be downloaded from the remote site to the compromised PC.

"This is a simple tool that makes it trivial for even unskilled attackers to author hostile JPEG files," said Ken Dunham, director of malicious code research for security intelligence firm iDefense, in an e-mail to TechWeb.

Dunham added that the tool, "significantly increases the likelihood of widespread JPEG attacks." Panda Software, meanwhile, said that the tool was a solid clue that a worm exploiting the vulnerability was "imminent."

"Given the nature of the problem, Trojans are a great threat, especially as they can go unnoticed by users but are frequently used by cyber crooks for online fraud," said Luis Corrons, the head of PandaLabs, in a statement.

One of the uses of the JPGDown.a tool would be to compromise a PC, then download a Trojan horse or other backdoor component from a remote Web site.

Dunham used the analogy of MSBlast. "The threat scene [now] is similar to that of Blast in 2003. Within a few days [last year] exploit code surfaced, and then improved exploit code, followed by a Trojan tool, Trojans, and worms.

"It's likely that Trojans and possibly worms will soon emerge in the wild now that such a tool and exploit code exists in the virus writing underground," he added.

With a worm and full-scale attack looming, users should patch vulnerable systems immediately. Windows and numerous applications are vulnerable, according to the security bulletin Microsoft released last Tuesday.

Source: http://www.internetweek.com/allStories/showArticle.jhtml?articleID=47902912

GFI's Answer To Portable Storage Control

2004-09-27T04:31:43+10:00

GFI has launched it’s latest security tool: GFI LANguard Portable Storage Control, which lets you control entry and exit of data via USB sticks and other devices and prevent users from taking confidential data or introducing viruses and Trojans on your network.

Any user on your network can plug in a USB stick the size of the average keychain and take in/out 1GB of data: Therefore users can take confidential data or they can introduce viruses, Trojans, illegal software and more!

Regain control with GFI LANguard Removable Media Control (R.M.C.)! GFI LANguard R.M.C. offers you network-wide control of which users can:
· Plug in a USB or other removable storage device
· Access CDs
· Access floppies

You can define which users can use removable media centrally from Active Directory - simply by making them a member of three pre-defined groups.

Firewall.cx Announces Its New FREE Cisco Lab!

2004-10-05T00:05:09+10:00

We have decided to make a world-wide breakthrough and extend our site's value & services by providing you with the world's FIRST FREE fully equipped Cisco lab!

The Cisco Lab will aim to allow all our site members to gain real experience on Cisco's equipment through a series of labs which will cover different levels of expertise and knowledge.

Equipment to be used will include.....

... Cisco routers from the 1600, 2500, 2600 and possibly 4000 series. Catalyst switches from the 3550, 3500, 2950 and 1900 series, Pix Firewall 501-506, and possibly a Cisco Call Manager which will cover the IP Telephony services.

Furthermore, ISDN simulators will be available enabling real calls between routers, allowing the use of real time backup connections and much more.
Registration to our site will be a requirement and every user will have the option to book up to a 3 hour session per day via an automatic booking system.
If you have any ideas or suggestions, please do post them in our forums!

The Firewall.cx Team

Plea deal in 'war spamming' prosecution

2004-10-12T07:58:54+10:00

Jack Writes:A Los Angeles man accused of using other people's wi-fi networks to send thousands of unsolicited adult-themed e-mails has entered into a plea agreement with prosecutors in a case filed under the criminal provisions of the federal CAN SPAM Act, officials confirmed Friday.

Nicholas Tombros, 37, was scheduled to enter a guilty plea Friday afternoon in federal court in Los Angeles, but the hearing was abandoned when judge Percy Anderson learned the defense attorney who'd signed off on the deal had been hospitalized and could not appear in court. "[Tombros] said that he wanted to take some time, so the judge scheduled us for a status conference in two weeks," says assistant U.S. attorney Wesley Hsu, who's prosecuting the case.

Tombros' phone number is unlisted, and his new attorney did not return a phone call Friday.

Tombros was charged last month with a single felony under the criminal provisions of the CAN SPAM Act. He allegedly drove around the Los Angeles beachfront suburb of Venice with a laptop and a wi-fi antenna sniffing out unsecured residential access points, which he then used to send thousands of untraceable spam messages advertising pornography sites. An FBI spokesperson said Tombros obtained the e-mail addresses from a credit card aggregation company where he used to work.

The CAN-SPAM Act, which took effect January 1st, doesn't criminalize unsolicited bulk commercial e-mail, but it does outlaw most of the deceptive practices used by spammers. Tombros was charged under a provision that prohibits breaking into someone else's computer to send spam. Also outlawed is the practice of deliberately crafting spammy messages to disguise the origin; materially falsifying the headers in spam; spamming from five or more e-mail accounts established under fake names; or hijacking five or more IP addresses and spamming from them.

A first-time violator face up to one year in federal stir for a small-time operation-- three years if he or she meets one of several minimum standards of bad behavior, like leading a spam gang of at least three people, sending over 2,500 messages in one day, or using 10 or more falsely-registered domain names. As charged, Tombros faced the higher-tier sentence for the "especially complex and especially intricate offense conduct" of allegedly laundering his spam through wireless networks. Hsu wouldn't comment on the details of the plea agreement, and Tombros remains free to back out of the deal.

The criminal provisions of the Act were first exercised last April, when officials charged four Detroit-area men with sending nearly half-a-million deceptive messages through hijacked proxy servers.

Tombros' next court appearance is scheduled for September 17th.

"Over time spammers have shown that they will use any method that they feel they can use to send e-mail," says Andrew Kirch, a security admin at the Abusive Hosts Blocking List. "We may be looking at an isolated incident, or we may be looking at the next big thing."

Source: http://securityfocus.com/news/9453

The Powers Of Google!

2004-10-21T09:56:07+10:00

Jack Writes: Google 'saved' Australian hostage

An Australian journalist kidnapped in Iraq was freed after his captors checked the popular internet search engine Google to confirm his identity.
John Martinkus was seized in Baghdad on Saturday, the first Australian held hostage in Iraq since the US-led invasion.

But his captors agreed to release him after they were convinced he was not working for the CIA or a US contractor.

He was reported to be making his way home to Australia on Tuesday.

His executive producer at Australia's SBS network, Mike Carey, said Google probably saved freelance journalist Martinkus.

"They Googled him and then went onto a web site - either his own or his book publisher's web site, I don't know which one - and saw that he was who he was, and that was instrumental in letting him go, I think, or swinging their decision," he told AP news agency.

Martinkus told the Australian Broadcasting Corporation that he was snatched at gunpoint from outside a hotel close to Australia's embassy in Baghdad by Sunni Muslims, and that they had threatened to kill him.

"I told them what I was doing (and that) I wasn't armed," he said.

Asked how he coped, he said: "I just kept talking."

Source:
http://news.bbc.co.uk/2/hi/asia-pacific/3755154.stm

New Book Review Available

2004-10-23T12:07:01+10:00

We've just completed yet another review from one of the best network security books out there. The TAO Of Network Security Monitoring is a book that has a lot to offer and will surely surprise you with it's excellent material. You can check the review out by clicking here.

PIX Source Code On Sale

2004-11-09T02:21:30+11:00

A group describing itself as the Source Code Club (SCC) has offered to sell source code for Cisco's Pix proprietary security firewall software to any taker for US$24,000.

In a note posted on a Usenet newsgroup, the group also said that it would also make available other, unnamed source code to those who paid.

In a note posted to the alt.gaps.international.sales newsgroup, the Source Code Club wrote, "SCC is proud to announce the general availability of Cisco Pix 6.3.1 source code. This release is significant because pix is vital to the security of many ultra secure networks."

The group is selling Version 6.3.1 of the firewall. A newer version, 6.3.4, was released by Cisco in July, and is not being sold by the group.
Source: http://www.itnews.com.au/dlinkstorycontent.asp?ID=1&Art_ID=22347

Vulnerabilities in Starforce Professional 3.xx (all builds)

2004-11-17T05:32:00+11:00

Hi all! Found a largest backdoor in drivers from Starforce Professional Copy Protection System (version 3.00 and above). This drivers leaves after game uninstalling, even after uninstalling drivers are active. By this drivers any user with any right (include Guests) can execute any code in ring-0.

First spam conviction

2004-11-17T05:41:29+11:00

A man was convicted in a Virginia court on Wednesday of sending AOL users millions of unsolicited emails using fraudulent email address is facing nine years in prison after becoming the first person to be convicted under new anti-spam laws.

Microsoft threats with lawsuits Linux users!

2004-11-20T04:29:02+11:00

Microsoft Corp. Chief Operating Officer Steve Ballmer on Thursday warned Asian governments that they could face intellectual rights-infringement lawsuits for using rival open-source operating platforms such as Linux. Ballmer, speaking in Singapore at Microsoft's Asian Government Leaders Forum, said that Linux violated more than 228 patents. He did not provide any detail on the alleged violations, which the Linux community disputes.

"Someday, for all countries that are entering the WTO (World Trade Organization), somebody will come and look for money owing to the rights for that intellectual property," he added.

Linux users got a scare earlier this year when software developer SCO Group Inc. sued a company for using Linux, which SCO claimed contains software code that it owns.

SCO is also embroiled in a lawsuit against IBM, claiming that the computer giant illegally built SCO's software code into Linux.

Singapore's Ministry of Defense last month switched 20,000 personal computers to run on open-source software instead of the Microsoft operating platform.

Other governments in the region are also looking to develop open-source software. China, Japan and South Korea this year agreed to jointly develop open-source software running on Microsoft's rival Linux operating platform.

The Chinese government, in particular, sees its reliance on Microsoft as a potential threat. Conspiracy buffs believe certain patches in the Windows code might give U.S. authorities the power to access Chinese networks and disable them, possibly during a war over Taiwan.

Ballmer said the security fears some governments had about using Microsoft software were overblown.

"We think our software is far more secure than open-source software. It is more secure because we stand behind it, we fixed it, because we built it. Nobody ever knows who built open-source software," he added. ($1=1.646 Singapore Dollar)

source: reuters.com

Pirated software used to create Windows Media

2004-11-20T04:43:49+11:00

Jack Writes: Chicago (IL) - Members of a former software cracking group have discovered that audio files created with one of its cracked programs are distributed with each copy of the Windows XP operating system, possibly exposing Microsoft to a large-scale copyright infringement lawsuit.

The content in question can be found on every computer with Windows XP as operating system installed. Nine WAV audio files located in the folder " "HelpToursWindowsMediaPlayerAudioWav" in the Windows installation directory include a signature of "Deepz0ne", a member of former cracking group "Radium". If the files are opened not with an audio player, but with a HEX editor or simply in Windows' own text editor Notepad, the last line displays as "000-04-06 IENG Deepz0ne ISFT Sound Forge 4.5".

Source: http://www.tomshardware.com/hardnews/20041115_135458.html

Side Note - On my XP box this did work!! I used "Note Pad" to open the file and sure enough all the way at the bottom, last entry.
-Jack

Government department wiped out by IT upgrade disaster

2004-12-02T23:35:36+11:00

The Department of Work and Pensions (DWP) has suffered what has been described as the biggest computer crash in government history after a software upgrade.

The government department lost 80 per cent of its 100,000 PCs following a "routine software upgrade", a DWP spokeswoman confirmed today. The problem lasted all of yesterday but the "majority of our system is up and running now", she said.

Microsoft and EDS run the DWP's network as part of a £2 billion IT contract.

Microsoft issued a short statement on Friday saying that it worked closely with its partners to help rectify the situation and support the DWP, but declined any further comment. Representatives from EDS have so far failed to comment.

The head of the DWP, the government secretary Alan Johnson has promised an internal inquiry into the systems failure and the role both Microsoft and EDS played in the disaster.

The DWP, which is responsible for providing a variety of state benefits to about 24 million people, attempted to downplay the effect the computer problems will have on its customers, saying that the department's mainframe computers were not affected. "There will be delays with new and amended benefit claims, but we have been dealing with the problems though our contingency plans and the disruptions will be minimal," a spokeswoman said.

It is believed that the crash was caused when an incompatible system was downloaded on to the entire network. It meant that employees were forced to send faxes because they couldn't access their e-mail accounts. Some payment checks were filled in by hand.

The failure is only the latest in a string of serious computer system problems experienced by the department. The DWP's Child Support Agency (CSA) has been struggling with a £456 million system from EDS that has made payments to only one in eight single parents awaiting them. Last week, Johnson told a House of Commons Parliamentary Select Committee that he is considering shutting down the child-support case management and telephony system, and Doug Smith, the chief executive of the CSA, resigned from his job.

On Friday, the general secretary of the Public and Commercial Services Union, Mark Serwotka, called on the government to hold off on its plans to cut 30,000 jobs in the DWP on the basis of IT improvements, in light of the computer crisis. Earlier this year, the government announced it plans to eliminate 104,000 civil servant jobs across the government based in part on increased efficiencies gained though new IT systems.

Since 2001, the DWP has spent around £4.25 billion on various IT projects, including the CSA system. According to a report it submitted to a Parliament Select Committee, the department has spent £306.7 million on management and IT consultancy, £51.5 million on staff substitutions and contractors and £54.3 million on professional services.

The UK's public sector IT projects in 2003/4 are expected to cost more than £12.4 billion, but U.K. government IT projects have often been accused of being over-ambitious and prone to disastrous delays and cost overruns.

Beyond the DWP, further examples include the benefit-payment card program from the Post Office, the Department of Social Security and ICL, which fell apart after three years and £300 million; software problems that delayed the Swanwick air traffic control center and have since been blamed for a near collision between two airplanes; the disruption wrought on thousands of people with travel plans in 1999 by the Passport Office's new computer system, and the National Probation Service's case-record and management system which was abandoned in 2001 after it was revealed the project was expected to be two years late and 70 percent over budget.

Source: http://www.techworld.com/opsys/news/index.cfm?NewsID=2695&Page=1&pagePos=2

New Linux Section Underway!

2004-12-05T04:31:29+11:00

After the announcement of our Free Cisco Lab, which we are working on, we are very pleased to inform you of the new section dedicated to the Linux O/S!

In addition, we are now giving you the chance to select what we'll be covering in this section.

Firewall.cx Scheduled Downtime

2004-12-19T13:06:41+11:00

We would like to notify our visitors and members that Firewall.cx is scheduled for a webserver upgrade in order to increase the site's performance and ensure we are properly guarded against the recent attacks we have been experiencing.

The upgrade will take place between 12:00 -13:00 EST on the 20th of December 2004 and is calculated to last a few minutes.

During the upgrade Firewall.cx will not be available.

The Firewall.cx Editorial Team.

New WINS Attacks Predicted

2005-01-08T01:53:03+11:00

Almost a month after Microsoft released a fix for a security issue in the WINS (Windows Internet Name Service) name server, malicious exploits continue to haunt tardy network administrators.

According to an alert from the SANS ISC (Internet Storm Center), there has been a startling increase in hacker probes directed at TCP port 42 and UDP 42, which handle WINS services.

"If you have not patched your WINS servers in respective companies or campuses, beware. Patching these systems is now overdue," the center warned.

Last month, Microsoft released the MS04-045 patch with a warning that a successful exploit could take complete control of an affected system, including installing programs; viewing, changing or deleting data; or creating new accounts that have full privileges.

The vulnerability, first detected last November, occurs in the way the WINS server handles computer name validation and association context validation.

WINS is a NetBIOS name server used to determine the IP address associated with a particular network computer.

Source: http://www.eweek.com/article2/0,1759,1748222,00.asp

Software pirate sentenced to 18 months

2005-01-11T09:48:06+11:00

American software pirate Kishan Singh, from Lanham in Maryland, has been jailed for 18 months after running a website offering illegal copies of a range of business software.

Singh, who had earlier pleaded guilty to a charge of copyright infringement, was found guilty of running a website offering illegal copies of software that was valued at up to $120,000. Singh operated a pay-for-access site offering software from companies including Adobe, Autodesk, Macromedia and Microsoft. Frequently, all copy-protection and other counter-piracy measures had been removed from the software.

"Evidence revealed that thousands of pirated software programs were downloaded from Singh's website by users from around the world during the six-month period charged." - Spokesman for the US prosecutor's office.

Source: http://www.techspot.com/story16727.html

IE Plagued by 'Extremely Critical' Flaws

2005-01-13T12:39:30+11:00

Millions of Internet Explorer 6 users are at risk from three "extremely critical" security holes that give hackers open access to PCs running the browser -- even if Windows XP Service Pack Two has been installed.

The first issue centers on the browser's drag-and-drop capability, which does not validate new files correctly.

This means that, potentially, a document downloaded from a Web page using drag and drop may contain malicious code.

The other problems affect all Windows systems, including those protected by Local Computer zone lockdown, which comes with SP2.

The first allows specially designed (.hhk) files to be used to include malicious code on systems, and the second stems from a zone restriction error that could allow code to be downloaded from Web sites involuntarily.

At least one of the flaws was reported to Microsoft (Nasdaq: MSFT) last year, but no patches have so far been made available.

Security firm Secunia has released an advisory warning that the holes are "extremely critical" and recommends users dump IE and use an alternative browser.

"Although hundreds of millions of dollars have been spent on securing SP2, perfection is impossible. Through the joint effort of Michael Evanchik and Paul from Greyhats Security a very critical vulnerability has been developed that can compromise a user's system without the need for user interaction besides visiting the malicious page," Secunia warned in a statement.

Source: http://www.ecommercetimes.com/story/news/39528.html

Happy Birthday Chris !

2005-01-14T19:38:51+11:00

Though he'd love to sneak away without anyone noticing, today happens to be Chris' birthday! I suggest that anyone who feels this site has ever helped them bombard him with a birthday wish PM !

Chris - On behalf of the f.cx team, congratulations on getting even older and still managing to run one of the top networking sites ever. In the last year the site has really taken off.. and its all your fault :)

Have a great year mate

Cisco Lab Update - Pretty Pictures Included

2005-01-19T22:47:12+11:00

Since we're trying to be as open as possible about the state of the Cisco lab (so you can see it being built before your eyes), here is a major update:

We've posted the lab configuration diagrams. At present there are 4 labs covering:
1. Basics & Introduction
2. WAN link setup
3. Complex WAN setup over frame-relay using RIPv2 / IGRP / OSPF
4. Switching and STP over redundant fibre optic links as well as VoIP

See the pretty pictures here. Click 'Read More' for the full list of topics that are covered.

LAB 1:
Cisco Router Basics
Cisco Switch Basics
Simple ISDN Dialup
Simple Routing

LAB 2:
Connecting Cisco Routers To Leased Lines
Creating & Testing ISDN Backups
Configuring GRE Tunnel For Security
Static Routing for GRE Tunnels & ISDN Backups

LAB 3:
Serial (Leased Line)
Frame Relay
Routing Protocols - RIP / IGRP / OSPF
Simple VLANs

LAB 4:
Layer 3 Switching & Routing
Spanning Tree Protocol
Routing Protocols - OSPF
Static VLANs
Trunk Ports
Access Links
VTP Domain

13 New Microsoft Patches

2005-02-06T07:46:57+11:00

Microsoft is going to release patches to 13 new vulnerabilities on Monday, 8th February.
This includes 9 vulnerabilities for Microsoft Windows.

Hope you have a nice Tuesday patch-patch-patching..

Solaris going the Open Source way

2005-02-16T10:03:36+11:00

The Solaris Operating system is being released under the terms of OSI approved , CDDL.

To prove to the world that they are serious about it , they have put up a website and made available the source code of Dtrace.

More details at www.opensolaris.org

Bill Gates to launch new Microsoft Internet Explorer 7

2005-02-17T12:35:01+11:00

Jack Writes:Bill Gates, Microsoft chairman and chief software architect, announced in a speech at the RSA Security conference in San Francisco that new test version of Internet Explorer 7 is to be launched in summer.

Traditionally new versions of Microsoft browser appear with the new versions of Windows. IE 7 was not an exception being expected in 2006 together with Longhorn operating system. But growing demands to the internet security have forced Software giant to initiate an early release of the Program.

"There is only one thing standing in the way of realizing the potential of internet infrastructure: the concerns over trustworthy computing," Bill Gates said at the conference. "This is the top priority for Microsoft, and it will remain our top priority."

According to Microsoft the new version will be more protected from the bugs that make its 6th Explorer vulnerable to the attacks of Web criminals. Gates said IE 7 is to contain protection against viruses, spyware and account scams.

In addition to a weak protection, it is hard competition with such strong rivals as Firefox and Opera that also pushes Microsoft to speed up the release of the new version of Internet Explorer. Nevertheless Internet Explorer still dominates with the market share of about 90%.

It is said that Web Search giant Google also plans to produce its own Firefox-based browser.

Source: http://www.realestategates.com/News/02162005/bg_ienew620389465237468126.html

Bill Gates to get honorary knighthood

2005-03-08T04:54:32+11:00

Jack Writes:SEATTLE — Queen Elizabeth II on Wednesday bestowed honorary knighthood on Microsoft (MSFT) co-founder and Chairman Bill Gates. Gates proclaimed himself "humbled and delighted."

In announcing the knighthood last year, Foreign Secretary Jack Straw described Gates as "one of the most important business leaders of his age," and credited Microsoft software with having a "profound impact on the British economy."

Gates and his wife, Melinda, are also notable philanthropists. They launched the Bill and Melinda Gates Foundation in 2000 with $26 billion to promote equity in global health and education. The foundation has set up a $210 million international scholarship program at Britain's University of Cambridge and invested millions of dollars in research for an AIDS vaccine.

His wife described the queen as "engaging" company and said they found plenty to talk about on issues such as health problems in the developing world, the avian flu and their shared interest in travel.

But on the subject of computers, it seems the monarch does not enjoy the same passion for technology as Gates.

"She said all the kids do (use computers), and the computer helps to schedule things. But she said for she herself ... typing is not as natural for her as it is for young people," Gates said.

Like other non-Britons who've received the honor — including Federal Reserve Chairman Alan Greenspan, former president George Bush and movie mogul Steven Spielberg — Gates can append KBE, or Knight Commander of the British Empire, to his name.

But he is not entitled to add the title "Sir," a distinction reserved for British nationals. To achieve full knight status, Gates would have to become a British citizen.

That's what the late Sir John Paul Getty II, son of oil magnate J. Paul Getty, did. Born in America, the younger Getty, who died in 2000 at age 70, was a lifelong Anglophile. He moved permanently to Britain in 1971, setting up household on a 2,500-acre estate, complete with his prized oval cricket ground. Sir Paul quietly became the greatest philanthropist living in Britain.

Getty was made an honorary knight in 1986, and upgraded to the full honor in 1998, a year after becoming a British citizen.

By contrast, the Gateses and their three children appear to be comfortably ensconced in a highly secure five-acre residential compound partially buried into a hillside on the shores of Seattle's Lake Washington. It includes a manmade trout stream, garage space for dozens of vehicles and screens displaying valuable art in digital form.

Straw's statement notwithstanding, critics say, Microsoft's impact has not been uniformly positive. The European Commission last March ruled Microsoft used illegal monopolistic practices to extend its flagship Windows desktop operating system into the computer server and media player markets.

"Being a convicted monopolist apparently doesn't keep you from getting knighted," says Linux consultant and advocate Bruce Perens. "I suppose monarchy and monopoly go well together."

Britain has been a big user of open-source programming created by volunteers, including the Linux operating system that competes against Windows.

Source: http://www.usatoday.com/money/industries/technology/2005-03-01-sir-bill-usat_x.htm

Jef Raskin, Macintosh Creator, Dies at 61

2005-03-08T04:55:30+11:00

Jack Writes:Jef Raskin, Apple employee No. 31 and the man who set the Macintosh on rails died on Feb 26th, suffering from pancreatic cancer.

Raskins visions greatly influenced the way the user interface of personal computers looks today, developing ideas like icon based desktops or drag-and-drop to a great extend.

Raskin joined Apple Computer in 1978 as employee number 31 and headed the Macintosh development until 1982.

Raskin left Apple in 1982, two years before the Macintosh went on sale. He founded Information Appliance, where he designed the Canon Cat computer for Canon USA, a product which never became a commercial success.

In 2000 he published a book, "The Humane Interface," that is widely assigned at universities.

In recent years he was a professor at the University of Chicago.
He founded the Jef Raskin Center for Humane Interfaces where he worked on Archy, an open-source software program intended to push interfaces in new ways. This project will be continued by his son Raza.

Source: http://gaming.monstersandcritics.com/news/article_4797.php/Jef_Raskin_Dies_at_Age_61
ALSO
http://www.pcworld.com/news/article/0,aid,119835,00.asp

Microsoft WebTV hacker to do time

2005-03-17T07:00:07+11:00

Microsoft WebTV hacker David Jeansonne, 44, was sentenced on Monday by U.S. District Judge Ronald Whyte to six months in prison for sending a malicious program using e-mail that caused Microsoft WebTV customers to call the 911 emergency service without their knowledge.

Jeansonne's e-mails sent in 2002 resulted in at least 10 fake emergency calls across the country. Jeansonne, pled guilty in February to charges of intentionally causing damage to computers and causing a threat to public safety according to a statement released by the U.S. Attorney's Office for the Northern District of California. WebTV, which is now known as MSN TV, is a Microsoft service that allows subscribers to browse the Web and connect to the Internet through their television sets, IDG News Service said.

Jeansonne will have to spend an additional six months of home detention and pay $27,100 to Microsoft after he is released, the U.S. Attorney's Office says.

Source: http://ployer.com/archives/2005/03/microsoft_webtv.php

Netscape to combine IE / Firefox Engines

2005-03-23T14:08:35+11:00

The once-mighty Netscape browser is attempting a comeback. How, you ask? Simple. By combining the best elements of its two leading rivals.

Netscape is out with a test release of version 8.0, and the new browser is nothing like its recent predecessors, which were mostly about fixing bugs and playing catch-up.

More than 90 percent of the world's surfing is still done on Microsoft Corp.'s Internet Explorer, but many users complain of its numerous security vulnerabilities and lack of modern features like tabbed browsing, which lets you visit multiple Web sites without opening multiple browser windows.

Enter Mozilla Firefox, which debuted last fall to much fanfare. It lacks many of the IE features, like ActiveX, which is often blamed for enabling security breaches, and with its relatively low usage, malicious hackers don't target Firefox as much. But some sites won't work with Firefox because they need the IE features.

The new Netscape, which is only available for Windows PCs, addresses the quandary through a regularly updated list of "good" and "bad" sites.

If Netscape deems a site good, a green shield appears and the browser displays the site using the IE software engine that is built into Windows. Netscape figures such sites present little security risk, so why not enable all the features?

I succeeded in accessing Microsoft's Windows Update site along with the advanced features of my company's Web-based Outlook e-mail, neither of which works with Firefox.

Netscape displays a yellow shield when a site is absent from its list. In such cases, deeming Firefox safer, Netscape uses a Firefox engine that is embedded in Netscape's software.

Red shields along with a warning page appear when sites are on the bad list.

Not only does Netscape use Firefox, thus disabling ActiveX, but it also blocks that site from leaving data trackers called "cookies" and turns off support for Java and JavaScript, which can launch programs designed to steal information or perform other nasty tricks.

In this sense, Netscape is safer than Firefox or IE alone. I ran on all three browsers a site that tries to steal AOL billing information, and only Netscape successfully blocked the program from running.

Whether Netscape uses Firefox or IE, the site appears within the Netscape environment, and you always have access to tabbed browsing. You get IE's functionality and Firefox's security when you need them most.

Netscape also sports "multibars," a way to cram the equivalent of 10 toolbars into the space of a single one. Just click on "1," "2" and so on to switch among them. Each is customizable with whatever features you happen to want. Choose from Netscape's preprogrammed tools, like news headlines or maps, or add your own using Really Simple Syndication, or RSS, a technology for pulling content from sites (A bug that's supposed to be fixed before the final release in the next several weeks currently prevents you from fully doing so, though).

A new feature that lets you check Web-based e-mail from Netscape, AOL, Excite, Gmail, Hotmail, Lycos, Mail.com or Yahoo. You get automatically logged in with a single click, though for now you don't get alerts for new mail.

Netscape also sports a few improvements to Firefox: It's easier to open and close tabs and to instantly clear sensitive information like Web sites visited.

And while Firefox has a tool for remembering passwords, Netscape automatically logs you in.

Human Area Networking at your doorstep.

2005-04-06T12:35:32+10:00

Japanese company Nippon Telegraph and Telephone Corporation (NTT) claims to have developed the first viable Human Area Network (HAN) device, enabling fast data transfer between devices using the human body as a conduit.

NTT reckons this latest advance on the wireless Personal Area Network concept - dubbed RedTacton - can transmit data over the surface of the skin at up to 2Mbps.

Where it differs, though, from previous offerings, is that a RedTacton-enabled device does not have to be in direct contact with the skin - only within about 20cm. NTT explains the technical background:

'Instead of relying on electromagnetic waves or light waves to carry data, RedTacton uses weak electric fields on the surface of the body as a transmission medium'.

A RedTacton transmitter couples with extremely weak electric fields on the surface of the body. The weak electric fields pass through the body to a RedTacton receiver, where the weak electric fields affects the optical properties of an electro-optic crystal.

The extent to which the optical properties are changed is detected by laser light which is then converted to an electrical signal by a detector circuit.

RedTacton can also "transmit" through clothing or shoes, allowing the useful possibility of downloading MP3s through a floor-based sensor while dancing the Lambada.

What's more, you can swap files by straight human contact, so two filesharers equipped with RadTacton devices can indulge in torrid illegal P2P activity.

But apart from that, why bother with RedTacton when Bluetooth can already do the job wirelessly?

Well, Tom Zimmerman - who invented a similarish via-the-skin data system for IBM in 1996 - told the Guardian: "With Bluetooth, it is difficult to rein in the signal and restrict it to the device you are trying to connect to.

You usually want to communicate with one particular thing, but in a busy place there could be hundreds of Bluetooth devices within range."

Furthermore, humans apparently make poor aerials, something which is "good for security because even if you encrypt data it is still possible that it could be decoded, but if you can't pick it up it can't be cracked," as Zimmerman explains.

Fair enough. NTT says it is committed to "moving RedTacton out of the laboratory and into commercial production as quickly as possible by organizing joint field trials with partners outside the company". There's more technical info available there.

Nintendo goes online, and wireless

2005-04-06T17:00:00+10:00

Rumor has it that Nintendo's next-gen console will be online, wifi ready right out of the box, and that such networking will be completely free.

A desperate gamble, but I hope it pays off. Xbox live isn't that expensive, but a free wifi for Nintendo could put them on the board for online play.

However, Nintendo has been traditionally aimed at the kiddies, and online play could wreak havoc with ESRB ratings and parental controls.

Just a rumor, though. Take it with a grain of salt.

Gmail's Infinity + 1 Storage Plan

2005-04-09T11:51:31+10:00

On Friday, April 1, Google announced their “Infinity+1” plan for Gmail accounts. The first day, we lucky Gmail account holders gained about 1MB. We weren’t holding our breath, considering the announcement was made on April Fool’s Day - and sounded pretty foolish to boot. Here are the details of the Google storage algorithm:

* Gmail is currently rising at 1/1000 MB every 25 seconds
* A 1MB increase takes a little over 6 hours and 56 minutes
* Every day storage increases by 3.456 MB
* By April 1, 2006, Gmail accounts will be up to about 3300MB
* It takes 289 days to increase 1 gigabyte

So is Google really going to just continue to increase storage infinitely? A look at the source code indicates that the madness will end when mailboxes reach 2075 gigs:

That only applies until it reaches 2075 MB.

India's fastest supercomp up and running in Pune

2005-04-26T22:10:53+10:00

PUNE: Pune has got India’s fastest supercomputer, thanks to the Tata institute of fundamental research (TIFR) and Hewlett Packard (HP). The two institutions have tied up to implement scaleable high-performance computing (HPC) solutions to create mathematical modelling for a range of scientific research applications.

Priced at around $1 million, the open source (Linux)- based supercomputer is housed at the Computational Mathematics Laboratory (CML) of TIFR, located at the Pune University campus.

The computer has a speed of one tera floating point operations per second (flops), equivalent to Param Padma, the fastest and most powerful in the Param series of supercomputers developed by the Centre for Development of Advanced Computing (C-DAC), and allows CML to run various complex algorithms with upto one billion variables.

The supercomputer has been operational since last week and has a dozen scientists from various fields working on it. Already it is delivering 80 per cent of its peak performance(0.8 tera-flops) .

To know about this more refer to:http://timesofindia.indiatimes.com/articleshow/msid-1083936,curpg-2.cms

Wi-Fi Confirmation

2005-05-05T20:03:45+10:00

We have a confirmed report in EGM (Electronic Gaming Magazine) that the Nintendo Revolution will most definitely be Wi-Fi capable.

Quoted from EGM, " While the look of Nintendo's next-gen(eration) console (code-named Revolution) remains shrouded in secrecy, the company has recently provided some details on the guts of this anticipated machine. The power of the Revolution will come from two sources: a processing chip (code-named Broadway) from IBM and an ATI-produced graphics chip (called Hollywood). The new console will also feature built-in Wi-Fi and be backward compatible with the GameCube--the latter being a first for any Nintendo home system.

A new approch to protection from SQL injection attack

2005-05-19T23:07:44+10:00

This paper presents a method to protect from SQL injection attack. The method involves using a virtual database connectivity drive as well as a special method named "variable normalization" to extract the basic structure of a SQL statement so that we could use that information to determine if a SQL statement is allowed to be executed.

The method can be used in most scenarios and does not require changing the network topoloty nor source code of database applications (i.e. the CGI web application). A summary of the algorithm is available at Here

Company prints mainframe passwords in customer magazine

2005-06-13T22:33:48+10:00

British train operator Great North Eastern Railway inadvertently printed system passwords in a magazine given away to thousands of rail travellers

The magazine contained an article showcasing the company's control centre. This was illustrated by a series of photographs, one of which showed the system passwords written on a whiteboard in the control centre. Fortunately the problem was spotted and the passwords changed before the magazine was released.

Charity Work

2005-07-07T13:24:42+10:00

Our member 'Rockape' is a board member for a new Charity that is working to rebuild damaged schools in Sri Lanka after the Tsunami, while also trying to promote education through learning.

Currently, they are in desperate need of assistance, financial mainly.

The charity has been told by the Sri Lankian Government that they can work with 5 public schools. Their Chairman and Vice Chairman have recently visited Sri Lanka and seen the damage and work needed.
The aim is to raise £200.000 for all the repair work, and new equipment in order to make the schools workable.

So please, if you can help in any way, you can visit their website http://www.walkoflife.org.
Any donations of money, equipment or anything you can offer are very much appreciated.

New Linux Topic Now Available!

2005-07-26T03:04:27+10:00

We would like to inform our viewers that our long awaited topic 'Introduction To The Linux Operating System' is now available under the 'Linux/Unix' section of our menu.

The topic is covered over 8 long pages and over 30 screenshots!!

Please note that we are still working on the last two pages, which should be published by the end of this week.

We hope you'll enjoy another quality article from Firewall.cx.

Mp3 Files Erasing Virus On The Loose

2005-08-01T06:55:43+10:00

A virus that originally masqueraded as a DVD copying programme is erasing MP3 files on millions of computers around the world. The recent outbreak of the W32 or Nopir-B was spread largely through shady sites devoted to exchanging music files. The virus erases all MP3 files on infected computers and files ending in “.com”.

Internet users should avoid downloading software from sites online with which they are not familiar. Exercising such caution can be one’s best protection against viruses transmitted online, said Mr Michael Dickopf, security expert at the Office of Information Technology Security (BSI) in Bonn.

Mr Dickopf indicated that the Nopir-B virus is designed to look like a DVD cracking programme that allows users to bypass copyright protections built into DVD discs that prohibit unauthorised copying.

The whole deletion of MP3 files and other data occurs when users attempt to run the programme.

The virus is now being spread by e-mail as well as from direct download. So far the virus has not been deemed to be highly dangerous, since it is not yet widespread, said Mr Dickopf.

He advised all computer users to update their anti-virus signatures to protect the MP3 files from the Nopir-B virus.

Acunetix's Answer To Web Attacks!

2005-08-01T07:26:42+10:00

Acunetix combats rise in web attacks with Acunetix Web Vulnerability Scanner 2!
WVS 2 is tool that automatically audits your website security.

Acunetix WVS 2 crawls an entire website, launches popular web attacks (SQL Injection, Cross Site scripting etc.) and identifies vulnerabilities that need to be fixed.

A MUST and highly recommended tool for any Network Administrator!

Acunetix Web Vulnerability Scanner can be used to:
> Ensure your website is secure against web attacks
> Automatically check for SQL injection & Cross site scripting vulnerabilities
> Check password strength on authentication pages (HTTP or HTML forms)
> Automatically audit shopping carts, forms, dynamic content and other web apps.
> Impress management with professional website security audit reports.

Cisco Lab Booking System Complete!

2005-08-05T23:12:54+10:00

It is with great pleasure we officially announce the completion of our Online Cisco Lab Booking System!

After many delays and consistent problems, we have managed to finally integrate our customised booking system with the site's database. A handful of selected regular members will be invited to participate in the beta testing of the booking system, while screen-shots and more details will be revealed shortly.

Since we have managed to secure partnerships with companies who have played vital role during the ongoing development, we are confident the Cisco Lab will be ready before the end of this year!

Ready For Another Cisco Press Title Review?

2005-08-09T16:27:11+10:00

It's becoming a nice habit these past years of Cisco Press releasing some fantastic titles for the IT community. As part of the Cisco Press reviewing group, we've got another fabulous title ready for you:

The Business Case For Network Security: Advocacy, Governance, And ROI

In addition, Cisco Press has kindly provided us with a sample chapter for you to read and download. Simply click here to read the review and download chapter 5!

Keylogger Steals Passwords From IE

2005-08-21T14:40:15+10:00

The keylogger behind a major identity theft ring is especially invasive, said an anti-spyware vendor Thursday as it prepared to roll out a free detection and deletion tool. Last week, Florida security company Sunbelt Software said one of its researchers had stumbled on a server that held a file containing a large number of usernames, passwords, telephone numbers, credit card and bank account numbers, and other personal information.

All the information, Sunbelt now says, was gathered with a new, potentially damaging keylogger, a small program which secretly steals information.
The keylogger behind a major identity theft ring is especially invasive, said an anti-spyware vendor Thursday as it prepared to roll out a free detection and deletion tool.

The keylogger, which has been dubbed Srv.SSA-KeyLogger, filches data from users' Internet sessions, including logins and passwords from online banking sessions, eBay, PayPal, and other programs that use HTML-based forms to collect information. Intuit's Quicken, for instance, often relies on a Web-based interface to download a user's account statement to the personal finance software's database.

Related to the Dumador/Nibu family of Trojans, this keylogger is especially malevolent, said Eric Sites, the vice president of research and development at Sunbelt. "It doesn't sit and wait around for a password to be typed in," he said, a trait of most keyloggers. "Instead, it steals data from Internet Explorer's Protected Storage area."

Protected Storage is actually a set of registry keys used to store memorized usernames and passwords. When the AutoComplete feature of Internet Explorer is enabled (as it is by default), the Microsoft browser automatically remembers usernames and passwords entered in forms, and records them in Protected Storage. Although the data there is encrypted, simple utilities can easily decrypt the information.

This keylogger also hijacks anything in the Windows clipboard, turns off the Windows firewall (as well as some third-party firewalls), and because it runs as a disguised Internet Explorer thread, is generally undetectable by any firewall it doesn't disable. Sunbelt said it has been sharing its information with other security vendors.

"When we first discovered this, only Kaspersky Labs had a signature to detect the keylogger," said Sites. "Since then, though, almost all the major anti-virus vendors have released signatures."

Sunbelt still plans to publish a free detection and deletion tool later Thursday, said Sites. The tool will be posted on the front page of the company's Web site as soon as it wends its way out of testing.

Until then, Sunbelt recommended that IE users worried about Srv.SSA-KeyLogger should disable IE's AutoComplete. To turn off AutoComplete in IE, select Internet Options under the Tools menu, click the Content tab, then the AutoComplete button. Clear the box marked "User names and passwords on forms," then click OK in that dialog and the next.

Other browsers, such as Mozilla's Firefox, do not use Protected Storage to record memorized passwords and usernames, and so are safer against the new keylogger.

Forum Ranks Are On Their Way!

2005-08-24T07:05:26+10:00

As we are constantly striving to upgrade the quality of services and knowledge provided throughout our site, we believe it's time to recognise the members who contribute with their forum participation and articles.

As such, we have decided to activate the forum ranks, but not only!

Once activated, the system will automatically place all our members in a set of predefined ranks depending on the amount of their posts within the forums.

Members who contribute beyond the forum scope will be given special ranks in order to highlight their work and efforts to our community.

We plan on giving our members the motivation required to work with us, and help us, help the rest of our community. Small gifts and book giveaways are also planned in the very near future, so stay tuned for more information!

The Firewall.cx Team

GFI's WebMonitor 3 real-time monitoring

2005-09-02T01:22:04+10:00

GFI has released a new version of GFI WebMonitor, its access control plug-in for Microsoft Internet Security and Acceleration Server that allows administrators to monitor the sites users are browsing and what files they are downloading - in real time.

GFI WebMonitor 3, formerly only available as a lightweight freeware tool, will now be offered as a commercial version which can scan all downloads for viruses, perform proactive content filtering - such as preventing access to adult sites - and block files based on type, among other new features. GFI WebMonitor also supports add-ons which enable it to identify and block malware including Trojans, adware and spyware.

Free Books For Our Community !!

2005-09-14T02:03:06+10:00

Firewall.cx is well known for its excellent articles and free services offered to its community. Now are ready to once again take these services to the next level.

We are pleased to announce that Firewall.cx has successfully managed to obtain free IT books for its community, from the world's largest publication companies!

Cisco Press, Prentice Hall, Addison Wesley and Symantec Press have agreed to provide our Cisco Lab community with FREE IT related books!

Selected titles will be delivered to our Members and Cisco Lab Users, FREE of charge, in order to help them extend their skills and knowledge.

We would like to officially thank our site partners for their valuable support and for sharing our vision!

For your comments and thoughts, please visit our site's Cisco Lab forum.

The Firewall.cx Team

Real life dollars buy virtual game money?

2005-10-21T01:11:49+10:00

Will people pay real dollars for in-game virtual money to help their virtual characters buy in-game goods?

One gamer, who goes by the screen name Haylo, said he spent $10 to $20 real dollars a month on in-game platinum(all nonexistent, of course) to buy weapons and other goods in Dark Age of Camelot (DAOC), but would spend more if he could afford it.

Most video games have some form of currency. In many ways, the in-game economy is similar to a real world economy - goods and services are traded to mutual advantage and are mediated in currency (platinum, gold, credit,etc.).

"With all the things you can buy in game," a gamer said, "it's hard not to want them, just like real-life stuff."

The average Massively Multiplayer Online Role Playing Game(MMORPG) player is 27-year-old -- a demographic drooled over by marketers. Plus, nearly half of all players have jobs, which often means they have more money than time and are the perfect consumers of virtual assets.

On the Internet, many gamers now buy virtual money that only exist as data files stored in a server run by a game company with real-world dollars, and the buying and selling of virtual currencies may be off most people's radar, but it is truly big business.

An online broker, who goes by the screen name Rolala, was not a fan of online
games until his 15-year-old son became interested in Final Fantasy XI.
He then noticed that a large number of gils which are the currencies used in FFXI were for sale on eBay.

"I started hearing about players leaving the game who were selling their assets at cheap prices," he said, "so I figured, buy low, sell high."

But Rolala found his moneymaking options in FFXI "very limited". He switched to World of Warcraft. There, he has leveraged his real-life experience into an online business. He converts his game profits into real money on sites like eBay and GameFees,etc. Earnings can be considerable.
He said he was on track to earn about $120,000 in real money in his first year in this business.

Rolala's business is just one example of how increasingly popular online
role-playing games have created a shadow economy in which the lines between the real world and the virtual world are getting blurred.

"World of Warcraft", the world's largest MMORPG, boasts more than 1 million paying users in North America.
There are many sites like "world of warcraft gold guide" and "wow gold free strategics", teaching gamers how to earn wow gold in game, however many players are still willing to buy gold and weapons to help their virtual characters get a higher virtual status more rapidly. Some virtual goods in World of Warcraft have been sold for thousands of dollars. It obviously creates a large real world market.

Right now, this business is one of the most hotly debated issues on the Internet. Many game companies such as Blizzard who run World of Warcraft discourage profit from in-game properties, though none have found a way to stop it!

Sony Online Entertainment, on the other hand, encourages the practice (albeit within the confines of their own "Station Exchange", their own forum for the sale of in-game properties). It recently announced the first month's figures from "Station Exchange".
According to SOE, over 45,000 characters from "EverQuest 2" have been active on the exchange and have spent over $180,000 USD in one month, half of which have been spent on in-game gold and platinum.

Despite of different attitudes towards virtual currency trade, the number of people who are getting into such business is rising, and the size of market has been expanding very rapidly.The market also creates a competitive environment.

With the rapid growth of virtual currency exchange market, should people accord virtual property the same protection as property in the real world?

New GFI Network Server Monitor 7

2005-10-21T22:00:00+10:00

London, UK, 20 October 2005 – GFI today announced the release of GFI Network Server Monitor 7, developed to meet the needs of enterprises of all sizes.

The new upgrade features a new component that allows enhanced configuration and status monitoring that automatically identifies and resolves issues before users report them.

GFI Network Server Monitor 7 also supports a number of enhancements that enable administrators to monitor status checks in distributed architectures, in addition to sending SMS alerts through third party email to connected SMS gateways.

Advanced automated checks

GFI Network Server Monitor 7 can monitor the status of a check by mimicking administration operations. The software can check the status of a terminal server by automatically logging in as the administrator, and carrying out administrator operations to monitor servers including IMAP, POP3 and SMTP. Standard monitoring checks such as email delivery can be replaced with automatic checks to provide administrators with a more realistic assessment of network performance.

Enhanced SMS functionality

Administrators can now be alerted to a network failure by SMS text message through a range of channels, including through an SMS message to a connected GSM mobile, or network fax servers such as GFI FAXmaker to an SMS gateway service.

The upgrade also alerts administrators to a network failure through the Clickatell web email facility, or by any other third party email to SMS gateways. For backward compatibility, the software also supports the GFI Network Server Monitor 5.5/6.0 SMS engine.

“GFI Network Server Monitor 7 has been designed to reduce administrators’ workloads,” said Andre Muscat, product manager at GFI.
“All too often, administrators are overloaded with false warnings and follow-up requests, making it hard to prioritise their time effectively.
The new approach taken by Network Server Monitor 7 mimics administrator activities, thereby automating complex activities and allowing administrators to focus their attention on more pressing tasks.”

Network monitoring for large enterprises

GFI Network Monitor Server 7 now enables performance monitoring across architectures usually found in large enterprises.
A reporter wizard allows administrators to retrieve status views in granular architectures such as nested folders, allowing them to detect, prioritise, isolate and resolve faults more quickly.

Support for Microsoft SQL Server and Access databases

Further enhancements include the ability to store monitoring data to either a Microsoft SQL Server or a Microsoft Access database.
The facility allows administrators to centralize the monitoring results of multiple network server monitor installations from one place, further increasing the response time to unplanned network downtime.

Network Server Monitor 7 is GFI’s latest addition to its portfolio of market leading network security, content security and messaging software technologies.

Today, GFI’s award-winning solutions help its 300,000 customers – including NASA, Volkswagen, and Coca-Cola Beverages – to build a robust and secure infrastructure. The organization also boasts GFI SecurityLabs which allow the organisation to research new areas of danger for computer networks.

A Microsoft Gold Certified Partner, GFI’s experience in development on the Microsoft platform and its strategic partnership with Microsoft continues to allow it to grow at an astounding rate.

Symantec Press - Guide To Home Internet Security

2005-10-27T03:27:08+10:00

If you are not familiar at all with security or have your doubts in some things, this book can literally save you!

The material covered is absolutely necessary for the survival of any windows station connected to the Internet and reading Symantec's Guide to Home Internet Security is probably the easiest way to learn it.

To read up on our review, click here.

Web Server-Applications Security Whitepaper

2005-11-11T22:02:49+11:00

Acunetix has release their long awaited Web security whitepaper uncovering the methodoligy and tools used by hackers to obtain access to web servers around the globe.

This unique whitepaper is a 'class-A' study case of Web server/application security and aimed for people involved with such applications and services.

Highly recommended, we encourage our community to read through this excellent whitepaper which can be found by clicking here and selecting the 'Web Application Security' Whitepaper on the right side of the page.

New features in GFI's N.S.S v7!

2005-11-22T05:38:00+11:00

GFI is today releasing GFI LANguard Network Security Scanner (N.S.S.) 7.0, the latest version of its popular security scanning and patch management product.

Version 7 builds on the product's extensive network scanning abilities to include scanning of anti-virus and anti-spyware deployments; ensuring the most recent definition files are installed on user machines.

It also provides multinational and hybrid environment support through multilingual patch management and enhanced Linux checks, allowing IT admins to scan and secure their entire network environment.

Cisco Lab Sneak Preview!

2005-11-25T04:53:41+11:00

In response to our community's requests, we've created a new section where you'll be able to obtain more information on our Cisco Lab.

Our Cisco Lab page contains information such as Lab diagrams, equipment available, booking system screen-shots and more. Those interested can access it by clicking here.

A permanent link will be created in our menu system soon.

Update: Please be advised that the Free Cisco Lab is no longer available. This article post has been kept published for historical purposes.

The Firewall.cx Team.

Vulnerability Scanner Version 3.0 Combats Rise in “Google Hacking” Attacks

2005-11-30T14:44:47+11:00

Seattle, Washington - November 21, 2005 – Acunetix, a leading security software company focused exclusively on helping enterprises secure their web applications and web sites, today announced the next-generation version of Acunetix Web Vulnerability Scanner, which provides a comprehensive solution to detecting system vulnerabilities that are frequently exploited by hackers.

Acunetix Web Vulnerability Scanner provides a complete solution by automatically auditing website security. The software crawls an entire website, launches popular web attacks (SQL Injection, Cross Site scripting, Google hacking, etc.) and identifies vulnerabilities that need to be fixed.

The Achilles Heel in Enterprise Security Strategies: Web Applications

Increasingly, hackers are concentrating their efforts on web-based applications - shopping carts, forms, login pages, and dynamic content. A Gartner Group study determined that 75% of cyber attacks are done at the web application level. Web applications are accessible 24 hours a day, 7 days a week and are a passageway to valuable data: customer and employee databases, transaction information and proprietary corporate data. Many enterprises have addressed network security issues and have implemented firewall technology but have not yet protected their “crown jewels” – data that can be compromised via web application hacks.

The first reported instance of a Web application attack was perpetrated in 2000. While making online transactions with a large bank, a 17 year-old Norwegian boy noticed that the URLs of the pages he was viewing displayed his account number as one of the parameters. He substituted his account number with the account numbers of random bank customers and immediately gained access to customer accounts and personal details. Myriad other hackers have followed in his footsteps, exploiting hundreds of different techniques to compromise web applications and exploit what is fast becoming the biggest Achilles heel in an organization’s security strategy.

“Web applications are now the prime target for hackers. A quick hack of a vulnerable web application can give instant access to valuable data such as customer credit cards and employee social security numbers” said Nick Galea, CEO of Acunetix. “New hacking techniques emerge every day. Auditing one’s web applications should be the number one security concern for every enterprise.”

Version 3.0 of Acunetix Web Vulnerability Scanner Protects Against Google Hacking and Other New Threats

With this newest release of Acunetix Web Vulnerability Scanner, security administrators have access to a host of new features that will protect their web applications and web sites.

Prevention of Google Hacking

Google hacking is the term used when a hacker tries to find exploitable targets and sensitive data by using search engines. The Google Hacking Database (GHDB) is a hacker database of queries that can identify sensitive data. Although Google blocks some of the better known Google hacking queries, nothing stops a hacker from crawling sites and launching the Google Hacking Database queries directly onto the crawled content.

Version 3.0 of Acunetix Web Vulnerability Scanner launches all the queries found in the Google hacking database onto the crawled content of enterprise websites thus finding any sensitive data or exploitable targets before a “search engine hacker” does. Acunetix is first to market with a solution that detects Google hacking vulnerabilities.

Other New Features

Over forty new features and enhancements have been introduced in the latest release of Acunetix Web Vulnerability Scanner. Enhancements include sophisticated testing for buffer overflows & input validation, automatic detection of custom error pages, enhanced abilities to scan websites which are password protected, automatic HTML form fillers, the ability to crawl Macromedia Flash files, and numerous other new features.

Extrusion Detection, Security Monitoring for Internal Intrusions

2005-12-06T15:20:22+11:00

Following the success of "The Tao of Network Security Monitoring" last year, world renowned security expert Richard Bejtlich raises once again the standard for security professionals, this time by focusing threats coming from within our network - a kind of underestimated area.

Like the first book, it's first concern is to guide the reader away of myopic approaches that are popular even among security professionals and sharpen his awareness to all directions.

Professionals whose job involves designing, maintainance or security auditing of large networks, as well as security enthousiasts are certain to appreciate the information provided by this book.

To read the complete review, click here.

MailEssentials for Exchange/SMTP - The Battle Against SPAM

2006-02-02T03:44:13+11:00

London, UK, 1 February 2006 - GFI, a leading developer of messaging, network and content security software, has announced the release of GFI MailEssentials 12. The latest upgrade to its award-winning anti-spam software now protects users from phishing emails by detecting and blocking them before they reach the recipient's mailbox.

Featuring PURBL, a Phishing URI Realtime Blocklist, GFI MailEssentials 12 extracts links from the message body and checks them against a list of well-known phishing sites. GFI MailEssentials 12 also scans typical phishing keywords, which identify and treat the message as spam once found.

The Exchange administrator's daily workload is greatly minimised as the software works at server level, so administrators do not need to install anti-phishing software on every desktop. Furthermore, the product features server-based Bayesian filtering technology that automatically adapts to each organisation's email environment, so that administrators do not need to intervene.

Apple's Intel Notebooks To Be Faster Than Expected

2006-02-15T06:14:35+11:00

Jack Writes: Apple Computer will start shipping its first Intel-based notebook this week, but with faster processors than originally specced out when Steve Jobs introduced the new Macs in January. The $2,499 MacBook Pro, which now sports a 2.0 GHz Intel Core Duo CPU, up from the previously announced 1.83 GHz processor, will ship later this week, Apple said. The less expensive $1,999 MacBook Pro, meanwhile, will be powered by a 1.83 GHz Core Duo, not the 1.67GHz processor originally specified. That model will begin shipping next week.

Customers can also custom order a MacBook Pro with the 2.16GHz Core Duo for an additional $300. Both models feature a 15.4-inch display, a DVDRW/CD-RW optical drive, either 512MB or 1GB of memory, and a hard drive with either 80GB or 100GB capacity. Wireless and Bluetooth connectivity are included, and the laptops are bundled with Mac OS X 10.4.4. Although Apple executives warned of possible MacBook Pro shortages shortly after its introduction, the ship date slipped only slightly.

Originally, Apple had said it would start shipping the notebooks Feb. 15; the lower-priced notebook will ship approximately a week later than that. According to the online Apple store, customers ordering now should expect 3- to 4-week delays. In other Intel Mac news, the cash prize created by a Houston, Tex.-based Mac user for creating the first dual-boot machine capable of starting up both Windows XP and Mac OS X has broken the $11,000 mark.

Colin Nederkoorn has raised $11,318 as of Monday, but has yet to award the prize for a dual-boot procedure. Nederkoorn began asking for contributions in January, and on his Web site, said that he had put in an early order for a MacBook Pro laptop to replace the PC desktop system he used at his job for a shipping company. Source: http://www.informationweek.com/news/showArticle.jhtml?articleID=180201657

Judge sentenced man to 6 1/2 years for computer theft

2006-02-15T22:23:01+11:00

Jack Writes: YAKIMA, Wash. - A Washington man was sentenced to 6 1/2 years in prison for a multimillion-dollar computer hardware fraud. Stephen Matthew Griffitt, 34 of Pasco, Wash., pleaded guilty in October to two counts of wire fraud and two counts of money laundering involving theft of computer equipment. At a sentencing Monday, U.S. District Judge Lonny Suko also ordered Griffitt

Prosecutors contend that Griffitt established several businesses in 2000 to buy and sell Internet-related computer equipment, primarily manufactured by San Jose, Calif.-based Cisco Systems Inc. From about October 2002 through June 2003, Griffitt fraudulently obtained valid serial numbers for Cisco access servers. He would then contact Cisco and indicate that the piece of equipment had failed.

Cisco would send a replacement product, and Griffitt would then sell that equipment to others, prosecutors said. Prosecutors said Griffitt also ripped off a number of computer businesses and telecommunications companies by either buying equipment from them that he never paid for or by selling without producing the goods. In return for his plea, prosecutors agreed to recommend a sentence of just over five years in prison. While awaiting sentencing, however, Griffitt was arrested by Pasco police on charges he bounced a check as part of car-buying scam. Prosecutors accused Griffitt of violating the terms of his plea deal and responded by upping his recommended sentence to 6 1/2 years in prison - a recommendation not opposed by Griffitt's counsel. Defense attorney Adam Moore said his client's behavior was a result of a long addition to prescription painkillers. Three co-defendants, including Griffitt's wife, Melinda, pleaded guilty to reduced charges and were placed on probation.

Source: http://www.mercurynews.com/mld/mercurynews/news/local/states/california/northern_california/13872734.htm

Best Practices and Strategies for J2EE, Web Services, and Identity Management

2006-02-18T07:58:34+11:00

If you ever want to understand about security and its role in the development of J2EE enterprise-level applications, then you should consider buying this book from your local bookstore.

The authors have done an excellent job in explaining the basics of security as it applies to the most common business practices, as well as deliver intricate details on the inner workings of the Java platform security architecture.

Read more on our exclusive review of the book here.

Windows Vista Product Editions Preview

2006-02-22T21:27:22+11:00

Jack Writes: Here's how the Windows Vista product editions break down, according to the very latest internal Microsoft documentation.

Windows Vista product editions Here's how the product editions look, along with a preview of Microsoft's marketing message for each version.

Windows Starter 2007 Aimed at beginner computer users in emerging markets who can only afford a low cost PC. As with the XP version, Windows Starter 2007 (note that it's not branded as Window Vista) is a subset of Vista Home Basic, and will ship in a 32-bit version only (no 64-bit x64 version). Starter 2007 will allow only three applications (and/or three windows) to run simultaneously, will provide Internet connectivity but not incoming network communications, and will not provide for logon passwords or Fast User Switching (FUS). Starter 2007 is analogous to XP Starter Edition. This version will only be sold in emerging markets.

Windows Starter 2007 is lacking a number of unique features found in most of the other Vista product editions. There is no Aero user interface, for example, and no support for Castle-based networking. Other missing features include DVD Authoring, gaming common controller support, and image editing with enhanced touchup.

The marketing message: For beginner computer users in emerging markets who can only afford a low cost PC, Windows Starter 2007 provides a more affordable and easy introduction to personal computing because it is lower priced, tailored to the needs of beginner personal computer users, compatible with a wide range of Windows-based applications and devices, and tailored to each market.

Windows Vista Home Basic A simple version of Windows Vista that is aimed at single PC homes. Windows Vista Home Basic is the baseline version of Windows Vista, and the version that all other product editions will build from. It will include features such as Windows Firewall, Windows Security Center, secure wireless networking, parental controls, anti-spam/anti-virus/anti-spyware functionality, network map, Windows Search, Movie Maker, Photo Library, Windows Media Player, Outlook Express with RSS support, P2P Messenger, and more. Windows Vista Home Basic is roughly analogous to Windows XP Home Edition. This version is aimed at general consumers, Windows 9x/XP Starter Edition upgraders, and price sensitive/first-time buyers. Like Starter 2007, Vista Home Basic will not support the new Aero user interface.

The marketing message: For mainstream Windows customers, Home Basic is where it all begins. Here, Microsoft will be pushing "peace of mind" and "performance," and will promise consumers a faster, more secure and reliable productivity experience. Home Basic is secure by default and easy to keep secure. You can trust Windows with your most important tasks and data and complete everyday tasks faster.

Windows Vista Home Premium Whole home entertainment and personal productivity throughout the home and on the go. As a true superset of Home Basic, Windows Vista Home Premium will include everything from Home Basic, as well as Media Center and Media Center Extender functionality (including Cable Card support), DVD video authoring and HDTV support, DVD ripping support (yes, you read that right), Tablet PC functionality, Mobility Center and other mobility and presentation features, auxiliary display support, P2P ad-hoc meeting capabilities, Wi-Fi auto-config and roaming, unified parental controls that work over multiple PCs, backup to network functionality, Internet File Sharing, Offline Folders, PC-to-PC sync, Sync Manager, and support for Quattro Home Server, a Windows Server 2003 R2-based server product aimed at the home market. Windows Vista Premium is similar to XP Media Center Edition, except that it adds numerous other features and functionality, including Tablet PC support. My guess is that this will be the volume consumer offering in the Windows Vista timeframe (today, XP Pro is the dominant seller). This version is aimed at PC enthusiasts, multiple-PC homes, homes with kids, and notebook users.

The marketing message: Home Premium turns it up a notch. In addition to the baseline functionality offered in Home Basic, this version focuses on such things as integrated entertainment (movies, memories, and more), mobility (media and productivity on the go), and connected living (connect with family, friends, and home). Home Premium supplies whole-home entertainment and personal productivity throughout the home and on the go.

Windows Vista Business A powerful, reliable and secure OS for businesses of all sizes. Windows Vista Business will include domain join and management functionality, compatibility with non-Microsoft networking protocols (Netware, SNMP, etc.), Remote Desktop, Microsoft Windows Web Server, and Encrypted File System (EFS). Additionally, Vista Business will include Tablet PC functionality. Windows Vista Business is roughly analogous to XP Pro today. This version is aimed at business decision makers and IT managers and generalists.

The marketing message: Vista Business is a powerful, reliable, and secure operating system. It helps PC users be more effective at work and offers improved connectivity and access to information, so that companies can realize better return on their IT investment.

Windows Vista Small Business Designed for small businesses without IT staff. Vista Small Business is a superset of Vista Business, and includes the following unique features: Backup and Shadow Copy support, Castle and server-join networking, and PC fax and scanning utility. Additionally, Microsoft is looking at including a number of other features, many of which might be cut: These include Vista Small Business guided tour, pre-paid access to the Windows Live! Small Business or Microsoft Office Live! subscription services, Multi-PC Health (a managed version of Microsoft One Care Live), and membership in the Microsoft Small Business Club online service. Microsoft will offer a Step-Up program for Vista Small Business that will allow customers to upgrade to Windows Vista Enterprise (see below) or Windows Vista Ultimate (see below) at a reduced cost. This SKU is new to Windows Vista; there is no XP Small Business Edition. This version is aimed at small business owners and managers.

The marketing message: Vista Small Business provides smooth operation even for those businesses without an IT staff. It is the operating system designed to help small businesses start, grow and thrive.

Windows Vista Enterprise Optimized for the enterprise, this version will be a true superset of Windows Vista Business. It will also include unique features such as Virtual PC, the multi-language user interface (MUI), and the Secure Startup/full volume encryption security technologies ("Cornerstone"). There is no analogous XP version for this product. This version is aimed at business decision makers, IT managers and decision makers, and information workers/general business users. Vista Enterprise will be offered exclusively through Software Assurance.

The marketing message: Vista Enterprise provides an advanced application compatibility solution that will be crucial to many large business users, can be deployed to multiple language locales using a single image, and provides Secure Startup functionality for the ultimate in security on the go. It is the client OS that is optimized for the enterprise. Vista Enterprise reduces IT cost and complexity by providing tools that protect company data, reduce the number of required disk images, and ensure the compatibility of legacy applications.

Windows Vista Ultimate The best operating system ever offered for a personal PC, optimized for the individual. Windows Vista Ultimate is a superset of both Vista Home Premium and Vista Business, so it includes all of the features of both of those product versions, plus adds Game Performance Tweaker with integrated gaming experiences, a Podcast creation utility (under consideration, may be cut from product), and online "Club" services (exclusive access to music, movies, services and preferred customer care) and other offerings (also under consideration, may be cut from product). Microsoft is still investigating how to position its most impressive Windows release yet, and is looking into offering Vista Ultimate owners such services as extended A1 subscriptions, free music downloads, free movie downloads, Online Spotlight and entertainment software, preferred product support, and custom themes. There is nothing like Vista Ultimate today. This version is aimed at high-end PC users and technology influencers, gamers, digital media enthusiasts, and students.

The marketing message: Vista Ultimate is the "no compromises" version of Windows Vista. It provides the best performance, most secure and complete connection to the office, and is optimized for the individual. Everything you need for work or fun is included. It is the best operating system ever offered for the personal PC. N Editions Finally, I should note that Microsoft is planning to offer so-called N Editions of Windows Vista for the European market, in order to meet the requirements of an antitrust ruling there. Windows Vista N Editions--Vista Home N and Vista Business N--will mirror the Vista Home Basic and Vista Business versions, respectively, but will not include Windows Media Player and other media-related functionality.

Source And More Storey:

http://www.winsupersite.com/showcase/winvista_editions.asp

Razorback Servers Seized

2006-02-22T21:54:50+11:00

Jack Writes: It appears that one of the largest eDonkey2000 communities is no more. Often occupied by over 1 million eDoney2000 users spread over several servers, Razorback2 is often regarded as the very lifeblood of this network. This morning, users of this server network found their community offline.

At this time, details are extremely scarce. However it is being reported the Federal Belgian Police have raided and seized Razorback2's servers. In addition, it is suspected the administrator of Razorback2 is currently in custody.

Razorback2 was an eDonkey2000 indexing server - very different in nature from an indexing site such as ShareReactor. Unlike indexing sites, Razorback2's index was only available through an eDonkey2000 client such as eMule. While it does not host any actual files or multimedia material, it does index the location of such files on the eDonkey2000 network. The legality of such indexing remains questionable, however this has not deterred copyright enforcement actions.

Giving credence to this report, the Razorback2 home page simply times out upon request. In addition, pinging the IP address of Razorback's home page and eDonkey2000 servers yields the same result. Only "fake" Razorback2 servers are online, communities designed by copyright enforcement entities to mimic yet deter unauthorized file-sharing.

The Belgian Federal Police homepage at this time have no information regarding this raid, however considering the magnitude of the situation this should change. One thing is certain; Razorback2 has been removed from the eDoneky2000 network. Most noticeably, the eDonkey2000 population has shrunk from its usual 3.5 million users to approximately 3 million users - an unusual departure from its average.

Update: Below is the MPA press release provided to Slyck.com:

BELGIAN & SWISS AUTHORITIES BREAK RAZORBACK2

World's Largest P2P Facilitator Put Out of Illegal Business

Brussels, Los Angeles-- In a joint operation today police and prosecuting authorities in Belgium and Switzerland shut down the infamous file-swapping network Razorback2. Razorback2 was the number one eDonkey peer-to-peer server facilitating the illegal file swapping of approximately 1.3 million users simultaneously. Razorback2 was operated as a commercial enterprise indexing over 170 million files including millions of copyrighted movies, software, games, TV programming and music with international and U.S. titles. The site was regularly used by people located all over the world, with the vast majority of users based in Europe.

"This is a major victory in our fight to cut off the supply of illegal materials being circulated on the Internet via peer-to-peer networks," said Motion Picture Association (MPA) Chairman and CEO Dan Glickman. "By shaving the illegal traffic of copyrighted works facilitated by Razorback2, we are depleting other illegal networks of their ability to supply Internet pirates with copyrighted works which is a positive step in our international effort to fight piracy."

Swiss authorities arrested the site's operator at his residence in Switzerland this morning and searched his home. At the same time, on the authority of a local magistrate, Belgian police seized the site's servers located at an Internet hosting center in Zaventem near Brussels. The operation conducted by Swiss and Belgian authorities aimed at cutting off a major supply and facilitator of illegal files to several popular illegal file swapping networks. By shutting down Razorback2, the ease with which pirates can obtain illegal content online will slow dramatically. Since November of 2004, authorities have closed down all of the major eDonkey servers in the United States, and now, Europe.

The operators of Razorback2 had clear financial motives. In addition to collecting "donations" from users, revenue was also generated through the sale of advertising on the site, usually promoting pornographic websites. In addition, the availability of offensive content will be inhibited. The operators of this eDonkey site chose not to exercise control over files being traded by users which including those containing child pornography, bomb-making instructions and terrorist training videos.

"Razorback2 was not just an enormous index for Internet users engaged in illegal file swapping, it was a menace to society," said Executive Vice President and Worldwide Anti-Piracy Director John G. Malcolm. "I applaud the Swiss and Belgian authorities for their actions which are helping thwart Internet piracy around the world."

Razorback2 posted statistics on its site regarding the number of uses online at any one time, reveling in its reputation as the world's largest P2P facilitator. Today, users attempting to connect to Razorback2 read the message "Razorback space 2.0 appears to be dead."

Chris Marcich, Senior Vice President and Managing Director of the MPA's European Office said: "We are very grateful to the Swiss and Belgian authorities for their cooperation and effective action in dealing with this particularly egregious enterprise and the individual profiting from it."

The MPA and its member companies, working with the local film industries, have a multi-pronged approach to fighting piracy, which includes educating people about the consequences of piracy, taking action against Internet thieves, working with law enforcement authorities around the world to root out pirate operations and working to ensure movies are available legally using advanced technology.

Source: http://www.slyck.com/news.php?story=1102

Mac OS X on a PC

2006-02-23T23:12:51+11:00

Jack Writes: A couple of weeks ago at Northern Voice, right after Robert Scoble’s demo of Windows Vista, Chris Pirillo showed off his ThinkPad that was running Apple Mac OS X 10.4.4, duel booting with Windows! It seemed to run really well.

Linux worm targets PHP flaw

2006-03-01T01:16:34+11:00

Jack Writes: Internet ne'er do wells have created a Linux worm which uses a recently discovered vulnerability in XML-RPC for PHP, a popular open source component used in many applications, to attack vulnerable systems. The Mare-D worm also tries to take advantage of a security flaw in Mambo to spread. If successful, the worm installs an IRC-controlled backdoor on compromised systems.

Most affected applications have been updated to address the security flaw exploited by Mare-D, which anti-virus firms rate as a low risk. The malware is noteworthy mainly because of the rarity of malware strains targeting Linux systems rather than the minimal threat is poses.

Red Hat To Integrate Virtualization

2006-03-15T22:08:16+11:00

Jack Writes: Following community-based developed Fedora Core 4 which already includes Xen, Xensource's open source hypervisor, Red Hat has recently announced that it will release a beta version of Red Hat Enterprise Linux 5 (RHEL5), which will also include support for virtualization. The company will thus be able to better compete on the servers market against companies that have already implemented this technology, such as Novell.

During a launch today in San Francisco, company executives presented detailed plans for creating a Red Hat virtualization environment and collaborating with partners such as AMD, Intel, Network Appliance and XenSource to simplify virtualization deployment for customers.

Red Hat announced it will provide tools, services and technology previews that let customers and partners take advantage of the resources at the low costs and maximum efficiency.

"Conservative estimates show that servers typically operate at between 15 and 25 percent of CPU capacity, but with virtualization that could improved to 80 percent", said Brian Stevens, CTO at Red Hat.

"Our customers, who already see Red Hat Enterprise Linux as the choice for lower cost of ownership, will be able to ride this next wave of virtualization to further reduce costs and increase operational efficiency. Red Hat's strategy is to methodically target and reduce every cost driver associated with deploying IT infrastructure, we believe integrated virtualization will be a major milestone in this effort", he added.

The integrated virtualization technology includes features such as: a complete platform to implement server consolidation, reducing costs and improving service levels; a comprehensive development and QA environment, which allows developers to substantially reduce the time and complexity of writing and testing code on diverse target systems; support for hardware abstraction, which allows IT managers to reap the benefits of the latest hardware using existing software stacks, without the expense of extensive qualification and migration processes.

This month Red Hat will also make Fedora Core 5 available and its users will be able to see a preview of Red Hat Enterprise Linux virtualization technology. This summer, Red Hat plans to make virtualization Migration and Assessment Services available along with an Enterprise virtualization beta.

"By the end of this year the integration of Xen into Red Hat Enterprise Linux will result in several important customer benefits, including better support for consolidation; more flexible lifecycle management; and improved workload management and availability", said Tony Iams, Vice President of System Software Research at Ideas International, Inc. "Further, by making Xen a pervasive part of its Linux distribution, Red Hat will drive virtualization deeply into the mainstream."

The fifth version of Red Hat Enterprise Linux is scheduled to be completely available for general use at the end of 2006 and will have full support for integrated virtualization.

ISS Discovers Flaw in Sendmail Server Software

2006-03-23T22:35:48+11:00

Jack Writes: Internet Security Systems announced that its X-Force research and development team has discovered a serious vulnerability in Sendmail SMTP server software. Sendmail is the most popular mail transfer agent (MTA) on the Internet and is used extensively by large corporations and government agencies to route and deliver email.

In order to exploit this vulnerability, an attacker simply needs to be able to connect to the Sendmail SMTP server over a network. Exploitation of this vulnerability could allow remote attackers to take complete control of affected machines and obtain full access to users' emails, confidential information and other sensitive data on the network.

Sendmail is primarily used in UNIX server environments, although various Windows versions also exist. It is the default MTA for many operating systems. By carefully timing the transmission of malicious data targeting this vulnerability, it is possible for a remote attacker to gain control of the affected system without requiring any user interaction.

By protecting against vulnerabilities rather than known exploits, ISS keeps organizations ahead of Internet threats. Through a multi-layered security approach, ISS' Proventia(R) security products and services provide organizations with comprehensive protection for IT assets from network to host. ISS' Virtual Patch(TM) technology automatically protects organizations from Internet attacks until they are able to obtain, test and apply patches from affected vendors.

The ISS X-Force advisory on this vulnerability can be found here.

GFI's EndPointSecurity now live!

2006-03-28T19:32:45+11:00

London, UK, 28 March, 2006 - Today, GFI, an international leader and developer of network security, content security and messaging software, is announcing that GFI EndPointSecurity has now gone live.

GFI's endpoint security solution provides IT administrators with granular, network-wide controls for portable storage devices, removable media and a wide range of consumer electronic devices, which if not managed properly, can wreak havoc to network security and reduce employee productivity.

With GFI EndPointSecurity, security administrators can provide read, write or both access capabilities to groups or individual users for file-based media, such as, CD/DVD-ROMs and floppies as well as block-based media operated through universal serial bus (USB), Bluetooth, Firewire and Wi-Fi connections.

In addition, administrators have the ability to monitor the use of a removable device and even block access if the activity is suspected of compromising the integrity of corporate data or the security of the network.

"Group based oversight offers users an incredible management opportunity," said Andre Muscat, Product Manager for GFI EndPointSecurity. "While our competitors can support individual computer specifications, none of them allow a group based control approach to configuration at this level of ease."

Gnome and KDE get common interfaces

2006-04-05T16:47:08+10:00

Jack Writes: THE POSSIBILITY of a Linux desktop to rival Windows got closer after the Open Source Development Labs (OSDL) and freedesktop.org released a preview of some common interfaces for GNOME and KDE.

The Portland Project's technology preview which can be seen here, uses two sets of interfaces - a suite of command line tools and a library of APIs (application program interfaces) called DAPI.

The Portland Project said that this will simplify porting and integrating applications on GNOME and KDE Linux desktops. Linux developers can use the DAPI APIs to customise services while maintaining a common set of interfaces across different desktops. It makes basic desktop integration tasks simpler.

The first Portland beta will be released in May 2006, with final release of Portland 1.0 expected in June 2006.

Scan Your Website ....For Free!

2006-04-11T03:55:39+10:00

Believe it or not, Acunetix - the leader in website security scanning technology, is now offering a free scan of your site - no strings attached! Acunetix's unique scanning technology has placed them amongst the world's leading vendors in security scanning software.

In hope to raise awareness of web vulnerabilities and their security implications, Acunetix has decided to allow users all over the world, try out their unique software and help uncover problems and security holes they never knew existed.

Oracle CEO says may launch own Linux version.

2006-04-18T02:33:33+10:00

Jack Writes: Oracle Corp. is considering launching its own Linux operating system and has looked at buying one of the main suppliers of open-source technology, Chief Executive Larry Ellison told a newspaper on Monday.

Such a move by the world's top supplier of database management software into open source operating systems and applications would propel Oracle into sectors of the software industry where it has never directly competed.

It would also step up competition with rivals ranging from Microsoft Corp. to IBM to Red Hat and dozens of up and coming open-source start-ups, analysts said.

Ellison told the Financial Times Oracle wanted to sell a full range of software that included both the operating system and applications, or what is known in the industry as a complete "software stack."

"I'd like to have a complete stack," Ellison said in the interview. "We're missing an operating system. You could argue that it makes a lot of sense for us to look at distributing and supporting Linux."

Brendan Barnacle, an analyst at Pacific Crest Equities, said he doubted Oracle would launch its own version of Linux because competitors such as SAP AG would not want to rely on a major rival for open-source needs.

"It would be pretty challenging to come up with a new version of Linux," Barnacle said. "They have the resources, but this is partly a shot across the bow against Red Hat and others."

Open-source is growing in popularity because it allows customers to use applications for free and only pay for custom features, maintenance and support, cutting the cost of traditional software.

Oracle, which has long used open source to build some of its own software products, has in recent months sought to become more of a broker among various camps within the open- source movement, through acquisitions and partnerships.

Among publicly traded companies, Red Hat Inc. is the leading open source company, followed by Novell Inc. Scores of companies from Oracle and IBM to privately held players, such as MySQL and Zend, also play in the market.

Ellison said his company had considered acquiring Novell Inc. as a way to build on growing demand for open- source software that allows programmers to quickly build Web applications.

This could also help to keep Linux as an important counter- balance to Microsoft's Windows operating system that Oracle and other companies have long relied on.

Novell, Red Hat and Oracle declined to comment on Ellison's comments.

But analyst Barnacle said buying Novell would present Oracle with a host of organizational challenges. Instead, he believes Ellison's comments were a shot across the bow to companies such as Red Hat that are creeping closer to Oracle's core database business.

Deal-making in the industry has heated up since Oracle purchased open-source database software maker Sleepycat and Red Hat stepped in to buy one-time Oracle target JBoss, whose products compete with those of Oracle.

Ellison said the Red Hat-JBoss deal could shake up existing alliances in the industry and potentially force his own company to become more aggressive in the Linux market.

"Now that Red Hat ... competes with us in middleware, we have to re-look at the relationship -- so does IBM," Ellison told the Financial Times. "I don't think Oracle and IBM want another Microsoft in Red Hat."

Novell shares were up nearly 3 percent to $7.73 in early afternoon trading on Nasdaq, while Oracle shares were up 2 cents to $13.70. Red Hat shares were down more than 7 percent to $28.40 after Goldman Sachs downgraded the company to "underperform" from "in-line."

Forum Reorganization

2006-05-05T04:03:10+10:00

We would like to inform our members that during the following days the Forums will be in the process of a few organizational changes. Some new forums will be created and some others will be merged, in an effort to balance the thematic categories better, according to your interests.

We do not expect the update to affect the working order of the Forums anyhow, this is only an announcement for your information.

On the opportunity, we'd also like to express our thanks for your active participation in the discussions through your so many, very informative and valuable posts!

Acunetix Web Site Security Centre Exposes Web Site Hacking

2006-05-05T04:36:57+10:00

New information center offers advice on how to prevent SQL injection, Cross Site scripting, Google hacking and other web application attacks

London, UK – April 19, 2006 – Acunetix has launched the Acunetix Web Site Security Center, a comprehensive web site security information center that educates visitors on the latest and most threatening web application hacking techniques.

Web site security is possibly today's most overlooked aspect of securing the enterprise. Hackers are concentrating their efforts on web sites: 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking!

Common web hacking techniques, such as SQL injection, cross site scripting, authentication hacking, CRLF injection, Google hacking and directory traversal are discussed in great detail in the Web Site Security Center, with information on how they work, how to find the vulnerabilities, and how to fix vulnerabilities so that valuable enterprise data and applications are no longer at risk.

“We are still at a stage where many large enterprise organizations do not yet fully understand how vulnerable they may be to web hacking attempts,” noted Nick Galea, CEO of Acunetix. “As they learn more about web attacks, they tend to recognize what’s at risk and they start taking the necessary precautions.”

“In addition to increasing their understanding of web vulnerabilities, the most important thing enterprises can do to secure their data is to use web site vulnerability scanning software, and to scan applications every time there is a code change.” adds Galea.

New Firewall.cx Team Member

2006-05-05T05:40:00+10:00

It is with much pleasure we announce the addition of a new Firewall.cx Team Member, Jeremy.

Jeremy has joined our site's team as a Cisco Lab software engineer, assisting the rest of the group with the ongoing development of our Cisco Lab. We welcome Jeremy to the Firewall.cx Family, and thank him for his help and valuable contribution toward helping this dream become a reality. If you would like to find out more about Jeremy, please visit The Firewall.cx Team page.

The Firewall.cx Team

Cisco Lab Now Entering Beta Testing Phase

2006-05-06T10:00:00+10:00

We are pleased to announce that our long awaited Free Cisco Lab has now entered its Beta Testing phase.

Our Beta Testing team will be making extensive use of our 3 available Cisco labs for the next two weeks, ensuring the availability and stability of our systems, while at the same time helping us improve the service.

Once our Beta Testing phase is complete, all necessary changes will be made and our 3 Cisco Labs will be given out to the public.

Requirement to make use of our Cisco lab is that you are a registered member of this site.

The Firewall.cx Team.

Cisco Lab Update

2006-05-08T05:12:53+10:00

Dear Members,

Please be advised that we have just published our Cisco Lab diagrams and equipment configuration.

As noted in previous posts, there are currently 3 Cisco labs available. These will be extended in the near future as our resources permit.

Currently, there are no ISDN services supported and no tutorials have yet been completed. Once our labs are available to the public, we will begin the preparation of necessary material to help guide the user through the labs.

We thank you for your support and understanding.

The Firewall.cx Team

New Book Titles Reviewed!

2006-06-15T03:02:07+10:00

We would like to inform our community that we've completed our review of two new titles from Addison-Wesley:

Preventing Web Attacks with Apache

'Preventing Web Attacks with Apache' attempts to provide a comprehensive treatment of the thorny area of web server security with the sole emphasis being on Apache...."

How to Break Web Software

'This is a focussed book with a single aim; to help you find and correct common vulnerabilities in web-based applications and website software.

Above all, this is a book to be used. The authors take a practical approach to each area of consideration, and the chapters are well structured to make it easy for you to get right to work...'

To read more about these reviews, simply visit our Book Review Section.

Microsoft France hacked – can you afford to be the next?

2006-06-22T00:22:09+10:00

Acunetix secures web applications and prevents website defacement and irreversible damage to your company’s reputation.

London, UK – 20 June, 2006 – One of the websites of Microsoft France was attacked this weekend by a group of Turkish hackers who defaced the site by Web Server intrusion.

TiTHack, the handle used by the hackers, defaced http://experts.microsoft.fr (incident also confirmed by Zdnet) by exploiting a vulnerability found either in IIS6 or in one of the web applications running on the site.

The attack seems to have been done “for fun”. However, the defacement has already caused Microsoft France significant embarrassment further damaging the corporation’s global reputation. Bloggers immediately picked up on the defacement and were amused at how long it took Microsoft to fix the problem. At time of writing, the website remains unavailable after at least 1 day in its state of defacement.

The defacement as do*****ented by Zone-h read:
Hi Master (: Your System 0wned By Turkish Hackers!
redLine ownz y0u!
Special Thanx And Gretz RudeBoy |SacRedSeer|
The_Bekir And All Turkish HacKers
next target: microsoft.com
date: 18/06/2006 @ 19:06
WE WERE HERE....>

Microsoft websites around the world have long been regular targets for defacement and other forms of exploits. Such defacement occurs when hackers manage to gain access to and manipulate the code and/or files on the web server to display whatever they please. These web hacking attacks can cost a company significant loss of revenue severe fines and loss of customer trust, apart from damaging the company’s reputation and credibility.

Acunetix provides free audit to help companies determine the security of their websites

Enterprises who would like to have their website security checked can register for a free audit by visiting http://www.acunetix.com/security-audit. Participating enterprises will receive a summary audit report showing whether their website is secure or not. Summary reports will be delivered within five business days of submission.

Cross site scripting vulnerability in PayPal results in identity theft

2006-06-25T00:26:35+10:00

Acunetix WVS protects sensitive personal data and prevents financial losses due to XSS attacks

London, UK – 20 June, 2006 – An unknown number of PayPal users have been tricked into giving away social security numbers, credit card details and other highly sensitive personal information. Hackers deceived their victims by injecting and running malicious code on the genuine PayPal website by using a technique called Cross Site Scripting (XXS).

The hackers contacted target users via email and conned them into accessing a particular URL hosted on the legitimate PayPal website. Via a cross site scripting attack, hackers ran code which presented these users with an officially sounding message stating, "Your account is currently disabled because we think it has been accessed by a third party. You will now be redirected to a Resolution Center." Victims were then redirected to a trap site located in South Korea.

Once in this “phishing website”, unsuspecting victims provided their PayPal login information and subsequently, very sensitive data including their social security number, ATM PIN, and credit card details (number, verification details, and expiry date).

The Acunetix Web Vulnerability Scanner automatically audits web applications and checks whether these applications are secure from exploitable vulnerabilities to such hack attacks as cross site scripting. An automated check of PayPal’s website (using Acunetix WVS) could have prevented this attack and saved the company from denting its reputation and the subsequent loss of customer trust. Although PayPal has now fixed the flaw, the company has not, to date, revealed information on how many people may have fallen victim to the scam and on any financial losses resulting from the attack.

New Forum layout

2006-06-25T00:41:50+10:00

We would like to inform our members that during this week to come, the site Forums will be in the process of a few organizational changes. Some new Forums will be created, while some others will be merged in an effort to balance the thematic categories better, according to the community's interests.

While we do not expect the update to affect the working order of the Forums, if any difficulties surface, please let our Forum Moderators know and they'll ensure the problem is resolved.

On the opportunity, we would also like to express our "Thank You" to our community, for its active participation in the Forum discussions, that have resulted in over 15,000 posts containing valuable knowledge that comes from our members experiences and willingness to help the rest of the community!

Evading the ''Great Firewall'' of China

2006-06-29T01:49:06+10:00

The Great Firewall of China is an important tool for the Chinese Government in their efforts to censor the Internet. It works, in part, by inspecting web traffic to determine whether or not particular words are present. If the Chinese Government does not approve of one of the words in a web page (or a web request), perhaps it says “f” “a” “l” “u” “n”, then the connection is closed and the web page will be unavailable — it has been censored.

This user-level effect has been known for some time… but up until now, no-one seems to have looked more closely into what is actually happening (or when they have, they have misunderstood the packet level events).

However, recently Richard Clayton has presented a paper that discusses how to defeat China's national firewall..

It turns out that the keyword detection is not actually being done in large routers on the borders of the Chinese networks, but in nearby subsidiary machines. When these machines detect the keyword, they do not actually prevent the packet containing the keyword from passing through the main router (this would be horribly complicated to achieve and still allow the router to run at the necessary speed). Instead, these subsiduary machines generate a series of TCP reset packets, which are sent to each end of the connection. When the resets arrive, the end-points assume they are genuine requests from the other end to close the connection — and obey. Hence the censorship occurs.

However, because the original packets are passed through the firewall unscathed, if both of the endpoints were to completely ignore the firewall’s reset packets, then the connection will proceed unhindered! We’ve done some real experiments on this — and it works just fine!! Think of it as the Harry Potter approach to the Great Firewall — just shut your eyes and walk onto Platform 9A.

Ignoring resets is trivial to achieve by applying simple firewall rules… and has no significant effect on ordinary working. If you want to be a little more clever you can examine the hop count (TTL) in the reset packets and determine whether the values are consistent with them arriving from the far end, or if the value indicates they have come from the intervening censorship device. We would argue that there is much to commend examining TTL values when considering defences against denial-of-service attacks using reset packets. Having operating system vendors provide this new functionality as standard would also be of practical use because Chinese citizens would not need to run special firewall-busting code (which the authorities might attempt to outlaw) but just off-the-shelf software (which they would necessarily tolerate).

There’s also rather more to censorship in China than just the “Great Firewall” keyword detecting system — some sites are blocked unconditionally, and it is necessary to use other techniques, such as proxies, to deal with that. However, these static blocks are far more expensive for the Chinese Government to maintain, and are inherently more fragile and less adaptive to change as content moves around. So there remains real value in exposing the inadequacy of the generic system.

The bottom line though, is that a great deal of the effectiveness of the Great Chinese Firewall depends on systems agreeing that it should work … wasn’t there once a story about the Emperor’s New Clothes ?

The academic paper developed by Clayton, Murdoch and Watson will be presented at the 6th Workshop on Privacy Enhancing Technologies being held here in Cambridge this week.

Hotmail, MSN and Amazon Susceptible to Attack via Cross Site Scripting

2006-07-08T00:56:03+10:00

Acunetix WVS protects the loss of sensitive personal data due to XSS attacks

London, UK – 05 July, 2006 – A 16 year old Dutch student, Adriaan Graas, interested in Internet security and web development discovered a hack for the popular Hotmail free email service via a Cross Site Scripting attack. Microsoft, is reported to have been aware of this vulnerability for over a week but, at time of writing, has not yet fixed it.

Hacking hotmail via XSS
When logging into Hotmail, a cookie is created allowing continual access of the user while within the domain. Hackers may steal such cookies and produce fakes using such tools as Proxomitron. Since Hotmail cookies are not IP-bound, hackers do not need the password or the email address of the victim for logging in and accessing personal emails and other data. Through Cross Site Scripting (XSS) the hacker inserts JavaScript code that will send the fake cookie to a Web Server with a log script and the deed is done.

Vulnerabilities in MSN and Amazon left unfixed
Security researcher, Yash Kadakia, frustrated by a lack of response from Microsoft and Amazon.com, has gone public with details of flaws on MSN and Amazon. Similar to the Hotmail case, Cross Site Scripting and CRLF (Carriage Return Line Feed) injection vulnerabilities found in these sites could be used by hackers to steal "cookie" data files allowing them access to Amazon.com and MSN accounts, or to display a fake login page that could be used in phishing attacks.

Kadakia said he first notified Microsoft of the problem about a year ago but he wasn't taken seriously until late last week, when he posted screen shots of the flaw being exploited on his Web site. The Amazon.com flaw was discovered in December and to-date the vulnerability remains un-patched, according to Kadakia.

Sanitizing Web Applications
Acunetix Web Vulnerability Scanner automatically audits web applications and checks whether these applications are secure from exploitable vulnerabilities to such hack attacks as Cross Site Scripting and CRLF injection. An automated check of the Hotmail, Amazon and MSN websites (using Acunetix WVS) could pinpoint these and any other possible vulnerabilities before it is too late saving the popular companies from undue embarrassment, loss of reputation and customer trust, and any financial losses resulting from the attack.

Acunetix provides free audit to help companies determine the security of their websites
Enterprises who would like to have their website security checked can register for a free audit by visiting www.acunetix.com/security-audit. Participating enterprises will receive a summary audit report showing whether their website is secure or not. Summary reports will be delivered within five business days of submission.

USA: FBI plans new Net-tapping push

2006-07-31T19:10:02+10:00

The FBI has drafted sweeping legislation that would require Internet service providers to create wiretapping hubs for police surveillance and force makers of networking gear to build in backdoors for eavesdropping.

FBI Agent Barry Smith distributed the proposal at a private meeting last Friday with industry representatives and indicated it would be introduced by Sen. Mike DeWine, an Ohio Republican, according to two sources familiar with the meeting.

The draft bill would place the FBI's Net-surveillance push on solid legal footing. At the moment, it's ensnared in a legal challenge from universities and some technology companies that claim the Federal Communications Commission's broadband surveillance directives exceed what Congress has authorized.

The FBI claims that expanding the 1994 Communications Assistance for Law Enforcement Act is necessary to thwart criminals and terrorists who have turned to technologies like voice over Internet Protocol, or VoIP.

"The complexity and variety of communications technologies have dramatically increased in recent years, and the lawful intercept capabilities of the federal, state and local law enforcement community have been under continual stress, and in many cases have decreased or become impossible," according to a summary accompanying the draft bill.

Complicating the political outlook for the legislation is an ongoing debate over allegedly illegal surveillance by the National Security Administration--punctuated by several lawsuits challenging it on constitutional grounds and an unrelated proposal to force Internet service providers to record what Americans are doing online. One source, who asked not to be identified because of the sensitive nature of last Friday's meeting, said the FBI viewed its CALEA expansion as a top congressional priority for 2007.

Breaking the legislation down
The 27-page proposed CALEA amendments seen by CNET News.com would:

• Require any manufacturer of "routing" and "addressing" hardware to offer upgrades or other "modifications" that are needed to support Internet wiretapping. Current law does require that of telephone switch manufacturers--but not makers of routers and network address translation hardware like Cisco Systems and 2Wire.

• Authorize the expansion of wiretapping requirements to "commercial" Internet services including instant messaging if the FCC deems it to be in the "public interest." That would likely sweep in services such as in-game chats offered by Microsoft's Xbox 360 gaming system as well.

• Force Internet service providers to sift through their customers' communications to identify, for instance, only VoIP calls. (The language requires companies to adhere to "processing or filtering methods or procedures applied by a law enforcement agency.") That means police could simply ask broadband providers like AT&T, Comcast or Verizon for wiretap info--instead of having to figure out what VoIP service was being used.

• Eliminate the current legal requirement saying the Justice Department must publish a public "notice of the actual number of communications interceptions" every year. That notice currently also must disclose the "maximum capacity" required to accommodate all of the legally authorized taps that government agencies will "conduct and use simultaneously."

Jim Harper, a policy analyst at the free-market Cato Institute and member of a Homeland Security advisory board, said the proposal would "have a negative impact on Internet users' privacy."

"People expect their information to be private unless the government meets certain legal standards," Harper said. "Right now the Department of Justice is pushing the wrong way on all this."

Neither the FBI nor DeWine's office responded to a request for comment Friday afternoon.

DeWine has relatively low approval ratings--47 percent, according to SurveyUSA.com--and is enmeshed in a fierce battle with a Democratic challenger to retain his Senate seat in the November elections. DeWine is a member of a Senate Judiciary subcommittee charged with overseeing electronic privacy and antiterrorism enforcement and is a former prosecutor in Ohio.

A panel of the U.S. Court of Appeals in Washington, D.C., decided 2-1 last month to uphold the FCC's extension of CALEA to broadband providers, and it's not clear what will happen next with the lawsuit. Judge Harry Edwards wrote in his dissent that the majority's logic gave the FCC "unlimited authority to regulate every telecommunications service that might conceivably be used to assist law enforcement."

The organizations behind the lawsuit say Congress never intended CALEA to force broadband providers--and networks at corporations and universities--to build in central surveillance hubs for the police. The list of organizations includes Sun Microsystems, Pulver.com, the American Association of Community Colleges, the Association of American Universities and the American Library Association.

If the FBI's legislation becomes law, it would derail the lawsuit because there would no longer be any question that Congress intended CALEA to apply to the Internet.
Source: Cnet.com

Netscape hacked via an XSS attack!

2006-08-03T10:00:00+10:00

Acunetix scans for Cross-Site Scripting vulnerabilities preventing website defacement

London, UK – 28 July, 2006 – Netscape.com, an online social media website, has been hacked through a cross-site scripting (XSS) vulnerability in their recently launched news service. It is reported that the attack was launched by fans of Digg.com, a competing social networking website. The hackers used ...the XSS vulnerability to inject their own JavaScript code into the homepage and other pages on the site.

The hack was discovered by Finnish security vendor (F-Secure), during their research work around cross-site scripting vulnerabilities on social networking sites. Digg fans used cross-site scripting attacks to display JavaScript pop-up alerts with "comical" messages aimed at redirecting visitors to their site. Fortunately no malicious code was injected. Netscape released a statement yesterday afternoon stating that the vulnerability had been patched and that visitors are once again safe.

Acunetix Web Vulnerability Scanner automatically audits web applications and checks whether these applications are secure from exploitable vulnerabilities to such hack attacks as cross site scripting. Although Netscape has now fixed the flaw, an automated check of Netscape’s website (using Acunetix WVS) could have prevented this attack and saved the company from denting its reputation and the subsequent loss of customer trust. Furthermore, hackers could have injected code aimed at stealing personal customer data rather than defacement. Most hackers, nowadays, attack websites because of the payoff from stealing such sensitive data as credit cards and social security numbers.

Acunetix provides free audit to help companies determine the security of their websites

Enterprises who would like to have their website security checked can register for a free audit by visiting www.acunetix.com/security-audit. Participating enterprises will receive a summary audit report showing whether their website is secure or not. Summary reports will be delivered within five business days of submission.

Hackers Steal 19,000 Personal Customer Details from AT&T Online Store

2006-09-17T01:00:13+10:00

On the 3rd of September 2006, hackers pilfered the personal data of nearly 19,000 DSL equipment customers through a vulnerability in AT&T’s online store.
The affected site was shut down within hours of the attack being launched. In a statement, AT&T attributed the motive of the attack to a criminal market for illegally obtained personal information. In fact, the data also included customers credit card details.

To-date, AT&T has not provided details about how the site was hacked, however some unconfirmed reports attribute the website being vulnerable to Cross Site Scripting (XSS).

This attack did not come without cost to AT&T. The company notified each customer by e-mail and is now working with law enforcement officials to track down the hacker. AT&T committed to pay for credit monitoring services to protect those customers purchasing Digital Subscriber Line (DSL) equipment online from possible fraud.

Assessing the security of a website

Websites with web applications such as shopping carts, forms, login pages and dynamic content, in general, are always a prime target for attack. To function fully, web applications require open and direct access to backend databases: if improperly coded, web applications become easy gateways to social security numbers, credit card details and even medical records. Hackers experiment heavily with a wide variety of techniques to lay their hands on this type of data since the pay-offs are enormous.

Acunetix WVS protects against these attacks including Cross Site Scripting and SQL Injection vulnerabilities. Furthermore, Acunetix protects against the embedding of Javascript malware in a web-page through its JavaScript Analyzer. Such protection secures all AJAX applications.

An automated check of AT&T’s website (using Acunetix WVS) could have prevented this attack and saved the company from denting its reputation and the subsequent loss of customer trust.

Acunetix provides free audit to help companies determine the security of their websites

Pod slurping – the mounting threat to your network

2006-09-19T21:08:49+10:00

London, UK, 19 September, 2006 – GFI, an international leader and developer of network security, content security and messaging software, has today launched a new white paper about the new and increasing threat of ‘pod slurping’.

The paper explores the threat posed by portable storage devices and considers security measures that should be implemented in addition to perimeter solutions such as firewalls and anti-virus software.

Patch Windows now, Homeland Security warns

2006-09-20T20:00:00+10:00

In an unusual advisory, the U.S. Department of Homeland Security (DHS) urged PC users and system administrators to apply a recently released patch for Microsoft Windows as soon as possible.

The department also said users should keep their operating systems up to date on security patches and install anti-virus solutions which are also current.

PC users should also avoid emails from unknown sources and unexpected attachments from known sources.

A representative from DHS could not immediately be reached for comment.

Security Bulletin MS06-040, which Redmond released earlier this week as part of the Patch Tuesday release cycle, fixes a flaw in Windows server service that could allow remote code execution.

The fix was one of a dozen patches released by Microsoft this week.

A company spokesman, who asked not to be identified, said today that the Redmond, Wash., company is working with federal officials.

"In each case where this occurs, including this instance, Microsoft works directory with the DHS to provide them with the information regarding the update for their advisory," the spokesman said. "Microsoft has rated MS06-040 as ‘critical,' our highest severity rating and encourages customers to deploy this update on their systems as soon as possible given that we are aware of targeted exploitation of the vulnerability."

Christopher Budd, security program manager at Microsoft, said on the Microsoft Security Response Center blog that the company hadn't seen indications of widespread malicious activity.

"And, of course, like we did with Sasser and Zotob, should a malicious attack occur, our teams are ready to assist our partners in law enforcement with their investigations," he said.

The U.S. Computer Emergency Readiness Team (US-CERT) issued an alert this week through its National Cyber Alert System, as well as briefing CIOs and CISOs.

The SANS Institute's Internet Storm Center said today that the host-based firewall in Windows Service Pack 2 should protect the machine from this exploit. The organization warned, however, that many system administrators turn the firewall off for ease of use.

Jonathan Bitle, manager of the technical accounts team at Qualys, said today that the flaw "would have a classification of critical within most organizations."

"Anywhere this service is enabled could be easily exploited," he said. "However, there are particular versions of Microsoft operating systems that are not exploitable by exploits out in the wild so far."

Amol Sarwate, director of Qualys' vulnerability research lab, said today that he has seen exploits "from different sources, as well as a couple of versions of exploits."

"People are trying to fine tune these exploits and make sure they're as accurate as possible," he said. Source: SC Mags website

Google intersted in adopting OpenSolaris

2006-10-06T21:24:56+10:00

Google is experimenting with the open-source version of Sun's Solaris operating system as a possible long-term prelude to replacing its massive global network of Linux servers, according to sources. With dozens of data centers worldwide estimated to house hundreds of thousands of Intel servers supporting its flagship search engine, a Google move to OpenSolaris would be another of several recent votes of confidence for the platform.

Propelled by the release of Solaris' source code 15 months ago as well as new Advanced Micro Devices-based servers from Sun that run it, the nearly 2-decade-old operating system is experiencing something of a midlife resurgence. More than 5 million users have registered to use Solaris 10 since its release in January 2005, a figure that includes those paying Sun for support and those using it for free.

Google officials declined to comment. According to Sun and other sources, a number of other companies are using Solaris 10 or Solaris Express, the executable version of OpenSolaris, which technically only refers to the Solaris source code and the community around it. That list of companies includes eBay, which touts its use of Solaris 10 on its home page; Yahoo, Vonage, Wal-Mart.com, Bear, Stearns & Co., Disney Mobile, and Reuters Group.

"Google, eBay, Yahoo -- pick your favorite," said Sun CIO Robert Worrall, whose internal IT team runs Solaris Express throughout Sun and has advised many customers on its deployment. Worrall confirmed that Google already runs a "significant amount" of Solaris in its data centers and is one of a number of customers "excited about the possibility" of moving more Linux servers to AMD Opteron servers from Sun running some version of Solaris.

Google runs a stripped-down version of Red Hat Linux specially modified by its engineers. But another source, a Solaris systems administrator who recently interviewed for a job at Google, said he was told the company plans to create and test its own modified version of OpenSolaris.

"I am 100% certain that there are literally dozens of people horsing around with OpenSolaris inside Google," said Stephen Arnold, a technology consultant and author of The Google Legacy. Moving to OpenSolaris, he said, would be a natural move for Google, with its large number of former Sun employees and its never-ending drive to push the performance of its data centers to the hilt. But Arnold said he doubts that Google, which finished rolling out its highly-secret data centers in 2004, is deploying OpenSolaris widely yet. "Will it quickly replace Linux anytime soon? No," he said.

Solaris' recent popularity could reflect something of a rebound for Sun, which rode high during the Internet boom but was hurt by the postcrash emergence of Intel-based servers running Linux. It could also vindicate Sun's embrace of open-source, though its efforts to create developer interest in OpenSolaris remain less successful.

There are just 15,600 registered members of OpenSolaris.org, and 10 percent of those are Sun employees. By contrast, there are 25,000 registered members at one Linux project, OpenSuSE, and 380,000 registered members of OpenOffice.org, which was also open-sourced by Sun back in 2000.

While Linux boasts 665 user groups worldwide, OpenSolaris has just 32. And only five non-Sun distributions of Solaris have emerged, compared with nearly 400 Linux distributions, according to DistroWatch.com.

Stephen Hahn, technical lead for OpenSolaris, argued that other statistics, such as the number of bug reports and code contributions from OpenSolaris community members, are better indicators. And he said a limited number of mutually-compatible Solaris distributions is preferable to the chaotic Linux landscape.

"Why do all open-source communities have to look the same?" Hahn said. "I would rather have 1,000 developers working together than 12 different Solaris distributions."

Also, one of the major holdups -- the drawn-out process of creating a constitution for governing the OpenSolaris community -- is close to being resolved, according to Rich Teer, a member of OpenSolaris.org's current governing body. Teer says a constitution, modeled upon the Apache Software Foundation's meritocratic model, should be approved before the end of the year.

"The thing with Linux is that it is a benevolent dictatorship, with one person having the ultimate yea or nay," Teer said. "That is certainly not the case with Apache, nor will it be with OpenSolaris."

While OpenSolaris.org will legally remain a part of Sun, its government will eventually become "as independent as possible," according to Teer, who added that the company will eventually be "no different than any other member of OpenSolaris."

A number of companies are already benefiting from Sun's open-sourcing of Solaris.

"Before, you had to be a big Sun customer and sign a lot of [nondisclosure agreements] to beta-test Solaris. For Joe Admin, that just was not attainable," said Dale Ghent, a systems administrator at the University of Maryland at Baltimore. Ghent is in the process of moving 30 servers off of Red Hat Enterprise Linux to Solaris. "Being able to test Solaris Express early gave us a psychological level of assurance," he said.

Some users are even embracing Solaris Express for production. Last year, San Anselmo, Calif.-based Web hosting provider, Joyent Inc. moved hundreds of servers and nearly 100TB of data onto Solaris Express and off of FreeBSD and SuSE Linux. Hoffman said the move has boosted his data center's performance while cutting down on costs and crashes.

"Once you've watched a bunch of your commercially-supported Linux servers crash every third day, you stop worrying that you can't officially call Sun for support," Hoffman said. "Some of our servers haven't been rebooted since we installed Solaris Express on them many months ago. They just sit there and make money."

Hoffman cited cutting-edge features available first in Solaris Express, which is updated monthly, for his willingness to experiment. They include ZFS, a 128-bit file system that can store radically more data than conventional 64-bit file systems; DTrace, a bug-finding tool that can be used even while servers remain online; and Zones, a virtualization technology.

Open-sourcing Solaris has also helped Sun rebuild mind share in an area it long ceded to Linux: on campus. "Until Solaris became open, students were only interested in Solaris for the same reason they were interested in NextStep Unix -- because it was this arcane, old-fashioned thing," said Asheesh Laroia, a graduate student in computer science at Johns Hopkins University. "There's been a major upsurge in interest in Solaris. So many people are asking, 'Should I install it?'"

[Source:] By Eric Lai, Computerworld, 09/20/06

GFI warns one anti-virus engine is not enough to protect your business

2006-10-08T23:20:40+10:00

FBI study shows 97 percent of organizations have anti-virus software installed, yet 65 percent have been affected by a virus attack at least once during the previous 12 months.

GFI’s new white paper, “Why one virus engine is not enough,” reveals that organizations relying on the protection of a single anti-virus engine are actually leaving themselves exposed to a severe and constant threat from all forms of malware.

The white paper outlines the fact that even though every anti-virus vendor in the market claims to have a fast response time, there is no single company that will consistently be the first and fastest to respond to a virus outbreak.

Internet Explorer 7 Install to be Automatic!

2006-10-17T21:54:49+10:00

Microsoft Technet have announced that Internet Explorer 7 will be automatically installed by Windows Update as a high-priority update from the 1st of November 2006.

If you do not want this to occur, instructions on blocking the update are available from http://www.microsoft.com/technet/updatemanagement/windowsupdate/ie7announcement.mspx.

Joomla! Ensures Website Security with Acunetix Web Vulnerability Scanner

2006-10-30T08:19:11+11:00

Joomla!, an award-winning, open-source content management system, uses Acunetix Web Vulnerability Scanner to automatically audit its PHP-based website!

Linux Starter Kit Review

2006-11-06T01:09:05+11:00

A review of the Linux Starter Kit has just been added to our book reviews section.
The Kit is based on the full SUSE Linux 10.1 distribution, and consists of a DVD and printed Quick Reference Guide.

The DVD includes the Linux software as well as a comprehensive 650-page reference manual in PDF format.

Check it out here.

Ethereal Renamed to WireShark

2006-11-21T04:50:44+11:00

Ethereal, the well-known and much loved public-domain network protocol analyzer has changed its name to Wireshark.
For more information have a look at https://www.wireshark.org/

Microsoft Security Announcement

2006-12-09T20:33:11+11:00

Microsoft has warned of a serious - and as yet unpatched vulnerability - in Word. Hackers (albeit to a limited extent) are exploiting the zero-day flaw in its ubiquitous Office application, Redmond warns.

The flaw - which stems from an unspecified memory corruption bug - doesn't just affect Windows users. Microsoft Word 2000, Microsoft Word 2002, Microsoft Office Word 2003, Microsoft Word Viewer 2003, Microsoft Word 2004 for Mac, and Microsoft Word 2004 v. X for Mac, along with Microsoft Works 2004, 2005, and 2006 are all potentially vulnerable. Users tricked into opening maliciously constructed Word files are liable to find their systems compromised.

Source:
http://www.theregister.co.uk/2006/12/06/unpatched_word_flaw/

GNU/Linux - 'Fedora Core 5 Unleashed' review

2006-12-12T12:33:25+11:00

"GNU/Linux (usually referred to as simply 'Linux') is a completely free Operating System that can be used for a wide variety of tasks, especially excelling at network-oriented ones. Fedora is a community-driven distribution of Linux, sponsored by Red Hat, one of the leading and oldest organizations in the field.

As the title suggests, this is a book about the latest release of Fedora Core linux distribution. Thanks to it's correct approach however, it would be accurate to claim that this is a book that can train you appropriately in the ways of Linux Operating System using Fedora Core distribution as a reference, instead of being just an other shallow distribution-specific manual.

The 'Unleashed' book series from SAMS is known for it's thoroughness and detailed coverage of each topic. Fedora Core 5 Unleashed, counting 6 well-balanced parts in more than 1000 pages, stands up to this legacy. It is essentially a training guide written with the completely inexperienced user in mind, however it also manages to extend it's information to an advanced level for most of the subjects.

The fact that absolutely no previous knowledge is required for someone to follow the book, means the only real requirement would be an interest to familiarize with this great Operating System. Fedora Core distribution along with Fedora Core 5 Unleashed book, provide a great training package for anyone to achieve this efficiently".

Click here to read our review.

Web Vulnerability Scanner Review

2006-12-12T12:36:12+11:00

Firewall.cx had the opportunity to get its hands on Acunetix's latest Web Vulnerability Scanner and road test it against a number of websites, looking for common vulnerabilities that are usually taken advantage of in order to comprimise a webserver's security!

GFI MailEssentials awarded Checkmark Premium Certification!

2007-01-24T04:15:32+11:00

The Checkmark system tests and certifies that security products meet international standards, requiring that anti-spam software meets a minimum of 97% spam detection. West Coast Labs conducted a range of tests in conjunction with Checkmark to indicate how the GFI product performed in a simulated business environment.

The results of the tests prove without doubt that GFI MailEssentials is a high quality solution,” highlighted Simon Azzopardi, Vice President, EMEA Sales, GFI. “Not only did it exceed the Checkmark requirements for spam detection rates, it also achieved 100% correct identification of genuine emails, ensuring that they were not marked as spam.

Acunetix puts a stop to identity theft in Universities

2007-01-24T04:40:24+11:00

Institutions for higher education and Not-For-Profit Organizations are experiencing a surge in attempts aimed at hacking their data. The more recent known examples were perpetrated against UCLA, the University of Texas, and Mississippi State University.

Last month, a hacker infiltrated a massive database from the University of California, Los Angeles, containing personal information (including social security numbers, dates of birth, home addresses and contact information) on 800,000 people in one of the worst computer breaches ever at a US university.

Network World Side-steps Challenge: Acunetix Reveals the Data!

2007-02-17T14:10:30+11:00

Acunetix reveals statistical results based on one year of conducting web application scans

Kirkland, Washington – February 15, 2007 – It has been an interesting 24 hours for anybody keen on web application security. Network World Labs Alliance Security Expert Joel Snyder, played down the danger of web application security and challenged Acunetix to hack a website.

Following Acunetix publishing the results of its free web security survey (http://www.acunetix.com/news/security-audit-results.htm), Network World Editor Paul Mc Namara and Network World Lab Alliance stalwart (http://www.networkworld.com/alliance/snyder.html) down-played the dangers of online web security, stating that...

Targeted Cyber Attacks - The Dangers Faced by your Corporate Network

2007-02-17T14:11:36+11:00

Cyber attack is the name given by (usually sensationalist) articles and documents describing crimes that occur in a virtual world as opposed to tangible attacks such as war.

A targeted cyber attack is when the attacker specifically targets someone or a company. This security e-book explains the real dangers posed by targeted cyber attacks and also explores the measures organizations can adopt to secure themselves against such threats.

Firewall.cx CiscoLab Now Available !

2007-03-18T01:33:44+11:00

The Firewall.cx Free Cisco Lab is finally online!
To access our Cisco lab, simply click on the top right corner of our page or use our menu, and log in using your existing Firewall.cx account.

To minimise problems and support calls, please ensure you read carefully through our help manual and check that your GMT Timezone is set correctly!

Help on our Cisco lab is available through our Cisco Lab forum. Please note that our moderators will not answer questions covered in our help guide.

We hope you enjoy this Free service!

Note: The Firewall.cx Free Cisco Lab is no longer available. This article post has been kept for historical purposes.

CCNP Video Mentor from Cisco Press Now Available

2007-03-28T10:11:57+10:00

Indianapolis, IN—March 28, 2007 — Cisco Press, which broke new ground in 2006 with the CCNA® Video Mentor, announced today the launch of the CCNP® Video Mentor, which prepares candidates for all four current CCNP exams in one package.

The CCNP Video Mentor is a DVD-ROM software product featuring 16 videos totaling more than five hours of visual instruction. The videos teach configuration concepts for the practical portions of the exams and multimedia tutorials offer insider tips and tricks.

In each 10-15 minute video, senior instructor Kevin Wallace walks users through basic configuration tasks. Each video lab presents suggested reading lists, detailed objectives, lab diagrams, command tables and video captures. Audio instruction offers tips and shortcuts, while animated network diagrams show users lab setup, device addressing, and how traffic flows through the network. Video screencasts of the router and switch CLI demonstrate command entry, configuration techniques, and device response.

"For several years now, Cisco has included simulation-based assessment in its CCNP exams,” said Brett Bartow, Cisco Press executive editor. “These simulation questions require users to perform basic configuration tasks, adding another level of complexity to the certification process. This product truly helps candidates become better prepared for this aspect of the exam.”

For more information, visit www.ciscopress.com/ccnp.
CCNP Video Mentor
1587201801 ▪ Kevin Wallace ▪ SRP ▪ $89.99

GFI EventsManager Review!

2007-03-29T12:21:26+10:00

Imagine having to trawl dutifully through the event logs of twenty or thirty servers every morning, trying to spot those few significant events that could mean real trouble among that avalanche of operational trivia. Now imagine being able to call up all those events from all your servers in a single browser window and, with one click, open an event category to display just those events you are interested in.

Free Online Security Scan Service!

2007-05-01T02:00:14+10:00

Our large community is well aware of the high-quality free services our site offers.

Following the spirit, GFI has just announced an excellent Free service (no registration required), that all IT Managers, engineers, and end users would love to make use of. Its name is 'EndPointScan' and here's what it does: EndPointScan, is an industry-first, free online service that allows anyone to check what devices are or have been connected to computers on their network and by whom. Using this diagnostic tool, one can identify those areas where the use of portable storage devices could pose a risk to the integrity of the company’s systems and data.

We gave the tool a quick test-run and were stunned by the results which took less than a minute to complete, for our local workstation.
Do yourself a big favor and give it a try - you'll surely be left surprised with its findings!

Introducing the ISDN Protocol

2007-06-03T03:42:02+10:00

ISDN is a WAN technology used widely by telecommunication companies all over the world.
Our readers can now learn more on the protocol, how it works, its characteristics, supported configurations, speeds and much more by visiting the Introduction to the ISDN Protocol article.

Siemens shows 1Gbit/s over plastic fibre

2007-06-09T21:59:04+10:00

Siemens researchers have demonstrated a data rate of 1Gbit/s over plastic optical fibre, a speed ten times higher than is possible with current products.

Sebastian Randel, the Siemens project manager, said the team sent an IPTV signal at 1008Mbit/s over a 100m connection in the lab, without errors or any flickering on the TV screen.

The company claims this is a big breakthrough for plastic (or polymer) optical fibre - POF - a technology which proponents want to supplant glass fibres and copper wires in demanding environments such as factory and home automation.

POF's advantages include flexibility, robustness and ease of connection, all of which make it easier and therefore cheaper to handle - it can even be installed by us cack-handed end users. In particular, the optical core is much thicker than in glass fibre, so it is more tolerant of misaligned connectors, and it can be cut satisfactorily with a metal cutter, whereas glass needs a diamond cutter.

Its main disadvantage is that it has a much higher transmission loss than glass, so current POF technology tops out at 100Mbit/s - the speed of Fast Ethernet.

What the Siemens team has done is to use a different modulation scheme - in fact, it's quadrature amplitude modulation, as used in DSL and the latest Wi-Fi specs. Instead of simple binary, QAM has 256 signal states so each pulse can carry far more information, hence the ten-fold speed increase.

Its robustness means that POF cable is already used is some demanding areas, such as inside cars and high-speed trains, and of course in lighting. It is used in audio too, with connections based on the IEEE 1394 Firewire spec - like glass fibre, it is immune to electrical interference and doesn't generate noise or crosstalk.

Randel suggested that taking it to Gigabit speeds could also make it suitable for applications such as factory and medical networking, and for home LANs to support high-def IPTV.

He added though that this was just a demonstration, and said he could not quote dates or prices for possible Gigabit plastic optical fibre products.

GFI Languard Network Security Scanner V8 Review

2007-06-25T10:41:37+10:00

Can something really good get better? That was the question that faced us when we were assigned to review Version 8 of this popular product, already well loved (and glowingly reviewed) at Version 5. Well, yes it can.

All vulnerability scanners for Windows environments fulfil the same basic function, but as the old saying goes “It's not what you do; it's the way that you do it”.

GFI have kept all the good points from their previous releases and built on them; and the result is a tool that does everything you would want with an excellent user interface that is both task efficient and a real pleasure to use.

Latest Spamming Techniques & Antispam Technologies

2007-08-17T08:27:33+10:00

GFI's freshly released SPAM pdf will surely capture your interest as it analyses the latest spam trends the market is producing, but also the fight back from antispam vendors. A very informative PDF that gives enough detail to keep our technology freeks happy, but also satisfy our readers who simply want to know what happening in the spam arena.

New WebMonitor for ISA Server now out!

2007-08-27T20:00:00+10:00

GFI has recently announced the release of the latest version of GFI WebMonitor for ISA Server, a solution that gives administrators comprehensive control over corporate web usage and what employees are downloading from the Internet.

GFI WebMonitor 4 boosts employee productivity and increases security whilst maintaining optimum use of the Internet as a business tool.

Symantec CEO: Microsoft causing security price pressure

2007-08-31T07:48:17+10:00

Symantec Corp. Chairman and CEO John Thompson blamed Microsoft Corp. Tuesday for the current pricing competition his company faces in the consumer security market, suggesting Microsoft's pricing scheme for its first entry into the space is "monopolistic."

Speaking at the offices of the Nasdaq stock exchange in New York, Thompson said Microsoft's decision last year to offer Windows Live OneCare, a service that combines firewall, antivirus and backup capabilities, for US$49.95 per year for three PCs "clearly recast prior expectations for consumer security technology."

"I don't want to say it was monopolistic, but it looked that way to some of us," Thompson said.

Symantec released Norton 360, its competitor Windows Live OneCare, last March, but the product -- at $79.99 for three PCs -- costs more than Windows Live OneCare, but has the benefit of more features and Symantec's experience in security going for it.

Using competitive pricing to try to get a leg up in a market where a company is weak is a common practice, and Symantec is no stranger to such pricing storms, Thompson said. "We have seen a continued focus on price competition in some markets and some channels," he said.

To say Microsoft has a long way to go before it can compete with the breadth of products Symantec has in the consumer and enterprise spaces is an understatement. Microsoft executives have acknowledged that the company took its time in realizing the importance of security, but they are now determined to give Symantec and McAfee Inc. a run for their money with offerings like OneCare and the Forefront security line. Still, there is wide agreement that any serious heat from Microsoft in security is several years off, if not more.

Thompson said Tuesday that his company is well-prepared to evolve with the industry and new competitors. As part of this evolution, Symantec plans to unveil its first software-as-a-service option this year, a backup service for SMBs called the Symantec Protection Network. That service will be rolled out in conjunction with the next version of its Backup Exec software.

"We've reinvented ourselves in the past, and we'll probably reinvent ourselves if not one more time than at least two more times" to keep up with industry changes, Thompson said.

OnPODCAST - Innovation from the largest technology publisher in the world

2007-08-31T09:22:52+10:00

As the largest technology publisher in the world, we are plugged into the most sought-after minds in IT! Here is your opportunity to tap into our brain trust and gain in-depth knowledge about what's shaping the technology space you work in.

Using the power of the digital medium, we've taken conversations with IT thought leaders and delivered them to you as video or audio files, each episode under 20 minutes in length, resulting in a truly on-demand learning experience.

Whether you are a student looking to learn the best places to source information, or a developer or programmer looking to enhance your knowledge of Ajax, Java, Ruby, C#, .NET, VB, Linux and more, we've got important information that will help you do your job smarter, better, and faster!

Cisco Press Title Review

2007-09-19T09:33:42+10:00

Network Management is crucial in the successful operation of a network. Over the years Network Management has changed dramatically.

Early Management systems were nothing more than a process of pinging an IP address, when you missed a ping there could be something wrong!

Now we want to know what is wrong and preferable be warned before something goes wrong. And wouldn't it be nice or even required to see who or what is eating up our bandwidth or to have proof that we get the bandwidth we pay for?

All these requirements have led to many protocols and standards over the years. Here is a book that organizes all this, brilliantly.

You can read our extensive review here.

New GFI Faxmaker with Exchange 2007 support

2007-10-05T23:01:59+10:00

GFI Software, a leading developer of network security, content security and messaging software, has today announced the release of its latest version of GFI FAXmaker.

Version 14 now integrates with Microsoft Exchange 2007 as well as with the Brooktrout SR140 Fax over IP (FoIP) solution, and offers support for 64-bit Microsoft operation systems (OS) and VISTA. GFI FAXmaker is a cost-effective solution which minimizes the need for manual faxing by using the existing email infrastructure to send and receive faxes.

eBay: Phishers getting better organized, using Linux

2007-10-06T20:00:00+10:00

eBay recently did an in-depth analysis of its threat situation, and while the company is not releasing the results of this analysis, it did uncover a huge number of hacked, botnet computers, said Dave Cullinane, eBay's chief information and security officer, speaking at a Microsoft-sponsored security symposium at Santa Clara University.

Cullinane, who one year ago downplayed the role of organized crime in phishing ("It's not the Sopranos," he said), believes that online attackers are indeed becoming more sophisticated, with malware developers now being funded to develop new and improved attacks.

In the past year, Cullinane has seen better organization by eBay fraudsters. Criminals are being paid to develop better types of attacks, and the attacks are getting harder to detect, he added. "The phishing e-mails I see are extremely sophisticated," he said.

Apparently, this growing professionalization has even cut down on mangled grammar. "The language they're using is very good." Cullinane said. Last week eBay said data on 1,200 eBay members had probably been stolen via an phishing scam. The members' data was posted to the company's Trust & Safety discussion forum.

Cullinane's experience with phishing goes back to his previous employer, Washington Mutual Inc., which has been one of the top phishing targets in the U.S.

While there, he noticed an unusual trend when taking down phishing sites.

"The vast majority of the threats we saw were rootkitted Linux boxes, which was rather startling. We expected Microsoft boxes," he said.

Rootkit software covers the tracks of the attackers and can be extremely difficult to detect. According to Cullinane, none of the Linux operators whose machines had been compromised were even aware they'd been infected.

Although Linux has long been considered more secure than Windows, many of the programs that run on top of Linux have known security vulnerabilities, and if an attacker were to exploit an unpatched bug on a misconfigured system, he could seize control of the machine.

Because Linux is highly reliable and a great platform for running server software, Linux machines are desired by phishers, who set up fake Web sites, hoping to lure victims into disclosing their passwords.

"We see a lot of Linux machines used in phishing," said Alfred Huger, vice president for Symantec Security Response. "We see them as part of the command and control networks for botnets, but we rarely see them be the actual bots. Botnets are almost uniformly Windows-based."

Since Linux machines can be used to more easily create specially crafted networking packets, they can be used in highly sophisticated online attacks, said Iftach Amit, director of security research with Finjan Inc.'s malicious code research center.

Capabilities like this make Linux machines highly coveted by online attackers, and they fetch a premium in the underground marketplace for compromised machines, Amit said.

Source: http://www.itworld.com

Anti-Piracy Organization Domain IFPI.com Now Owned by The Pirate Bay

2007-10-14T00:58:49+10:00

IFPI.com, the domain that used to belong to The International Federation of the Phonographic Industry or (IFPI) - an infamous anti-piracy organization - is mysteriously transferred to The Pirate Bay. The Pirate Bay team says it will use the domain to host the newly founded International Federation of Pirate Interests.

It’s beginning to look like the IFPI will be the next MediaDefender. Earlier this week we already posted about leaked email correspondence between a lawyer and the IFPI, in which they discussed requesting confidential information from the Swedish police on an ongoing police investigation involving The Pirate Bay.

Apparently they had plans to use this information to take on the popular BitTorrent site, but it seems that plans like that always backfire.

The main domain of the IFPI - ifpi.org - is still working, but when people try to access ifpi.com they are redirected to a Pirate Bay server, showing the text: “International Federation of Pirate Interests.”

We contacted Brokep, one of the administrators of The Pirate Bay, and he told TorrentFreak: “International Federation of Pirate Interests (IFPI) is the new international federation we’re starting in order to get the word of piracy spread.”

The WHOIS info clearly shows that ifpi.com - the domain that used to be registered to the IFPI - is now registered to Brokep. We asked him if The Pirate Bay is responsible for the domain hack, and he told us: “It’s not a hack, someone just gave us the domain name. We have no idea how they got it, but it’s ours and we’re keeping it.”

I’m sure most people will agree that the domain will be in better hands with the The Pirate Bay team. Stay tuned for more IFPI news!

Source: torrentfreak.com

Google vows to increase Gmail storage limit

2007-10-15T09:31:17+10:00

People using Google Inc.'s Gmail service are sucking up storage space faster than the company can add it.

Google said on Friday it is speeding up the rate at which it adds storage space for its Gmail Web-based e-mail service due to the increased storage requirements for attachments such as photos.

"A few of you are using Gmail so much that you're running out of space, so to make good on our promise, today we're announcing we are speeding up our counter and giving out more free storage," wrote Rob Siemborski, a Google engineer on the Gmail blog.

On Friday, the counter on the Gmail login page stood at more than 2,935M bytes, or about 2.9G bytes, of storage, and was rising -- but the counter is an illustration rather than a hard limit.

Google started gradually increasing Gmail storage in April 2005 when the service turned one year old. Google's Gmail gained immediately popularity when it launched in 2004, offering free accounts with 1G byte of storage, but this year has been surpassed by its rivals.

Microsoft Corp. upped its free storage limit for its Windows Live Hotmail service to 5G bytes in August, and Yahoo Inc. started offered "unlimited" storage in May.

Source: itworld.com

Google testing YouTube antipiracy system

2007-10-19T03:00:00+10:00

Google Inc. has unveiled a test version of a much-awaited antipiracy system for its wildly popular yet controversial YouTube video-sharing site.

The system, called Video Identification, has been far from a secret. Google executives have been mentioning its development since the company acquired YouTube in November of last year.

YouTube, which lets people upload and share clips, is the most popular video site, but some angry video owners have taken the company to court alleging copyright infringement.

The best-known plaintiff is global media conglomerate Viacom, which sued Google in March for $1 billion over the unauthorized uploading of video clips from its TV shows and movies. In its complaint, Viacom alleged that, as of March, almost 160,000 of its video clips had been uploaded to YouTube without permission and had been viewed over 1.5 billion times.

The antipiracy system became news in July, when an attorney representing Google in the Viacom case said during a routine hearing that Video Identification would be ready by September.

When describing the system, Google has consistently stressed that it will not block videos from being uploaded, but rather take action, if necessary, after they have been added to the YouTube site.

In other words, Google has never planned to place uploaded videos in a holding queue while it checks whether they can be made available on YouTube.

Instead, Google will match uploaded clips against a repository of legitimate videos provided by their owners using digital fingerprinting technology and will take whatever action the copyright owner has requested, such as removing the clip or leaving it up on YouTube.

In designing the system in this manner, Google has maintained that its policies exceed the requirements of the Digital Millennium Copyright Act, as long as it removes from YouTube, upon request, illegally copied videos that owners don't want uploaded without their permission.

That story didn't change on Monday, when Google described Video Identification in a blog posting and in a YouTube page.

"Video Identification goes above and beyond our legal responsibilities. It will help copyright holders identify their works on YouTube, and choose what they want done with their videos: whether to block, promote, or even -- if a copyright holder chooses to license their content to appear on the site -- monetize their videos," David King, YouTube Product Manager, wrote in the blog post.

For now, video owners interested in participating in the beta testing of the system need to submit a request to Google, but the company expects to make it broadly available as the testing progresses.

"As we scale and refine our system, YouTube Video Identification will be available to all kinds of copyright holders all over the world, whether they want their content to appear on YouTube or not," the YouTube information page reads.

It remains to be seen whether this highly anticipated system will help to appease those video content owners who argue that YouTube doesn't do enough to prevent and combat piracy on its site and that instead it profits from the unauthorized and illegal uploading of copyright clips.

Source: itworld.com

World First - GFI Uncovers MP3 Spam!

2007-10-19T10:23:43+10:00

Spammers are back with a new trick, this time round sending messages with MP3 attachments that contain the latest pump-and-dump stock scams.

One sample identified this morning by GFI, was a heavily distorted 30-second MP3 file. A synthetic female voice was used to promote a particular stock. This voice is distorted to avoid filtering approaches based on the file signature.

Once again, spammers are taking advantage of the fact that the MP3 format is one of the most common in use today, another attempt at social engineering.

GFI Software have uploaded a sample on their website, if you want to listen to it, simply click here.

FAXmaker. Version 14 with Exchange 2007 Support

2007-10-19T19:00:00+10:00

Chinese submarine conveniently revealed in photograph

2007-10-19T20:00:00+10:00

Is it coincidence that a revealing photograph of China's latest ballistic-missile submarines appeared online on the same day that China's 17th Party Congress opened in Beijing? Maybe not.

The photograph, apparently taken from the water at a reasonably close range, shows two of China's Jin-class ballistic-missile submarines, which are designed to carry nuclear weapons, alongside a pier at an unknown location in China. The picture appeared on several Chinese Web sites on Oct. 15, the same day that China's Party Congress, held once every five years to choose the country's top leaders and set policy, opened in Beijing.

"Nothing is known about who took this photograph or whether or not it has been digitally manipulated,"said Hans Kristensen, a security researcher at the Federation of American Scientists, in a blog post.

"But if it is authentic, it appears to lay to rest speculations that the Jin-class would carry 16 missiles. Instead the photograph confirms the assessment made by the U.S. intelligence community by clearly showing the wide-open hatches of 12 launch tubes," he wrote.

The Jin-class ballistic-missile submarine is one of the latest additions to the Chinese Navy and was spotted on Google Earth in July. That satellite image of the submarine, taken in late 2006, was first noted in a blog post by Kristensen.

The Chinese military generally likes to keep a low profile, and some observers assumed the military would not be happy to have its latest hardware on view for the world to see. But then something funny happened: another image appeared on Google Earth, this time showing two Jin-class submarines alongside a pier at a naval base in northern China.

That picture, taken in May, was again noted by Kristensen in a blog post. At that time, he questioned whether the image indicated China has so far launched three Jin-class submarines.

The latest photograph offers the best look yet at the Jin-class submarine for the public. And perhaps that's the point.

"Overall, it is not as if the Chinese are trying to hide anything. Indeed, it is almost as if they want to show what they've got," Kristensen wrote.

Source: IDG News Service

Hitachi to cram 4TB on desktop hard drives by 2009

2007-10-20T19:00:00+10:00

Hitachi Global Storage Technologies plans to announce Monday it has developed technology that will quadruple the storage capacity of desktop hard drives within the next two years.

The new reading-head technology will allow the company to cram more data on hard drives, enabling desktop and laptop drives to store 4T bytes and 1T byte of data, respectively.

Hard drives are currently doubling in capacity every two years, said John Best, chief technologist at Hitachi Global Storage Technologies. The new reading-head technology will allow an even greater capacity boost while shrinking the size of disk drives, Best said.

The company hopes to implement the technology in hard drives in 2009.

As hard drives shrink, magnetic fields become harder to detect, so the reading head has to be more sensitive, Best said. The heads made with Hitachi's new CPP-GMR (current perpendicular-to-the-plane GMR) material are more sensitive than existing reading heads and detect the magnetic field better, Best said.

The CPP-GMR heads will enable the density of disk storage surfaces to increase to 500G bits per square inch or more in the near future, Best said. The greater the density of the storage surface, the more data the surface can hold. The current density stands at about 200G bits per square inch, he said.

The technology will help to meet future storage needs fueled by video and Web 2.0 applications, Best said.

The technology builds on GMR (giant magnetoresistance), a physical effect that manipulates the charge and spin of electrons, allowing an increase in density and storage on hard drives. The GMR effect won two European scientists, Albert Fert and Peter Grunberg, a Nobel Prize in physics this month.

GMR was discovered in 1988 and commercialized by vendors such as IBM Corp., which used the technology to increase the capacity of its drives every year. The technology fueled the growth of information storage and led to miniaturized hard drives that could fit in portable storage devices such as the iPod.

Scientists consider solid-state, atomic-scale storage to be the future of data storage, but the emergence of solid-state drives (SSDs) won't make hard drives irrelevant, Best said. SSD is semiconductor technology and can't compete with hard drives on a cost-per-bit basis, he said.

Hitachi Global Storage Technologies was established after Hitachi Ltd. finished its majority purchase of IBM's hard-disk drive manufacturing business for $2.05 billion in January 2003. Hitachi assumed full ownership of the unit at the end of 2005. The unit's research labs interact with many universities and companies to develop new technologies, Best said.

Source: itworld.com

AMD tuning out distractions to bring ATI on board

2007-10-29T21:32:47+11:00

Worldwide lawsuits against Intel and four straight quarterly losses have distracted AMD during its integration of ATI Technologies, but the merger remains on track, according to industry analysts.

AMD's acquisition of ATI for US$5.4 billion, announced in July 2006 and completed one year ago Thursday, was viewed as a potent weapon in AMD's attempt to dent Intel's domination of the x86 processor market.

The lawsuits against Intel and financial losses came at a critical time, when AMD's management needed help in integrating the ATI acquisition and making ATI employees understand AMD's culture, said Jon Peddie, president of Jon Peddie Research.

AMD filed antitrust lawsuits alleging monopolistic behavior against Intel in the U.S. and Japan, and lodged complaints with the European Commission, the Korean Fair Trade Commission and Japan Fair Trade Commission.

The distraction was compounded by the departure of key executives, including David Orton, former president and CEO of ATI, who resigned as executive vice president of AMD in July after only 10 months.

AMD didn't have any internal problems, Peddie said, and Orton left on his own accord. "A little redundancy will always occur in all organizations. It's not surprising to see people shift," Peddie said. However, outside speculation about the departure may have distracted AMD during the integration, he said.

AMD also took an acquisition-related charge of $76 million, or $0.14 per share, in the third quarter of 2007 ending Sept. 29. That added to the quarterly net loss of US$396 million.

Despite the distractions, AMD is pulling its resources together to ensure the ATI merger goes smoothly.

"The merger has allowed AMD to merge its plans with ATI, which were very similar prior to the acquisition." Peddie said. Both companies wanted to amalgamate the CPU with the graphics processor, and the acquisition puts them in a position to do so.

A successful merger could help AMD reach profitability in a few quarters and position it for success in the future, wrote Doug Freedman, an analyst with American Technology Research, in a research report.

"We believe ATI is turning the corner, which is likely material to AMD's quest for profitability," Freedman wrote.

The acquisition of ATI hasn't shown an immediate benefit, but could help AMD in the long term when the company's "Fusion" project comes to fruition, Peddie said. Fusion is the code name for is AMD's next-generation processor design that is expected to combine high-performance graphics and CPU processing on a single die. The project was announced when the merger was completed. AMD is not prepared to talk about Fusion yet, but it is intended to bring the cost of PCs down and reduce power consumption, Peddie said.

AMD also announced the "Spider" platform, which will include AMD's upcoming Phenom chips and high-end graphics processors to provide users with the "ultimate visual experience" in computing, said Dirk Meyer, AMD's president and chief operating officer, on the company's third-quarter earnings call last week.

With all the attention focused on Phenom and Spider, ATI's involvement in other businesses gets sidetracked, said Phil Hester, senior vice president and chief technology officer for AMD. AMD's ATI unit is a big player in supplying graphics to consumer electronics, set-top boxes and gaming consoles, Hester said. ATI supplies graphics processing units (GPUs) for Microsoft's Xbox 360 and Nintendo's Wii consoles, Hester said.

"Discrete GPUs will continue to be a good business for us," Hester said. AMD's graphics segment revenue grew 29 percent to $252 million sequentially, driven by the success of the ATI Radeon HD 2000 series of graphics processors.

However, ATI's market share in the discrete graphics market has been hit by manufacturing problems and bad timing in bringing chips to market, Peddie said. Competitors such as Nvidia and Silicon Integrated Systems stepped up by shipping graphics chips on a timely basis, taking market share away from ATI.

"Market share could begin to swing back towards ATI even if it introduced simply comparable products to Nvidia in the near-term," wrote Doug Freedman in a research report. ATI's RV670 graphics card is competitive in the mainstream market with current Nvidia products, Freedman wrote.

But AMD still has work to do to make the merger a success. Its biggest threat remains Intel, which maintains a stranglehold on the chip market.

"AMD must rebuild its brand value in the enthusiast market in order to garner better mainstream adoption and consumer recognition," Freedman wrote.

Source: IDG News Service

Cisco Lab Announcement

2007-11-06T10:54:35+11:00

At the beggining of this year we launched our popular "Free Cisco Lab" which consisted of one lab. During this time we discovered various problems, the most serious being the labs reset procedures due to passwords not being set correctly.

The lab has been extremely successful with over 3100 reservations for the past 8 months. That translates to an overall 86.1% usage of the lab's capacity (1 Cisco Lab) since it's launch date.

We are now ready take the next step, which means that the lab will be undergoing some maintenance and testing over the next 6 weeks and will therefore be off-line.

The work will introduce new setup and password reset procedures to ensure the labs availability to all users.

Once the new system is online, we'll then be able to make the rest of our labs available and also work on new features that will dramatically enhance your learning experience.

We apologise for this downtime, but we feel it is necessary to help overcome the current limitations and problems.

Please direct any comments or concerns to the Cisco Lab Forum.

Thank you,

The Firewall.cx Team.

Note: The Firewall.cx Free Cisco Lab is no longer available. This article post has been kept for historical purposes.

Microsoft stands by its invite to arrested hacker

2007-11-12T11:59:32+11:00

Microsoft's security team took a bit of a chance a few weeks ago, when it invited Roberto Preatoni to give a talk at its Redmond campus.

Preatoni is the founder of Wabisabilabi, a Switzerland-based company that bills itself as an auction site for the software bugs that companies like Microsoft never want anybody to see. He spoke at Microsoft in late September as an invited guest at Microsoft's semi-annual Blue Hat security conference.

But what had been an edgy invite by Microsoft's Blue Hat planners took on a new dimension this week, when Preatoni was arrested in Milan on charges relating to a national spying scandal at Telecom Italia, Italy's largest telephone carrier.

Preatoni's company confirmed his arrest in a statement Thursday, saying that his work for Telecom Italia was unrelated to Wabisabilabi (the incidents at Telecom Italia took place before Wabisabilabi was founded) and that the company was "confident that his innocence will be established if a case ever comes to court."

The charismatic Preatoni was a popular speaker at security conferences but his company's controversial business model raised some eyebrows.

So was it a miscalculation to invite him to Blue Hat? Not at all, said George Stathakopoulos, general manager of Microsoft’s Response and Product Centers "Look, if you think of Blue Hat as being [for] someone who comes to work with us, that's a mistake," he said. "We brought HD Moore in."

Moore, no fan of Microsoft, is the is the author of the open-source Metasploit hacking tool and he has written code that exploits dozens, if not hundreds, of critical vulnerabilities in Microsoft's products.

According to Stathakopoulos, the whole point of the Blue Hat conference is to bring in new voices that will challenge Microsoft developers.

"If you bring this guy in and he talks to your development force, he says I am buying vulnerabilities against your products and they have value. Make your products better because I am your enemy," he said. "So the fact that he got arrested, I’m not happy about it because I thought he was a good guy. But what do I know?"

But not everybody reacted positively to Preatoni's talk. "Some people say god I hate this guy; people say 'why did you bring him over here?'" Stathakopoulos said. "But when people internalize it and step back and they think about it a little they think, 'I've got a lot of work to do.'"

Source: IDG News Service

Fedora Linux 8 hits back at Ubuntu

2007-11-13T11:00:00+11:00

The Red Hat-sponsored Fedora Linux project has released version 8 of its operating system with a host of new features aimed at raising the bar over rival Ubuntu.

Based on version 2.6.23 of the Linux kernel, Fedora 8 includes the recently released GNOME 2.20 desktop environment and the new Nodoka theme created for this release.

The desktop user experience is certainly a focus of the 8 release with the Online Desktop application aiming to unify the many online services, and Compiz Fusion, the compositing and 3D effects window manager, is installed by default.

Fedora's art team has created "Infinity" for a new look and feel with the release.

While Fedora is GNOME centric, KDE 3.5.7 is available on the regular DVD and KDE 4 beta is available in the online repository.

For audio control, PulseAudio is now installed and enabled by default.

PulseAudio is a new sound server compatible with most Linux sound systems and allows for "hot-switching" of audio outputs, individual volume controls for each audio stream, and networked audio.

Improved suspend and resume will improve the user experience on notebook computers, as will improved power management, and Bluetooth devices and tools have better graphical and system integration.

Wireless network management should also be easier in Fedora 8 with the inclusion of NetworkManager 0.7, which has been rewritten.

Ubuntu may be receiving the lion's share of publicity]] in the consumer Linux space, but the Fedora 8 release demonstrates an ongoing high level of development activity and strong user following.

Fedora's virtualization capability also gets a boost with the introduction of secure remote management for Xen, KVM, and QEMU.

For development, the free and open source Java environment IcedTea, derived from OpenJDK, is installed by default.

A new version of the open source Eclipse, version 3.3 "Europa," development environment is also integrated into the desktop.

For security, Fedora 8 adds a new graphical firewall configuration tool, Kiosk functionality via SELinux, and support for SHA256 and SHA512 in glibc.

In keeping with Ubuntu's six-month release cycle, Fedora 9 is slated for final release on May 1, 2008.

Source: Computerworld Australia

Hackers jack Monster.com, infect job hunters

2007-11-28T12:55:16+11:00

Monster.com confirmed Tuesday that it took down a portion of its online job search service after attackers hacked the site and used it to feed exploits to visitors. The Maynard, Mass.-based company did not, however, explain how the hackers were able to hijack the site.

Researchers began reporting the attacks Monday after detecting IFrame exploits on several Monster.com pages as well as attacks by a multi-exploit hacker tool kit originating from those pages. By Monday evening, the Monster Company Boulevard, a section of the site that lets job hunters research firms and search for positions by company, was dark. Among the major American companies represented on the Boulevard are Boeing, Dow, Microsoft, Starbucks and Wal-Mart.

Job seekers who used that portion of Monster.com before the site was yanked were attacked by Neosploit, an exploit tool kit similar to the better-known Mpack, said Roger Thompson, chief technology officer at Exploit Prevention Labs Inc. "A typical infective URL was http://company.monster.com/toyfs/, which is Toyota [Financial's section]," said Thompson in an instant message exchange Monday night. "Or http://company.monster.com/bestbuy, which is Best Buy's."

The injection of the malicious IFrame code into the Monster.com site probably happened Monday, he added. "It was interesting that we got five or so hits in the space of a few hours today, but none before that. I think it happened [Monday]," he said.

Like many other IFrame exploits, this one silently redirected users' browsers to another site hosting Neosploit. At least one of the exploit sites Thompson identified has a connection to the notorious Russian Business Network (RBN), the hacker and malware hosting network that recently shifted operations to China, then mysteriously abandoned the IP blocks it had acquired there.

The IP address of the exploit site is assigned to a server in Australia that is part of the "myrdns.com" domain, which, in turn, is registered to a Hong Kong Internet service provider called HostFresh Internet. Both HostFresh and myrdns.com have been linked to RBN activities, including the long-running IFrame Cash scheme, in which RBN pays Web site owners a commission for injecting IFrame exploits on other sites.

According to an anonymous blogger who tracks the RBN, other myrdsn.com/HostFresh IP addresses were involved in the Bank of India hack in August.

Monday afternoon, Thompson said he had just started digging into the Monster.com hack. "It is not clear how many pages were affected, but it is likely that the attack was the same for all companies on the site, which might turn out to be a pretty good set of the Fortune 500," he said on his blog.

On Tuesday, Monster.com acknowledged the attacks but downplayed their extent. "A malicious attack inserted code into [some] pages, which could cause certain unprotected computer systems to download a virus," said Steve Sylven, Monster's public relations manager, in an e-mail Tuesday afternoon. "The virus is detectable by most major antivirus software, and this issue should not affect users running Windows with the most recent security updates from Microsoft. In addition, we believe only an extremely small percentage of those using the site this week were potentially exposed prior to those pages being cleaned."

Monster declined to answer questions about when the attack started, how many pages had been compromised or how the hackers gained entry to the site. It did, however, point a finger of sorts at the RBN, although it did not name it. "Because we believe this malware originated with an online crime group that targets leading Web properties, we are providing as much information as possible about this situation to the appropriate law enforcement officials," Sylven added.

Monster.com last made security news in August, when it acknowledged that hackers had looted its database for weeks, perhaps for months, then used that information to craft and send targeted e-mails that pitched money laundering jobs or tried to trick recipients into downloading malware.

As it did then, Monster said on Tuesday that it is beefing up site security. "We remain committed to protecting our customers and site visitors," Sylven said. "We continue to reinforce our security systems every day as we respond to the constantly shifting security issues on the Internet."

SourceForge opens eBay-like marketplace

2007-12-07T10:57:42+11:00

SourceForge Inc.'s open-source, project-hosting Web site now has an eBay-like marketplace, where users can offer support services for sale.

The marketplace is built into SourceForge.net and had been in beta since earlier this year. Initially, the company invited selected projects to create listings, in order to "stock the shelves," said Mike Rudolph, SourceForge.net's vice president.

SourceForge's approach of having users interact directly with customers differs somewhat from that of Red Hat's Exchange, an online marketplace launched earlier this year. Through the site, Red Hat sells commercial open-source business software from a finite range of vendors, as well as related support.

Rudolph said there are slightly fewer than 700 listings on SourceForge's marketplace site right now. But SourceForge.net's sheer size -- it claims about 160,000 projects and 1.7 million registered users -- suggests there could soon be many more.
He expressed doubt that fraud and other concerns associated with online purchasing will afflict the site. "In my experience, online marketplaces tend to police themselves," said Rudolph, a former eBay employee.

It doesn't cost anything to post a listing on the marketplace, Rudolph said. Instead, SourceForge will take a commission on sales.

Rudolph said the commissions work under a tiered system, and average about 10 percent. He characterized the fees as "nominal," given the exposure and platform sellers receive.

"We are all about enabling success for the open-source development community," he said.

However, Rudolph said it's unclear precisely how the economics of open source will evolve.

"My point of view is that things are still relatively nascent," he said, adding that SourceForge is going after the proverbial long tail of the market -- smaller players and startups that may lack assets but drive innovation. "I don't think there's anyone serving the long tail right now but us," Rudolph asserted.

The marketplace represents another phase in SourceForge's evolution. The company, once called VA Software, changed its name earlier this year and said it planned to focus on its Web-based businesses, which also includes the popular tech news site Slashdot.

Rudolph would not say precisely how important the company believes this new venture will be to the bottom line. SourceForge.net initially made its money entirely through advertising.

"This is a long-term strategic play for us," he said. "We've done some staffing up to support this. Ultimately, our hope is that it affects the economics of our business. But we are not forecasting that revenue at the moment."

Source: IDG News Service

Microsoft, Google, Yahoo settle $31,5 million in gambling charges

2007-12-21T02:08:14+11:00

Microsoft, Google and Yahoo have agreed to pay a total of $31.5 million to resolve claims that they promoted illegal gambling, the U.S. Department of Justice announced Wednesday.

Microsoft will pay $21 million, Google will pay $3 million and Yahoo will pay $7.5 million, the DOJ said in a news release. The three companies neither contest nor admit that they promoted illegal online gambling by running advertisements for gambling Web sites between 1997 and this year.

The settlements stem from an investigation into illegal online gambling by U.S. Attorney Catherine Hanaway of the Eastern District of Missouri, the Federal Bureau of Investigation and the Internal Revenue Service. Hanaway's office indicted the founder of Betonsports.com, 10 other people and four companies on charges of racketeering, conspiracy and fraud in a crackdown on online gambling on June 1, 2006.

Hanaway filed a new indictment against Betonsports, three other companies and 12 people on June 28 of this year.

Unregulated online gambling is illegal in the U.S., the DOJ said. The three companies were accused of procuring participants via the advertisements they ran for illegal activity. Those actions fall under the U.S. aiding and abetting statute, the agency said.

The Microsoft settlement includes a $4.5 million fine and a $7.5 million contribution to the International Center for Missing and Exploited Children. The company also agreed to create a $9 million online advertising campaign, focused on young people, saying that online gambling is illegal under U.S. law. The campaign will run for three years, beginning in early 2008, the DOJ said.

Yahoo has paid $3 million to the U.S. government, and it will provide $4.5 million worth of online advertising to a public-service campaign designed to inform users that operators and participants in online or telephone-based sports and casino-type gambling in the U.S. may be subject to arrest and prosecution.

"These sums add to the over $40 million in forfeitures and back taxes this office has already recovered in recent years from operators of these remote-control illegal gambling enterprises," Hanaway said in a statement. "Honest taxpayers and gambling industry personnel who do follow the law suffer from those who promote illegal online behavior."

Google said, in a statement, that it has cooperated with the investigation. "While we did not admit any wrongdoing, the Department of Justice has advised that online gambling is illegal in the United States and ads to promote it are improper," the company said. "Google voluntarily discontinued running such ads, which were a very small part of our AdWords business, in April 2004."

Yahoo said it stopped running ads for gambling sites "years ago," according to a statement. "After the U.S. Attorney’s Office contacted Yahoo with its concerns, we worked cooperatively over several years to reach this settlement," the company said.

Microsoft was preparing a statement Wednesday afternoon.

EndPointSecurity v4 released

2007-12-24T22:44:05+11:00

GFI EndPointSecurity 4 gives administrators comprehensive control over the use of portable storage devices such as USB sticks, CDs, floppies, smartphones, MP3 players, handhelds, iPods, digital cameras and so on, to prevent situations that could lead to security breaches, data theft, and viruses and other malware being uploaded to the company’s network.

Four in 10 company networks in the US are not secure!

2007-12-28T19:00:00+11:00

In a poll of 455 IT executives in US SMBs, 42% said their networks were not secure even though 96% and 93% of respondents respectively said they had anti-virus and a firewall installed. 80% said they also used spam filtering. This may indicate that small and medium sized businesses are starting to doubt the effectiveness of traditional perimeter security products in protecting them from other security threats, including data leakage and network breaches.

Conducted by eMediaUSA on behalf of GFI Software, an international developer of network security, content security and messaging software, 39% of respondents to the survey said email viruses are the greatest risk to network security, followed by internet downloads (22%) and hacker attempts (10%). Only 7% considered insider attacks and the threat of portable storage devices – such as USB sticks, CDs, floppies, smartphones, MP3 players, handhelds, iPods, digital cameras – to be the greatest risk.

The survey also reveals that 32% of the US companies surveyed had suffered a breach over the past 12 months mainly due to a virus attack (69%), followed by infected internet downloads (30%) and loss of hardware, such as laptops (24%). Only 2% reported a breach involving some form of fraud or identity threat.

Commenting on the results, Andre Muscat, GFI’s Director of Engineering, said: “Email viruses top the ‘greatest threat to network security’ list and this does not come as a surprise. It is one of the easier attack routes and this is confirmed by those respondents who reported a breach. While companies are aware of, and are focused on, tackling viruses and malware, they appear to be giving sparse attention to other equally dangerous threats such as data theft and leakage from endpoints such as connected USB sticks, iPods and PDAs on the network.”

According to the survey, only 19% of the respondents said they had deployed an endpoint security solution on their network. This indicates that few companies may consider the fact that an employee’s iPod or USB stick can be a threat and used to copy data from the network or else install unauthorized software or upload viruses and malware.

“There are other issues as well. How many companies are aware of vulnerabilities on their network that are not addressed through Microsoft’s regular updates? At the end of the day, it boils down to education – from the top of the organization down to the users – Our survey shows that just under half of the respondents believe security could improve if employees were more aware of security issues, while 25% believe that management should also have a better understanding of security matters,” Mr. Muscat added.

On a daily basis, IT executives are most concerned with downtime (71%) while more than half of the respondents said daily user support was a concern. One in five said compliance was a daily concern; while a mere 3% indicated eDiscovery to be a daily issue.

When it comes to choosing the type of security measure to adopt, just under 90% said they used a software solution with 55% opting for a combination of software, appliances and hosted services.

HP goes high-definition with new multimedia notebook

2008-01-06T02:15:59+11:00

Hewlett-Packard, the top global PC vendor, Thursday introduced a multimedia notebook packed with high-definition features, including a screen that allows users to watch full HDTV movies.

The HP Pavilion HDX laptop, targeted at multimedia enthusiasts, has a 20.1-inch high-definition screen that plays back true 1080p high-definition television, according to HP. Users will have the option of selecting from an HD DVD or Blu-ray Disc drives to play back high-definition movies.

Powered by the Core 2 Extreme or Core 2 Duo processors from Intel, the system includes a hybrid TV tuner that lets users watch high-definition or analog TV broadcasts. The tuner will also provide digital video recorder capabilities, with users able to record and pause live TV.

The system includes an Nvidia GeForce 8800M GTS graphics card with 512M bytes of video memory, HP said. It also includes has four Altec Lansing speakers with a subwoofer built in. The system will support storage of up to 500G bytes and have integrated wired and wireless networking.

The system will run on Windows Vista Home Premium or Windows Vista Ultimate. Starting at $1,999, the system will ship in the U.S. this month, according to HP.

HP on Thursday also introduced the Pavilion tx2000 tablet PC, a portable laptop targeted at students and professionals. Users can rotate the screen 180 degrees and use a stylus to capture handwriting or surf the Internet, according to HP.

Powered by Advanced Micro Devices' Turion 64 X2 dual-core processor, the PC comes with a 12.1-inch screen and Windows Vista OS. It will have a DVD+/- RW drive, up to 250G bytes of storage, integrated wireless and wired networking, a fingerprint reader and a webcam. It weighs 4.29 pounds (1.95 kilograms) with a 4-cell battery, according to HP.

The PC will be available starting at $1,299, depending on configuration. It will ship later this month in the U.S.

The laptops were announced ahead of the Consumer Electronics Show, to be held in Las Vegas between January 7 and 10, where they will be on display.

Source:IDG News Service

Sun to acquire MySQL

2008-01-27T15:24:04+11:00

DaLight writes "Sun announced an agreement to acquire MySQL AB, an open source icon and developer of one of the world's fastest growing open source databases. This acquisition accelerates Sun's position in enterprise IT to now include the $15 billion database market and reaffirms Sun's position as the leading provider of platforms for the Web economy and its role as the largest commercial open source contributor."

Source:http://www.sun.com/aboutsun/media/presskits/2008-0116/index.jsp

Inside the MacBook Air: The solid-state drive option

2008-01-29T21:00:00+11:00

When it comes to storage, the newly unveiled MacBook Air offers an 80GB, 4,200-rpm Parallel ATA hard drive as part of its standard configuration. However, that's not the only option -- would-be MacBook Air buyers can also order the laptop with a 64GB solid-state drive (SSD).

The price for that downgrade in storage capacity: US$999 on top of the $1,799 asking price for the standard MacBook Air. So why would you pay so much more for less?

Because, for some mobile users, solid-state storage is a compelling alternative to traditional hard drives.

Think of SSD as a grown-up version of those flash memory sticks you slip into your Mac's USB ports. Instead of storing data on spinning platters, as a standard hard drive does, SSDs store data in solid-state memory--either NAND flash memory or SDRAM. Increase that USB stick's capacity and add an ATA or SATA interface, and you've got an SSD.

SSDs seem like the perfect mass storage devices for a notebook. They have no moving parts, so they're less susceptible to damage from the shocks and jolts of travel. SSDs can withstand 10 times as much impact as a standard hard drive. They also deal well with vibration.

Then there's an SSD's parsimonious power consumption. Powered down, SSDs consume virtually no juice -- somewhere around 0.05 watts. Even when operational, an SSD draws only 1w or so -- about a third the consumption of a comparable hard drive.

In terms of seek times and throughput, SSD performance is about equal to that of a standard hard drive. But SSDs turn on instantly: They don't have to spin up platters as hard drives do, so they reduce computer boot, restart, and wake-up times substantially.

In addition to being sturdier, more power efficient, and faster than standard hard drives, SSDs are also slightly lighter and can, if necessary, be molded into different form factors to fit tight spaces. The circular platters of a hard drive don't allow for that kind of design flexibility.

So what's the catch? As the cost of the MacBook Air's storage option indicates, SSDs are still extremely expensive. However, there's some good news -- the cost of NAND memory is declining by about 40 percent per year. In other words, what seems wildly expensive now may seem more reasonable in the not-too-distant future.

For more information, visit Apple's site at: http://www.apple.com/macbookair/

Damaged cables disrupt Internet in Middle East

2008-01-31T22:50:12+11:00

Two underwater cables in the Mediterranean Sea were damaged on Wednesday morning, dragging Internet connections throughout the Middle East and in parts of Asia to a crawl.

The cables, one operated by Flag Telecom and the other by a consortium of 15 telecommunications operators, account for 75 percent of the network capacity between Europe and the Middle East, according to Stephan Beckert, an analyst with TeleGeography Research.
A third cable was undamaged, but it is older and has far less capacity than the others, he said.

Operators believe the damage was caused by ship anchors during a heavy storm at sea, Beckert said. Wire services reported that ships heading for Egypt's northern coast were diverted due to the storms, and their anchors may have severed the cables several miles from shore.

AT&T confirmed that its service to some areas of the Middle East was affected, but said it was now re-routing traffic. Etisalat, the telecommunications provider in the United Arab Emirates, reported that both Internet traffic and international voice calls were affected by the incident. Egypt, Saudi Arabia, India and all of the Gulf states were affected, Beckert said.

As much as 70 percent of Egypt’s Internet network was down, and over half of India's bandwidth was cut due to the disruption, according to a report from Reuters that cited local officials.

Most of the major operators have backup plans in place for this type of incident, Beckert said. In this case, they'll have to route traffic from the Middle East to Asia, across the Pacific Ocean, through the U.S. and then across the Atlantic Ocean to Europe, he said. That will result in latency problems that will likely lead to sluggish connections until the cables are repaired, he said. The operators in the Middle East told him that they should be able to repair the damages in one to two weeks.

The accident should affect mainly Internet traffic. Voice calls travel over the same cables, but operators will give priority to the voice calls, which take up relatively little capacity but produce more revenue than data traffic. Beckert estimates that 1 percent or less of traffic carried on the cables is voice.

Source: IDG News Service

New attack proves critical Windows bug 'highly exploitable'

2008-01-31T22:54:17+11:00

Security researchers Tuesday said they'd discredited Microsoft's claim that the year's first critical Windows vulnerability would be "difficult and unlikely" to be exploited by attackers.

On Tuesday, Immunity Inc. updated a working exploit for the TCP/IP flaw spelled out Jan. 8 in Microsoft's MS08-001 security bulletin, and posted a Flash demonstration of the attack on its Web site. The exploit, which was released to customers of its CANVAS penetration testing software -- but is not available to the public -- was a revised version of code first issued two weeks ago.

"This demonstrates conclusively that the MS08-001 IGMPv3 vulnerability is highly exploitable," said Dave Aitel, Immunity's chief technology officer, in a message to his Dailydave security mailing list.

Aitel's assertion challenged Microsoft's earlier assessment that "there are a number of factors that make exploitation of this issue difficult and unlikely in real-world conditions."

Immunity did acknowledge that its newest exploit was not 100% reliable, however.

Other security companies reacted to the revamped attack code and Flash proof by issuing new alerts. Symantec Corp., for instance, sent a new warning to customers of its DeepSight threat network. "The exploit demonstrates remote code execution," noted Symantec. "The exploit works against Windows XP SP2 English Default [and shows] two Windows XP SP2 computers on a local subnet with firewall enabled being compromised."

It urged users who have not already deployed the patches Microsoft issued Jan. 8 to do immediately.

Previously, Aitel had called out the IGMP (Internet Group Management Protocol) vulnerability as a potential blockbuster for 2008. In a detailed analysis of the flaw and its exploitation, Symantec agreed that the reward to hackers would be large even if replicating Immunity's work might be tough.

"Although exploitation of a remote kernel flaw is considered quite difficult, over the past few years numerous papers have been released on the subject," the Symantec analysis noted. "Examples of exploits successfully leveraging such flaws have also been released to the public. Therefore, we assume that this issue will be exploited in the wild to execute arbitrary code. Deploy patches immediately."

Successful attacks by the Immunity exploit -- and any similar to it developed by others -- allows arbitrary code to execute within the context of the Windows kernel, said Symantec, an especially egregious scenario for Windows Vista.

"This is especially critical on Vista, due to its enhanced kernel security mechanisms," said Symantec. "A local user, even an admin, may have difficultly introducing unsigned code into the kernel, but in this case, it can be done remotely without any authentication whatsoever.

"This vulnerability presents an opportunity to not only execute arbitrary code on the system, but also to install backdoors and other malicious tools as well as a rootkit, which may normally be more difficult with a typical remote userland vulnerability."

In its Jan. 8 MS08-001 bulletin, Microsoft ranked the IGMP flaw as "Critical" for Windows XP SP2, Windows Vista, Windows Small Business Server and Windows Home Server. On other versions, including Windows Server 2003, the bug rated an "Important" label.

Source: Computerworld

eBay sellers split on changes

2008-02-07T00:28:12+11:00

The significant changes that eBay announced last week have merchants abuzz as they analyze and react to the impact that the restructured fees, modification of the search and feedback functions, and other changes will have on their sales and profits.

Of particular interest have been the proposed changes to fees, which involve lowering the cost of listing items and increasing the commission eBay gets when products are sold. There has also been much discussion in blogs and discussion forums of eBay's plan to forbid sellers from leaving negative feedback for buyers.

While merchants are split on the potential benefits and disadvantages of the changes, there seems to be a general consensus that, whether one supports them or not, the changes represent a major attempt on eBay's part to alter the way that the marketplace works.

"It's clear eBay is taking it really seriously that they have to improve the buyer experience, and they're laying the groundwork for getting aggressive about doing it," said Jonathan Garriss, executive director of the Professional eBay Sellers Alliance (PESA), a group of large sellers that has often been highly critical of eBay.

Garriss, also CEO of Gotham City Online, an apparel store on eBay that also has its own site, hopes that the proposed changes will be a first step of others that eBay will take to fix what PESA considers key problems with the marketplace, such as making the buyer experience more convenient and streamlined.

To that end, Garriss is encouraged by the proposed incentives to reward merchants who provide superior customer service by giving all qualifying merchants preferred placement in search engine results and offering PowerSellers additional fee discounts based on their customer ratings.

"We don't want to lose sight of the health of the marketplace, and the changes eBay is making are absolutely in the right direction," Garriss said in a phone interview.

While he supports the concept of lowering insertion fees and shifting them to the commission, he recognizes that, as proposed, the fee restructuring will greatly hurt some merchants, particularly, in his view, those that sell lower-priced items in high volume via auctions. Garriss hopes that eBay will take this into consideration and possibly adjust the fee changes before rolling them out in a few weeks in the U.S.

Lisa Witt, an eBay PowerSeller for eight years, says the fee changes will not have much of an impact on her bottom line. A seller of fine jewelry, Witt says the listing fees will remain too high even under the new fee structure.

"They need to dramatically change the fee structure if they expect seller growth on the site. eBay should have a flat rate listing fee and it should be the same amount across the board for everyone, and that listing fee should be low," she wrote in an e-mail interview. "A monthly fee for unlimited listings on eBay would work well too."

Witt is against the plan to forbid sellers from leaving negative feedback about buyers. This change may lead to buyers using the threat of negative feedback as an extortion tactic to get extras, she said. Buyers may also be disinclined to contact sellers if a disagreement arises, resorting simply to leaving negative feedback, she added. "Feedback is voluntary and should be able to be left by either party as they see fit," Witt said.

Meanwhile, John Lawson, another PowerSeller and owner of 3rd Power Outlet, is generally positive about the proposed changes. "There'll be some bumpy roads, but they're on a path to make this marketplace more vibrant," Lawson said in a phone interview.

3rd Power Outlet, which sells urban wear and accessories and makes about 80 percent of its sales via eBay, will save about 50 percent in listing fees and, factoring in the increased commission, will have net savings in eBay costs of about 30 percent, Lawson said.

"It'll have a nice impact on our eBay costs. It's extra money in our pockets," Lawson said. While not a major windfall, the savings will allow him to add more listings and do more auctions, he said.

Forbidding sellers from leaving negative feedback about buyers is a good move because, as eBay officials have argued, some sellers have used negative feedback to retaliate against buyers, he said. "A seller doesn't have to leave any comment about buyers at all," Lawson said. "The buyer has to be satisfied and must have the ability to leave a true comment."

Still, he's not crazy about new proposed fee discounts to PowerSellers based on them attaining certain levels of DSR (Detailed Seller Rating). For example, he finds that it's off the mark for eBay to have a specific DSR category for shipping and handling, because, as a rule, no one likes to pay for this portion of the transaction. Merchants like himself, who sell to buyers overseas, are in particular disadvantage, because many buyers abroad don't have a clear understanding of shipping costs from the U.S. to international locations, he said.

For others like Witt, DSR-based fee discounts are welcome. "It's fine to offer incentives to sellers who strive for excellence. That was a good idea and they should expand on it. Offering rewards has always worked better than punishments," she said.

These and other differing viewpoints about the plans reflect the ripple effect that eBay changes inevitably have, since there is such a wide variety of merchants on its platform. It remains to be seen whether eBay will want, and be able to refine further, its planned changes to achieve -- as much as possible -- a happy medium across its vast community of sellers.

Microsoft finalizes Vista SP1 code for mid-March release

2008-02-07T00:30:52+11:00

Microsoft has finalized the code for the first service pack for Windows Vista, but won't release the code via its update services to customers until mid-March, the company said Monday. Moreover, some devices may not work with the initial version of the software because of driver issues that continue to plague the OS.

According to a post on the Windows Vista blog by Mike Nash, corporate vice president of Windows product management, Microsoft will release Vista Service Pack 1 in English, French, Spanish, German and Japanese to Windows Update and to the download center on Microsoft's Web site beginning in mid-March. In mid-April, the software will be available in those languages to anyone who has chosen not to download it. Microsoft will follow with the remaining language releases of Vista SP1 in April.

In the post, Nash said Microsoft is holding off on immediately releasing the code for SP1 until hardware vendors have delivered PCs with Windows Vista SP1 installed to retail stores to give those vendors time to correct problems with some device drivers that beta testers discovered during the software's evaluation process.

When installing SP1, some device drivers did not correctly follow the automatic instructions, so devices associated with them did not work correctly, according to the post. Microsoft expects hardware vendors to correct these issues before releasing PCs with the service pack installed. The company will not let customers install SP1 via automatic update if their PCs won't install the drivers correctly. However, customers can go to Microsoft's download center to obtain the software if they want to.

In his post, Nash said that most Vista users will not be affected by the device driver issue, but Microsoft is being cautious about the release of SP1 to "improve the experience for all customers."

However, some comments about Nash's blog entry show that some Windows users are eager to get their hands on the software, so are none too thrilled with the delay in SP1's release to manufacturing and release to customers.

"So it's done ... but we won't be able to actually get it for another six weeks? That [is] incredibly frustrating," wrote one user called "freibooter."

Another Windows user called "Hurricane Andrew" said the release of SP1 to manufacturing was "great news," but also expressed displeasure at the delay.

"Just wish we could get our hands on it earlier, " he said. "Patience has never been one of my strong points."

There were hints that Microsoft was nearing the final code for SP1 in the last several weeks, as the company offered two refreshes for the first release candidate, a sign that the software was nearing completion. Many believe the SP1 milestone is the one that will bring about a new wave of adoption for Vista, especially among business customers that have been awaiting the service pack's release before updating employee desktops.

The combination of SP1 and Windows Server 2008 is expected to bode well for Vista adoption in the enterprise and medium-sized business sectors. Microsoft said Monday that it also has released Windows Server 2008 to manufacturing. That product and the release of Visual Studio 2008 and SQL Server 2008 will be featured in an official launch event in Los Angeles at the end of the month; however, while the new version of Visual Studio is available, SQL Server will not ship until the third quarter.

Source: IDG News Service

GFI EventsManager version 8

2008-02-25T09:12:43+11:00

GFI EventsManager version 8 builds on version 7.1 whilst increasing the range of systems and devices that can be monitored through various log types including Windows events, Syslog, W3C and SNMP traps generated by heterogeneous network sources.

The new features being introduced with version 8 include the following:

- SNMP Traps
- Support for new Devices
- SQL Server Auditing
- Support for Windows Vista & Windows Server 2008

17 arrested in Canadian hacking bust

2008-02-26T20:00:00+11:00

Quebec provincial police conducted raids on Wednesday, breaking up a hacking ring that police say is responsible for an estimated CDN$45 million (US$44.3 million) in damage to computer systems.

The hackers installed remote-controlled "botnet" software on victims' computers in order to run phishing and spamming operations, said Capt. Frederick Gaudreau, of the Surete du Quebec, in a videotaped press conference posted to the police agency's Web site.

"The hackers managed to install botnets on the victims' computers, which permitted them to control at a distance the victims' computers," he said. "These said computers were then used to attack Web sites in order to steal victims' data."

If convicted of computer hacking charges, the accused could face 10 years in prison, he said.

Although the hackers operated from about a dozen towns all over Quebec, their botnet network was international in scope, infecting 39,000 computers in Poland, 28,000 in Brazil, and 26,000 in Mexico -- the top three countries affected by the group. In all, they hacked into more than 100,000 computers in 100 countries.

The accused range in age from 17 years old to 26 years old, but police did not release the names of the accused. Three of them are minors, Gaudreau said. This is the first time that Canadian authorities have dismantled such a network, he added. The investigation was done in collaboration with the Royal Canadian Mounted Police.

Critical VMware bug lets attackers zap 'real' Windows

2008-02-27T20:51:01+11:00

A critical vulnerability in VMware Inc.'s virtualization software for Windows lets attackers escape the "guest" operating system and modify or add files to the underlying "host" operating system, the company has acknowledged.

As of Sunday (24/2/2008), there was no patch available for the flaw, which affects VMware's Windows client virtualization programs, including Workstation, Player and ACE. The company's virtual machine software for Windows servers and for Mac- and Linux-based hosts are not at risk.

The bug was reported by Core Security Technologies, makers of the penetration-testing framework CORE IMPACT, said VMware in a security alert issued last Friday. "Exploitation of this vulnerability allows attackers to break out of an isolated guest system to compromise the underlying host system that controls it," claimed Core Security.

According to VMware, the bug is in the shared-folder feature of its Windows client-based virtualization software. Shared folders let users access certain files -- typically do*****ents and other application-generated files -- from the host operating system and any virtual machine on that physical system.

"On Windows hosts, if you have configured a VMware host-to-guest shared folder, it is possible for a program running in the guest to gain access to the host's complete file system and create or modify executable files in sensitive locations," confirmed VMware.

VMware has not posted a fix, but it instead told users to disable shared folders.

The Palo Alto, Calif.-based company also made it clear that the vulnerability isn't present in its server line of virtual machine software; VMware Server and ESX Server do not use shared folders. Newer versions of VMware's Windows client virtualization tools also disable shared folders by default, the company added. Users must manually turn on the feature to be vulnerable.

A similar bug was reported by VeriSign Inc.'s iDefense Labs to VMware in March 2007. VMware patched it about a month later.

Friday's alert, however, was the second security-related notice posted by VMware in two days. On Thursday, VMware patched its ESX Server line to quash five bugs that could be used to slip past security restrictions, launch denial-of-service attacks or compromise virtualized systems.

The increased reliance on virtual machines, particularly on enterprise servers, has come with its own set of security problems, researchers and IT administrators have noted previously. Sunday, an analyst at the SANS Institute's Internet Storm Center (ISC) extended that warning to desktop virtualization users, particularly security professionals.

"We make an extensive use of virtualization technologies for multiple purposes: malware analysis, incident response, forensics, security testing, training, etc., and we typically use the client versions of the products," said Raul Siles in a post to the ISC blog. "It is time to disable the shared-folder capabilities."

Source: Computerworld

Microsoft gives open source a big hug

2008-02-28T11:00:00+11:00

In a major turnaround for Microsoft, the company Thursday promised "greater transparency" in its development and business practices, outlining a new strategy to provide more access to APIs and previously proprietary protocols for some of its major software products, including Windows and Office.

The move, inspired by the ongoing antitrust case against Microsoft in the European Union, shows the company finally acknowledging the significant impact open source and open standards have had on the industry and the company's own business. It also should mean the end of Microsoft's patent threats against Linux and interoperability concerns surrounding Office 2007 file formats.

During a news conference with top executives Thursday, Microsoft said it is implementing four new interoperability principles and actions across its business products to ensure open connections, promote data portability, enhance support for industry standards, and foster more open engagement with customers and the industry, including open-source communities.

These steps are "important" and represent "significant change in how we share information about our products and technologies," Microsoft CEO Steve Ballmer said in a statement. "For the past 33 years, we have shared a lot of information with hundreds of thousands of partners around the world and helped build the industry, but today's announcement represents a significant expansion toward even greater transparency."

Under increased global pressure, Microsoft has limped toward a more open development policy for some time with strategies like the Open Specification Promise, which it published in September 2006 as a pledge that it would not take any patent-enforcement action against those who use certain technology APIs (application programming interfaces). The company launched an open-source Web site last year, a move that was notable for one of the first official uses of the term "open source" by the company. Microsoft previously would release APIs and code to developers and other companies through something it called the Shared Source Initiative rather than specifically calling its policy open source.

However, at the same time as it appeared to be more open, Microsoft continued to make bold claims and threats against technologies like Linux that it said violated many patents the company holds. While the open-source community mostly scoffed at Microsoft's claims, some companies -- including Novell -- signed specific deals with the vendor to protect customers from indemnification and promote interoperability with Microsoft software.

Source: IDG News Service

Yahoo sued again by Chinese dissidents

2008-03-02T23:16:01+11:00

Yahoo and at least one subsidiary face their second major lawsuit by Chinese dissidents claiming the company aided Chinese authorities by handing over e-mails and other electronic communications that ended up landing one plaintiff in jail.

The first lawsuit ended in November after Yahoo settled with the plaintiffs out of court. The company may come to regret settling the case if more such lawsuits follow.

The current lawsuit, filed by plaintiffs Li Zhi, Zheng Cunzhu, and Guo Quan in the U.S. District Court of Northern California, seeks damages for their suffering at the hands of Chinese officials after Yahoo and Yahoo Hong Kong allegedly provided access to e-mails, e-mail records and user identification information and other data to authorities in China.

The lawsuit said the three plaintiffs have also identified at least 60 more individuals "arbitrarily imprisoned" in China for work on free elections, democracy and human rights, possibly due to their Internet identification being handed over by Yahoo, the group said. The plaintiffs plan to make the additional cases known during the trial's discovery phase.

Yahoo did not immediately respond to requests for comment.

Specifically, Li is suing over his torture and imprisonment by Chinese officials after his work for the China Democracy Party -- a banned political group -- was revealed by Yahoo due to his Internet activity, the lawsuit alleges. Li, whose case has also been championed by the journalist group Reporters Without Borders, has served over four years of his eight-year prison sentence so far.

Reporters Without Borders said his jail term started in December, 2003.

Zheng is a Chinese citizen currently living in California. His ties to Li were established during Li's court case, and Zheng is now allegedly unable to return to China due to fear of prosecution, according to the lawsuit. He has lost investments and personal property in China due to his inability to return home, the lawsuit said.

Guo lost his job as an associate professor at Nanjing Normal University after his Internet identity was revealed to Chinese authorities by Yahoo, the lawsuit alleged.

"By providing Internet user identification information to the People's Republic of China, [the] Defendants knowingly and willfully aided and abetted in the commission of torture and other major abuses violating international law that caused Plaintiffs' severe physical and mental pain and suffering," the lawsuit alleged.

The group has filed suit in the U.S. under the Alien Tort Claims Act of 1789, as well as unspecified additional U.S. and international laws. The use of this act for purposes of democracy and human rights is relatively new in U.S. courts, said one lawyer in Hong Kong, and a decision could go either way.

The first case against Yahoo, filed by plaintiffs on behalf of journalists Wang Xiaoning and Shi Tao, also cited the Alien Tort Claims Act. Yahoo settled out of court for an undisclosed amount.

Yahoo operated its China subsidiary until it became part of Alibaba.com in return for a 40 percent stake in the Chinese e-commerce company in late 2005. Alibaba now runs Yahoo's China operations.

Source: IDG News Service

IT budgets to rise as Vista bites

2008-03-12T09:48:47+11:00

.K. companies' IT spending is likely to grow above inflation this year, with Windows Vista and mobile computing hardware consuming much of the increase, a new study from the National Computing Centre (NCC) has said.

The NCC's findings, based on a survey of 120 U.K. companies, contrasts with recent reports from the likes of IDC and Gartner. IDC said that server expenditure could fall in 2008, while Gartner warned companies to begin cutting IT spending ahead of a possible recession.

The NCC found that 58 percent of the respondents planned on above-inflation rises in IT spend. The companies surveyed had an average annual turnover of £267 million (US$530 million) and an average annual IT budget of £6.25 million. The construction and health sectors predicted the strongest growth.

The survey, The Benchmark of IT Spending 2008, pegged the median growth rate in IT expenditure at 4.9 percent, compared to January's consumer price index (CPI) figure of 2.2 percent.

Despite the reluctance of many businesses to adopt Windows Vista so far, the latest Microsoft operating system was one of the biggest targets of planned spending.

Windows XP is currently used by 71 percent of respondents, but in two years' time Vista will dominate, with 75 percent of responding organizations having adopted it, the NCC said.

Companies have played it safe so far on Vista, but seem to have decided that the early bugs have been ironed out well enough to add Vista into their approaching desktop refresh cycles, the NCC said.

Laptops will increase by 57 percent over the next two years, while the number of PDAs will grow by 134 percent. Desktops will decline by 2 percent.

Other beneficiaries of increased spending will include virtualization, storage area networks, voice over IP (VoIP) and ITIL-based business process management applications.

Cisco to patch routers on regular schedule

2008-03-12T21:00:00+11:00

Following the lead of Microsoft and Oracle, Cisco Systems will start releasing security patches for some of its products on a schedule.

The scheduled updates will be for the Internetwork Operating System (IOS) software used by routers and switches that Cisco sells to enterprise and telecommunications industry customers. Other Cisco products, including those from its Linksys division, will continue to be updated as before.

The first of these scheduled updates will occur on Wednesday, March 26, and Cisco will continue to release patches on a twice-yearly schedule after that, Cisco said in a note posted Wednesday on its Web site. These firmware updates will ship on the fourth Wednesday of September and March each year.

That's less frequently than the other major vendors that have moved to regular security updates. Microsoft releases its security patches on the second Tuesday of every month; Oracle is on a quarterly update schedule.

Cisco published eight security advisories for IOS security bugs last year. IOS has come under increased scrutiny in recent years as hackers have developed new ways of attacking router software. Because Cisco's routers are so widely used, IOS is considered to be an attractive target for attackers.

Like other companies that have adopted predictable patch schedules, Cisco says it wants to make life easier for its enterprise customers, who can set aside time to test and roll out the patches.

"Our customers ... are asking us to reduce the amount of 'flux' in their networks by bundling patches for multiple security vulnerabilities," the company said in a statement.

E.U. approves Google-DoubleClick deal

2008-03-13T21:00:00+11:00

Google's acquisition of DoubleClick does not pose a significant threat to competition in the European online advertising market, the European Commission said Tuesday. However, it reminded the companies that they also have an obligation to respect European Union legislation on the privacy of personal data, one of the grounds on which opponents lobbied to block the merger.

The Commission's decision removed the last obstacle to completion of the deal, which has now closed, Google said.

Together, Google and DoubleClick will be able to deliver more relevant advertising and improve the effectiveness, measurability and performance of digital media for publishers, advertisers and agencies.

The E.U.'s competition regulator reached its decision after a four-month in-depth investigation of the US$3.1 billion merger, which received the approval of the U.S. Federal Trade Commission in December.

The deal is unlikely to harm consumers in ad serving or online advertising intermediation markets, the Commission said.

A merger of Google and DoubleClick will not hurt competition because the companies are not competitors, the Commission said: Google provides online advertising space on its own sites and, as operator of the AdSense service, an intermediary between publishers and advertisers, while DoubleClick offers ad serving, management and reporting services to publishers, advertisers and agencies.

The Commission also examined the risk of Google tying sales of its services to use of those of DoubleClick, or vice versa, to boost revenue. However, it concluded that Microsoft, Yahoo and AOL present sufficiently strong market alternatives that a merged Google-DoubleClick would be unable to exploit the link in that way.

The Association for Competitive Technology (ACT), a Washington, D.C., lobby group for small and midsize entrepreneurial technology companies, welcomed the Commission's decision.

"It demonstrates both the dynamism of our industry and the need to give companies the flexibility necessary to adapt, compete, and meet the needs of consumers," wrote ACT President Jonathan Zuck.

"The merger will undoubtedly change the competitive landscape of our industry and fuel the evolution of internet advertising," he said.

Microsoft is likely to be the biggest beneficiary of the antitrust authorities' approvals, according to Jeff Chester of the Center for Digital Democracy, one of the lobby groups opposed to the merger.

Microsoft recently offered to buy Yahoo for $44.6 billion. If that deal goes ahead it will almost certainly attract the scrutiny of antitrust regulators, as it unites the two biggest players in online advertising after Google.

"By permitting Google to dramatically grow in clout, regulators will have to likely permit the further growth of a number-two competitor to Google, which will be Microsoft," Chester said.

The result will be the emergence of a global digital duopoly over online advertising, Chester warned.

Tuesday's decision only relates to E.U. merger regulations, the Commission said, and does not alter the merged entity's obligations under E.U. law on the protection of individuals and the protection of privacy related to the processing of personal data.

Antitrust regulators have failed to respond to the growing consolidation of control over online ad delivery and data collection, a failure that will have unfortunate consequences for the Internet's role as a democratic communications medium, said Chester.

King of Spam pleads guilty; faces 26 years in prison

2008-03-18T03:27:46+11:00

The notorious spammer authorities dubbed "the King of Spam" is facing a possible 26-year jail sentence after pleading guilty in Seattle on Friday to charges of fraud and tax evasion.

Robert Soloway, 28, had already been found guilty of spam charges in several civil cases -- Microsoft won a US$7.8 million judgment against him in 2005 -- but had avoided paying fines in those cases. The criminal charges to which he pleaded guilty on Friday followed his arrest in 2007 by the U.S. Justice Department.

He was arrested on criminal charges brought by the U.S. Department of Justice in May 2007.

In a 2005 discussion group post, Soloway bragged, "I've been sued for hundreds of millions of dollars and have had my business running for over 10 years without ever paying a dime regardless to the outcome of any lawsuits."

That year, Soloway raked in more than $300,000 from his spam operations, according to his plea agreement.

Soloway has avoided fines in the past, but this time around he may not be so lucky. In addition to the jail time he now faces, he has also agreed to discuss his financial assets while being monitored by a lie detector.

While there have been hundreds of spam prosecutions in the U.S., it is extremely rare for spammers to face criminal charges, and those involved in the matter say that Soloway's case could serve as a deterrent to other spammers.

In an interview last month, Microsoft Senior Attorney Aaron Kornblum said he thought the prosecution would make other spammers think twice. "There have not been a large number of criminal CAN-SPAM prosecutions in the U.S.," he said. "This is significant."

Soloway is set to be sentenced on June 20. The prosecution had been seeking $700,000 in damages when Soloway was first charged nearly a year ago.

Source: IDG News Service

Trend Micro hit by massive Web hack

2008-03-18T23:00:00+11:00

Security vendor Trend Micro has fallen victim to a widespread Web attack that splashed malicious software onto hundreds of legitimate Web sites in recent days.

A Trend Micro spokesman confirmed that the company's site had been hacked Thursday 13th of March 2008, saying that the attack took place earlier in the week. "A portion of our site -- some pages were attacked," said Mike Sweeny, a Trend Micro spokesman. "We took the pages down overnight Tuesday night -- and took corrective action."

On Thursday security vendor McAfee reported that more than 20,000 Web pages have been affected by the attack. The pages are infected with malicious code that tries to install password-stealing software on the PCs of people who visit the sites.

Researchers are still not sure how the attackers are managing to hack these Web pages, but the pages all seem to use Microsoft's Active Server Page (ASP) technology, which is used by many Web development programs to create dynamic HTML pages. A software bug in any of those programs is all the attackers need to install their malicious code.

The infected Web pages are not obviously malicious, but the attackers have added a small bit of JavaScript code that redirects visitors' browsers to an invisible attack launched from servers based in China. This same technique was used a year ago, when attackers infected the Web sites of the Miami Dolphins and Dolphins Stadium just prior to the 2007 Super Bowl XLI football game.

The JavaScript attack code hosted on these infected Web sites takes advantage of bugs that have already been patched, so users whose software is up-to-date are not at risk. However, McAfee warns that some of the exploits are for obscure programs such as ActiveX controls for online games, which users may not think to patch.

If the code is successful, it then installs a password-stealing program on the victim's computer that looks for passwords for a number of online games, including the "Lord of the Rings Online."

It's embarrassing when security vendors fall victim to the attacks they are supposed to prevent, but Trend Micro is not the only company to have had its Web site hacked in recent months. In January, parts of CA's Web site were infected with a very similar type of attack.

Microsoft, Intel give $20M for multi-core research

2008-03-19T22:14:46+11:00

Imagine a man you know but whose name you can't remember approaches you, and your mobile phone uses face-recognition capability to give you his name and information about him before he says hello. This is the kind of application that researchers hope will be developed from US$20 million Microsoft and Intel are giving two U.S. universities for research on parallel computing.

The companies are donating the money to Universal Parallel Computing Research Centers (UPCRCs) at the University of California Berkeley and the University of Illinois at Urbana-Champaign, they announced at a news conference on Tuesday. The centers are aimed at tackling the challenges of programming for processors that have more than one core and so can carry out more than one set of program instructions at a time, a scenario known as parallel computing.

In addition to the $20 million, the University of Illinois will provide $8 million to fund its center, and UC Berkeley has applied for $7 million in grants for its research.

UC Berkeley quietly opened its Parallel Computing Lab in January, according to a UC Berkeley Web site. The lab was born out of research done there and published in a white paper by researchers at Berkeley's Electrical Engineering and Computer Sciences department in 2006.

In the paper, they said the current evolution of programming models from single-core to the dual-core and quad-core processors available today from Intel and AMD won't work for a future where processors could have as many as 16, 32 or hundreds of processors. They set out to find a better way to develop programming models to meet the challenges of multi-core chips.

UC Berkeley's David Patterson, a professor of computer science and director of the UPCRC, described the problem as one of designing programs to take advantage of parallel computing's ability to divvy up workloads across different processors. On Tuesday's conference call, he compared the scenario to dividing the work of writing one story between 16, or even hundreds, of reporters. While the work could potentially be done 16 -- or even hundreds of times -- faster, "we won't get to deliver on that performance without balancing the work well," he said.

Microsoft's and Intel's interest in parallel computing is not merely altruistic -- both companies already are doing their own research so they can take advantage of the computing power that comes with multi-core technology, and thus gain a competitive advantage in their respective software and processor markets. The agendas of the research centers will align closely with Intel’s Tera-scale Computing Research Program and Microsoft’s Technical Computing Initiative, the companies said.

As for some of the real-world applications of parallel computing, Patterson and Marc Snir, professor of computer science at the University of Illinois, said if researchers can use programming to harness the capabilities of multi-core machines, it will give mobile devices the computing performance that today comes only from supercomputers.

Patterson described the scenario in which a mobile phone might use face-recognition technology to save someone -- he used himself as an example -- from an embarrassing situation of not knowing a person's name. "I'd personally be excited to buy a cell phone that has that technology," because this is a situation he often encounters as a university professor, Patterson said.

Fourteen members from the UC Berkeley faculty, as well as 50 doctoral students and postdoctoral researchers, will staff the UPCRC, while the center at the University of Illinois will be led by Snir and Wen-Mei Hwu, professor of electrical and computer engineering. Twenty additional faculty members and 26 graduate students and researchers also will participate in research at the Illinois center. Both centers will make software available to the technology community for additional development.

While there are only dual-core and quad-core processors available today, Intel plans to release a six-core processor, code-named Dunnington, in the second half of this year, and an eight-core processor, called Nehalem, at some point in the future.

Vista SP1 officially available

2008-03-19T22:23:08+11:00

Windows Vista Service Pack 1 is available starting Tuesday 18th of March 2008, a day after Amazon.com let slip that it would become available this week.

Interested Vista users can manually open Windows Update and download the new software. Customers who have set Windows Update to automatically download updates will find the software automatically downloaded to their PCs in mid-April.

If users decide to manually access SP1 now, there's a chance they won't see it in Windows Update. There could be several reasons for that, according to the Windows Vista blog. For example, users of an earlier version of SP1 must first uninstall the older version before reinstalling the final SP1.

In addition, Windows Update will detect if a user has certain drivers that must first be updated before installing SP1. Until those users have the updated drivers in place, Windows Update won't offer SP1.

Initially, SP1 is available in English, French, Spanish, German and Japanese. If a PC has any other language installed, SP1 won't be offered to the user. Microsoft plans to release the second wave of SP1 in additional languages in April.

The company has long said that SP1 would come out in the first quarter. A major hint that the release was imminent came on Monday with an Amazon.com listing of Windows Vista that included SP1 and said that the product would be available on Wednesday.

It's been a long trek for Microsoft up to the release of SP1. Microsoft inadvertently posted SP1 to Windows Update in February, although few people were actually able to download it from there. Microsoft also had some hiccups with an update designed as a prerequisite for SP1 that caused some users to get stuck in a reboot cycle.

Some observers believe that the release of SP1 could boost Vista sales, particularly among enterprises that have said they're waiting for the update before upgrading to Vista.

Windows Vista's successor confirmed for 2010

2008-03-20T01:25:00+11:00

Jack Writes: Microsoft confirmed that Vista's successor, dubbed Vienna and currently bearing the code-name Windows 7, will land on PCs worldwide in 2010, 3 years after the official debut of its disappointing predecessor.

With more than 100 million OEM licensees for Vista confirmed by Bill Gates at this year's CES, the current-gen operating system from Microsoft is apparently on track of achieving its previously established goal- 200 million PCs/laptops with it installed by the end of 2008. However, since Steve Ballmer promised the world that MS will no longer delay operating systems like it delayed Vista (more than 6 years have passed between XP and Vista), it appears that the engineers there have sped things up a bit with Vienna. As a consequence, Vista's successor is due to arrive in late 2010, according to a declaration issued by the software behemoth.

More specifically, Vienna will arrive "three years after the launch of Vista Consumer Finals".
"We are currently in the planning stages for Windows 7 and development is scoped to three years from Windows Vista Consumer GA. The specific release date will be determined once the company meets its quality bar for release," said one of Microsoft's spokespersons to Softpedia.com.

Malicious subtitle file could trip up VLC media player

2008-03-20T21:00:00+11:00

A flaw in the widely-used open-source VLC media player could allow an attacker to execute harmful code on a PC.

The problem stems from a buffer overflow that can occur when the player processes subtitle files used for movies, according to a security advisory.

The vulnerability existed before VLC was upgraded to version 0.8.6e in late February, but the bug appears to have escaped the last round of patches, wrote Luigi Auriemma in a note.

"The funny thing is that my old proof-of-concept was built just to test this specific buffer overflow, and in fact it works on the new VLC version too without modifications," Auriemma wrote.

Video files can contain a link to a separate subtitle file, which VLC automatically loads when it plays the video. An attacker could use the buffer overflow flaw in VLC to execute malicious code contained in a subtitle file, and thus tamper with a PC. The flaw affects VLC players running on Windows, Mac, BSD and possibly more operating systems, Auriemma wrote.

The VLC media player is part of the VideoLAN project. The player is free, and it is released under the GNU General Public License. VLC can also be used as a streaming media server for a variety of platforms.

Source: IDG News Service

Facebook beefs up privacy options, readies online chat

2008-03-21T21:00:00+11:00

Facebook plans to roll out new privacy features on Wednesday that will give users more control over who sees the data stored on their profile pages.

The new privacy controls will allow users to choose which of their friends can see information such as their photo albums, mobile phone number or e-mail address. Facebook users will also be able to share information about themselves with a wider group of people, thanks to a new "friends-of-friends" feature that is also expected to be available on Wednesday.

The company has also taken efforts to make these new privacy features easy to use, said Naomi Gleit, a Facebook product manager. "We've introduced a standardized privacy interface that users will see when they're editing their privacy setting anywhere," she said.

Privacy has become a hot-button issue for Facebook since its mismanaged launch of Beacon, an online advertising tool unveiled in November.

Privacy experts blasted the program for being confusing, and computer experts soon revealed that Beacon was tracking Web behavior and secretly sending data back to Facebook without notifying users. Facebook was forced to retool the product amid a firestorm of bad publicity.

The new privacy features do not have any relationship to Beacon, but at a press event held Tuesday, the company's vice president of product management gave a frank assessment of the Beacon roll-out.

"With Beacon we just screwed it up," said Matt Cohler. "It was just poor execution on our part."

From its humble beginnings as a Web site for Harvard students four years ago, Facebook has grown to a global phenomenon, and that has at times made it difficult for the company's developers to balance things like privacy with ease-of-use, Cohler said.

Just 18 months ago, 90 percent of Facebook's users were in the U.S. Today, about two-thirds of the 67 million active members are from outside the country.

"On the one hand, we think it's important that the tools we give people are really powerful," Cohler said. "On the other hand, you have to make sure those things are really easy to use."

"That was early on a pretty easy problem for us to solve, back in the dorm in Harvard."

Cohler also confirmed rumors that Facebook plans to roll out its own Web-based chat software in the coming weeks.

The company demoed a very simple chat client that could be used to connect with other Facebook users, so long as they are logged into the Facebook Web site. Facebook chat appears as a small icon on the bottom of the Web browser that, when clicked, pops up a small chat window. Chat conversations will be archived for 90 days, although users will have the option of erasing them.

Cohler wouldn't say whether Facebook's chat software would be integrated with other chat clients, but hinted that this could be a possibility. "We want to be able to extend Facebook out into as much of your use of the Web as possible," he said. "Our vision is not to make Facebook an island."

Source: IDG News Service

Vista Service Pack 1: 573 Fixes in Limbo

2008-03-27T04:11:51+11:00

Jack Writes: Service Pack 1 for Windows Vista is (almost) ready for prime time. SP1 contains a whopping 573 bug fixes and patches that have accumulated since Vista first shipped in early 2007, plus some performance improvements. I advise you to get it--but only after the wrinkles are ironed out.

Microsoft says a few programs, including The New York Times Reader and Zone Alarm 7.1 security suite, can't start or work properly with Vista SP1. Most affected companies now have updates to fix the problem.

However, an update you have to install before installing SP1 has a glitch in it that causes some PCs to restart endlessly. Microsoft says the problem affects only "a small number" of the more than 100 million Vista users. At press time, the the update had been suspended.

The faulty update, numbered 937287, was part of Microsoft's mid-February Patch Tuesday downloads. If you have automatic updating turned on and your Vista PC is behaving normally, the update likely installed just fine on your machine.

If it didn't, you'd know by now. Microsoft offers help at 866/727-2338 to users whose PCs react badly; a fix at Windows Update should be available by the time you read this.
As part of its February patch extravaganza, Microsoft also released six security-related patches to fix critical bugs in Windows, Internet Explorer, and Office. Three of the problems affect Windows Vista, either directly or through holes in IE.

If you have Adobe Acrobat or Reader on your PC (and who doesn't?), you need to patch a half-dozen "critical" holes recently discovered in both products. Opening a rigged PDF (Portable Document Format) file is the only prerequisite for being attacked. Adobe warns that versions 8.1.1 and earlier of both Acrobat and Reader are at risk for the problem. Security firm Secunia rates the flaws as "highly critical," which is its second highest severity ranking. No attacks have occurred yet, but gremlins have already posted proof-of-concept exploits on the Web. Get the 8.1.2 The 8.1.2 updates are now available.

Skype has patched a hole in its Windows client software. The exploit uses an IE feature to display HTML pages, but sets the browser's security at the lowest level, leaving you vulnerable. Click a booby-trapped video file and the evildoers could hijack your PC. A working exploit exists; the fix is available from Skype.

Yahoo has updated its Yahoo Music Jukebox software to patch multiple security holes in the free player. Yahoo Music Jukebox versions prior to 2.2.2.058 need the fix. A successful attack could let bad guys take over your PC, Yahoo says. Proof-of-concept exploit code has appeared online.

Windows 7 To Be Released Next Year?

2008-04-05T21:39:18+11:00

Jack Writes: It seems like the successor of Windows Vista will be released earlier than we previously thought. Microsoft has already offered some hints about the future version of Windows, known as Windows 7 or Windows Vienna or Blackcomb, but it has refused to publicly confirm a release schedule or a possible launch date.

Today, CNET News reported that Bill Gates speaking before the Inter-American Development Bank said that we can expect Windows 7 “sometime in the next year”.

"Sometime in the next year or so we will have a new version," he actually said. Bill Gates will retire from his job as Microsoft’s chairman in July 2008, but he previously stated that he will be fully involved in the key decisions regarding the next products.

In February 2007, two weeks after the official launch of Windows Vista for consumers Microsoft has issued a press statement in response to the speculations about the next version and confirmed they are working on it.

“The launch of Windows Vista was an incredibly exciting moment for our customers and partners around the world, and the company is focused on the value Windows Vista will bring to people today. We are not giving official guidance to the public yet about the next version of Windows, other than that we’re working on it. When we are ready, we will provide updates,” said Kevin Kutz, Director, Windows Client, at the time.

In October 2007, Microsoft's Distinguished Engineer Eric Traut has demonstrated during a presentation at the University of Illinois, a version of the Windows kernel, called MinWin, which has just 100 files and 25MB.

"We'll be using [MinWin] to build all the products based on Windows," said Traut during his presentation. "It's not just the OS that's running on many laptops in this room, it's also the OS used for media centers, for servers, for small embedded devices." However, in January this year, the tech site TG Daily has reported that an early version of Windows 7 has been shipped to “key partners” as a “Milestone 1” (M1) code drop and said that the final version could be released as soon as 2009, and not in 2010 as it was previously believed based on certain Microsoft’s statements.

Last month Microsoft released Windows Vista Service Pack 1, its first update since the official launch of its newest operating system. In addition, the company has slashed the prices of Windows Vista, hoping to speed up its adoption amongst the consumers.

According to Steve Ballmer, so far the company has sold over 100 millions copies of Windows Vista. Last year, he said that the company hopes to sell 200 million copies of Windows Vista, until the end of 2008.

However, according to some analysts, Microsoft is having a hard time trying to convince the users to drop Windows XP in favor of Windows Vista.

On Thursday, the company said Windows XP Home would be available for ultra-low-cost PCs, especially laptops marketed in developing markets, for another two years.

In-flight mobile phone use approved across Europe

2008-04-08T11:04:38+10:00

The European Commision has opened the door for mobile phones on planes, introducing measures to harmonize the technical and licensing requirements for mobiles services in the sky.

This means that 90 percent of European air passengers can remain contactable during flights, according to the Commission. The commercial systems currently envisaged for airlines are focusing on MCA services for GSM (Global System for Mobile Communications) phones operating in the 1800MHz frequency bands, which over 90 percent of air passengers are estimated to carry when travelling.

As a result of the introduction of the measures by the Commission, local regulators will be able to hand out licenses to make services a reality.

One regulatory decision for all of Europe was required for this new service to come into being, according to Viviane Reding, the European Union Telecommunicationss Commissioner.

"In-flight mobile phone services can be a very interesting new service especially for those business travellers who need to be ready to communicate wherever they are," she said in a statement.

At the same time, if users get "shock phone bills, the service will not take off," Reding warned.

The ability to make phone calls on board planes is moving forward on severel fronts.

Recently the world's first authorized in-flight mobile phone calls on a commercial flight, by Emirates Airline, took place last month following the introduction of the AeroMobile system, a joint venture between Telenor and ARINC, by Emirates Airline.

Field studies and market research clearly show that there is strong interest in in-flight mobile communications among passengers, particularly among business travellers and frequent flyers, but also by leisure travellers, according to Telenor.

But not everyone is convinced.

Airlines have to take into consideration the fact that many passengers don't want mobile coverage on airplanes, according to Monica Hultberg, spokeswoman at Scandinavian Airlines.

"A couple of years ago we did a survey, and 50 percent didn't like the idea," said Hultberg, adding that it's monitoring how the area develops.

Source: IDG News

Windows is collapsing

2008-04-12T03:49:35+10:00

Jack Writes: SAO PAOLO, Brazil--At a Las Vegas conference on Thursday, Gartner analysts warned that Windows is in danger of collapsing, according to a report in ComputerWorld.
Upon reading that, I wondered how this could have happened in the 10 days I have been traveling around Latin America. Although Microsoft faces challenges from Linux and piracy here, looking out from the company's futuristic offices, it hardly seemed like either the building or the Windows empire was in imminent danger of collapse.

Seriously, though, Gartner analyst Michael Silver appears to be noting some important long-term issues that threaten to make it harder for Microsoft to maintain its dominant position in the market. These threats are not new, but nonetheless all bear consideration. First, Microsoft has had an inordinantly difficult time upgrading its core product. Although Microsoft has said it will not go as long before its next release of Windows as it did between XP and Vista, even the possible sped-up timetable hardly shows a product that can quickly adapt to change.

Meanwhile, while Apple was able to build the iPhone on OS X, Microsoft has had to extend another lifeline to Windows XP because its latest product can't even fit onto the cheap mini-laptops from HP, Asus, and others.

"Windows as we know it must be replaced," Gartner said in its presentation, again according to ComputerWorld. Meanwhile, the company faces other threats, such as a diminished role for the operating system in a world of hypervisors.

Is it really all doom and gloom, though?

Sure Apple has been gaining ground and, more than ever, the same Internet applications can run on multiple platforms. That said, Microsoft still holds a huge share of mind among developers, meaning that there will likely to continue to be a whole host of applications that come out first or only on Windows. That, in turn, will make it different for mainstream businesses to shift to an alternative to Windows.

What is of concern is the trend. Windows appears to be harder than ever to update and improve. Windows Live offers an option to build on the value of Windows without going under the hood, but in this areas rivals too are investing big bucks.

I think it is an overstatement to say Windows is collapsing. "The main idea is that Windows keeps getting bigger and bigger with stuff being added that Windows is not really designed to do and it is collapsing under its own weight," Silver said in a email on Thursday.

Empires don't really collapse. Rather they become large, difficult to control and eventually unable to defend against a large rival. Gartner may have used the wrong term, but its warning seems nonetheless prudent.

Centrino 2 processor details leaked by PC maker

2008-04-13T23:47:32+10:00

Details of the first few processors belonging to Intel's latest Centrino 2 mobile platform have been leaked on a PC maker's Web site, preempting Intel's official launch of the platform at the middle of this year.

The Centrino 2 platform, codenamed Montevina, is an upgrade to Intel's current Centrino platform and will include five Core 2 processors running at clock speeds between 2.26GHz and 3.06GHz.

The processors will be offered by an Australian PC maker, Pioneer Computers, in its DreamBook Style 9008 Centrino 2 laptop, one of earliest based on Intel's latest mobile platform.

The Intel Core 2 Duo P8400 processor running at 2.26 GHz will include 3M bytes of cache, and the Core 2 Extreme X9100 processor, running at 3.06GHz processor, will include 6M bytes of cache.

Other Centrino 2 processors listed on Pioneers' Web site include the Core 2 Duo P8600 running at 2.4 GHz with 3M bytes of cache, the Core 2 Duo P9500 running at 2.53GHz with 6M bytes of cache and the Core 2 Duo T9600 processor running at 2.8Ghz with 6M bytes of cache.

The chips, which belong to the Penryn family, are manufactured using the 45-nanometer process.

Intel has said that Centrino 2 includes a chip that combines both wireless and WiMax capabilities. Pioneer is offering both capabilities as options with the laptop. The laptop, priced starting at A$1,399 (US$1,303) supports up to 4G bytes of memory and weighs 2.8 kilograms (6.2 pounds).

At the Intel Developer Forum last year, Intel talked about shrinking the size of chips by up to 60 percent for the Centrino 2 platform. Intel has small-form-factor chips will be released shortly after the normal-sized chips.

Source: IDG News Service

Red Hat Drops Plans For Consumer Desktop Linux

2008-04-19T03:26:25+10:00

Jack Writes: Red Hat said it has dropped plans, disclosed last year, to develop a version of the Linux operating system for consumer PCs -- in part because of Microsoft's dominance over the market. "The desktop market suffers from having one dominant vendor, and some people still perceive that today's Linux desktops simply don't provide a practical alternative," Red Hat officials said in a blog post Wednesday.

"Building a sustainable business around the Linux desktop is tough, and history is littered with example efforts that have either failed outright, are stalled, or are run as charities," they said.

Linux commands only about 1.2% of the desktop market in the United States, according to research group Gartner.

Red Hat said, however, that it would continue to develop its Enterprise Linux desktop.

It also said it has no plans to abandon its Red Hat Global Desktop program. Under RHGD, Red Hat is developing a slimmed-down Linux-based desktop OS designed for low-cost PCs in emerging markets such as Brazil, Russia, China, and India.

Red Hat said it had originally hoped to ship RHGD within a few months, but the company has now backed away from a firm timeline. "The desktop business model is tough, so we want to be prepared before delivering a product to the emerging markets," the company said on its blog.

Indeed, Microsoft is also looking to capture those markets, which are expected to provide the bulk of the computing industry's growth in the years ahead. Redmond earlier this month announced that it would extend the life of Windows XP -- but only for low-cost systems not capable of running Windows Vista.

PayPal to block users with old browsers to curtail phishing

2008-04-20T10:24:37+10:00

PayPal, eBay's electronic payment service, plans to take the dramatic step of locking out people using older versions of Web browsers in order to stem phishing attacks.

PayPal said a "significant" group of people still use Microsoft's Internet Explorer 3, released in 1996, and IE 4, which debuted in 1997. Those browsers lack a phishing filter, which can block users from accessing a reported phishing Web site.

"In our view, letting users view the PayPal site on one of these browsers is equal to a car manufacturer allowing drivers to buy one of their vehicles without seatbelts," according to a paper released during the RSA security conference in San Francisco earlier this month.

It also could mean eventual trouble for users of Apple's Safari browser, which has no phishing filter. PayPal warned users in February to stay clear of Safari.

Phishing sites are designed to look like the legitimate Web sites of major brands such as banks and seek to elicit financial and personal information. Users are often lured to the sites through unsolicited e-mail, or can unwittingly land on one if a phisher has bought a domain with a convincing-looking name or one with slightly differently spelling.

PayPal has been one of the brands hit hard by phishing since the service allows people to transfer money. The company has taken steps to strengthen authentication controls and worked with ISPs (Internet service providers) to block e-mails purporting to be from PayPal but lacking a valid digital signature.

PayPal said it plans to warn users who come to its site that they are using an old browser. Eventually, those users will be blocked, although the company did not say when.

The plan won't necessarily prevent a person from being victimized by a phishing attack. A user could still be duped by an e-mail with a link to a phishing site and then divulge their details.

But by preventing access to its site, PayPal hopes those users will then upgrade their browsers, which will then give them an additional security protection against phishing.

Internet Explorer 7, Firefox 2 and Opera 9 have phishing filters, but Apple's browser -- Safari -- does not. Safari also does not support Extended Validation SSL (Secure Socket Layer) Certificates, issued to Web sites that have been vetted as legitimate.

For Web site with that certificate, IE shows a green bar. Firefox's address bar changes with white to beige and Opera denotes a safe site.

IDG News Service

Ballmer Tells Microsoft MVPs Vista is a ''Work in Progress''

2008-04-22T16:00:00+10:00

Jack Writes: Microsoft's Windows Vista operating system has been on the market for consumers for a little over a year now. During that time, the operating system has seen its fair share of both praise and criticism.

As is customary with Windows operating systems that have been on the market for roughly a year, Microsoft recently released the first Service Pack for Vista. Service Pack 1 (SP1) addressed a number of shortcomings with the operating system and rolled in a number of hotfixes and patches that have been released via Windows Update over the past year.

Now that Vista has had some time to establish itself in the marketplace and receive a fresh boost of energy with SP1, Microsoft CEO Steve Ballmer is now reflecting on the operating system.

"Windows Vista: A work in progress," said Ballmer to a crowd of Microsoft MVPs in Seattle. "A very important piece of work, and I think we did a lot of things right, and I think we have a lot of things we need to learn from. Certainly, you never want to let five years go between releases. Can we just sort of kiss that stone and move on?"

Ballmer went on to add, "It turns out many things become problematic when you have those long release cycles. The design point, what you should be targeting. We can't ever let that happen again."

Ballmer also noted that there are plenty of happy customers of the Windows Vista operating system as well as Windows XP. He remarked that he has received emails from staunch supporters of the Windows XP operating system, but declined to give any indications that Microsoft would go any further than its intention to provide Windows XP Home to ultra-low-cost PCs (ULPCs) until June 2010.

Windows Vista has been in the news quite frequently in the past few weeks. A week ago, David Cross, a product manager responsible for designing Vista's User Account Control (UAC) exclaimed that Microsoft designed the feature to "annoy users".

More recently, Microsoft's Eric Ligman went off on a rant over the inference that Microsoft purposely included a loophole in Vista to allow consumers and businesses to install a full version of the operating system with an upgrade disc.

Ballmer: XP's Demise Negotiable - * Poll Attatched *

2008-04-26T04:08:57+10:00

Jack Writes: The recent outcry from fans of Windows XP -- or at least from people who hate Vista so badly they don't want to buy it -- appears to have reached the ears of Steve Ballmer. The Microsoft CEO said the company would listen to its customers if they want to continue to buy XP.

Microsoft may reconsider its decision to pull Windows XP off the shelves in June if it sees enough customer demand, CEO Steve Ballmer said -- despite a huge customer outcry over the decision.

Speaking at Louvain-La-Neuve University in Belgium, Ballmer also said it's a "statistical truth" that most people who buy PCs today buy them with Vista.

Some customers have complained that they must buy PCs pre-loaded with XP as small businesses and can't get them at retail stores.

Several PC vendors, including Dell and HP, either offer customers PCs pre-loaded with XP or offer customers the option to downgrade to XP Pro.

Meanwhile, Vista's bad rep is growing -- internal Microsoft e-mails that were released during a lawsuit against Microsoft and its resellers show top Microsoft executives had problems with the operating system.

Can You Hear Me Now? To date, almost 165,000 people have signed an online petition launched by InfoWorld Executive Editor Galen Gruman to save Windows XP.

Isn't that enough? Does Microsoft want to see users grovel?

That's all just smoke and mirrors: "I think Microsoft will keep XP alive because they've got sufficient feedback from the corporate environment, and that's a critical part of the market," Jim McGregor, research director and principal analyst at In-Stat, told TechNewsWorld. "They're not stupid."

Lies, Damned Lies and Statistics It might be a statistical truth that Vista is on most PCs sold today -- but exactly what does that statement mean? If you have no option because every PC is pre-loaded with Vista, the cynic might consider that a stacking of the deck.

Money talks, however, and several vendors -- HP, Dell, NEC, Lenovo and Fujitsu -- all give customers the option of "downgrading" to Windows XP Pro instead of buying a PC with Vista pre-installed.

On its U.S. small and medium business site, Dell offers customers a choice of operating systems when they buy laptops. Windows XP Home Edition and XP Professional come pre-installed, with media included; if customers want XP Pro they have to add $99; if they want Vista instead, they have to pay up to $169 except for Vista Home Basic, which is free but is still an add-on.

Vista Haters Opposition to Vista is strong: BadVista.org, which promotes free software , is just one of many set up by opponents of the operating system.

Meanwhile, there have been many complaints that Vista is difficult to use and that it makes your existing PC incapable of doing things it could do before.

Possibly the most embarrassing moment for Microsoft over Vista came when internal e-mails between some of its top executives about their problems upgrading to Vista were released in February during a lawsuit filed against Microsoft over its marketing of Vista.

The executives are Jon A. Shirley, former president and COO of Microsoft and now one of its board members; Mike Nash, a Microsoft vice president overseeing Windows product management; and Steven Sinofsky, Microsoft's senior vice president responsible for Windows.

Recently, Ballmer admitted that Vista is "a work in progress."

No More Bloated OSes But the outcry over XP and Vista may soon be moot because Web 2.0 and Software as a Service are going to change the way Microsoft does business.

"The Windows and Microsoft Office environment are cash cows, but Microsoft knows change is coming," McGregor said. "They're going to have to go to an environment that's more browser driven. Where the application resides, where the data resides and how it's used will change, and Microsoft's going to have to make some major changes in its strategy."
Source: Tech News World

Antivirus vendors slam Defcon virus contest

2008-04-29T11:34:21+10:00

Jack Writes: There will be a new contest at the Defcon hacker conference this August, one that antivirus vendors already hate.

Called "Race to Zero," the contest will invite Defcon hackers to find new ways of beating antivirus software. Contestants will get some sample virus code that they must modify and try to sneak past the antivirus products.

Awards will be given for "Most elegant obfuscation," "Dirtiest hack of an obfuscation," "Comedy value" and "Most deserving of beer," contest organizers said.

The contest was announced Friday. Security vendors began panning it immediately, saying it will simply help the bad guys learn some new tricks.

"It will do more harm than good," said Paul Ferguson, a researcher at antivirus vendor TrendMicro. "Responsible disclosure is one thing, but now actually encouraging people to do this as a contest is a little over the top."

Some compared the contest to a controversial 2006 Consumer Reports review of antivirus software. In that article, the magazine created 5,500 new virus samples based on existing malware, and it was roundly criticized by antivirus vendors for contributing to the rapidly expanding list of known malware.

Security companies are already having difficulty keeping up with the torrent of new malware.

With antivirus vendors already processing some 30,000 samples each day, there's no need for any more samples, said Roger Thompson, chief research officer at AVG Technologies. "It's hard to see an upside for encouraging people to write more viruses," he said via instant message. "It's a dumb idea."

Contest organizers say that they're trying to help computer users understand just how much effort is required to skirt antivirus products. "The point behind the contest is to illustrate that antivirus [technology] alone is not a complete defense against malware," said one of the contest's organizers, who identified himself only as "Rich," in an e-mail message.

The Race to Zero sponsors hope to present the contest results during Defcon, Rich said.

The contest is not organized by Defcon, but is one of the unofficial events that the show's organizers have encouraged attendees to arrange.

Defcon will run Aug. 8 to 10 at the Riviera Hotel & Casino in Las Vegas.

Source: Computer World

Editor's Note: I can see the educational value in this IF its to show the strength of AV's. As a educated person I know that AV's don't protect you exclusively from all virii's or malware, so on my box I have more applications to help combat such attacks plus I try to go to good sites, nevertheless sometimes a link may take you elsewhere; most end users unfortunately don’t know proper techniques and believe an AV will protect them %100 as most of you know.

I would be interested in your thoughts on this *News Posting*, morally or otherwise, should a contest like this be held? Please add your comments.

~ Jack

Intel and Cray team up on supercomputers.

2008-04-30T22:00:00+10:00

Jack Writes: Intel is to embark on a partnership programme with supercomputing specialist Cray Systems. The two companies will develop the main components for a new generation of supercomputers using multi-core chips and advanced interconnection methods.

The new systems will be targeted at traditional supercomputing markets, such as engineering calculations and scientific modelling and analysis.

Cray president and chief executive Peter Ungaro said: "This collaboration provides the HPC market segment with access to the best microprocessors the industry has to offer at any point in time, in the most advanced supercomputers in the world."

The two companies expect the initiative to bear fruit in 2010, when Cray plans to ship the first of its Cascade line of supercomputers.

The Cascade project, which is partially backed by a grant from the US Defense Advanced Research Projects Agency, is an attempt to use multiple processor types and computing methods in a 'hybrid' supercomputer.

The move also marks a win for Intel. Cray had originally planned to base Cascade on chips from rival vendor AMD.

Source: VNUNET

But can it play pong???
~ Ed.

Newly Released Titles From Cisco Press

2008-05-06T10:37:05+10:00

Firewall.cx has just been informed by Cisco Press about the following new titles that have just been released:

Fax, Modem, and Text for IP Telephony
ISBN: 1587052695
David Hanes, Gonzalo Salgueiro
Published by Cisco Press
April 18, 2008

http://www.ciscopress.com/bookstore/product.asp?isbn=1587052695

Global IPv6 Strategies: From Business Analysis to Operational Planning
IBSN: 1587053438
Patrick Grossetete, Ciprian P. Popoviciu, Fred Wettling.
Published by Cisco Press
May 21, 2008

http://www.ciscopress.com/bookstore/product.asp?isbn=1587053438

Implementing Cisco Unified Communications Manager, Part 1 (CIPT1) (Authorized Self-Study Guide)
ISBN-10: 1587054833
By Dennis Hartmann.
Published by Cisco Press.
June 5, 2008

http://www.ciscopress.com/bookstore/product.asp?isbn=1587054833

For more information, please following the available Cisco Press links.

FBI probe nets counterfeit Chinese networking parts

2008-05-12T02:23:51+10:00

Jack Writes: The FBI announced Friday that an investigation into counterfeit network components made in China and sold to the U.S. government has recovered about 3,500 fake devices with a value of $3.5 million.

The criminal probe, code-named Operation Cisco Raider, was prompted by concerns that counterfeit network components could give hackers access to government databases. But one U.S. official told Reuters that the components discovered by the FBI are not believed to have made government computer systems more vulnerable.

The existence of the probe came to light after an unclassified FBI PowerPoint presentation in January on the agency's efforts to counter the production and distribution of counterfeit network hardware showed up on Abovetopsecret.com.

"This unclassified briefing was never intended for broad distribution or posting to the Internet," James Finch, assistant director of the FBI's Cyber Division, said in a statement.

Operation Cisco Raider involved 15 investigations at nine FBI field offices and the execution of 39 search warrants, the bureau said. The FBI release did not mention if any arrests had been made.

Components included pirated versions of Cisco Systems routers as well as switches, interface converters and wide area network interface cards, Reuters reported.

Source: News.com

Oregon man admits selling pirated software on eBay

2008-05-17T01:30:57+10:00

Jack Writes: A 23-year-old Oregon man who used keylogging software to steal names, bank account numbers and other information from online victims so he could sell pirated software in online auctions faces 27 years in prison and fines up to $500,000 after pleading guilty to several federal charges today.

Jeremiah Joseph Mondello, of Eugene, Ore. pleaded guilty to one count each of criminal copyright infringement, aggravated identity theft and mail fraud before U.S. District Court Judge Ann Aiken in Eugene, according to a statement from the U.S. Department of Justice (DOJ). Mondello, who also faces three years of supervised release, is scheduled to be sentenced on July 23. He is a former student at the University of Oregon.

According to the DOJ, Mondello allegedly sold pirated software worth more than $1 million through online auctions on eBay, using more than 40 fictitious usernames and online payment accounts that he set up with bank account data from people who were victimized by his keylogging software. The DOJ said Mondello illegally obtained more than $400,000 in profits from his piracy operations.

A spokesman for the DOJ in Oregon could not immediately be reached for comment today.

The DOJ was aided in the investigation by the Washington-based IT trade group, the Software & Information Industry Association (SIIA), which discovered Mondello's online pirated sales operations using a proprietary software tool that probes auction sites like eBay.com for illegal software rackets (download PDF).

Keith Kupferschmid, senior vice president of intellectual property policy and enforcement for the SIIA, said today that the group's online software tools saw suspicious patterns in a series of online auctions that featured similar descriptions and similar seller accounts. That discovery, early last year, triggered SIIA investigators to alert the DOJ, Kupferschmid said. "That's when we decided, 'OK, maybe we have some involvement in big-time piracy here.'"

"This case is a huge victory in the fight against software piracy on eBay and other auction sites," Kupferschmid said in a statement. "Mondello stole innocent people's personal information and used it on eBay to attract sales and deliver pirated software to unsuspecting consumers."

Source: Computer World

Cisco Firewall Video Mentor (Video Learning)

2008-05-24T03:00:00+10:00

The Cisco Firewall Video Mentor is an outstanding aide in learning to configure and understand the Cisco Adaptive Security Appliance.

Whether you are a newcomer to the ASA or operationally experienced, these videos clearly explain and demonstrate how to configure and manage the ASA from the commandline and from the ASDM GUI.

For more information, visit the following link:

http://www.ciscopress.com/bookstore/product.asp?isbn=1587201984.

Cisco Express Forwarding

2008-06-20T04:17:34+10:00

How does a router switch a packet? What is the difference between routing a packet, switching a frame, and packet switching? What is the Cisco® Express Forwarding (CEF) feature referred to in Cisco documentation and commonly found in Cisco IOS® commands?

Cisco Express Forwarding demystifies the internal workings of Cisco routers and switches, making it easier for you to optimize performance and troubleshoot issues that arise in Cisco network environments. This book addresses common misconceptions about CEF and packet switching across various platforms, helping you to improve your troubleshooting skills for CEF and non-CEF related problems.

For a complete review, visit our Cisco Express Forwarding review.

Firewall.cx Welcomes A New Team Member!

2008-08-08T10:33:39+10:00

After two years of participation in our forums, providing, without limit, his knowledge and free time to the community, S0lo is now part of the continuously growing Firewall.cx Team!

With S0lo aboard, we are confident Firewall.cx will be able to provide higher quality forum support and moderation, making our site more friendly and helpful!

For those who wish to read more about S0lo, you’ll find more information on his background and expertise on our ‘Meet The Team’ page very soon.

A big warm welcome to our new family member, S0lo!

We look forward to his great work and help, that hasn’t gone unnoticed by the Firewall.cx community and Team.

On behalf of the Firewall.cx Team
Chris Partsenidis

The Ruby Way

2008-09-02T10:00:00+10:00

The Ruby Way takes a “how-to” approach to Ruby programming with the bulk of the material consisting of more than 400 examples arranged by topic. Each example answers the question “How do I do this in Ruby?”

Working along with the author, you are presented with the task description and a discussion of the technical constraints. This is followed by a step-by-step presentation of one good solution. Along the way, the author provides detailed commentary and explanations to aid your understanding.

You can catch our review here.

Global IPv6 Strategies Review

2008-09-02T10:00:42+10:00

This book’s authors offer practical scenarios, proven best practices, and real-world case studies drawn from their unsurpassed experience helping enterprises and service providers move to IPv6.
Writing for non-technical decision makers, they systematically review the costs, benefits, impacts, and opportunities associated with IPv6 migration. Their insights and strategies can help you address both the technical side of IPv6 and the rarely discussed organizational issues that can make or break your transition.
Click here to read our complete review.

Hackers attack Cern

2008-09-15T12:48:59+10:00

A Greek hacking crew have come close to getting into the controls of Cern’s Large Hadron Collider (LHC), which went live last week.

The hackers managed to breach Cern’s network defences and got into the Compact Muon Solenoid Experiment (CMS). There they left a file reading 'GST: Greek Security Team. We are 2600 - dont mess with us.'

"There seems to be no harm done. From what they can tell, it was someone making the point that CMS was hackable," James Gillies, spokesman for Cern, told the Daily Telegraph.

"It was quickly detected. We have several levels of network, a general access network and a much tighter network for sensitive things that operate the LHC," he said.

The hackers were described as 'one step away' from the computer control system of one of the huge detectors of the LHC, a vast magnet that weighs 12,500 tons, measuring around 21 metres in length and 15 metres wide/high.

"We think that someone from Fermilab's Tevatron (the competing atom smasher in America) had their access details compromised," said one of the scientists working on the machine.

"What happened wasn't a big deal, just goes to show people are out there always on the prowl."

Cern said that the centre had been deluged with calls and emails from members of the public, worried that the LHC would destroy the planet by creating a black hole, despite such claims being checked and rejected.

Users split over iPhone 2.1's impact on 3G dropped calls

2008-09-17T19:00:00+10:00

A day after Apple Inc. released its iPhone 2.1 update, users were split on whether the new software improves 3G reception and cuts the number of dropped calls, a major goal of the release that CEO Steve Jobs promised earlier in the week.

Jobs' pledge that the Friday update would mean "fewer dropped calls" was aimed at iPhone 3G owners who have complained since its July launch of trouble keeping a connection with mobile carriers' faster networks. Yesterday, iPhone 2.1's release notes echoed Jobs' promise, saying that the update would result in a "decrease in call set-up failures and dropped calls."

Reaction to iPhone 2.1, however, was mixed on Apple's own support forum. Unlike the response after the release of iPhone 2.0.2 last month -- most users reported that the update did not fix 3G reception issues -- by Saturday it was apparent users were divided over 2.1.

Some reported improved 3G reception -- a few said the difference was dramatic -- while others said they were still experiencing significant problems making calls.

"I have better signal in my home than usual [and] I have had no failed calls so far. Great update," said "tsmithband", one of many on Apple's iPhone support forum who said they were happy with the update.

Another user, "boston_turtle," seconded that on Saturday. "I just updated and then got a call. Usually, any walking around in my apartment would drop the call. This time it stayed on and had good quality."

But others were remain frustrated.

"Just loaded 2.1 and made a phone call," said a user with the alias "Victor98109" on Friday morning, just hours after the update was posted for download. "Call dropped three times. I don't know how the other 'fixes' work, but the main one of dropped calls does not work with this update."

Others said they encountered even more dropped calls than before. "Ever since I updated to 2.1 my calls are dropping more often than not," a user identified as "Mike295855" said Saturday morning. "I am really upset because I thought this was going to be fixed."

The iPhone's 3G connection problems have been more than a topic of debate on Apple's support forum. At least two lawsuits have been filed in U.S. federal courts seeking class-action status for claims that Apple deceived customers when it promoted the new iPhone as a 3G-capable device and promised buyers they would be able to surf on the Web at speeds twice as fast as the original model.

Source: Computerworld

Report: World Bank servers breached repeatedly

2008-10-14T09:44:11+11:00

A number of servers at the World Bank Group were repeatedly breached for more than a year by different intruders, but it is not clear how much data might have been compromised in the attacks, Fox News reported today.

The story, the details of which were contested by the World Bank after it ran, quotes unnamed sources as saying the banking group was victimized by at least six major intrusions from the summer of 2007 through September of this year.

At least two of the intrusions appear to have originated from the same batch of IP addresses within China, the report said. The first intrusions were discovered in September 2007, when the FBI informed the bank of the problem, which it discovered while it was conducting an unrelated investigation. The flaw apparently allowed the perpetrators to gain full and complete access to a secret data hub maintained by the organization in Johannesburg, South Africa, for a period of at least six months, the Fox News story said.

Another breach, involving the bank's treasury network in Washington, appears to have been perpetrated by a contractor or contractors working for Hyderabad, India-based Satyam Computer Services Ltd., the story said. The Satyam employee or contractor infected some workstations at the bank's headquarters in Washington with keystroke-logging software, which then sent any information it captured to a still unknown location.

Following the discovery of the breach, the World Bank immediately shut down its communication link with Satyam's offshore development center in Chennai, India. Satyam, one of India's largest IT services companies, has been handling several IT services functions for the World Bank since July 2003. The contract was due to be renewed this September but was allowed to lapse.

Jim Swords, a U.S.-based spokesman for Satyam, declined to comment on the status of the contract with the World Bank. He read a prepared statement to Computerworld in response to the initial report. The statement basically neither confirmed nor denied the details in the Fox report.

"Upon learning of this report today, senior executives initiated an internal investigation to determine the validity of these claims, however unlikely. We will share the findings of the investigation at the conclusion of these efforts," the statement said.

Another pair of intrusions, in June and July, originated from the same group of IP addresses in China that the first attack had come from. This time, however, whoever was behind the attack first compromised an external server run by one of the bank's units and used it to gain access to a server belonging to the Multilateral Investment Guarantee Agency (MIGA), the World Bank's insurance arm.

The hackers used their access to map out the entire system topography, including the types of servers and the types of files on the servers, the Fox report said, quoting an unnamed insider.

The story also contained a link to a purported internal World Bank memo, dated July 10, that appeared to be an update to some staffers about the June/July server breach. The memo noted that a "minimum of 18 servers" had been compromised, including a domain controller, the main authentication server and a human resources server containing scanned images of staff documents. In total, five of the compromised servers contained sensitive data, the memo noted. The intrusions appear to have been the work of someone using an senior systems administrator's account to gain access.

The story portrayed the breaches as having triggered an extensive internal investigation by the World Bank's technology group and least two security assessments by external firms.

A spokeswoman at the World Bank asked Computerworld to submit a request for comment via e-mail but then did not respond to two subsequent messages seeking clarification on the initial news report.

However, in a response apparently sent to Fox News after it ran the story, the bank said the story was wrong and riddled "with falsehoods and errors." It also said that the unnamed sources had provided misinformation and that the leaked e-mails that were linked to the Fox story had been taken out of context.

The World Bank has also sought to downplay the seriousness of the intrusions by saying that although it has been repeatedly attacked in the past, at no point has any sensitive or personnel information been compromised.

Source: Computerworld

Firewall.cx has a new home

2008-10-19T21:00:00+11:00

Firewall.cx now has a new home on Facebook and LinkedIn. Join our new group at Facebook. This is a great way to communicate, organise events and expand our networks! With millions of users using both sites and increasing numbers everyday, this is the best time to reach out to the world and make our community known. Our goal has always been to give back to the community and we will always try to find ways to increase our active users.

By joining not only will you be connecting to your fellow firewall.cx members but you will also be showing to future connections and even employers, your involvement in a dynamic community.

Hackers renew airline-ticket scam spam

2008-10-22T19:00:00+11:00

In a reprise of a summer tactic, hackers are trying to trick people into infecting their PCs with malware by sending them e-mail that poses as bogus airline-ticket invoices and boarding passes, a security company said today.

The spam, which claims to be from Continental Airlines Inc., thanks the recipient for using a new "Buy flight ticket Online" service. It also provides a log-in username and password and says the recipient's credit card has been charged more than $900, according to Trend Micro Inc.'s research.

The message says the attached .zip file includes an invoice and "flight ticket." In fact, noted Trend Micro, the archive file contains an executable file "e-ticket.doc.exe," which is actually a Windows worm that downloads and installs other attack code to the PC.

"It's the old double-extension trick to hopefully fool the user to double-click the attachment," said Joey Costoya, a Trend Micro researcher, in an entry to the company's security blog. "The phrase 'Your credit card has been charged ...' will just add more worry for the user, convincing him more to examine [and] double-click the 'flight details," Costoya added.

An almost-identical attack hit consumers last July when hackers sent spam that masqueraded as mail from Delta Air Lines Inc. and Northwest Airlines Corp. Among the few differences: The current campaign has dramatically bumped up the amount supposedly charged to recipients' credit cards. In July, the figures were often in the $400 range.

Airline ticket prices jumped this summer as fuel costs climbed, a fact Continental recognized when it posted its third-quarter earnings last Friday. The airline, which reported a net loss of $236 million for the quarter, blamed both high fuel prices and Hurricane Ike for its poor performance.

According to Continental, its jet fuel averaged $3.49 per gallon during the quarter, up from $2.16, a 62% increase. Fuel prices peaked at $4.21 per gallon during the period, Continental said.

The malware used in July also differed from the attack code spotted by Trend Micro. Three months ago, hackers tried to plant an identity-stealing Trojan horse on users' Windows PCs. The Trojan horse had made a name for itself in 2007 as the malware used to rip off more than 1.6 million customer records from Monster Worldwide Inc., the company that runs the popular Monster.com job site.

Source: Comp. World

Microsoft to ship Vista SP2 beta to testers this week

2008-10-28T06:18:28+11:00

October 25, 2008 Microsoft Corp. said Friday that it would deliver the beta of Windows Vista Service Pack 2 (SP2) this coming week to a limited number of testers. The company targeted SP2's ship date for the first half of 2009, well before the expected release of Windows 7, Vista's successor.

In postings to company blogs, several Microsoft executives announced that the Vista SP2 beta would be given out to a small number of testers in the Technology Adoption Program, a long-standing group of company partners and customers, on Oct. 29.

After Mike Nash, vice president of Windows product management, broke the news mid-day Friday, Celine Allee, a director in the Windows client IT team, followed with more information, including a tentative ship date.

"We anticipate broad availability for Windows Vista SP2 in the first half of 2009," Allee said.

A week ago, the Windows enthusiast site Neowin.net reported that testers had received invitations to join the beta program, while others speculated that Microsoft would deliver Vista SP2 before it shipped Windows 7.

Nash and Allee also said that Microsoft would produce a single service pack that would update both the client version, Vista, and the company's corresponding server software, Windows Server 2008. "Because we've adopted a single serviceability model, these improvements are integrated into a single service pack covering both Windows Vista and Windows Server 2008," said Nash.

They also confirmed the report by Neowin.net that SP2 will include Windows Search 4, Bluetooth 2.1 wireless support and support for Via Technologies Inc.'s 64-bit processor. Currently, Via is best known for its C7 chip, which powers some ultralight "netbook" laptops, including Hewlett-Packard Co.'s Mini-Note.

Windows Search 4.0 is the newest version of Microsoft's desktop search engine and was issued to current Vista users via Windows Update last July; Microsoft released Bluetooth 2.1 support for Vista last April as part of the Vista Feature Pack.

Other improvements slated for Vista SP2, said Allee, include faster resume from sleep when a wireless connection has been broken; enabling of the exFAT file system to support UTC timestamps; and support for Blu-ray.

Microsoft also said that Vista SP2 will require SP1 as a prerequisite. There will be no such requirement for Windows Server 2008 updates, since the server operating system has not had a separate SP1. Instead, Microsoft unveiled both Vista SP1 and Windows Server 2008 on the same day last February. In fact, Windows Server 2008 carried the "SP1" label in its version number from the start, one of the first clues that Microsoft was serious about keeping the two operating systems in sync.

Windows Server 2008 SP2 will include the final version of its Hyper-V virtualization technology, which it issued as a free download in June; and it will include modifications to its power profile that will yield a 10% improvement over the original edition of the OS.

A beta of Windows Server 2008 SP2 will also be seeded to testers on Wednesday.

Allee urged users not to wait for the next service pack, "You can, and should, continue your plans for adopting Windows Vista SP1, and roll SP2 into your deployment image when it becomes available," she said.

Source: IDG News

Microsoft forecast shows Office, Vista heading in opposite directions

2008-10-28T21:00:00+11:00

Microsoft Corp.'s quarterly call with Wall Street on Thursday told the tale of two software franchises and their diverging financial fortunes.

Microsoft Corp.'s Client revenue, which virtually all comes from sales of Windows Vista, grew just 2% year over year to $4.22 billion in its first quarter of 2009.

"That fell pretty far short of Microsoft's expectations," said Matt Rosoff, an analyst at independent research firm Directions on Microsoft. "That's always a worry, since it's the core of the company's business."

This was the second recent quarter out of three that saw Vista sales grow sluggishly or shrink. In Microsoft's third quarter of 2008, Client revenue fell 24% year over year, although sales grew 13% year over year in the intervening fourth quarter.

Vista's weak growth was in spite of 10% to 12% growth in PC shipments. Microsoft blamed the sluggishness on flat PC sales in developed countries and zooming sales of low-cost PCs -- in particular, netbooks. Customers in developing countries are more likely to buy PCs with cheaper, basic versions of Windows Vista installed. Or, if they buy netbooks, they are likely to get Windows XP Home or Linux, which results in little or no revenue for the software maker.

As a result, sales to PC manufacturers, which supply 80% of Vista's sales, actually fell 1%. (The rest of Vista revenue comes from volume licenses to big companies and retail purchases by consumers and small businesses.)

Microsoft hopes Vista can rebound in the second quarter with 7% to 10% growth during the traditionally strong holiday season.

"We think, particularly with Christmas coming up, that overall sales will be relatively good," said Microsoft CFO Chris Liddell during the earnings call. "We have reasonably good visibility into this quarter in terms of the inventory positions. We feel pretty good about some of the initiatives that we have in the unlicensed area. We've got channel inventory down to where we would like to see it."

But Rosoff said he is "surprised they are that optimistic for the holiday quarter."

Other bellwether vendors also lack Microsoft's confidence. Chip maker Intel Corp. expressed an uncertain outlook during its earnings call earlier this month. While Phoenix Technologies Inc., which supplies BIOS software for half of all PCs made, on Thursday cut its forecast for laptop sales growth in half, to 15% from 30%.

Microsoft acknowledged that the picture for Vista sales is bleaker for the rest of the year. It expects sales to increase just 2%, meaning that revenue in the last two quarters of the year might actually fall slightly from the prior year.

Office 2007 enjoys strong growth

Office 2007, meanwhile, appeared to continue its unbroken string of stellar growth. Revenue in the Microsoft's business division grew 20% year over year to $4.95 billion.

The company doesn't break out the percentage of the business division's revenue that comes from Office. Microsoft has added several highly profitable products to the division in recent years, most significantly, Exchange Server, which Rosoff estimates is almost a $2 billion annual business.

Still, Office undoubtedly comprises the majority of Microsoft's business division revenues, Rosoff said. Those revenues are expected to grow 7% to 8% in the next quarter, and 12% to 13% for the entire year, far higher than Client (Vista's) revenues.

Microsoft Office has beaten back many threats during its long era of domination. But with the weak economy and the advent of credible software-as-a-service competitors such as Google Docs, cheaper desktop competitors such as IBM Symphony or the much-improved, free OpenOffice 3.0, could Office's grip on 550 million users finally be weakening? Rosoff isn't buying it.

"I've heard this argument many times over the years. But Office continues to have a real stranglehold in the corporation," Rosoff said. "In the absence of evidence to the contrary, I think it's going to stay that way." Source: ITnews

NASA tries again to fire up ailing Hubble telescope

2008-10-29T21:00:00+11:00

NASA's Hubble Space Telescope may be down, but it's not out.

Scientists announced this afternoon that the 18-year-old orbiting observatory's long-sleeping backup computer system is up and running and has started to bring the telescope back to life. The announcement comes a week after two glitches had foiled NASA's initial effort to switch to the backup system.

Art Whipple, chief of NASA's Hubble systems management office at the Goddard Space Flight Center, said in a press teleconference that although the observatory's main systems were powered up today and are running smoothly, all of the science instruments will remain in safe mode while NASA engineers gauge how the system holds up.

Whipple said the agency hoped to take the first instrument -- a camera -- out of safe mode on Saturday. A major scientific instrument, the Advanced Camera for Surveys, should be taken out of safe mode next week, he added.

Scientists were stymied last week when the two glitches blocked their attempts to get the Hubble back in working order after a computer responsible for sending data back to Earth failed late last month. On Oct. 15, a NASA team first tried to complete a remote switchover from the failed system to an on-board redundant system.

Initial tests a day later showed that the backup system was working well, but the observatory's activation was suspended after they ran into two "anomalies," as described by Whipple in a previous press conference.

Today, Whipple called the cause of at least one of the two glitches a "transient" event that likely stemmed from the fact that they were firing up a backup system that had sat idle for 18 years while hurtling around Earth at 17,500 mph. "The system had been powered off for a long time. We may see more events in the future," he added. "There doesn't appear to be any permanent damage."

The telescope, which has made more than 100,000 trips around Earth, is the first major optical telescope to be placed in space, NASA said. Scientists program Hubble to capture images of the planets in our own solar system, as well as images of far-off stars and galaxies.

This is the first Hubble computer malfunction that has required the installation of a replacement system. "There's nothing young in the system," said Michael Moore, a program executive for the Hubble Space Telescope.

The initial problem lay in the Science Data Formatter, which is designed to take information from five onboard instruments, format it into data packets, put a header on it and then send it to Earth at speeds of up to 1Mbit/sec. Without this computer, Hubble can't take on long-planned research projects.

A planned October space shuttle mission to the telescope, which is the length of a large school bus and weighing 24,500 lbs., was postponed so that scientists can ready another system to be brought up and installed as the next redundant system. As of last week, John Shannon, shuttle program manager at the Johnson Space Center, said the flight will likely be rescheduled for February or April of next year.

Source: NASA

WPA Wi-Fi encryption is cracked

2008-11-10T10:08:59+11:00

Security researchers say they’ve developed a way to partially crack the Wi-Fi Protected Access (WPA) encryption standard used to protect data on many wireless networks.

The attack, described as the first practical attack on WPA, will be discussed at the PacSec conference in Tokyo next week. There, researcher Erik Tews will show how he was able to crack WPA encryption, in order to read data being sent from a router to a laptop computer. The attack could also be used to send bogus information to a client connected to the router.

To do this, Tews and his co-researcher Martin Beck found a way to break the Temporal Key Integrity Protocol (TKIP) key, used by WPA, in a relatively short amount of time: 12 to 15 minutes, according to Dragos Ruiu, the PacSec conference’s organizer.

They have not, however, managed to crack the encryption keys used to secure data that goes from the PC to the router in this particular attack

Security experts had known that TKIP could be cracked using what’s known as a dictionary attack. Using massive computational resources, the attacker essentially cracks the encryption by making an extremely large number of educated guesses as to what key is being used to secure the wireless data.

The work of Tews and Beck does not involve a dictionary attack, however.

To pull off their trick, the researchers first discovered a way to trick a WPA router into sending them large amounts of data. This makes cracking the key easier, but this technique is also combined with a “mathematical breakthrough,” that lets them crack WPA much more quickly than any previous attempt, Ruiu said.

Tews is planning to publish the cryptographic work in an academic journal in the coming months, Ruiu said. Some of the code used in the attack was quietly added to Beck’s Aircrack-ng Wi-Fi encryption hacking tool two weeks ago, he added.

WPA is widely used on today’s Wi-Fi networks and is considered a better alternative to the original WEP (Wired Equivalent Privacy) standard, which was developed in the late 1990s. Soon after the development of WEP, however, hackers found a way to break its encryption and it is now considered insecure by most security professionals. Store chain T.J. Maxx was in the process of upgrading from WEP to WPA encryption when it experienced one of the most widely publicized data breaches in U.S. history, in which hundreds of millions of credit card numbers were stolen over a two-year period.

A new wireless standard known as WPA2 is considered safe from the attack developed by Tews and Beck, but many WPA2 routers also support WPA.

“Everybody has been saying, ‘Go to WPA because WEP is broken,’” Ruiu said. “This is a break in WPA.”

If WPA is significantly compromised, it would be a big blow for enterprise customers who have been increasingly adopting it, said Sri Sundaralingam, vice president of product management with wireless network security vendor AirTight Networks. Although customers can adopt Wi-Fi technology such as WPA2 or virtual private network software that will protect them from this attack, there are still may devices that connect to the network using WPA, or even the thoroughly cracked WEP standard, he said.

Ruiu expects a lot more WPA research to follow this work. “Its just the starting point,” he said. “Erik and Martin have just opened the box on a whole new hacker playground.”

Source: Firewall.cx

More than 1 million DNS servers still vulnerable to Kaminsky

2008-11-14T12:03:08+11:00

New research has found that about 1.3 million domain name servers across the world are still exploitable by the Kaminsky vulnerability, a flaw hackers can easily use to bring down websites and email servers.

Domain name system (DNS) servers are the address books of the Internet. They translate URLs into IP addresses, allowing clients and servers to communicate across the Internet.

In July, security expert Dan Kaminsky revealed that he had discovered a flaw in the DNS protocol. The DNS flaw allows hackers to impersonate any website and trap unsuspecting users. Hackers can also use the flaw to disrupt corporate operations by making the DNS system misdirect emails and website queries. Exploiting the flaw, hackers conduct a "cache poisoning" attack by flooding DNS servers with queries and tricking the servers into mistranslating a URL into another IP address. Kaminsky worked with DNS software vendors to create a patch for the flaw.

Infoblox, a vendor of DNS management technology, recently completed its fourth annual global survey of DNS servers. In all, the survey found 11.9 million name servers across the world, according to Cricket Liu, vice president of architecture for Infoblox.

Nearly 11% of those DNS servers, about 1.3 million, are "trivially exploitable" by the Kaminsky vulnerability, Liu said. In other words, no one has bothered to patch them. "The scripts and Metasploits that are available out there would compromise a name server like that in as little as 10 seconds," he said. "So it's a pretty lousy result. On the other hand, maybe we should be pleased that [the rest] of the servers were patched over the last three months."

The first line of defense against the Kaminsky vulnerability is to reconfigure DNS servers to accept only non-recursive queries rather than recursive ones, Liu said. Recursive DNS servers will accept queries about any domain name from just about any source. Most DNS attacks rely on recursive queries to attack name servers. When servers are reconfigured for only non-recursive queries, the servers will respond only to queries about the domain name for which it is the authority.

Liu said that 44% of DNS servers are still configured for recursive queries, a slight improvement from 52% in 2007.

"Those open recursive name servers are at greater risk for cache poisoning," he said. "They're also easy to use in distributed denial-of-service attacks against people on the Internet."

The second line of defense against the Kaminsky vulnerability is the patch that configures DNS servers for query port randomization. Liu said this configuration instructs a server to send each query to a different random port, making it difficult for a hacker to spoof the server.

"The [hacker] would have to guess which port [the query] came from, and you would have to randomly try sending query responses to a lot of different source ports," Liu said.

The ultimate protection against Kaminsky and other vulnerabilities is to upgrade DNS servers to DNSSEC (DNS Security Extensions), a set of modifications to the DNS protocol that, when uploaded to the DNS server, improves security on DNS servers, Liu said. Unfortunately, DNS management is an afterthought in most organizations. DNSSEC adoption is still minuscule.

DNSstuff.com, a provider of online DNS management tools, recently conducted its own survey of about 450 of its users, according to Paul Parisi, DNSstuff CTO. Parisi said that 9.6% of his customers said they hadn't patched their servers for Kaminsky, and another 21.9% didn't know whether the servers were patched or not.

"That is pretty staggering, given our community," Parisi said. "These are the people who use our tools to manage DNS."

The cache poisoning that can result from the Kaminsky exploit is nevertheless a top concern, he said. The DNSstuff survey found that 44.1% of customers identified accuracy and relevance of DNS data as their biggest management challenge.

"There is a heightened awareness of it, but the survey shows that some people need some help managing it," Parisi said. "They need some best practices, and because DNS is something you touch infrequently, a lot of issues can come up with DNS just because of simple mistakes. There is a hunger out there for proper DNS reporting and management."

Source: Techtarget

Google Earth used by terrorists in India attacks

2008-12-02T11:53:28+11:00

BANGALORE, India -- The terrorists who attacked various locations in southern Mumbai last week used digital maps from Google Earth to learn their way around, according to officials investigating the attacks.

Investigations by the Mumbai police, including the interrogation of one captured terrorist, suggest that the terrorists were highly trained and used technologies such as satellite phones and the Global Positioning System (GPS), according to police.

Google Earth has previously come in for criticism in India, including from the country's former president, A.P.J. Abdul Kalam.

Kalam warned in a 2005 lecture that the easy availability online of detailed maps of countries from services such as Google Earth could be misused by terrorists.

A Google spokeswoman said in an e-mail today that Google Earth's imagery is available through commercial and public sources. Google Earth has also been used by aid agencies for relief operations, which outweighs abusive uses, she said.

Indian security agencies have complained that Google Earth exposed Indian defense and other sensitive installations. Other nations, including China, have made similar complaints regarding military locations.

However, the places attacked by terrorists last week did not come under the category of defense or sensitive installations. The information available to the terrorists on Google Earth about the locations they attacked is also available on printed tourist maps of Mumbai. The locations included two hotels, a restaurant, a residential complex and a railway station.

Source: IDG

New Windows worm builds massive botnet

2008-12-02T23:00:00+11:00

The worm exploiting a critical Windows bug that Microsoft Corp. patched with an emergency fix in late October is being used to build a new botnet, a security researcher said today (1/12/2008).

Ivan Macalintal, a senior research engineer with Trend Micro Inc., said that the worm, which his company has dubbed "Downad.a" -- it's called "Conficker.a" by Microsoft and "Downadup" by Symantec Corp. -- is a key component in a new botnet that criminals are creating.

"We think 500,000 is a ball park figure," said Macalintal when asked the size of the new botnet. "That's not as large as some, such as [the] Kraken [botnet], or Storm earlier, but it's still starting to grow."

Last week, Microsoft warned that the worm was behind a spike in exploits of a bug in the Windows Server service, which is used by the operating system to connect to network file and print servers. Microsoft patched the service with an emergency fix it issued Oct. 23, shortly after it discovered a small number of infected PCs in Southeast Asia.

However, the new worm is a global threat, said Macalintal. "This has real potential to do damage," he said. Trend Micro has spotted infected IP addresses on the networks of Internet service providers (ISPs) in the U.S., China, India, the Middle East, Europe and Latin America.

The worm first appeared about a week and a half ago, and began spreading in earnest just before Thanksgiving, he added.

Macalintal also said that it appears the botnet is being built by a new group of cyber-criminals, not one of the gangs that lost control of compromised computers when McColo Corp., a California hosting company, was yanked off the Internet. When McColo went offline, crooks lost access to the command-and-control servers which gave marching orders to some of the world's biggest botnets, including "Srizbi" and "Rustock."

One result of the McColo takedown was a temporary slump in spam; some message security vendors said last week that they had seen a sharp increase in spam as the hackers managed to regain control of their botnets.

Security experts, including those at Trend Micro, are coordinating efforts, said Macalintal, to pass along their lists of worm-infected PCs to ISPs, who have been asked to contact the computers' owners and urge them to clean their machines of the worm.

"But that's an uphill climb," admitted Macalintal.

Users who haven't applied the emergency patch -- labeled MS08-067 by Microsoft -- should do so as soon as possible, Macalintal said.

Google fires back at analyst claim it's a bandwidth hog

2008-12-06T10:58:08+11:00

Expert says Google uses 21 times more bandwidth than it pays for...

An analyst with ties to the telecom industry called Google Inc. a bandwidth hog in a report released this week.

Scott Cleland, president of Precursor LLC, a research firm bankrolled by telecom heavyweights like AT&T Inc. and Verizon Communications Inc., released a report on Thursday saying that Google uses 21 times more bandwidth than it pays for. The study (download PDF) estimates that Google accounted for 16.5% of all U.S. consumer Internet traffic this year; that number is predicted to jump to 25% in 2009 and 37% in 2010.

"Internet connections could be more affordable for everyone if Google paid its fair share of the Internet's cost," wrote Cleland in the report. "It is ironic that Google, the largest user of Internet capacity pays the least relatively to fund the Internet's cost; it is even more ironic that the company poised to profit more than any other from more broadband deployment, expects the American taxpayer to pick up its skyrocketing bandwidth tab."

Google, however, isn't taking the criticism lying down.

Posting a response on the Google Public Policy Blog, Richard Whitt, Google's Washington telecom and media counsel, noted that since Cleland is paid by the phone and cable companies, he's not exactly a neutral party.

"Not surprisingly, in his zeal to score points in the Net neutrality debate, he made significant methodological and factual errors that undermine his report's conclusions," wrote Whitt, calling Cleland's cost estimates "overblown."

"First and foremost, there's a huge difference between your own home broadband connection, and the Internet as a whole. It's the consumers voluntarily choosing to use our applications who are actually using their own broadband bandwidth -- not Google. To say that Google somehow 'uses' consumers' home broadband connections shows a fundamental misunderstanding of how the Internet actually works."

Net neutrality has been a scorching hot button issue for months now. Google, Microsoft Corp. and other major Internet site operators have joined with small Web site owners to oppose broadband providers like AT&T and Verizon that want to offer faster network performance to companies that pay more. The issue has been dubbed Net neutrality by those who oppose a two-tier system of access and pricing.

Google co-founder and president Sergey Brin even met with U.S. lawmakers last summer to press for legislation that would prevent Internet access providers from charging Web sites more for faster content delivery.

It's also well known that Cleland has no qualms about taking shots at Google. Whitt went so far as to refer to the analyst's report as "payola punditry."

"We don't fault Mr. Cleland for trying to do his job," wrote Whitt. "But it's unfortunate that the phone and cable companies funding his work would rather launch poorly researched broadsides than help solve consumers' problems."

Amazon warns customers of infected digital photo frames

2008-12-30T20:27:41+11:00

Amazon.com Inc. last week warned customers running Windows XP that a Samsung digital photo frame it sold through earlier this month might have come with malware on the driver installation CD.

An Amazon.com customer posted the warning a week ago to the online retailer's user forum. It its note to customers, Amazon.com noted that a Samsung advisory had been issued for the SPF-85H, an 8-in. digital photo frame that Amazon sold for approximately $150 starting in October.

The Samsung SPF-85H is no longer available on Amazon.com.

"We have recently learned that Samsung has issued an alert... our records indicate that you have purchased one of the digital photo frames through the Amazon.com website and are therefore affected by this alert," said Amazon in the note.

Samsung released its advisory download PDF on Nov. 27, and listed five photo frame models as affected: SPF-75H, SPF-76H, SPF-85H, SPF-85P and SPF-105P.

According to Samsung's alert, "a batch of Photo Frame Driver CDs contain a worm virus in the Frame Manager software. This is a risk of the customers host PCs being infected with this worm virus."

Samsung did not specify how the malware got on the CD, or how it escaped its quality control checks.

Amazon's advisory identified the malware as "W32.Sality.AE," the name assigned by Symantec Corp. Other security vendors, such as McAfee Inc. and Trend Micro Inc., have pegged the malware with other names, including "W32/Sality" and "Troj_Agent.xoo," respectively. Symantec's write-up said W32.Sality.AE was a downloader, a malicious program that once installed, downloads even more malevolent attack code.

Most security companies said that the malware -- variously labeled "virus" and "Trojan" -- was first spotted in the wild last August, although some reported earlier variations as far back as mid-2007.

People who purchased a Samsung photo frame should download an updated -- and theoretically malware-free -- version of the Windows XP edition of Frame Manager from Samsung's support site, Amazon recommended.

Only users running Windows XP are at risk, Samsung and Amazon said; Windows Vista is immune.

Hardware with malware is almost a holiday tradition. Last January, for example, Best Buy Co. admitted that it had sold infected digital picture frames under its in-house Insignia brand during late 2007. Best Buy yanked the 10.5-in. frames from its stores, but did not issue a recall.

Source: ITworld

A Second undersea break sets back cable repairs

2008-12-31T07:00:00+11:00

Efforts to restore normal communications between Europe and Asia have suffered a setback after an important undersea cable broke for a second time, this time at a much greater depth.

Engineers from France Télécom had just finished repairing the Sea Me We 4 cable on Dec. 25 when the same cable broke again in a different place, this time 388 kilometers (241 miles) off the coast of Alexandria in Egypt, a France Télécom spokesman said Monday.

The repair ship the "Raymond Croz," which had just finished repairing the first break, was on its way to Sicily on Monday to pick up more cable to repair the second break, which happened more than 3,000 meters (9,800 feet) under the sea, the spokesman said.

The ship is expected to arrive at the site of the latest incident on Dec. 31 and the repairs now won't be completed until Jan. 4 or 5, the spokesman said, which would be 10 days later than originally expected.

Sea Me We 4 is one of four undersea cables that were cut on Dec. 19, disrupting voice and Internet traffic between Europe and several countries in Africa, the Middle East and Asia, including Egypt, India and Singapore.

Much of the traffic has been diverted across the Pacific and through North America, but this has slowed connection speeds from Europe and Asia and places an additional burden on the other cables used for rerouting.

France Télécom, which is part of a consortium that operates the Sea Me We cables, has made Sea Me We 4 its priority and is not saying now when it expects Sea Me We 3 to be repaired.

Reliance Globalcom, which operates the Flag Telecom Europe-Asia and Go-1 cables, which were also cut Dec. 19, said Sunday it expected those cables to be repaired Monday.

The first cable breaks were blamed on trawler fishing nets, a ship's anchor or an undersea earthquake. They occurred in a shallow part of the Mediterranean Sea between Sicily and Tunisia, at a depth of only a few hundred meters.

The latest incident occurred 1,400 km away off the coast of Egypt. The cause was likely an undersea landslide or earthquake, the France Télécom spokesman said.

The incidents highlight the fragility of the submarine cables that carry voice and Internet traffic thousands of miles between continents. The Flag and Sea Me We cables were also cut in February this year.

Asked if it was common for the same cable to break twice in two weeks, the France Telecom spokesman said: "It is not lucky, but it can happen."

Sea Me We 4 runs from Marseilles in the south of France to Singapore, connecting Egypt, Saudi Arabia, India and several other countries on the way. The Flag Europe-Asia cable stretches from the U.K. to Japan.

Downloads of pirated Windows 7 beta candidate soar

2009-01-01T02:47:24+11:00

Downloads of a new build of Microsoft Corp.'s upcoming Windows 7 operating system have soared in the past two days, with thousands of systems now pulling pirated copies from BitTorrent sites.

Searches today on the Pirate Bay BitTorrent site, for example, returned multiple listings of Windows 7 Build 7000, which Microsoft identifies as a beta candidate in the file name. The torrent is a disk image of the 32-bit version of Windows 7 Ultimate; a 64-bit version is not yet available.

The most heavily trafficked Windows 7 BitTorrent on Pirate Bay showed more than 4,300 "seeders" — the term for a computer that has a complete copy of the torrent file — and about 7,500 "leechers," or computers that have downloaded only part of the complete torrent. Less popular BitTorrents of the file on Pirate Bay claimed an additional 1,000 seeders and more than 3,000 leechers.

On Saturday, a day after the first copies of Build 7000 appeared on BitTorrent, Pirate Bay's prime listing showed less than half as many seeders as it did today.

Similar increases could be seen on other BitTorrent sites. For example, Mininova listed almost 20 Windows 7 BitTorrents — some of them duplicates of the ones that appeared in searches of Pirate Bay. Two of the torrents on the Mininova site had more than 4,500 seeders each.

Bloggers who have downloaded the pirated operating system — such as ZDNet.com's Ed Bott — are reporting that its end-user licensing agreement labels the new build as the beta that Microsoft has promised it will open to the public in early 2009.

Although Microsoft hasn't specified a release date, information published on its own Web site earlier this month hinted that the beta would become available no later than Jan. 13. And with Microsoft CEO Steve Ballmer slated to deliver a keynote speech Jan. 7 on the evening before the opening of the International CES trade show in Las Vegas, speculation has been brisk that he will not only talk about Windows 7, but possibly also announce the immediate availability of the beta.

Today, however, Microsoft stuck to its earlier vague timetable. "The Windows 7 public beta is still expected in early 2009," a company spokeswoman wrote in an e-mail. She declined to respond to questions about what actions Microsoft would, or could, take against BitTorrent sites that list the pirated build.

Windows 7 is scheduled to ship late next year or in early 2010, according to statements made previously by Microsoft.

Source: Computer world

Researchers hack VeriSign's SSL scheme for securing Web sites

2009-01-01T07:00:00+11:00

With the help of about 200 Sony Playstations, an international team of security researchers has devised a way to undermine one of the algorithms used to protect secure Web sites — a capability that the researchers said could be used to launch nearly undetectable phishing attacks.

To accomplish that, the researchers said today that they had exploited a bug in the MD5 hashing algorithm used to create some of the digital certificates used by Web sites to prove they are what they claim to be. The researchers said that by taking advantage of known flaws in the algorithm, they were able to hack VeriSign Inc.'s RapidSSL.com certificate authority site and create fake digital certificates for any Web site on the Internet.

Hashes are used to create a digital "fingerprint" that is supposed to uniquely identify a given document and can easily be calculated to verify that the document hasn't been modified in transit. But the flaw in the MD5 algorithm makes it possible to create two different documents that have the same numerical hash value.

That, the researchers said, explains how someone could create a digital certificate for a phishing site that has the same fingerprint as the certificate for a genuine Web site. They added, though, that they don't expect to see any actual attacks using the flaw that they exploited — a point that Microsoft Corp. seconded in a security advisory in which it downplayed the threat to Internet users.

Using their farm of Playstation 3 machines, the researchers built a rogue certificate authority that could issue bogus certificates. The Playstation's Cell processor is popular with code breakers because it is particularly good at performing cryptographic functions.

The researchers planned to present their findings today at the Chaos Communication Congress, a hacker conference being held in Berlin. Even before their talk took place, it already was the subject of speculation within the Internet security community.

The team that did the research work included independent researchers Jacob Appelbaum and Alexander Sotirov, as well as computer scientists from the Centrum Wiskunde & Informatica, the Ecole Polytechnique Federale de Lausanne, the Eindhoven University of Technology and the University of California, Berkeley.

Although the researchers believe that a real-world attack using their techniques is unlikely, they say their work shows that the MD5 algorithm should no longer be used by the certificate authority companies that issue digital certificates. "It's a wake-up call for anyone still using MD5," said David Molnar, a Berkeley graduate student who worked on the project.

In addition to VeriSign, TC TrustCenter AG, EMC Corp.'s RSA unit and Thawte Inc. use MD5 to generate their digital certificates, according to the researchers. They said that VeriSign also uses the algorithm on a certificate service offered through its Japanese Web site, in addition to RapidSSL.com.

Exploiting the MD5 bug to carry out an attack would be hard, because cybercrooks would first have to trick a victim into visiting the malicious Web site that hosts a fake digital certificate. That could be done, however, by using what's called a man-in-the-middle attack. Last August, for example, security researcher Dan Kaminsky showed how a major flaw in the Internet's Domain Name System could be used to launch such attacks.

And with this latest research, it's now potentially easier to attack Web sites that are secured using Secure Sockets Layer (SSL) encryption, which relies on trustworthy digital certificates. "You can use Kaminsky's DNS bug combined with this to get virtually undetectable phishing," Molnar said.

"This isn't a pie-in-the-sky talk about what may happen or what someone might be able to do, this is a demonstration of what they actually did with the results to prove it," HD Moore, director of security research at BreakingPoint Systems Inc., wrote in a blog post about the researchers' findings.

Cryptographers have been gradually chipping away at the security of MD5 since 2004, when a team lead by Shandong University's Wang Xiaoyun demonstrated flaws in the algorithm.

Given the state of research into MD5, certificate authorities should have upgraded to more secure algorithms such as SHA-1 "years ago," said Bruce Schneier, a noted cryptography expert and chief security technology officer at BT PLC.

RapidSSL.com will stop issuing MD5-based digital certificates by the end of January and is looking for ways to encourage its customers to move to new certificates after that, said Tim Callan, VeriSign's vice president of product marketing. But first, Callan added, VeriSign wants to get a good look at the new research.

Molnar and his team have communicated their findings to VeriSign indirectly, via Microsoft, but they have yet to speak directly to VeriSign, out of fear that it might take legal action to quash their talk. In the past, companies sometimes have obtained court orders to prevent security researchers from talking at hacker conferences.

Callan said he wished that VeriSign had been given more information ahead of time. "I can't express how disappointed I am that bloggers and journalists are being briefed on this but we're not, considering that we're the people who have to actually respond," he said.

While Schneier said he was impressed by the math behind this latest research, he said that there are already far more important security problems on the Internet — weaknesses that expose large databases of sensitive information to attackers, for example.

"It doesn't matter if you get a fake MD5 certificate, because you never check your certs anyway," he said. "There are dozens of ways to fake that, and this is yet another."

Source: IDG

Pearson Launches Certflashcardsonline.com

2009-01-09T13:12:03+11:00

On the 7th of January 2009, Pearson Education announced the release of its new browser-based electronic flash card engine, www.certflashcardsonline.com, an application that helps users practice for IT certification exams.

Launching with multiple products on CompTIA, Microsoft and Cisco® certifications, the custom flash card application, loaded with more than 250 questions per exam, tests users’ skills and improves their retention of exam topics. Cert Flash Cards Online also allows users to get all-important information at a glance, helping focus on areas of weakness. Available in both desktop and mobile device format, these fact-filled flash cards allow users to test at home, work, or on the go. This new certification preparation tool, Cert Flash Cards Online, along with Cert Prep Online, is available through InformIT.

Cert Flash Cards Online questions are organized by exam objective, allowing users to focus on selected topics. Users can choose to view cards in order or at random and create custom sets from the entire bank of cards. The electronic flash card engine allows users to purchase "flash packs" that are tailored to specific certification exams. Once a question set is chosen, users view questions, enter answers, and receive an immediate evaluation. The engine provides the ability to mark each question correct or incorrect and provides a detailed score report by category at the end of the exam. If they answered incorrectly, they are able to view correct answers as well as full explanations. Notes can even be written on each question and printed out for later review.

Additional News Facts:
* A truly unique learning tool; robust features include: space to enter long answers, ability to mark individual questions right or wrong, score reporting, custom set creation, and online updates.
* Cert Flash Cards Online is a late-stage exam-preparation tool, which means that an IT certification candidate would typically use this product during the final weeks before sitting for their live exam.
* This alternative learning format presents a unique approach that compliments other self-study formats like books and practice tests.

Useable Quotes:

"The new Cert Flash Cards Online application from Pearson takes the old school concept of paper flash cards that we all used to memorize our multiplication tables and updates it for the digital age and the technical certification market,” said Brett Bartow, Executive Editor for Cert Flash Cards Online. “While practice tests are great for familiarizing candidates with the exam style, they are typically focused primarily multiple choice question formats, which exposes users to pre-formulated answers to choose from. Cert Flash Cards Online, on the other hand, forces users to supply the answer in their own words, and is thus a much more effective tool for assessing and reinforcing knowledge."

“In today's environmentally conscious digital society, it makes sense for certification candidates to use electronic flash cards instead of those made from paper,” said Tim Warner, Product Editor for Cert Flash Cards Online and host of the InformIT Certification Reference Guide. “Most folks carry a laptop or a Web browser-enabled mobile phone or PDA, so why not save some trees by using the online Cert Flash Cards?” About Pearson The global leader in educational and professional publishing, Pearson is home to such respected brands as Addison-Wesley Professional, Cisco Press, Exam Cram, IBM Press, Prentice Hall Professional, Que, and Sams Publishing, which have as their online publishing arm, InformIT (www.informit.com) -The Trusted Technology Learning Source. In addition, Berkeley-based Peachpit (www.peachpit.com), the publishing partner for Adobe Press, Apple Certified, and others, publishes best-selling books for creative design professionals. Pearson is also co-founder, with O’Reilly Media Inc., of Safari Books Online (http://safari.informit.com), the premier on-demand digital library providing thousands of expert reference materials through a single point of contact, including expert technology, creative and design, business and management resources in video and text formats. Pearson Education is part of Pearson (NYSE: PSO), the international media company. Pearson's other primary businesses include the Financial Times Group and the Penguin Group.

Microsoft sued over unified communications deal

2009-01-19T11:40:38+11:00

Microsoft has been sued by a small Wisconsin business for allegedly misrepresenting the capabilities of its Live Communications Server product, selling the company more licenses than it needed and not providing a refund or other products to solve its original problem.

Imagineering International filed its lawsuit in December in the Fond de Lac County circuit court in Wisconsin, accusing Microsoft of breach of contract and breach of warranties, among other offenses.

Imagineering claims Microsoft failed to resolve problems the company had with deploying an enterprise version of Live Communications Server, then did not replace the product with a revamped version, Office Communications Server (OCS), as Microsoft had promised.

Microsoft also never provided Imagineering with a refund for the products and licenses it purchased, after requiring Imagineering to destroy its licenses and the software as a condition of receiving a credit toward OCS, said Jeff MacMillan, president and CEO of Imagineering.

Imagineering, a 23-person IT consulting firm and reseller, had been a Microsoft partner for about 10 years at the time it purchased the products and licenses, he said. The company has since terminated its partnership with Microsoft.

Rather than responding in the same court, Microsoft filed papers Wednesday with the U.S. District Court for the Eastern District of Wisconsin in Milwaukee to move the case from the county court to the federal court, citing Imagineering's request for damages that exceed US$50,000 as one reason.

Cases heard in federal courts also tend to take longer to be resolved, and plaintiffs can lose some of their claims in summary judgment, said Michael Kuborn, an attorney representing Imagineering from the Curtis Law Office in Oshkosh, Wisconsin.

A lawyer representing Microsoft did not respond to a phone call requesting comment. A Microsoft spokesperson said via e-mail Friday that Microsoft is reviewing the allegations and will make its response in court.

Imagineering alleges in its complaint that on Oct. 7, 2005, it purchased Microsoft's LCS software, 1,500 Client Access Licenses and 1,500 External Connector Licenses for a total of $70,776. At the time LCS was Microsoft's software for providing a unified communications system, which links a company's voicemail, telephone system, e-mail and other employee communications services on the same software infrastructure.

MacMillan said Friday that Microsoft representatives had informed him that LCS had the capabilities his company needed to create a unified communications platform out of its disparate systems for telephony, voicemail, fax and e-mail. Microsoft also said it would provide remote desktop capability, which was key to Imagineering's deployment, he said.

Imagineering purchased the product and licenses mainly for an in-house deployment, but if that proved successful, the company planned to sell a similar offering to customers, MacMillan said.

The number of licenses his company needed to purchase seemed high for a company with only 23 employees. However, Microsoft employees brokering the deal said Imagineering would need licenses not only for its own employees using the new system but also for any customers who wanted to access it.

After Imagineering secured the product from Microsoft, it had trouble deploying the product, and so in October of 2005 it contacted Microsoft technical support, MacMillan said. "They determined we were given bad presale information and that the product would not work the way we had been told it would," he said.

Microsoft also informed Imagineering that it did not need licenses for its customers and had indeed purchased too many, he said.

The companies worked together to come up with a solution, which MacMillan said was to give Imagineering a credit equal to what it paid Microsoft to purchase the follow-up version of LCS, OCS, from Microsoft distributor TechData once that product was available. TechData also would provide Imagineering with the licenses it would need for its deployment, he said.

Microsoft released OCS in late 2007. Around that time, MacMillan said he contacted TechData about acquiring the product and the licenses, per the company's agreement with Microsoft. TechData informed him that it had no record of such a deal, he said.

MacMillan said he contacted Microsoft and again worked with it to try to resolve the situation. In February 2008 Microsoft informed Imagineering that it would give it "no more than $27,000" in credit to purchase additional hardware it would need to deploy OCS -- a more complex product than LCS -- as well as the license to deploy it, according to court documents and MacMillan. Imagineering was given seven days to accept or reject the offer, according to court documents.

At that point, MacMillan said, he was frustrated and disappointed at how Microsoft handled the situation.

"They've welched on every deal they put into place ... and then said, 'You paid $70,000, we'll give you $20,000, that will have to be good enough, you can accept it or you can reject it,'" he said. "We had to reject that."

Imagineering still has not successfully implemented a unified communications platform, MacMillan said, and does not have the money to do so. "The $70,000 we spent on this was basically what we had for the project," he said. "It's actually an extraordinary amount of money to us."

Imagineering is seeking a refund from Microsoft for the original amount it paid the company, punitive damages and attorney fees.

The Big Windows 7 Problem: XP Holdouts

2009-01-24T11:00:00+11:00

Microsoft hopes that the release of Windows 7 will solve problems ranging from desktop clutter to what Vista did to Microsoft's public reputation. But the toughest challenge may be to win over the group of people that arguably represent the software giant's biggest obstacle to success: Windows XP users.

The Windows 7 pitch, to date, takes direct aim at Vista's reputation as a bloated resource hog. As developers and members of the general public begin to tinker with the Windows 7 public beta, Microsoft is framing it as a lean and lithe OS, with the flexibility to run on all types of computers, from netbooks to high-end gaming laptops.

The new and streamlined user interface features of Windows 7 are well-documented at this point. A cleaned-up taskbar, the sleek Aero Peek GUI, mouse-hover Jump Lists and multi-touch capability have generated interest from users whose Windows desktops have been cluttered for too long.

Quicker, easier, more organized. Those were the buzzwords about Windows 7 features that Parri Munsell, Microsoft's Director of Consumer Product Management for Windows, used repeatedly in a recent interview from CES (Consumer Electronics Show) in Las Vegas.

"Our goal was to make the UI in Windows 7 much easier to navigate. We'll let the beta speak for itself but we have a high degree of optimism in it," Munsell says.

As for fastest growing segment of the PC market, netbooks, Munsell says that Microsoft has made it a priority to run Windows 7 on small form-factor notebooks.

"Windows 7 has been optimized and engineered to work with anything: from the smallest netbook to the most loaded laptop or desktop," he says.

A lot is expected of Windows 7, but can it do what at times has seemed impossible-win back the trust of XP users who have shunned Vista?

The software giant has stated outright that Windows 7 will not make significant architectural changes from Vista and will run most if not all the applications that run on Vista.

Yet just 21 percent of Windows users currently run Vista, according to Web metrics company Net Applications. Most Windows users (65 percent) still run XP; they like it and they are wary of the compatibility issues that have plagued Vista.

It's All About the Third-Party Apps

That wariness is not without cause, analysts say. Even though Microsoft is trying to use Windows 7 to move XP customers forward, it's still a Vista-like operating system and will have the same compatibility problems that are part of any OS upgrade, says Al Gillen, Research Vice President, System Software at IDC .

"If you don't run Vista today, Windows 7 will not be a silver bullet," he says. Ultimately, Gillen adds, it's not the operating system that matters as much as having updated third-party applications.

"Whether they are upgrading to Vista or Windows 7, XP users have to make sure third-party applications are compatible," he says.

Microsoft has warned users of the dangers of skipping versions of Windows entirely and has been trying to wean users off Windows XP through downgrade fees. Its success has been limited however as the Vista stigma lingers.

Microsoft's Munsell urges XP users to evaluate which third-party applications are important and make sure there is vendor support.

"It is important to avoid a situation where your critical application is no longer supported on Windows XP while not yet supported on Windows 7," Munsell says.

Transition to Windows 7 Easier?

Though the transition from XP to Windows 7 will be complex, it should be simpler as compared to the early days of Vista, says Michael Cherry, lead analyst with market researcher Directions on Microsoft.

When Windows Vista first shipped, Cherry says, people were not prepared for the application and hardware compatibility problems that came with an OS so different from XP.

"At this point there should be compatible versions of most applications and, when necessary, virtualization can be used to facilitate the upgrade," Cherry says.

"This is not to say that XP apps and drivers will work on Windows 7, but that there are now compatible replacements available, which should make the transition manageable."

If Microsoft wants to move customers forward with Windows 7, it must help XP users bridge the gap as much as possible, Cherry adds.

"Microsoft needs to help XP users determine if their hardware is up to running Windows 7, and which device drivers for their hardware and programs need updating," Cherry says. "It then needs to help people find the updated drivers and software."

Source: CIO

Windows 7 to be 'thoroughly' tested by antitrust regulators

2009-01-29T08:10:50+11:00

Technical advisers to the antitrust regulators who monitor Microsoft Corp.'s compliance with a 2002 antitrust settlement will test Windows 7 "more thoroughly" than earlier versions of the operating system were tested, according to a recently-released status report filed with the federal judge watching over the company.

The three-member panel of computer experts that works for state antitrust officials has had a copy of Windows 7 since at least last March, but in December 2008, Microsoft delivered additional documentation to the technical committee.

In the report, submitted last Wednesday to U.S. District Judge Colleen Kollar-Kotelly, antitrust officials with the Department of Justice, 17 states and the District of Columbia said that Microsoft had given notice that "changes to the protocols in Windows 7" required 30 new and 87 revised technical documents.

Microsoft has been under a microscope since it struck a deal in 2002 that required the company to document communication protocols so that other developers, competitors included, could craft software that works smoothly with Windows clients and servers. The decree also set up the technical committee and forced Microsoft and state and federal antitrust officials to deliver regular reports to Kollar-Kotelly.

The newest report spelled out changes the committee, dubbed "TC" by the court, will make to test Windows 7, the successor to Vista.

"In light of the number of new documents that need to be reviewed, the TC is going to shift its focus to direct review of the documents by the TC's engineers as the most efficient method of identifying issues with the documentation," read the status report. "The revised strategy will enable the TC to review the new Windows 7 and system documents more thoroughly than it would otherwise, which is particularly desirable given the significance of these new documents to the project as a whole."

Originally, the consent decree Microsoft signed was to expire in November 2007. Several states objected, however, and after months of legal back-and-forth, Kollar-Kotelly in January 2008 extended her oversight by another two years, to Nov. 12, 2009.

Microsoft is also facing renewed scrutiny from the European Union, which two weeks ago filed preliminary charges against the company, accusing it of violating antitrust laws since 1996 by bundling the Internet Explorer browser with Windows.

Source: Com. World

Microsoft repeats IE8 lock-in warning for XP users with SP3

2009-01-30T04:00:00+11:00

Microsoft Corp. today again warned users of Windows XP Service Pack 3 (SP3) that they may not be able to uninstall either the service pack or Internet Explorer 8 (IE8).

The warning, made by Jane Maliouta, a Microsoft program manager as the company delivered Release Candidate 1 (RC1) on Monday, was a repeat of a caution she gave last August when Microsoft launched the browser's second beta.

In a post to the IE blog, Maliouta recommended that users who had installed IE8 Beta 1 or Beta 2 before upgrading Windows XP to SP3, manually uninstall the older IE8 previews. Users who don't take her advice will be stuck with both IE8 RC1 and Windows XP SP3.

"Windows XP SP3 and IE8 RC1 will become permanent," Maliouta said. "You will still be able to upgrade to later IE8 builds as they become available, but you won't be able to uninstall them." As in August, when Windows XP SP3 users ran into the same situation as they upgraded from IE8 Beta 1 to Beta 2, a warning dialog will appear.

To avoid lock-in, Maliouta told users to first uninstall Windows XP SP3, then uninstall IE8 Beta 1 or Beta 2; they should then reinstall XP SP3 and follow that by installing IE8 RC1.

The big change in RC1's deployment, Maliouta said in a video question-and-answer posted to the TechNet site, is that Microsoft no longer asks users of Windows Vista and Windows Server 2008 to manually uninstall earlier IE previews before installing RC1. "We definitely heard feedback about how difficult it was," she said, referring to the earlier requirement.

Because of the change, Microsoft will be able to push the RC1 update to all users running IE8 Beta 1 or Beta 2 via Windows Update, a change from August when people running Vista and Server 2008 had to manually do a download. Microsoft, however, has not said when it will trigger the RC1 update, nor did Maliouta specify a date today.

Also unknown is a timetable for delivering an update to people running Windows 7 beta, Microsoft's preview of its next operating system. The company unveiled the public beta Jan. 10.

Because of the timing of Windows 7's beta, its version of IE8 is a "pre-RC," according to James Pratt, a senior product manager for IE. Microsoft will upgrade IE8 in Windows 7 to RC1 via Windows Update, Maliouta said, although she did not disclose a timeline. Users will also be able to download IE8 RC1 manually from the company's Web site, she added.

At least one additional update is required before IE8 RC can be installed, or before it will run. Without one of the two slated for Vista, IE8 RC1 will balk during setup and show an error message of "Setup cannot continue because one or more updates required to install Windows Internet Explorer 8 are not present." That patch is a revised version of a Vista Service Pack 1 (SP1) prerequisite that in February 2008 sent machines into an endless round of reboots.

Systems already running Vista SP1 will have that update in place.

Microsoft has also posted a support document that offers installation troubleshooting tips, as well as release notes that spell out compatibility problems with a variety of software, including Intuit Corp.'s popular TurboTax tax preparation program, Google Inc.'s Toolbar and older versions of the Skype voice-over-IP add-on. Older editions of Microsoft's own Windows Live Login add-on -- which was installed with earlier versions of the Windows Live Essentials suite -- are also incompatible with IE8, and are, in fact, unstable.

Users can download IE8 RC1 for Windows XP, Vista, Server 2003 and Server 2008 from Microsoft's site. The new browser will not run on Windows 2000.

Source: Comp. world

Coming soon: Full-disk encryption for all computer drives

2009-01-30T19:00:00+11:00

The world's six largest computer drive makers today published the final specifications(download PDF) for a single, full-disk encryption standard that can be used across all hard disk drives, solid state drives (SSD) and encryption key management applications. Once enabled, any disk that uses the specification will be locked without a password -- and the password will be needed even before a computer boots.

The three The Trusted Computing Group (TCG) specifications cover storage devices in consumer laptops and desktop computers as well as enterprise-class drives used in servers and disk storage arrays.

"This represents interoperability commitments from every disk drive maker on the planet," said Robert Thibadeau, chief technologist at Seagate Technology and chairman of the TCG. "We're protecting data at rest. When a USB drive is unplugged, or when a laptop is powered down, or when an administrator pulls a drive from a server, it can't be brought back up and read without first giving a cryptographically-strong password. If you don't have that, it's a brick. You can't even sell it on eBay."

By using a single, full-disk encryption specification, all drive manufacturers can bake security into their products' firmware, lowering the cost of production and increasing the efficiency of the security technology.

For enterprises rolling out security across PCs, laptops and servers, standardized hardware encryption translates into minimum security configuration at installation, along with higher performance with low overhead. The specifications enable support for strong access control and, once set at the management level, the encryption cannot be turned off by end-users.

Whenever an operating system or application writes data to a self-encrypting drive, there is no bottleneck created by software, which would have to interrupt the I/O stream and convert the data "so there's no slowdown," Thibadeau said.

"Also, the encryption machinery uses no power. When it reads data from the drive, it displays it to the user in the clear. It's completely transparent to the user," he said.

The TCG includes Fujitsu, Hitachi GST, Seagate Technology, Samsung, Toshiba, Western Digital, Wave Systems, LSI Corp., ULink Technology and IBM.

"In five years time, you can imagine any drive coming off the production line will be encrypted, and there will be virtually no cost for it," said Jon Oltsik, an analyst at Enterprise Strategy Group.

Here are the three specifications:

* The Opal specification, which outlines minimum requirements for storage devices used in PCs and laptops.

* The Enterprise Security Subsystem Class Specification, which is aimed at drives in data centers and high-volume applications, where typically there is a minimum security configuration at installation.

* The Storage Interface Interactions Specification, which specifies how the TCG's existing Storage Core Specification and the other specifications interact with other standards for storage interfaces and connections. For example, the specification supports a number of transports, including ATA parallel and serial, SCSI SAS, Fibre Channel and ATAPI.

Several of the drive manufacturers, including Seagate, Fujitsu and Hitachi, already support the standard on some of their drives. Hitachi, for instance, is shipping its internal Travelstar 5K500.B laptop drives with full-disk encryption.

Several encryption management software vendors, including Wave Systems, WinMagic Inc. and CryptoMill Technologies, have also announced product certification for the standard.

Brian Berger, a marketing manager with Wave Systems and chair of the TCG marketing work group, said the specifications call for the use of Advanced Encryption Standard (AES). Vendors are free to choose either AES 128-bit or AES 256-bit keys depending on the level of security they want. Neither have been broken.

"Things like key manageability and patch management become things of the past," he said. "You don't have to worry about what version of encryption software is running or what [encryption appliance] your system's plugged into. When encrypted drives are under management, users can't turn off encryption, so there's no chance of users losing machines with valuable data on them after having turned off encryption."

The effort to create the encryption specifications, which began six years ago, focused on full-disk encryption, which protects data on a computer by encrypting all of the information on the computer's hard drive regardless of what partition it's on. In order to gain access to the information, users would first have to supply a password, which, in turn, would be used to unlock a key used to decrypt the data.

"You can use these [enabled] drives to childproof your laptop because it operates outside of Windows. Windows hasn't even booted yet. Your kid can't crack it unless [he] has the password. You can leave the laptop at home and rest assured a 14-year-old can't get on it," Thibadeau said.

IT departments will also be able to repurpose drives using the encryption standard by cryptographically erasing them with a few keystrokes. Cryptographic erasure changes the cryptographic key, thus making data permanently inaccessible.

"The specific way in which encryption is done inside the drive doesn't matter for interoperability," said Jorge Campello, senior manager of architecture and electronics at Hitachi. "What matters is how they drives are configured and how access control is configured. So any drive, in conforming to these standards, will have the same interface commands."

Source: Computerworld

GFI Languard v9 Hot Review

2009-02-03T10:35:54+11:00

GFI's latest Languard product is once again under our labs microscope!

New features, faster scanning and reporting engine are just few of the new enhancements that will quickly capture your eye!

See what our editors have to say about this new product and if you feel up to it, treat yourself to a free copy!

Click here to read our review!

Microsoft plugs critical Exchange, IE holes

2009-02-12T21:19:11+11:00

Microsoft Corp. (10/2/2009) patched eight vulnerabilities -- three of them marked "critical" -- in Internet Explorer, Office, Exchange and SQL Server.

The most serious of the flaws is a bug in Exchange that attackers can trigger simply by sending a specially crafted message to a company's mail server.

In today's four security updates, Microsoft delivered fixes for the three critical flaws, as well as patches for five additional bugs it pegged as "important," the second-highest threat level in the company's four-step scoring system.

Several researchers put the Exchange update, MS09-003M, at the top of their list because of the likely attack vector. According to Microsoft, the critical Exchange vulnerability can be exploited when a user "opens or previews a specially crafted e-mail message sent in TNEF format or when the Microsoft Exchange Server Information Store processes the specially crafted message."

TNEF, for Transport Neutral Encapsulation Format, is a proprietary e-mail attachment format used by Microsoft's popular Outlook e-mail client as well as Exchange.

"This seems to be a pretty bad one," said Wolfgang Kandek, chief technology officer at security company Qualys Inc. "Just receiving an e-mail triggers it."

Andrew Storms, director of security operations at nCircle Network Security Inc., agreed. "What we're seeing here is that you can send a message and take control of an Exchange server," said Storms. "I don't remember an Exchange vulnerability that's quite so blatant. The functionality that the server provides is the way that you attack the system."

Attackers would love to get their hands on corporate mail servers, both researchers said. "So much intellectual property and confidential information is passed around via e-mail," said Storms, who suggested that the potential rewards of hacking into a mail server would tempt criminals immediately. "All the smart minds will start looking at this."

"In addition to snooping corporate secrets, [a compromised Exchange server] can be used as a launch pad for attacks against other servers in the enterprise," Rohit Dhamankar, director of 3Com Corp.'s TippingPoint DVLabs, noted in an e-mail today.

On the plus side, said Storms, is Microsoft's exploitability rating for the Exchange bug. Because the company labeled it as "Inconsistent exploit code likely," Storms said, enterprises might have some breathing room. "Attackers might not be so quick to come up with an exploit," he said, "so we may have a little window here before having to patch."

The second critical update, MS09-002, patches a pair of vulnerabilities in IE7, Microsoft's current production browser and supposedly its most secure. The two flaws -- one in IE7's handling of Cascading Style Sheets (CSS), the other a memory corruption vulnerability -- likely cropped up in the browser when Microsoft rewrote sections of its older IE6, said Storms and Kandek.

"This is another head-scratcher," said Storms. "Why is it IE7 only? What did they introduce or miss? You would have thought that [IE7] would have been fully tested, so the answer may be in what they rewrote."

"This should be patched immediately," added Kandek. "I cannot imagine anything breaking by patching IE."

As expected, the SQL Server update patched a vulnerability that Microsoft acknowledged in December 2008 -- before admitting a few days later that it had been working on the flaw since April, when an Austrian security researcher first reported it. The researcher, Bernhard Mueller of SEC Consult Security, eventually went public with his findings after he was ignored by Microsoft.

"It's still interesting," said Storms of the SQL Server fix, "just not nearly as interesting now that we know what else was patched today."

The fourth update fixes three separate flaws in the file formats parsed by Visio, the diagramming application that's part of the Office family. Microsoft rated MS09-005 as "important."

"The Exchange [update] is the most serious," said Qualys' Kandek. "Patch that first. And if you cannot [patch], go into your attachment manager and filter attachments there."

"Don't sit on the couch for this one," echoed Storms.

February's four security updates can be downloaded and installed via the Microsoft Update and Windows Update services, as well as through Windows Server Update Services.

Google lets Gmail give away your location

2009-02-13T20:00:00+11:00

Google Inc. certainly is focused on where you are and letting others in on that information.

A week after unveiling Google Latitude, which enables people to track the exact location of friends or family through their mobile devices, the company today announced that its Gmail software can now show the location of e-mail writers.

"Some time ago, I noticed how all mail systems tell you when an e-mail was written, but not where it was sent from," said Marco Bonechi, a Google software engineer, in a blog post. "Because I love to travel, the first question in many messages I receive is "Where are you?" and by the time I answer, I am often somewhere else. So in my 20% time, I wrote an experimental Gmail Labs feature that detects your location and appends the city region and country names to your signature."

Bonechi noted that people can use the new Location in Signature feature by going to the Labs tab in Gmail under Settings and then clicking on Signature Preferences.

"It'll use your public IP address to determine your location, so it may not always be that accurate," he noted. "For example, if you're at Heathrow Airport, IP detection may put you in Germany. If you want more accurate location detection, make sure your browser has a version of [Google] Gears that supports the location module. That way, Gears can make use of Wi-Fi access-point signals to recognize that you're actually in London."

Bonechi also added that users who want to keep their locations private can disable the option or delete their locations from specific e-mails.

Google's tracking technology hasn't received full support from security experts.

Just a day after Google Latitude was released, Privacy International called Google's new mapping application an "unnecessary danger" to users' security and privacy.

Simon Davies, director of the London-based privacy rights group, said in a statement that Google Latitude could be a "gift" to stalkers, prying employers and jealous partners.

But Google was quick to respond. Replying to Computerworld questions in an e-mail, a spokeswoman said the company's engineers and designers took privacy and security concerns into account when they created Google Latitude.

As window closes on Vista, Microsoft makes last-ditch corporate push

2009-02-14T19:00:00+11:00

Microsoft Corp. today put forth its best case as to why corporations and large organizations should consider upgrading to the Windows Vista operating system, even as its successor Windows 7, looms.

In an interview, Gavriella Schuster, a senior director in the company's Windows product management group, urged businesses to move to the embattled operating system now, even if they plan to move to Windows 7 after it ships, as is widely rumored, later this year.

"If you're running Windows 2000, you should definitely move to Vista today," Schuster said. At more than seven years old, she described Windows XP as being on "life support" because of Microsoft's plan to cut mainstream support in two months. Schuster said users should consider "how much money am I spending keeping XP alive, versus moving on?" Microsoft also debuted a new blog called Windows for Your Business to market Vista to its corporate customers.

She urged companies to check when their vendors plan to pull support for their applications on Windows XP and to start testing the Windows 7 beta today.

Windows 7's arrival by this year's holiday season could boost sales of PCs to consumers. But an earlier arrival, combined with the economic downturn, could hurt Vista's remaining chances with Microsoft's most profitable customer segment -- businesses and large organizations.

Vista has been available to corporations for 27 months. Larger corporations may take that long to test, prepare and deploy a major operating system upgrade such as Vista because of the extensive application-compatibility testing and employee retraining that are required.

Many corporate Windows users already have the rights to upgrade to Vista at any time because of the multiyear Enterprise licenses and Software Assurance upgrade rights they buy. Many are resisting the move, though.

For example, the government of Fulton County, Ga., is a Microsoft enterprise customer and tested the beta of Windows Vista three years ago as part of Microsoft's Technology Adoption Program (TAP). The county's IT officials came away so impressed that they initially planned to roll out Vista in all 6,000 of its PCs by the end of 2007, or a year after its release.

Fast-forward to early 2009, and Vista is running on only a small slice of Fulton County's computers. The county has put off PC upgrades because budget cuts forced by reduced property tax revenue as a result of real estate downturn in Atlanta and surrounding suburbs. That has left many employees using PCs that are five or six years old and running XP.

"We're stuck, and it's no fault of Vista," said Jay Terrell, deputy director of IT for the county government. "We're going to wait for Windows 7, though it's not because we [want to] wait."
Papa Gino's Inc. also plans to skip Vista for its 160 corporate employees, according to Paul Valle, CIO at the Dedham, Mass.-based restaurant chain.

"We'll probably start testing Windows 7 when Service Pack 1 arrives and get serious [about upgrading] when SP2 comes," Valle said, taking a conservative approach to the deployment.

Smaller customers like Papa Gino's are arguably a bigger problem for Microsoft. Many of them buy the cheaper Select or Select Plus licenses expressly to avoid Software Assurance and don't want to be locked into Windows upgrades they might not ever install.

If a Select licensee belatedly chooses to upgrade to Vista and then later to Windows 7, it would have to buy Software Assurance at a cost of $100 to $165 per PC, according to Paul DeGroot, an analyst at Directions on Microsoft.

Schuster, however, argued that the benefits would outweigh the costs. Her rationale was as follows:

* Companies that skip Vista are at risk of their software makers halting application support on Windows XP before they start to support them for Windows 7. "It's just traditionally how app vendors have reacted to the release of a new OS, going all the way back to Windows 98," she said.
* Major operating system upgrades, whether from XP to Vista or from XP to Windows 7, typically take 12 to 18 months because of all of the application testing, rewriting of custom apps and employee retraining. Due to Vista's and Windows 7's similar code bases, companies that bite the bullet and standardize on Vista today will enjoy a "smoother" upgrade later to Windows 7 compared with the "riskier" move of holding off and move straight from XP to Windows 7, Schuster said.
* For the same technical reasons, deploying a new PC with Vista today is cheaper than installing XP on it and then expecting to later move it to Windows 7, she said. "If I make an investment in Vista today, will it pay off when I migrate to Windows 7? The answer is yes, it will pay off," Schuster said.
* Companies that stay on XP, according to Schuster, will miss out on Vista's "modern" features, which include improved security and stability -- Service Pack 2 will arrive in the second quarter. "This is the most secure client OS we have ever released," she said.

Schuster's arguments flesh out the same ones made earlier this month by Microsoft CEO Steve Ballmer, who said enterprises that continued to hold on to XP would get "hell" from employees running Vista and Windows 7 in their leisure time.

Source: Comp. World

U.S., Russian satellites collide in space

2009-02-17T21:11:06+11:00

Service outages expected, but issues likely resolved by Friday, Iridium says.

A commercial Iridium communications satellite and a decommissioned Russian satellite appear to have been destroyed after an unprecedented collision in space, Iridium said.

The Iridium network, which offers satellite telephone and data service to governments, corporations, media and other groups worldwide, is made up of 66 satellites orbiting approximately 800 kilometers above the Earth's surface. This Low Earth Orbit means the satellites orbit the globe continuously, and so if enough are put into space, all parts of the planet can be covered with service at all times.

In contrast, typical communication satellites like those used for TV broadcasting orbit at 36,000 kilometers, so they appear at the same spot in the sky when viewed from Earth. This means reception systems can be simple because dish antennas don't have to move, but such satellites have trouble covering higher northern and lower southern parts of the globe.

The in-orbit collision will mean brief service outages for some customers over the next few days, but Iridium said it expects to have the issue largely resolved by Friday. Within a month, the company expects to have one of a number of in-orbit spare satellites moved into position to replace the one that was lost.

Source: IDG

Hackers steal thousands of Wyndham credit card numbers

2009-02-20T21:00:46+11:00

The company estimates that 41 Wyndham hotels and resorts were affected.

Hackers broke into a computer at Wyndham Hotels and Resorts last July and stole tens of thousands of customer credit card numbers, the hotel chain has warned.

The break-in occurred at a property belonging to a Wyndham franchisee, but that computer was linked to other company systems. "That intrusion enabled a hacker to use the company server to search for customer information located at other franchised and managed property sites," the company said in a statement disclosing the breach.

The data was then uploaded to a Web site during July and August of 2008, Wyndham said. The company estimates that 41 Wyndham hotels and resorts were affected by the breach before it was discovered by the company's information security team in mid-September. The incident did not affect other Wyndham properties, such as Days Inn, Ramada or Super 8.

Wyndham has not said how many guests were affected by the theft, but it may have affected as many as 21,000 customers in Florida, according to the state's attorney general. Wyndham representatives did not return calls seeking comment on the breach.

The criminals were able to get guest names, credit card numbers and their expiration dates, as well as data from the cards' magnetic stripe, Wyndham said.

Magnetic stripe information, sometimes called a card verification value (CVV) code, is critical if the thieves want to make fake credit cards, according to Avivah Litan, an analyst at Gartner Inc.

"That's the hot information," she said. "You can sell that information for much more on the black market." CVV codes were also taken in the high-profile Heartland Payment Systems Inc. and The TJX Companies Inc. credit card thefts.

When fraud is perpetrated using fake cards that include the CVV codes, the banks are responsible for the charges; when the fraudsters have only the card numbers and expiration dates -- the information used in online transactions, for example -- then the retailer is responsible for the charges. "The banking industry is all up in arms whenever bank stripe data is stolen," Litan said.

After an eight-week investigation, Wyndham notified credit card companies and the U.S. Secret Service, which investigates financial crimes. Customers were made aware of the breach in December. Last week, it posted more details about the incident on its Web site. (http://www.wyndhamworldwide.com/customer_care/data-claim.cfm)

Source: IDG

Gmail outage caused by rogue code

2009-03-03T09:51:19+11:00

New code triggered a failure during routine maintenance of Google's European data centers, which led to a two hour shutdown of its Gmail system around the world last week.

The outage was an "unforeseen side-effect of some new code that tries to keep data geographically close to its owner," Acacio Cruz, Google's Gmail site reliability manager, wrote in a Google blog post.

The rogue software caused a datacentre in Europe to become overloaded, which caused cascading problems from one datacentre to another.

"It took us about an hour to get it all back under control," wrote Cruz.

Users around the world could either not get access to their inboxes or had to wait a minute or more for them to open during the two-hour outage last Tuesday.

Google has had trouble with Gmail before, and users have voiced concerns over the reliability of the service. In the past six months, Gmail has suffered some form of downtime on five separate occasions. In the month of August alone, Gmail had three significant outages that affected not only individual consumers of the free web mail service but also companies and organisations paying for Apps Premier, the company's hosted suite of collaboration, messaging and office productivity services.

According to Google, the bugs have been found and fixed.

Cruz wrote: "We know how painful an outage like this is - we run Google on Gmail, so outages like this affect us the same way they affect you."

Source: Comp. World

New Cisco Technical Knowledgebase From Firewall.cx!

2009-03-07T23:50:16+11:00

The Cisco Technical Knowledgebase is a new section at Firewall.cx, designed to deliver first-class solutions to the IT engineers & administrators around the world. The technical content of this section will enable you to successfully configure and troubleshoot services and devices from Cisco Systems, by providing you with all the necessary theory, covered in other sections of our site, alongside with step-by-step instructions & screenshots.

The Cisco Technical Knowedgebase section will cover Cisco routers, switches, ASA Firewall appliances and Cisco Call Manager Express (CCME) related topics, kicking off with Cisco Router Technologies.

The Cisco Technical Knowledgebase is planned to go live within March 2009, so be sure to visit us frequently!

The Firewall.cx Team

Internet Explorer 8: Security Features for Enterprise Users

2009-03-18T12:19:07+11:00

Over the past year, Internet Explorer has lost market share while browsers such as Mozilla's Firefox, Apple's Safari and even the nascent Google browser Chrome have made incremental gains.

Microsoft hopes to return IE to its past glory with Internet Explorer 8, which has been in release candidate since late January and has received praise for its security as well as criticism for being a memory hog.

Microsoft is not saying when it will call the IE8 code done and release IE8 to manufacturing. But TechARP.com, a Web site that correctly named the RTM dates for Windows editions in the past, is predicting it will happen this month.

New security and privacy features in Internet Explorer 8.

As more business applications go online, the security of browsers has become a top priority for IT managers and the debate lingers on about which browser is safer: IE or Firefox.

Mike Nash, VP of Windows product management, recently discussed the new security and privacy features in IE8 that Microsoft hopes will keep business users productive and safe from hackers.

Automatic Crash Recovery

Everybody has had to deal with a crashing browser, resulting in lost data and a reboot.

Microsoft promises that Internet Explorer 8 has been architected so that crashes will be limited. If a Web site does crash in one tab then only that tab is affected, while the browser itself and other open tabs carry on as if nothing has happened.

"In the past, if there was a bug in a Web page and it crashed it would cause the entire browser or even the operating system to crash," says Nash.

He adds that IE8 will automatically restore a tab that has crashed once it has identified the problem and then return you to the site you were on before the crash.

SmartScreen Filter

The SmartScreen Filter has been reinforced in IE8 to combat the increasingly complex ways that hackers and malicious sites send viruses and steal personal information.

The SmartScreen Filter blocks imposter sites that may download malicious software. The user has the choice to enable or disable SmartScreen, though Nash highly recommends it be enabled.

When it is enabled and you try to visit a site that is considered unsafe, a Web page with a red screen appears recommending you do not continue to the Web site. It does give the option "Disregard and continue (not recommended)" but IT managers can remove this option to "keep users from having to make a decision of trust without the knowledge to make a decision of trust," says Nash.

One of the major threats to users, adds Nash, are bad sites disguised as good sites.

"A lot of Web sites try to make themselves look like anti-spyware sites when in fact they are downloading spyware," Nash says. "The SmartScreen Filter will recognize them as a hoax and alert users that they should not go there."

Cross-Site Scripting Filter

Cross-site scripting (XSS) attacks are some of the leading exploits against Web users. XSS allows malicious code to be injected into Web pages that can lead to information disclosure and identity theft.

What's most unsettling about XSS: everything looks normal to the user while unauthorized access is being given to a hacker and sensitive data is being stolen.

The XSS Filter, new in IE8, can monitor all requests and responses flowing through a browser. When it recognizes an XSS in a request, IE8 blocks the malicious script from executing.

"It recognizes that a Web site is doing something that looks inappropriate and simply blocks it without giving the user a whole lot of notice," says Nash.

Clickjack Prevention

New in the IE8 release candidate, Clickjack Prevention allows Web content owners to put a tag in the page header that will block clickjacking, a type of cross-site scripting that uses embedded code to tricks users into clicking on a link that appears to perform another function.

With clickjacking, the user thinks he or she is clicking the visible buttons, while actually performing actions on a hidden page. The danger of clickjacking is that clicking on a hidden Web element can result in a transaction that you didn't want. IE8 will detect this and show an error screen saying that the content from a certain host is being used by somebody else.

Adds Nash: "For example, if someone tries to embed your bank's Web site into another Web page, IE8 will recognize that your bank's Web content is part of a clickjacked page and shut it down."

Domain Highlighting

This is the most visible new feature in IE8, but could be the best for keeping users on their toes.

Using domain highlighting, IE8 automatically blackens the domain of a URL in the address bar while the rest of the address is grayed out. If the blackened domain is the true domain, such as bankofamerica.com, users will know that the site is legitimate and not a phishing site.

For example, in the IE8 address bar, this site would be trustworthy:

http://www. cio.com/article/482306/Windows_The_Six_Versions_Explained

And this one would not be trustworthy:

http://www. fakeciosite.com/article/482306/Windows_The_Six_Versions_Explained

Nash said this feature is an easy way for both business and home users to avoid having their personal information compromised by a fake site.

"We've all seen those long URLs where it's hard to tell what site it's going to," Nash says. "Here the real domain name stands out. It's a cool feature that's also about safety."

Source: CIO

Microsoft proud of its first 'post-Gates' OS, Ballmer says.

2009-03-22T10:40:59+11:00

Windows 7 is the first Microsoft OS developed away from the watchful eye of Bill Gates, and the technical leaders who built it had to adjust to life at the company without its cofounder and former chief software architect, CEO Steve Ballmer said Thursday.

"We have a lot of people who are stepping up and growing in new ways," Ballmer said, speaking at the McGraw-Hill 2009 Media Summit in New York. "There's no question about that. I'm growing in some new ways. Some of the senior technical guys are growing in new ways."

Windows 7, which is expected to be out later this year, is a product of some of the changes that have taken place since Gates left, and Microsoft is proud of the result, he said in an on-stage interview conducted by BusinessWeek Editor-in-Chief Steve Adler.

"It's a great piece of work," Ballmer said. "And it's a piece of work that was driven by a team ... independent of Bill and his leadership. And I think we're all, you know, feeling pretty good about it. We've got to finish it. But I think it'll be a big, big deal."

Indeed, Windows 7, a beta release of which is available, has already received positive reviews from early users. Its predecessor, Windows Vista, took more than five years for Microsoft to develop and was received poorly by many businesses and consumers.

Without saying so explicitly, Ballmer hinted that he and colleagues were limited in their ability to make certain technical decisions at Microsoft while Gates was there. Gates left his day-to-day duties at Microsoft last July to work full time with the philanthropic organization he formed with his wife,The Bill and Melinda Gates Foundation. Microsoft Chief Software Architect Ray Ozzie and Chief Research and Strategy Officer Craig Mundie share Gates' former responsibilities.

Ballmer said the "number-one thing" that's changed at the company is the way he, Ozzie and Mundie interact as a team to make technology decisions. "The way the three of us accomplish, let me call it the job at the center of technology leadership, is certainly different than the way Bill did," he said.

Gates, on the other hand, had more of the final say himself in technical decisions, Ballmer said.

"He was the founder. I might have been the CEO, but he was 'the Bill,'" he said. "There was no question that if Bill thought something should be done ... he actually didn't give orders much, but if he thought something should be done, you knew life would be intense if you didn't agree. Let me say it that way."

Still, he said, given the choice, Ballmer and his colleagues would be happy to have Gates back.

"We miss Bill," he said. "I mean, if you gave sort of the average senior technical person at Microsoft a vote, 'Bill back, Bill not back,' they'd probably say, 'Yeah, it'd be great to have Bill back.' On the other hand, Bill's doing something important that everybody values, and I think everybody relishes the opportunity to grow and take more responsibility."

Ballmer declined to say when Windows 7 would be available, saying only that the company would release it "when it's ready." The official word from Microsoft is that Windows 7 will ship three years after Windows Vista, which was released to business customers in November 2006 and to the general public in January 2007.

Intel readying new chips for inexpensive ultraportables.

2009-03-23T20:00:00+11:00

Intel reaffirmed on Friday that it was readying new ultra-low-voltage chips, due in the second quarter, for inexpensive ultraportable laptops.

The company will ship the ULV chips as part of its Montevina Plus mobile laptop platform, an updated version of the existing Montevina platform, said Connie Brown, a company spokeswoman.

The chips could go into thin and small laptops that provide full PC functionality but are cheaper than existing ultraportable laptops, which are generally priced above US$1,500.

Laptops based on Intel's ULV chips could be as thin as Apple's MacBook Air or Dell's recently launched Adamo, with prices ranging between $599 and $1,299. In announcing the chips, Intel said it wanted to bring ultraportable laptops to the masses.

"You'll see many more of the ultra-thin laptop models at a variety of price points, and not just on the high end. This will give both business and general consumers more choice," Brown said.

The new chips will fit into small spaces and use less power than existing Core 2 Duo ULV chips, which draw about 10 watts of power. Intel's Core 2 ULV chips are mostly used in ultraportable laptops such as Lenovo's X300, Apple's MacBook Air and Fujitsu's LifeBook P8020. Intel also currently offers inexpensive chips for thin and light laptops such as netbooks, but those PCs are only designed to perform basic functions such as Web browsing and word processing.

The new ULV chips could disrupt rival chip maker Advanced Micro Devices' bid for a larger share of the inexpensive ultraportable market. AMD in January launched the Athlon Neo chip for inexpensive ultraportables priced between $500 and $1,500. At the time, AMD criticized the premium pricing of ultraportable laptops that carry Intel's ULV chips, saying users don't have an appetite for expensive ultraportables such as the MacBook Air and that pricing has been a key impediment to the adoption of such laptops.

Intel's Montevina Plus platform also will offer new chips running as fast as 3.06GHz, for mainstream notebooks priced between $399 and $1,499.

Montevina Plus is likely to be Intel's most important update to its laptop platforms before the company starts shipping the new Arrandale chips for laptops later this year. The Arrandale chips will be manufactured using a 32-nanometer process.

Arrandale chips integrate a graphics processor and CPU in one chip, which could boost graphics performance while drawing less power than existing Core 2 processors. Arrandale chips will also be more energy-efficient, which could improve laptop battery life. Clock speeds on Arrandale processors should be similar to chips used in existing laptops, but offer better performance by running applications through more threads while drawing less power.

Cisco to cut home broadband perks to reduce costs

2009-04-02T12:06:34+11:00

The move is part of a wider effort to shave $1 billion from Cisco's expenses.

Cisco Systems Inc. is ending a long-standing policy that allows its employees to expense their home broadband service as part of a wider effort to reduce costs in the tough economic climate, sources at the company said.

The change will apply to all of Cisco's employees worldwide, although there are likely to be exceptions for staffers who live far from an office and telecommute most days, the sources said. The changes are still being finalized and are likely to be announced internally later this week.

A Cisco spokesman declined to comment.

It's the latest example of how companies are looking beyond big-ticket items like salaries and travel to shave costs from their business wherever they can. It's a somewhat ironic move by Cisco, which encourages its clients to use telecommuting and videoconferencing to reduce travel costs and work more efficiently.

Cisco's business, like that of many vendors, is being hurt by the economic slump. Revenue for its second fiscal quarter, ended Jan. 24, was down 7.5% from a year earlier, with profits off 27%. The company has said it expects revenue for the current quarter, which ends in April, to be down 15% to 20% year over year.

Cisco announced last November that it aimed to reduce its operating expenses by $1 billion for this fiscal year. It said it would target travel costs and discretionary expenses such as off-site meetings, outside services, trade shows and marketing activities.

CEO John Chambers said last month that Cisco didn't plan any mass layoffs, which he characterized as 10% or more of staff, but he said it might reduce head count by up to 2,000 people through "realignment" and "restructuring." The first few hundred workers were laid off last month, according to published reports.

Many tech companies have made much wider layoffs, and some have been cutting salaries and bonuses as well. Intel confirmed on Monday that it had frozen salaries across the entire company. "We are in the toughest recession in the history of our industry, and we need to continue to control our costs," said Intel spokesman Chuck Mulloy.

Reducing payments for home broadband may seem like a small move, but for a company with more than 60,000 employees, the expenses could add up. Cisco also stopped providing free sodas to its staff about a month ago, one of the sources at the company said.

Nanotouch technology shrinks touchscreen displays

2009-04-09T10:44:43+10:00

Touchscreens can only get so small before fingers start to block most of the information on them, but a project from Microsoft Research and the Hasso Plattner Institut in Germany called Nanotouch allows a touchscreen device to be controlled from its backside, preventing fingers from occluding the screen.

"We're using a principle called pseudo transparency so that we can pretend we can see through the screen and as we do this we see the document we're manipulating, we can see the finger and we get no occlusion and precise manipulation," said Patrick Baudisch, a research scientist with Microsoft Research and a professor and chair of the Human Computer Interaction Department at the Hasso Plattner Institut in Potsdam, Germany.

Baudisch had several prototype 2.4-inch screens on display at the Computer Human Interface, or CHI, conference in Boston. One of the displays was the pseudo transparent display, which showed a finger on the display screen when a real finger touched the back of the display. Another prototype featured a first-person shooter (FPS) game where the gamer guided the shooter through the game using the back of the device.

On the back of the prototype is a gray and white grid with four raised nubs, similar to those on the F and J keys on a keyboard. Baudisch said those are for orienting fingers on the back of the device.

Nanotouch grew out of a previous iteration that incorporated a larger display and webcam called Lucid Touch.

In order for Nanotouch technology to be found in mainstream devices, Baudisch said that technology has to scale down in order to fit in these new, smaller devices. For example, he said that in a year or two a mobile audio player that fits into the size of a coin could be created and that maybe five years from now a cell phone could be developed using the technology.

Baudisch said there are touchscreen watches on the market, but that some required styluses for control of the screens. Baudisch's plan is to embed the technology on the wrist band of the watch so that the user has greater control without occluding the display with a finger.

"It's not like we're waiting for a specific time to start doing this, but every year as technology shrinks we can pack more and more technology into these devices," Baudisch said.

Google Suffers Another Service Outage

2009-05-19T07:40:54+10:00

Google is dealing with another service outage Monday impacting users around the world. Monday's service outage, which began at approximately 8:30AM EDT, appears to be impacting only Google's popular Google News service. As of this writing (9:44AM EDT) it has not been fully resolved and when people try to access Google News they are met with a "503 Server Error" message and a "Please try again in 30 seconds. Others can access Google News, but the site is not displaying pages correctly or when links to other Google News categories are clicked on more Server Error messages are delivered.

The outage has been reported by users in California and Massachusetts and as far away as Sydney, Australia, India, and the United Kingdom. Twitter is also lighting up with users complaining of the outage.

There are no reported problems of Google News in some parts of the world such as Tel Aviv, Israel. Other Google services, such as Google.com, Gmail, and YouTube appear to be working fine. This latest hiccup by Google does in no way appear to be as severe or as a widespread as Google's service outage earlier this month. However this latest Google stumble tarnishes, yet again, the company's image as one of the most reliable Internet companies.

Source: IDG

Interested In A Free Cisco Press Title?

2009-06-10T23:19:50+10:00

Grab a FREE copy of popular Cisco Press title CCNA Portable Command Guide, 2nd Edition when you sign-up for Safari Books Online trial during the month of June.

For more information, visit the following URL:

http://www.informit.com/safaribookpromo.

Spammers Beware - Firewall.cx takes action against forum spammers!

2009-08-31T11:42:00+10:00

Following the continuous posting of spam related posts, we've decided to take action! Besides the deletion of posts, accounts and permanent banning of whole Class B networks (/16) from which spammers perform their dirty work, Firewall.cx has begun gathering full details of all spammers (including IP Address and EXACT time of forum posting) to use against the people in charge of these activities.

All information gathered is forwarded to every ISP involved, and legal action is taken.

We will not tolerate people trying to turn our site forums into a junk yard.

Closing, we also would like to thank our community for working with us to ensure the site is kept clean from unwanted content.

Chris Partsenidis
Founder & Senior Editor
www.Firewall.cx

GFI's New WebMonitor release now Freeware!

2009-11-22T10:56:16+11:00

GFI Software has released a new version of GFI WebMonitor that gives small and medium-sized businesses (SMBs) the tools they need to monitor Internet use in the organization, ensure a safer browsing experience and boost productivity.

Now, GFI WebMonitor can run independently of any firewall/proxy server and be deployed on most Windows Server/Workstation operating systems.

Cisco Press Launches Suite of Products for New CCNP Certification Exams

2010-01-26T21:13:49+11:00

— Cisco Press, the official publisher to the CCNP exams, brings an unmatched and unique portfolio of learning and preparation products to the new 2009 CCNP certification exams launched today by Cisco. Available to certification candidates are a variety of products including video, flash cards, books, and e-books.

The new suite includes three Certification Guides and introduces a new product line for mid- to late-stage exam preparation, the Cert Kits, available for all three exams. Each Cert Kit provides a value-priced package combining video, print and electronic quick reference sheets, and online flash card preparation tools. Portable Command Guides and Foundational Learning Guides will also be available in spring 2010.

A complete listing of new CCNP products is available at www.ciscopress.com/ccnp

Firewall.cx the world's first official Media Review Partner of CiscoPress titles

2010-04-03T10:58:06+11:00

Cisco Press today cemented a long-standing partnership by appointing Firewall.cx as the world's first official Media Review Partner of Cisco Press titles. Already officially recommended by Cisco's CCNA Academy program, Firewall.cx has been reviewing networking titles since 2003 and has Cisco certified engineers throughout the world serving a huge user community.

Chris Partsenidis, founder and senior editor of Firewall.cx said, "We're delighted with this award which underlines the great work being done by our team. We aim to provide resources and support for our members as they learn and develop, and this partnership will allow us to introduce new Cisco titles to a wide audience while at the same time providing useful feedback for Cisco Press."

A special 'Official Reviewer' logo has been created to mark the occasion.

Official announcement from Cisco Press can be found at the following URL:

http://www.ciscopress.com/press/press_releases_detail.asp?promo=137730.

Cisco 64-bit VPN Client is on its way!

2010-04-13T01:41:23+10:00

Cisco VPN Client 64-bit is on its way!

After many years of anticipation, Cisco has finally got the message and decided to develop a 64-bit version of its popular Cisco VPN Client software!

As most Cisco engineers are aware, the absence of a 64-bit VPN Client produced a lot of problems when it came to connecting remote users (with 64-bit Windows) to the corporate network.

The 32-bit version of Cisco VPN client refuses to install on any 64-bit operating system, leaving the administrator with two options: 1) Install and configure (if possible) the new VPN trend of Web SSL VPNs, where purchasing licenses are necessary, or 2) Use a third party/opensource 64-bit VPN client.

While third-party VPN clients do provide a solution, they seem to fall short of functionality when it comes to connecting to corporate networks with multiple intranets/networks.

Now, thanks to Cisco (and the persisting community), this nightmare is nearly over as a Beta version of the 64-bit Cisco VPN client is already out.

Trials until now, show that even thought the VPN client is in Beta version (5.0.07.0240), it is extremely stable and should be ready for release very soon.

Note: We would like to thank Eleftheriadi Dimitri from Cooper-Industries for his input on this post.

Note: You can download the Cisco VPN Client from our Download section.

GFI Software Enhances its Security Product Offering with the Acquisition of Sunb

2010-07-14T01:52:38+10:00

GFI Software, a market leading provider of software infrastructure products for small and medium-sized enterprises, announced today that it has acquired Sunbelt Software and specifically its VIPRE® product suite. Terms of the transaction were not disclosed. The acquisition will allow GFI to merge VIPRE technology into GFI’s email security and web security solutions group, and will provide GFI with new security products consisting of world-class and innovative technology. The assets of Sunbelt’s software distribution business, started over 16 years ago and separate from the technology side of the company, will be divested into a separate entity and the company is exploring other strategic partnerships.

To read more about this strategic acquisition, continue reading below:

GFI's Acquisition of Sunbelt Software
“Over the past several years, we have looked extensively for the best technologies, the best developers and the best management teams that will allow us to expand our current product offerings and to provide the best service we can to our customer base. We were impressed by the high quality and innovative technology that underlies Sunbelt’s VIPRE line of products and immediately saw strong synergies between the two companies. We have acquired a good, growing and cash-flow positive business that fits well within GFI’s strategic vision to consolidate our products and grow our business,” said Walter Scott, GFI’s CEO.

“Furthermore, Sunbelt’s technology is backed by a reliable, committed customer support team that provides great service – something so important for us. We see this investment in Sunbelt and its VIPRE technology as an excellent opportunity to increase our install base, drive the software globally through our international partner channel and also build our consumer market, which has a powerful drag-along effect on the SME and SoHo markets,” Mr. Scott added.

“The technologies developed by both companies are highly complementary and I have a hard time imagining a better combination,” said Alex Eckelberry, CEO of Sunbelt Software. “Additionally, GFI and Sunbelt are rooted in similar business principles, with similar markets and a commitment to superlative customer service.”

About Sunbelt Software
Headquartered in Tampa Bay (Clearwater), Fla., USA, Sunbelt Software is a leading provider of Windows security software including enterprise antivirus, antispyware, email security, and malware analysis tools. Leading products include the VIPRE® and CounterSpy® product lines, Sunbelt Exchange Archiver™, CWSandbox™, and ThreatTrack™.
About GFI

GFI Software provides a single best source of web and mail security, archiving and fax, networking and security software and hosted IT solutions for small to medium-sized enterprises (SME) via an extensive global partner community. GFI products are available either as on-premise solutions, in the cloud or as a hybrid of both delivery models. With award-winning technology, a competitive pricing strategy, and a strong focus on the unique requirements of SMEs, GFI satisfies the IT needs of organizations on a global scale. The company has offices in the United States (North Carolina and California), UK (London and Dundee), Austria, Australia, Malta, Hong Kong and Romania, which together support hundreds of thousands of installations worldwide. GFI is a channel-focused company with thousands of partners throughout the world and is also a Microsoft Gold Certified Partner.

FREE Cisco CCNP TSHOOT Webcast August 31st

2010-08-17T08:33:49+10:00

FREE Cisco CCNP TSHOOT Webcast August 31st, 2010 with expert trainer and best-selling Cisco Press author Kevin Wallace, http://bit.ly/baQ0zD!
Kevin Wallace, expert trainer and best-selling author of the CCNP TSHOOT 642-832 Official Certification Guide and Network Troubleshooting Video Mentor, takes you on a tour of a troubleshooting scenario that is typical of what you might see on the CCNP TSHOOT exam. Kevin walks you through an HSRP trouble ticket. You will review the theory of HSRP followed by a live troubleshooting demonstration and concluding with a Q&A session.

Join us for this Free Pearson IT Certification / Cisco Press Webcast to gain unique insight into what you can expect on the CCNP TSHOOT exam! Register Now. Hope you can attend!

GFI Labs Issues Labor Day Phishing Warning

2010-09-06T00:16:54+10:00

GFI Software security researchers issued a warning today regarding an expected increase in phishing attacks in relation to the upcoming Labor Day holiday. GFI Labs, the dedicated malware research center of GFI Software, warns that consumers are traditionally at high risk for targeted phishing attacks due to the preponderance of online retail sales events over the holiday weekend.

Amidst the flurry of emails promoting holiday sales are fraudulent messages that include bogus links to sites that download malicious software or phishing sites soliciting personal information. While research from companies like IBM have suggested that phishing attacks were on the decline last year, GFI Labs warns that customers should not be lulled into a false sense of security. According to phishing tracker Phishtank.com, there are over 2,900 active phishing web sites currently verified on the internet. Furthermore, the popularity of social media sites such as Facebook and Twitter has made them attractive platforms for holiday-themed attacks.

According to GFI Software, one of the world’s leading providers of security software, consumers can reduce their risk of infection by following three simple rules:

1. Ensure that your computer is protected against the newest malware threats by installing a combined antivirus and antispyware solution. This serves as the first point of protection against dangerous viruses and Trojans – and one without the other is no longer effective.

2. Never click on a link from an email to make a credit card purchase. The email you’ve received may look legitimate, but there’s a high probability that the link will take you to a spoofed site where your credit card information will be recorded by cyber criminals. Instead, navigate to the retailer’s Web site directly through your browser. Again, the email may look harmless, but it’s better to be safe than sorry.

3. Even when visiting a trusted Web site, be vigilant about anything that looks out of the ordinary. Social networking sites like Facebook, Twitter and MySpace have all served as points of infection recently. Do not download anything, even from a trusted site, unless you are 100% sure of its contents.

“Every Labor Day, we see a wave of phishing attacks taking advantage of consumers’ expectations of increased retail email promotions connected with the holiday,” said Tom Kelchner, research center manager, GFI Labs. “Cyber criminals see an opportunity to slip by unnoticed among the legitimate promotions. Along with making sure virus updates and security software patches are current, consumers need to stay vigilant and use common sense in order to avoid any unnecessary headaches that these fraudulent emails look to deliver over the long weekend.”

GFI Software Announces Top 10 Malware Threats for August

2010-09-06T00:26:50+10:00

GFI Software, a leading IT solutions provider for small and medium-sized enterprises, today announced the top 10 most prevalent malware threats for the month of August 2010. The report, compiled from monthly scans performed by GFI's award-winning anti-malware solution, VIPRE Antivirus, and its antispyware tool, CounterSpy®, is a service of GFI Labs.

GFI VIPRE ThreatNet™ statistics for the month of August show that GFI customers were under attack throughout the month primarily by the same Trojan horse programs that have persisted for several months. In fact, the top four threats were unchanged in order from the month of July. Trojans detected as Trojan.Win32.Generic!BT were still the chief detection, slightly down to 25.11 percent of total detections. This particular Trojan detection has been in the top spot for some time: in July with 29.08 percent and in June with 27.16 percent of the total detections.

The number two detection, Trojan-Spy.Win32.Zbot.gen is a detection of password-stealing Trojans with many versions. The third largest detection, Trojan.Win32.Generic.pak!cobra, is a generic detection for a variety of malware that can infect 32- and 64-bit Windows installations.

“Detections of this malicious code indicate that botnet operators continue to try to infect machines and use them in their spamming networks,” said Francis Montesino, manager of the malware processing team, GFI Labs. “Our ThreatNet detections for the month also agree with other reports we’ve heard in the last few weeks that have found a high level of traffic in rogue security products. These are often referred to as scareware. We’re seeing a multitude of detections of the downloaders and installers that are associated with the rogues.
Montesino continued, “Our research group is analyzing new rogues too, but what we’re seeing through ThreatNet indicates that VIPRE is preventing these rogue downloads.”

The top 10 results represent the number of times a particular malware infection was detected during VIPRE and CounterSpy scans that report back to ThreatNet, GFI’s community of opt-in users. These threats are classified as moderate to severe based on method of installation among other criteria established by GFI Labs. The majority of these threats propagate through stealth installations or social engineering.

The top 10 most prevalent malware threats for the month of August are:
1.    Trojan.Win32.Generic!BT        25.11%
2.    Trojan-Spy.Win32.Zbot.gen        4.23%
3.    Trojan.Win32.Generic.pak!cobra 3.61%
4.    INF.Autorun (v)                              3.27%
5.    Trojan.Win32.Generic!SB.0          2.01%
6.    BehavesLike.Win32.Malware (v) 1.04%
7.    Worm.Win32.Downad.Gen (v)    0.96%
8.    Trojan.Win32.Malware.a       0.93%
9.    Trojan.Win32.Meredrop        0.92%
10.    Exploit.PDF-JS.Gen (v)           0.84%

WHAT'S NEW AT CISCO PRESS?

2010-09-16T06:35:20+10:00

Buy 3, Save 40% on ciscopress.com!!

Buy 3 or more eligible products and save 40%, plus get FREE ground shipping in the U.S. Eligible products include all print books, eBooks, DVDs, Cert Flash Cards Online, Network Simulators, and Online Videos—so you can combine products for a complete cert study solution!

Enter coupon code BUY3SAVECP at step 3 of checkout to receive your discount.

For more information please visit the link below:

Ciscopress.com Discounts

Top 10 Malware Threats for September 2010

2010-10-12T11:15:45+11:00

GFI Software, a leading IT solutions provider for small and medium-sized enterprises, today announced the top 10 most prevalent malware threats for the month of September 2010. The report, compiled from monthly scans performed by GFI's award-winning anti-malware solution, VIPRE® Antivirus, and its antispyware tool, CounterSpy®, is a service of GFI Labs™.

GFI VIPRE ThreatNet™ statistics for the month of September show a staggeringly consistent attack primarily by the same Trojan horse programs that have persisted for several months. Several of the top threats were unchanged from the past two months. Trojans detected as Trojan.Win32.Generic!BT were still the chief detection, slightly down to 23.54 percent of total detections. This generic detection includes more than 120,000 traces of malicious applications and has been in the top spot for many months: in August, with 25.11 percent, in July with 29.08 percent and in June with 27.16 percent of the total detections.

Symantec Rolls-out New Company Logo

2010-10-12T11:23:21+11:00

The new company logo brings together the Symantec name with the check mark from the recent VeriSign acquisition. The VeriSign check mark is the most recognized symbol of trust online with up to 250 million impressions every day on more than 100,000 unique websites in 160 countries. The check mark and circle will be the common symbol used across Symantec brands including the Norton consumer brand and the Symantec Hosted Services brand. The logo unifies the breadth of Symantec’s resources and amplifies Symantec’s recognition across all customer segments from the individual consumer to the largest global organization.

Cloud-Based Solutions for Small & Medium Enterprises

2010-12-06T07:13:15+11:00

Small and medium enterprises (SMEs) are always looking for the optimum way to implement technology within their organizations be it from a technical, financial or personal perspective.

Technology solutions can be delivered using one of three common models: as on-premise solutions (i.e. installed on company premises), hosted services (handled by an external third party) or a mix of both. This article takes a brief look at the cloud-based solutions for SMEs and examines their drawbacks.

Click here to read our article on SME Cloud-based solutions.

Are Cloud-Based Services Overhyped?

2011-01-12T10:24:43+11:00

Cloud-Based Services are appearing day-by-day by providers all over the world, offering zero down-time, automatic resource allocation, high-security and much more.

This article examines what this 'Hype' is all about. Are Cloud-Based Services really a milestone in network-based services or just another 'trend'?

Find out by reading our second article in our new Cloud-Based Services section:

Are Cloud-Based Services Overhyped?

What if it rains in the Cloud?

2011-01-13T23:00:00+11:00

Some SMEs are apprehensive about using hosted services because their confidential data is being handled by third parties and because they believe the solution provider might fail. Funnily enough, it’s usually the other way around. This article talks about most companies fears on Cloud-based services and looks at the services from a different prospective.

What if it rains in the Cloud?

CallManager Express & UC500: How to change IP phone background image

2011-03-21T00:45:15+11:00

This article explains the procedure of changing background images on a Cisco IP phone. We'll show you how CallManager Express (UC500, UC520, UC540 & UC560 included) handles IP phone background images and how these are loaded on to the CCME router and served to the network's IP phones. Whether you want to use Cisco's standard images or upload your own customised image, our extensive coverage of this topic covers it all.

In addition, we provide direct download of Cisco's backgrounds for IP phones that are included with every CallManager Express version, plus a customised Firewall.cx background image to try on your IP phone!

To read our article, please following the link below:

Installing Customised Background Images on Cisco IP Phones - CallManager Express, UC500, UC520, UC540 & UC560

Hands-on Guide to the Red Hat Exams: RHCSA and RHCE Cert Guide and Lab Manual

2011-04-24T00:47:15+10:00

Pearson IT Certification has just released this hot title covering the RHCSA and RHCE Cert Guide exams.

This title will help you Master every RHCSA and RHCE topic!

Red Hat Enterprise Linux 6 local and network installation
System services, runlevels, and bootup
Disks, partitions, and file systems, including LUKS encryption
Networking
Package management
User administration
Logging, monitoring, and automation
Kernel updates and tuning
Security, including SELinux, firewalls, and policies
Remote access, including SSH
Apache, Squid, DNS, DHCP, NTP, and email
NFS and Samba
Client and network troubleshooting
KVM virtualization

For more information, please visit the Pearson Education site

VLAN Security- Making the Most of VLANs

2011-05-20T06:39:57+10:00

VLAN Security is an extremely hot topic these days. This article written by Chris Partsenidis for FedTech Magazine takes a look under the hood of VLAN networks and shows 5 ways you can reap the benefits of bandwidth, availability and security. Learn the 5 key-points required to ensure your VLAN network is properly designed and working at its best, plus the VLAN Best Practices to securing your VLAN network.

To read more on this popular article, following the link below:

VLAN Security- Making the Most of VLANs

Web Security Strategy for Your Organization

2011-06-08T08:21:32+10:00

In today's business world, internet usage has become a necessity for doing business. Unfortunately, a company's use of the internet comes with considerable risk to its network and business information.

Web security threats include phishing attacks, malware, scareware, rootkits, keyloggers, viruses and spam. While many attacks occur when information is downloaded from a website, others are now possible through drive-by attacks where simply visiting a website can infect a computer. These attacks usually result in data and information leakage, loss in productivity, loss of network bandwidth and, depending on the circumstances, even liability issues for...

To read more on this great Web Security article, simply click here

Using Web Security to Deal with Malware

2011-06-09T19:00:00+10:00

It is widely acknowledged that any responsible modern-day organization will strive to protect its network against malware attacks. Each day brings on a spawning of increasingly sophisticated viruses, worms, spyware, Trojans, and all other kinds of malicious software which can ultimately lead to an organization's network being compromised or brought down.

Private information can be inadvertently leaked, a company's network can crash; whatever the outcome, poor security strategies could equal disaster. Having a network that is connected to the Internet leaves you vulnerable to attack, but Internet access is an absolute necessity for most organizations, so the wise thing to do would be to have a decent web security package installed on your machines, preferably at the gateway.

There are several antivirus engines on the market and each product has its own.....

To read this article that deals with Malware on the Internet and the importance of Web Security, click here.

Firewall.cx is changing after 8 years of success....

2011-08-31T10:03:29+10:00

Back in 2003, we decided to take a big step for Firewall.cx and move the site to what was back then, one of the most popular CMS systems available. This allowed Firewall.cx to expand its services, integrate its user accounts with the site's forums and provide a single-sign-on for all services offered.

After 8 years of success and almost 100 million page views, we decided it was time to take the next big step into Firewall.cx's future. As such, we've been secretly working on the next generation of Firewall.cx!

The new Firewall.cx site has been designed from the ground-up using nothing but the best available resources to ensure we can expand and provide new exciting services to all our community. Special focus has been given to the new menu system, that no longer requires lengthy scrolls to get to the desired article, and are also nicely populated with nifty icons representing each category.

Our new forum system now supports enhanced features such as 'Helpful answer' voting, plus more, that will ensure users helping the community are receiving the necessary recognition.

As most of our community can understand, we are extremely excited about this big changeover, so we decided to officially announce the upcoming new Firewall.cx website which is now at its final stages of completion and is expected to be online very soon!

To give you a small sneak preview of the site, we've posted a small section of the site's front page:

We thank the Firewall.cx community for supporting us throughout all these years and promise that our new site will bring more helpful resources and services for you all!

Chris Partsenidis

Founder & Senior Editor

Advanced Web Application Vulnerability Scanner: Now with Network Security Scanning

2019-06-02T16:51:54+10:00

Network security scanning is now possible on all versions of Acunetix Web Vulnerability Scanner, making this much easier and much more efficient to run both web security scans and network security scans at the same time. This is possible thanks to the seamless integration of Acunetix with the powerful OpenVAS security solution. There are many advantages of running network security scans in Acunetix - Click here to find out more.

Additional features supported by the latest version include:

Full support for IPv6
Improved usage of machine resources
Added support for Selenium scripts as import files
Multiple vulnerability checks for SAP
Unauthorized access detection for Redis and Memcached
Source code disclosure for Ruby and Python

Acunetix Web Vulnerability Scanner Now Available for the Linux Operating System

2018-11-20T09:02:42+11:00

Acunetix is one of the first commercial, automated web vulnerability scanners to be released for Linux as well as Windows, offering customers the choice to scan for vulnerabilities using Acunetix on their preferred Operating System.

With its support of the Linux operating system, Acunetix has become one of the most popular web vulnerability scanners in the market offering an extensive list of vunerability detection capabilities that will satisfy the most demanding web application developers and network security professionals.

Benefits of Running Acunetix Web Vulnerability Scanner on Linux

Reliability and security: Linux is the operating system most often selected for servers that need close to 100% uptime. Using Linux increases the reliability needed for the thousands of operations required to scan a website.
Cost-effectiveness: Acunetix customers can run the scanner in their own private cloud on either Amazon AWS, Digital Ocean or Google Cloud, for example.
Performance: Linux requires less resources to run, resulting in extra resources to increase scanner performance.

Users interested can also read our extensive review on the latest version of Acunetix

'Amazing' worm attack infects 9 million PCs

2009-01-19T11:57:19+11:00

Calling the scope of the attack "amazing," security researchers at F-Secure Corp. today said that 6.5 million Windows PCs have been infected by the "Downadup" worm in the last four days, and that nearly 9 million have been compromised in just over two weeks.

Early Friday, the Finnish firm revised its estimate of the number of computers that had fallen victim to the worm, and explained how it came to the figure. "The number of Downadup infections [is] skyrocketing," Toni Koivunen, an F-Secure researcher, said in an entry to the company's Security Lab blog. "From an estimated 2.4 million infected machines to over 8.9 million during the last four days. That's just amazing."

On Tuesday, Koivunen put the number of infected systems at 2.4 million, then updated the estimate Wednesday to 3.5 million, an increase of 1.1 million in just 24 hours.

"We haven't seen outbreaks of this scale in many years," said Mikko Hypponen, chief research officer at F-Secure, in an e-mail reply to questions. "[It] reminds me of the old Loveletter/Melissa/Sasser/Blaster cases size-wise," he added, ticking off some of history's biggest malware attacks.

Downadup -- which also goes by the name "Conficker" -- exploits a bug in the Windows Server service used by Windows 2000, XP, Vista, Server 2003 and Server 2008. Although Microsoft fixed the flaw with one of its rare "out of cycle" updates in late October, about a third of all PCs have not yet been patched, according to Qualys Inc., another security company. Those PCs are the ones being hijacked by the worm.

In his Friday blog post, F-Secure's Koivunen also provided some background on the company's estimate, in part because some people had expressed disbelief in the number. According to Koivunen, F-Secure came to its 8.9 million-machine estimate by spying on the worm's communication with hacker-controlled servers.

Once it's gotten onto a PC, Downadup generates a list of possible domains, selects one, then uses that URL to reach a malicious server from which it downloads additional malware to install on the hijacked computer. F-Secure, however, has registered some of those domains, and has been able to monitor traffic through those URLs.

By examining logs of connection attempts to the domains, F-Secure discovered several hundred thousand different IP addresses -- over 350,000 as of today -- as well as a counter embedded in each that spells out the number of additional PCs that the infected machine has compromised.

"So this number tells us how many other computers this machine has exploited since it was last restarted," explained Koivunen. A sample log provided by F-Secure showed 12 Downadup-infected PCs, which collectively had infected 186 additional systems. Just one of the originally infected computers successfully attacked 116 other machines.

"We wrote a program that parses the logs, extracting the highest value for the IP/User-Agent pairs ... then added together to get our figures," said Koivunen. "As you can see now, they are very conservative."

Earlier this week, the already-high number of Downadup infections prompted Microsoft to add detection for the worm to its Malicious Software Removal Tool (MSRT), the anti-malware utility that the company updates and redistributes each month to Windows machines. Microsoft released the latest edition of the MSRT with anti-Downadup capabilities last Tuesday.

Like other security researchers, those from Microsoft have put some of the blame on users slow to patch their PCs. "Either Security Update MS08-067 was not installed at all or was not installed on all the computers," a pair of security researchers who work at Microsoft said Tuesday.

Microsoft has recommended that Windows users install the emergency update, then run the January edition of the MSRT (Malicious Software Removal Tool) to scrub the worm from compromised computers.

Colasoft Announces the Release of Capsa Network Analyzer 8.0

2015-06-19T20:24:40+10:00

June 16, 2015 – Colasoft LLC, a leading provider of innovative and affordable network analysis software solutions, today announced the release of the latest version of Capsa network analyzer, a real-time portable network analyzer for wired and wireless network monitoring, bandwidth analysis, and intrusion detection. Capsa Network Analyzer 8.0 is based on the Third-generation Colasoft Traffic Recognition Engine (CSTRE), which substantially improved the accuracy and efficiency of protocol & application recognition.

Two Expert Diagnosis Events are added to Capsa 8.0, they are Physical Loop Diagnosis and Routing Loop Diagnosis. Capsa 8.0 makes it very easy for network administrators to locate network loop anomaly without looking into packet details. By providing possible reasons and solutions to each Diagnosis Event, it helps network administrators to quickly pinpoint and solve complicated network problems.

Another prominent feature is that packets can be colorized in Conversation Views, including Physical Conversation View, IP Conversation View, TCP Conversation View and UDP Conversation View. The relevance between a session and a packet is enhanced by colorizing packets which greatly improves performance analysis efficiency.

“In addition to concentrated development of new features, we also take great efforts to enhance user experience”, said Brian K. Smith, Vice President at Colasoft LLC, “Upon requests of many users, now Capsa 8.0 can easily be launched by command line. Packet timestamp shift function is added and host names can be resolved actively. Capsa 8.0 now offers the Network Engineer one of the most robust Bandwidth and Packet Analysis tools available”.

About Capsa

Capsa is an easy-to-use packet sniffer (network analyzer or network sniffer) for network monitoring and troubleshooting purposes. It performs real-time packet capturing, 24x7 network monitoring, reliable network forensics, advanced protocol analyzing, in-depth packet decoding, and automatic expert diagnosing. By giving you insights into all of your network's operations, Capsa makes it easy to isolate and solve network problems, identify network bottleneck and bandwidth use, and detect network vulnerabilities.

About Colasoft

Since 2001, Colasoft, an Oklahoma Company, has been an innovative provider of all-in-one and easy-to-use software solutions for users to monitor network activities, analyze network performance, enhance network security, and troubleshoot network problems. Currently, more than 5,000 customers in over 90 countries trust the company's flagship product, Capsa Packet Sniffer, as their network monitoring and troubleshooting solution.

Colasoft Announces Release of Capsa WiFi Wireless Network Analyzer

2011-03-18T23:26:20+11:00

CHENGDU, CHINA--(Marketwire - March 17, 2011) - Colasoft, a leading provider of network analysis solutions, is happy to announce the arrival of Capsa 7.4 WiFi Edition network analyzer to the public.

Capsa 7.4 WiFi Edition is a powerful and professional wireless network analyzer designed for complete 802.11 a/b/g/n wireless network troubleshooting, monitoring and analysis, with any of the most popular wireless network adapters. Capsa 7.4 WiFi Edition focuses on evolving its solution to enhance the security level as well as improve the reliability and visibility of services for wireless networks, and therefore maximize the value of the IT organization.

"After two months beta testing, we received many professional test reports from Colasoft Testing Group, which help making great improvement to this wireless network analyzer", said Eddie Gao, CTO of Colasoft, "The beta version has proved to be fully functional and very successful. It has gained very high recognition in network community for its high reliability and great packets capturing and analyzing ability of 802.11 a/b/g/n networks. And based on testers' feedbacks and suggestions, interfaces and user experiences have been enhanced magnificently. You will enjoy a much cleaner and friendly interface, especially a simple start page which straightly guides you to your wireless network analysis journey."

Key Features of Capsa 7.4 WiFi Edition Network Analyzer:

    * Support 802.11a/b/g/n
    * Auto identify and decode with pre-entered WEP/WPA/WPA2 key
    * Compatible with all NDIS 6.0 wireless network adapters
    * Auto -scan all access points in the air
    * Capture all wireless network packets from one or more APs and keep APs records
    * Log DNS, Emails (SMPT POP3), FTP, HTTP & IM messages (MSN & Yahoo Messenger)
    * Provide customizable analysis profile and 40 expert diagnosed network problems
    * Provide powerful and customizable reports
    * Analyze post-events by replaying packet files

Capsa WiFi Beta Testing Ended, Take Your iPad Home Now!

2011-04-24T01:07:47+10:00

We are very happy to announce that Capsa WiFi Beta Testing is successfully ended. During three months beta testing, we receive a few bugs reporting, many useful feedbacks and great suggestions. We would like to appreciate all activate testers who make their effort to develop a better Capsa, and we actually embedded their ideas into the product, and now Capsa WiFi is officially released to the public and is gaining its popularity in wireless networking field.

Although Capsa WiFi testing is ended, Colasoft testing group is still open and welcome new members. If you have interest in testing Colasoft products and share your feedbacks and software experience, there’s no reason to reject being a Colasoft test users.

After deeply researching and analyzing of all test reports we received, we have come up with the top 10 test users who win iPad, next 10 who win free Capsa WiFi license and other 30 with attractive discount coupon codes when purchase Capsa WiFi.

Gates to give up daily role at Microsoft

2006-06-16T19:06:19+10:00

Jack Writes: Bill Gates plans to withdraw from day-to-day duties at Microsoft Corp., so he can focus on his charitable foundation while others run the company he co-founded and guided to industry dominance and vast personal wealth.

Gates, 50, said Thursday he will remain the company's chairman after transferring his daily responsibilities over a two-year period. One of the key people taking on Gates' responsibilities is technology luminary Ray Ozzie, who developed Lotus Notes and came to Microsoft when it acquired his company, Groove Networks Inc., in 2005.

The move will end an era at Microsoft, which Gates founded in 1975 with childhood pal Paul Allen and has been the public face of ever since. Gates said he is stepping back so he can focus more time on his philanthropic foundation, the world's largest.

The Redmond company on Thursday laid out a plan for other high-ranking executives to take on Gates' duties. Gates and Chief Executive Steve Ballmer also noted that recent corporate reorganizations have been designed to move more responsibility to lower-ranking executives, so the company could more quickly make decisions without Gates and Ballmer.

But, in an interview with The Associated Press, Ballmer conceded that there was no way to replace Gates.

"If we think anybody gets to be Bill Gates, I don't think that's a realistic hypothesis," he said.

Gates stressed that, although he was giving up day-to-day responsibilities beginning in July 2008, he would still play a role at the company.

"I'm not leaving Microsoft," he said.

Gates also said he had no plans to give up the distinction of being the company's largest shareholder.

"I'm proud of that," he said.

Ozzie will immediately assume Gates' title as chief software architect and begin working with Gates on overseeing all software technical design.

Chief Technical Officer Craig Mundie will immediately take the new title of chief research and strategy officer and will work with Gates in those areas. Mundie also will work with general counsel Brad Smith to guide Microsoft's intellectual property and technology policy efforts.

Gates' decision comes at a difficult time for Microsoft. The company recently said it was delaying the new version of its Windows operating system yet again, and it is struggling to compete with Internet rivals such as Google Inc. and Yahoo Inc. Investors also were caught off guard this spring when Microsoft announced plans to substantially increase overall research and development costs, and sent share prices tumbling.

But Gates said Microsoft is always facing new competitors and challenges, and the recent spate didn't affect his decision.

"There isn't any time in our history when there haven't been questions about Microsoft," he said.

Gates is ranked by Forbes magazine as the world's richest man, with an estimated wealth of about $50 billion. That great wealth, he said, also brings great responsibility, and he repeated his often-spoken desire to give away the bulk of his fortune to charity.

Gates said he didn't realize when he started the Bill & Melinda Gates Foundation in 2000 what potential there was for addressing some of the world's greatest problems, such as global health and education. The foundation is now the world's largest philanthropy, with assets totaling $29.1 billion.

"Just as Microsoft has taken off in ways I never expected, so has the work of the foundation," he said.

The foundation is considered a leader in international public health, particularly in the fight against HIV, malaria and tuberculosis in the developing world. In the United States, it has put its massive resources behind reforming education and accessing technology in public libraries.

Gates dropped out of Harvard to start Microsoft with Allen in 1975. He took Microsoft public in 1986 and was the company's chairman and CEO until 2000, when he assumed the role of chief software architect and Ballmer, a college friend and one of Gates' early hires, took over the role of chief executive officer. Ballmer will remain responsible for all day-to-day operations and the company's business strategy.

The world "has had a tendency to focus a disproportionate amount of attention on me," Gates said, when in reality, Microsoft is a company with an extraordinary depth and breadth of talent.

"Our leadership team has never been stronger," he said.

"Bill and I are confident we've got a great team that can step up to fill his shoes and drive Microsoft innovation forward without missing a beat," Ballmer said.

Ballmer said he has no plans to step down soon.

"I'm in it for the long run," Ballmer said.

For the past six years Gates has focused on Microsoft's software development as the company's chairman and chief software architect.

Ozzie, 50, worked on the first electronic spreadsheet, VisiCalc, in the early 1980s. In 1983, he joined Lotus Development Corp. -- Microsoft's archrival at the time -- to develop Lotus Symphony, a business software suite.

He later founded Groove Networks, where he developed Groove Virtual Office. Microsoft acquired Groove Networks in April 2005 and named Ozzie chief technical officer.

Mundie, 56, joined Microsoft in 1992 to create and run its Consumer Platforms Division, which was responsible for non-personal computer software. Mundie also started Microsoft's digital TV efforts. His current responsibilities include global technology policy and a variety of technical and business incubation efforts.

Ozzie and Mundie will continue to report to Gates, as will the company's third chief technical officer, David Vaskevitch. At an unspecified time during the two-year transition period, they will shift to reporting to Ballmer.

The news was announced after financial markets closed. Earlier, shares in Microsoft rose 19 cents, or 0.87 percent, to close Thursday at $22.07 on the Nasdaq Stock Market. Shares lost 9 cents in after-hours trading.

Windows Vista for everyone to test

2006-06-09T20:48:04+10:00

Jack Writes: Microsoft Corporation has made available its Windows Vista to the public for testing. The company announced Wednesday Beta 2, the latest test version of the operating system, will be available in English, German, and Japanese versions -- in either 32-bit or 64-bit editions -- for downloading.

The English 32-bit version is 3.13 GB and in .iso format. It can be downloaded from Microsoft's Vista beta site.

Users will have to burn the file into a DVD. Microsoft is arranging to send a physical disc at a small cost ($6) for users not having a DVD-RW.

Microsoft said it will send the product registration keys, required to install Vista from the DVD, by e-mail to those who had downloaded Beta 2, (named the Customer Preview Program). Those calling for discs will get the keys along with the discs.

Microsoft is partnering with Akamai Technologies to help users manage the download, especially when internet connections are disturbed during the download. Akamai Technologies will provide a download management utility, which can be downloaded as an ActiveX control by Internet Explorer users. Other browser users are provided with a Java version of the utility.

Microsoft had released Beta 2 in May to limited number of testers.

Microsoft cautioned average users against downloading and testing the program, saying it is actually intended for tech professionals and developers, or those who had adequate knowledge of the system. The company also asked the prospective users to test their machines for "Vista Ready" application, to ensure that the PC is ready for the new operating system. While it is looking for millions of testers, the company said it may cap the test program at some point.

The company plans to complete the testing and development of the program later this year in order to launch the product in early 2007.

Microsoft plans better disclosures for piracy monitoring tool

2006-06-08T13:00:00+10:00

Jack Writes: Microsoft Corp. acknowledged Wednesday that it needs to better inform users that its tool for determining whether a computer is running a pirated copy of Windows also quietly checks in daily with the software maker.

The company said the undisclosed daily check is a safety measure designed to allow the tool, called Windows Genuine Advantage, to quickly shut down.

"It's kind of a safety switch," said David Lazar, who directs the Windows Genuine Advantage program.

Lazar said the company decided to add the safety measure because the piracy check, despite widespread distribution, is still a pilot program. He said the company was worried that it might have an unforeseen emergency that would require the program to terminate quickly.

But he acknowledged that Microsoft should have given users more information about the daily interactions.

"We're looking at ways to communicate that in a more forward manner," he said.

Lazar also said the company plans to tweak the program soon so that it will only check in with Microsoft every two weeks, rather than daily.

The tool, part of the Redmond company's bid to thwart widespread piracy, is being distributed gradually to people who have signed up to receive Windows security updates. The company expects to have offered it to all users worldwide by the end of the year.

Lazar said that so far, about 60 percent of users who were offered the piracy check decided to install it. Once installed, the program checks to make sure the version of Windows a user is running is legitimate, and gathers information such as the computer's manufacturer and the language and locale it is set for.

That information-gathering is disclosed in a licensing agreement. But the agreement does not make clear that the program also is designed to "call home" to Microsoft's servers, to make sure that it should keep running.

At least every 90 days, the tool also checks again to see if the copy of Windows is legitimate. Lazar said that's because the company sometimes discovers that a copy of Windows that it thought was legitimate is actually pirated.

When Microsoft believes a copy of Windows is pirated, the user begins to get a series of reminders that the copy isn't genuine. Such users also are barred from downloading non-critical updates, such as the new version of its Internet Explorer browser. But anyone who has signed up to automatically received security updates, which repair flaws to prevent Internet attacks, will still get those fixes.

Lauren Weinstein, who is co-founder of People for Internet Responsibility and was one of the first people to notice the daily communications to Microsoft, said he understands and sympathizes with Microsoft's desire to control widespread piracy of its flagship product. But he said it's problematic that Microsoft did not disclose all the tools' communications with the company.

Weinstein said he also was surprised that Microsoft decided to release so widely a tool that it says is in a "pilot" mode and might need to suddenly be shut down.

"Really what you're talking about is someone saying, 'Look we've put something on your computer and it might go screwy, so we're going to kind of check in every day,'" he said.

Such a concession raises concerns about the quality of the tool itself, he added.

"They sure should've notified better, and it makes me wonder if it should have been deployed better."

Microsoft To Compete With Google And Yahoo With Upcoming Search Services

2006-04-12T10:00:00+10:00

Jack Writes: In an attempt to catch up with Google's and Yahoo's search services and establish a better competitive position, Microsoft is enhancing its Windows Live portfolio with two more customer-oriented search services: Product Search and Academic Search.

Similar to Google's Froogle and Yahoo's Shopping service, Microsoft Live Product Search will allow the user to search for various products taking into consideration extra criteria such as category, brand, seller or other specific keywords, also offering a price comparison possibility.

"It is also rumored that as well as including expert or user-provided buying guides, Product Search will also provide access to discussions on products from articles and blog posts, something Froogle does not yet do," wrote Chris Overd, one of the authors posting on LiveSide blog.

The other new service, Academic Search, will be a direct competitor to Google Scholar. It basically allows users to search for books in libraries located near them or for articles from academic journals.

More specifically, according to the LiveSide blog, it will have features which will allow users to: view an abstract for an academic article in a search preview pane; view the complete article, as long as it is not being hosted on a Web site that requires a subscription or is restricted-access; view a complete article as long as they have a valid subscription to do so; and purchase an article electronically using the British Library.

According to Microsoft, a beta versions for Academic Search will be available before late September. No further details were disclosed about Product Search, although the company said that they will be forthcoming.

Microsoft To Release Vista With A Linux Kernel

2006-04-05T16:56:38+10:00

After years of delays and months of rewriting code the Microsoft Corporation has taken a new direction with Windows Vista. Microsoft will release Vista with a Linux kernel. At the press conference Bill Gates had this to say "We are very excited at the new direction of Windows Vista. With help from Novell and IBM we have leveraged the Linux kernel and have built our GUI as a Window Manager on top of X.org. This brings the friendliness and usability model of our Windows operating system and married it to the stability and rock solid security of Linux.

" When asked why Microsoft took this route Jim Allchin said " For years our competitors and business partners have been telling us they want everything the Linux kernel offers. It was the right thing to do." Allchin also had this to say "With such great work being done in the Open Source community we also will be using OpenOffice.org as the base of our Office 12." When asked how long the delays would be to bring these products to market Gates said "What delays? 90% of the work is done for us and we didnt have to pay, this cuts our development costs and time to market considerably."

Linus Torvalds took the stage and after a heartwarming embrace of Bill Gates Linus had these remarks, "Its so wonderful that Microsoft has taken our work and used it to bring to market this incredible new OS. I am ecstatic of these changes"

It has been confirmed that Linus will start a new job at Microsoft as the President of Platform Strategies. When asked of his new job at Microsoft Linus said "OSDL wasnt doing anything to help Linux along, all they did was siphon money off of our key members. Im very excited at the direction Microsoft plans to take Linux and finally feel Im in the presence of people that care."

The new OS will be available under Microsoft's Shared Source License.

Microsoft Delays Vista Until January

2006-03-22T21:28:34+11:00

Jack Writes: Microsoft Corp. on Tuesday said it would delay general availability of Vista, the next major upgrade to the Windows operating system, until January 2007, a move that's expected to have some impact on consumer PC sales.

Businesses are expected to get access to the next-generation OS in November, with broader availability to consumers set for January 2007.

Microsoft, based in Redmond, Wash., plans to go into "broad consumer beta" to about 2 million users in the second quarter of 2006, the company said in a statement. More than a half million customers have received the latest community technology preview for Vista.

Delaying shipments for consumer PCs until January means Microsoft will miss the holiday shopping season, which accounts for a major portion of retailers' annual sales. In announcing the delay, Jim Allchin, co-president for the Platforms and Services Division at Microsoft, said once it was determined that Vista would not ship in time for holiday sales, it made more sense to focus on businesses first.

"The industry requires greater lead time to deliver Windows Vista on new PCs during holiday," Allchin said in a statement. "We must optimize for the industry, so we’ve decided to separate business and consumer availability.”

Because of the way businesses test and deploy software, it made more sense for Microsoft volume licensing customers to receive Windows Vista a couple of months before consumers, the company said.

Rob Helm, director of research at Directions on Microsoft, said once it became apparent that the Christmas season would be missed, there was no good reason to push Vista out this year.

"[The delay] will have some impact on [consumer] PC sales, which were starting to depress already and now will go on for a couple more months," Helm said.

Indeed, worldwide PC shipments this year are expected to slow this year to a 10.7 percent increase over 2005 to 234.5 million units, according to Gartner. Shipments in 2005 were 15.5 percent higher than 2004. The delay, however, is expected to have a minor impact on enterprises.

"Typically, volume license renewals pile up in December, at the end of the calendar year, and June, the end of Microsoft's fiscal year," Helm said. "But with it RTMing [release to manufacturing] before the end of the year, those companies won't miss the Vista boat."

Windows Vista to Get Rid of Spyware

2006-03-20T23:59:21+11:00

Jack Writes: Microsoft's long-awaited Windows Vista is being designed to eradicate all the nasty spyware that maliciously tries to sneak into your computer. Although this may sound like good news for those users who prefer commodity, there is also a downside: the anti-spyware industry is seriously threatened.

Windows XP's successor has its heart set on introducing important changes at the heart of the operating system, as well as to Internet Explorer, and includes Windows Defender, an anti-spyware tool. Vista will offer more security improvements than any other version of Windows on the market.

Rob Enderle, an analyst with the Enderle Group, declaired: Vista, because it was pretty much conceived during the toughest times for Microsoft with regards to malicious software, has the most protection in it compared to any of their platforms.

The spyware threat will definitely shrink or shrivel. We got a handle on spam. It still gets through, but it is such a small percentage now, we know how to deal with what gets through. That same thing will happen to spyware. It will be under control, said John Pescatore, an analyst with Gartner.

Spyware and its litte cousin adware are widely resented for their sneaky distribution tactics, unauthorised data gathering and slowing of PCs. Therefore, Vista - unlike XP - will run by default with fewer user privileges. People will full administrator privileges to perform tasks such as installing an application.

Also, Internet Explorer 7, included with Vista, will prevent stealthy installs of malicious code by stopping the browser from writing data anywhere except in a temporary files folder without first seeking permission. Windows Defender will clean up any infections that do make it through. It is three layers of protection, said Austin Wilson, a director in the Windows Client group at Microsoft.

Wilson also added: We have taken out a significant number of the attack vectors that spyware authors use today. We're not saying that spyware will be gone because of Windows Vista. We do think we will make a significant impact.

In the meanwhile, the anti-spyware software producers seem to have bad days heading their way. The aftermarket for Windows anti-spyware is going to dry up almost completely, said Yankee Group analyst Andrew Jaquith. Windows Defender is going to become the default anti-spyware engine, certainly for most consumers that have Vista machines. Gartner's Pescatore agrees: Integrating Windows Defender into Windows Vista is sort of the last nail into the standalone anti-spyware coffin.

But not everyone shares the opinion that Vista can make spyware disappear or that its arrival will mean the end of the anti-spyware industry. David Moll, chief executive officer of Webroot, the largest standalone anti-spyware seller, said: I think all of these operating system enhancements are going to be helpful in the battle on spyware. I don't think there is a silver bullet, though.

Microsoft Patches Six ''Critical'' Office Flaws, Just One For Windows

2006-03-15T21:57:26+11:00

Jack Writes: Microsoft’s Patch Tuesday has just passed, and once again, the company from Redmond has offered the image of a Microsoft Office for which the number of patched flaws and discovered vulnerabilities exceeds by far the number of non-security related upgrades.

Thus, the two patches issued by Microsoft addressed six Office flaws, dubbed “critical” by the company, and one less significant but still important Windows flaw.

As BetaNews reports, the patch dealing with the Office vulnerability contained fixes for five issues within Excel, including malformed range, file format parsing, description, graphic and record flaws. In each case, an attacker could take complete control of an affected system if the user was logged in as an administrator.

Microsoft also fixed a flaw that occurs when using a malformed routing slip within an Office document. Remote code execution as well as a complete system takeover would also be possible through this vulnerability.

The Windows patch was for a vulnerability discovered by a pair of Princeton Researchers. In computers running either Windows Server 2003 without the service pack or Windows XP SP1, a privilege vulnerability flaw exists that would allow an attacker to easily find privilege escalation vulnerabilities in third-party applications.

Proof of concept code for this flaw was released publicly one month ago, and detailed how ACLs -- short for access control lists -- could be exploited. These tables of data tell the computer what rights a user has for each system object.

However, coding errors resulted in vulnerabilities that allow these lists to be bypassed by attackers.

As it usually does, the company recommended all its users to update as soon as possible, either by Windows Update or the built-in Automatic Updates feature.

Microsoft to launch Vista in first week of October

2006-03-03T14:00:00+11:00

Jack Writes: Microsoft has begun warming up its marketing machine with information bits and pieces about its Windows Vista operating system. The public this week learned about the different version of the operating system while product partners apparently have received a time frame for the launch of the software, TG Daily has learned. According to sources, Microsoft will introduce Vista between in the week of 2 October.

The Vista timeline indicates that the February beta of Vista concludes the beta phase for the operating system. Microsoft will continue on its roadmap with two release candidates RC0 and RC1, which are due in the week of April 10 and June 26, respectively. Microsoft is confident that it can prepare Vista within eight weeks of the release of RC1 for mass production: A release to manufacturing (RTM) is scheduled for the week of 14 August.

Microsoft apparently will miss some expectations of a third quarter release of Windows Vista. Sources told TG Daily that Microsoft is aiming for a global rollout in the first week of October (2 - 6 October). At launch date, Microsoft will also introduce DirectX9L (formerly named Windows Graphics Framework 1.0), the Vista upgrade for the multimedia driver, as well as DirectX 10 (WGF 2.0) and the Media Center Edition (MCE) of Vista. An update for DirectX (v10.1) will be released in the second half of 2007.

The server variant of Vista will follow slightly behind the client software, with RC0 and RC1 currently indicated to be available in the second half of 2006, while RTM is scheduled for the first quarter of 2007. Users of Windows XP will see one more Service Pack (SP3) in December of this year.

Microsoft yesterday announced that there will be a total of six Vista versions: Microsoft will launch two core versions of the operating system for home users, and two core versions for business users. The product line will be capped off by a new low-cost Starter edition at the bottom tier and an Ultimate edition at the top tier, which will bundle together all features built into the upper-level home and professional classes.

Hackers give proprietary programmers run for their money

2006-04-19T10:00:00+10:00

Jack Writes: It started innocently enough. A man wanted his company to replace his aging office computer with the new Intel-based Apple MacBook Pro, telling his boss that he could boot Windows XP on it.

Problem is, at that time, you couldn't. There was no software, method or boot loader that would allow Mac users to run Microsoft's operating system on the cool, sleek Apple hardware.

Putting money where his mouth is, Colin Nederkoorn put up US$100, set up a website (www.onmac.net), urged others to donate money, and launched an open-source software coding contest.

Ever since its inception in late January to the award of the prize in mid-March, over $13,000 was raised. Giving a new meaning to Internet advertising, the list of all donors, both individuals and corporate, was published on the web, some including links to their blogs or company websites.

Nederkoorn's call to arms was a welcome cry to battle-hardened Mac users who love their machines, but were sometimes forced to use the Windows platform due to application software lock-ins for both the corporate environment (such as custom-made company programs) or entertainment (i.e. games).

When Apple CEO Steve Jobs announced the move to the Intel processor, everyone was hoping for immediate Windows compatibility. But things were moving more slowly than expected, especially since it was announced that Windows XP could not use the Mac's new Extensible Firmware Interface (EFI).

But as the open-source world has demonstrated, commercial or corporate limitations should not prevent the creation of hardware or software needed by the world's computer users. Despite corporate reluctance, users today can now make their own solutions if needed. And if they can't do it personally, there are enough people online who can.

Many people think of "open-source" as a term used by Linux zealots, fighting for justice and equality in a greedy corporate world. Some even equate it with a form of technological communism since it would not (allegedly) allow anyone to make a profit. Yet many companies today can profit from supporting open-source development, such as IBM, Sun Microsystems and Oracle.

Perhaps one of the best benefits of this open-source contest is that the code created can be shared and improved. And if corporate IT managers look around the web, there are an abundance of freely-available community created solutions, from web servers (www.apache.org), databases (www.mysql.com), intranet applications (www.opensourcecms.com), productivity suites (www.openoffice.org) or even push e-mail servers (www.funambol.com) that can be downloaded and implemented.

To help customize these applications for specific business processes, there are many Indonesian programmers and consultants who can help companies utilize them to the fullest.

More importantly, the open-source developer community can help dictate market trends. Not a month after the end of the XP-on-Mac contest, Apple Computer released their own free solution, dubbed Boot Camp, to allow users install Windows flawlessly on Mac hardware. Some PC games and programs actually ran faster on the Mac hardware than other computers.

As the creators of the Mac operating system, it would not be surprising if Apple had the solution all along and was just waiting for the right moment to release it. And based on the popularity of the onmac.net contest, there was plenty of demand prompting the launch of Boot Camp to help expand the Mac's global market share.

What would happen if an open-source community did not exist? Or worse, software patents made it illegal or expensive to create innovative programs to meet our needs?

The world could become dominated by mega-software corporations, pushing their own points of view and profits, forcing people to pay handsomely for software.

For individuals and businesses, that would affect our bottom lines.

Apple sued over ''millions of colors'' claim in iMac ads

2008-04-02T17:20:00+11:00

Jack Writes: Los Angeles (CA) - If you're going to say that your displays can show millions of colors, you better be able to back that up. That's the lesson Apple is learning after Los Angeles law firm Kabateck Brown Kellner filed a lawsuit against the company for false advertising.

Part of Apple's ad campaign for its iMac computers was that they could display "millions of colors at all resolutions." According to the lawsuit, however, there are really only 262,144 colors.

"Apple is duping its customers into thinking they’re buying 'new and improved' when in fact they’re getting stuck with 'new and inferior,'" said managing partner Brian Kabatech.

If successful, the claim could be brought to class-action status, an area that Kabateck Brown Kellner has delved deeply into before. The firm has tried numerous cases against big business.

The firm said that it wants "to help those customers who were deceived and make sure Apple tells the truth in the future."

Apple had no comment.

MacBook Air Hacked in PWN 2 OWN Contest

2008-03-29T03:33:21+11:00

Jack Writes: Charlie Miller, also known for his iPhone hack, managed to walk away from CanSecWest's PWN 2 OWN contest with US$10,000 and a MacBook Air after successfully hacking into the portable computer. Mr. Miller was able to successfully hack the laptop after the rules of the contest were relaxed to allow for more than remote attacks, according to InfoWorld.

On the first day of the event, contestants unsuccessfully attempted to remotely hack into the Mac, a Windows PC, and a Linux PC. On the second day, however, Mr. Miller was able to gain control over the MacBook Air in only two minutes by directing a contest organizer to visit a specially crafted Web site with the laptop.

The Web site contained code that Mr. Miller developed specifically to hack into the Mac.

Exactly what the code did to the MacBook Air is a secret, and will remain that way until after the contest organizers can notify Apple of the exploit thanks to the nondisclosure agreement Mr. Miller was required to sign.

Since the relaxed contest rules on the second day prohibited attackers from using applications that weren't part of the standard OS installation, Mr. Miller likely took advantage of an undisclosed flaw in the Safari Web browser. Once Apple has been notified of the potential security flaw the company will likely issue an update that patches the threat.

Windows Officially on Macs

2006-04-06T20:39:22+10:00

Today Apple has started the public beta of BootCamp which allows Mac Intel users to run both Mac OS X and Windows XP. Bootcamp will be vailable for MAC OS Tiger 10.5.

No Vista For Intel Mac

2006-03-13T21:38:39+11:00

Jack Writes: Dispelling the rumours and the speculation which referred to both Vista and Mac OS X using EFI (Extensible Firmware Interface) software when they launch in order to achieve a better compatibility, Apple announced that Intel Macs are "unlikely" to be able to run Vista.

Windows Vista will not in all likelihood run on Intel Macs without a purpose-built emulator, said to Apple senior software architect Cameron Esfahani.

Because the 32-bit versions of Vista will continue to use their standard Basic Input/Output System (BIOS) during start-up and only the 64-bit Vista is said to support the Extensible Firmware Interface system, 32-bit Intel Mac users will have to settle only for Mac OS X on their systems.

"EFI is the modern and flexible successor to the 20-year-old PC BIOS. It is responsible for initialising hardware in the PC, and importantly, device drivers are stored in the EFI flash memory rather than being loaded by the operating system," said Dan Warne in APC Mag.

"That's terrible news for Intel Mac users who have been hoping that they could dual-boot Windows and Mac OS X on their new Macs: not only are their processors not 64bit (and thus will never be supported by Windows EFI booting), but Windows Vista won't boot on EFI anyway," Warne added.

Esfahani confirmed the fact that Apple's Mac OS X integrates only limited support for EFI and there's no "legacy" code included for older devices and hardware.

However, according to a recent note from Needham &Co analyst Charles Wolf, it seems that if Apple will make its Intel Macs capable of running Windows, the company's market share could substantially rise to over 9 percent.

New Apple Hacking Contest Proves OS X Is ''Very Secure''

2006-03-09T22:02:19+11:00

Jack Writes: You were informed, in one of our previous articles, about the Swedish so-called “Hack-My-Mac” competition, during which a fully patched Mac mini was allegedly cracked in less than 30 minutes. Intrigued by this whole story, a university systems engineer set up his own contest. However, the results were quite different.

Thus, the engineer said that even after 4,000 log-in attempts and two denial-of-service attacks, his Mac mini remained untouched, according to Gregg Keizer for InformationWeek.

Dave Schroeder, a senior systems engineer at the University of Wisconsin, launched his contest Monday by setting up a fully-patched Mac mini hosting a Web page, and challenging attackers to have at it.

Schroeder said that the Swedish attack contest -- in which an attacker claimed he had cracked the Mac in under 30 minutes -- was deceptive. "This machine was not hacked from the outside just by being on the Internet," Schroeder wrote on his Web site. "It was hacked from within, by someone who was allowed to have a local account on the box. That is a huge distinction.

"It [left] people with the impression that a Mac OS X machine can be 'hacked' just by doing nothing more that being on the Internet. That is patently false."

For his challenge, Schroeder connected a PowerPC Mac mini to the Internet. The machine ran Mac OS X 10.4.5 with the latest security updates. The Mac had two local accounts, and Schroeder left both SHH and HTTP open.

The mini garnered attention and lots of traffic, said Schroeder, who logged 4,000 attempts. The machine weathered two DoS attacks, various Web exploit scripts, SSH dictionary attacks, and untold probes by scanning tools, he added.

"There were no successful access attempts of any kind during the 38 hour duration of the test," he crowed.

The Mac OS X is not invulnerable, he said, but it is "very secure."

"Apple is responsive to security concerns with Mac OS X," said Schroeder. "[That's] one of the most important pieces of the security picture."

What do you think? Was the first contest, the Swedish one, just an attempt to discredit the most secure OS currently on the market, by either a Mac-hater or somebody from the competition? To me, this doesn’t seem at all farfetched.

Apple Unveils Mac mini with Intel Core Duo

2006-03-02T22:58:50+11:00

Jack Writes: Apple today unveiled the new Mac mini with the Intel Core Duo processor, delivering performance up to four times faster than its predecessor and providing even greater expansion in the same innovative and incredibly compact design.* Starting at just $599, the Mac mini is the most affordable way to enjoy iLife(R) '06, the next generation of Apple's award-winning suite of digital lifestyle applications, and features the Apple Remote and Front Row so you can play your music, enjoy your photo slideshows, watch your DVDs, iMovies, music videos and television shows from across the room.

"With the new Mac mini, Apple has now moved 50 percent of its entire product line to Intel within 60 days -- a record transition," said Philip Schiller, Apple's senior vice president of Worldwide Product Marketing.

"The new Mac mini is now up to four times faster with the Intel Core Duo, includes even greater expansion in the same incredibly compact design, and is the most affordable way to enjoy Front Row and iLife '06."

Featuring the next generation of Apple's breakthrough Front Row media experience, the new Mac mini gives customers a simple way to enjoy their digital lifestyle content on the Mac mini including music, photos and videos from across the room using the Apple Remote. With the latest version of Front Row, customers can now effortlessly access shared iTunes playlists, iPhoto libraries and video throughout their home via Bonjour, Apple's zero configuration wireless networking built into Mac OS X.

The new Mac mini offers a completely new system architecture for performance up to four times as fast as the previous Mac mini, including a 667 MHz front-side bus and 667 MHz DDR2 SDRAM memory expandable to 2GB. With the latest high-performance connectivity options, every new Mac mini now includes built-in 10/100/1000 BASE-T Gigabit Ethernet for high-speed networking, built- in AirPort(R) Extreme 802.11g WiFi for fast 54 Mbps wireless networking**, built-in Bluetooth 2.0+EDR (Enhanced Data Rate) and a total of four USB 2.0 ports, twice as many as the previous generation. Mac mini includes a DVI interface and a VGA-out adapter to easily connect to a variety of displays, including many of today's most popular flat panel televisions, and now features both analog and digital audio outputs to easily connect to a home stereo.

The new Mac mini includes iLife '06, the next generation of Apple's award- winning suite of digital lifestyle applications featuring major new versions of iPhoto, iMovie HD, iDVD(R), GarageBand(TM) and introducing iWeb(TM), a new iLife application that makes it super-easy to create amazing websites with photos, blogs and Podcasts and publish them on .Mac for viewing by anyone on the Internet with just a single click. All the iLife '06 applications are Universal applications that run natively on the new Intel-based Mac mini for maximum performance.

Every new Mac mini comes with the latest release of the world's most advanced operating system, Mac OS X version 10.4 "Tiger" including Safari(TM), Mail, iCal(R), iChat AV and Front Row, running natively. Mac OS X Tiger includes an innovative software translation technology called Rosetta(TM) that lets customers run most Mac OS X PowerPC applications seamlessly.***

Pricing & Availability

The new Mac mini is shipping today and will be available through the Apple Store(R) (http://www.apple.com), Apple's retail stores and Apple Authorized Resellers.

The new 1.5 GHz Mac mini, for a suggested retail price of $599 (US), includes:

-- 1.5 GHz Intel Core Solo processor;
-- 512MB of 667 MHz DDR2 SDRAM, expandable up to 2GB;
-- a slot-load Combo (DVD-ROM/CD-RW) drive;
-- 60GB Serial ATA hard drive running at 5400 rpm;
-- Intel GMA950 graphics processor;
-- built-in AirPort Extreme wireless networking & Bluetooth 2.0+EDR;
-- Gigabit Ethernet (10/100/1000 BASE-T);
-- four USB 2.0 ports;
-- one audio line in and one audio line out port, each supporting both optical digital and analog;
-- DVI-out port for external display (VGA-out adapter included, Composite/S-Video out adapter sold separately); and
-- the infrared Apple Remote.

The new 1.66 GHz Mac mini, for a suggested retail price of $799 (US), includes:

-- 1.66 GHz Intel Core Duo processor;
-- 512MB of 667 MHz DDR2 SDRAM expandable up to 2GB;
-- a slot-load 8x SuperDrive(TM) with double-layer support (DVD+R DL / DVD+/-RW / CD-RW);
-- 80GB Serial ATA hard drive running at 5400 rpm;
-- Intel GMA950 graphics processor;
-- built-in AirPort Extreme wireless networking & Bluetooth 2.0+EDR;
-- Gigabit Ethernet (10/100/1000 BASE-T);
-- four USB 2.0 ports;
-- one audio line in and one audio line out port, each supporting both optical digital and analog;
-- DVI-out port for external display (VGA-out adapter included, Composite/S-Video out adapter sold separately); and
-- the infrared Apple Remote.

Build-to-order options and accessories include up to 2GB DDR2 SDRAM, 80GB, 100GB and 120GB Serial ATA hard drives, iWork '06 (pre-installed), AirPort Express and AirPort Extreme Base Station, Apple Wireless Keyboard, Apple Wireless Mouse, Apple USB Modem and the AppleCare Protection Plan.

Mac OS X more vulnerable than WinXP

2006-03-02T20:06:54+11:00

Jack Writes: Apple's Mac OS X has many security vulnerabilities than its Windows XP counterpart, according to a ZDNet blog posting that polls the number of vulnerabilities from the independent security research group Secunia.

Along with the number of CVE issues for Microsoft Windows XP and Mac OS X within the last two years. The posting follows the recent reports of Mac OS X worms and an extremely critical Mac OS X zero-day exploit that has yet to be patched. Looking for a better response from Apple on the security, George Ou concludes: "The data is clear, and Apple has a lot more vulnerabilities of every kind ranging from moderately critical to extremely critical. While Windows had some months with more security disclosures, they are more spread out while Apple tends to release mega-advisories with dozens of vulnerabilities at a time. There were seven months where Apple disclosed more a dozen or more highly critical vulnerabilities."

Book Review: SDN and OpenFlow for Beginners with Hands-on Labs

2013-09-17T15:00:00+10:00

Firewall.cx reviews Vivek Tiwari latest book covering Software Defined Networks (SDN) and OpenFlow with the help of hands-on labs.

This new eBook, from author Vivek Tiwari, is a technical overview of SDN, its meaning, concepts, working principle and, finally, a glimpse of its future.

In a broad sense, this book is a brief glimpse of the author's journey to becoming familiarised with SDN, its impact and its future.

As well as imparting knowledge, it helps us avoid hours of online searches by providing a consolidated approach towards concepts and technology, and a thorough understanding of SDN via hands on experience through labs.

Read our review on SDN and OpenFlow for Beginners with Hands-on Labs and discover how this title can help get you started on future technologies that are bound to become part of every engineer's everyday routine.

Firewall.cx Officially Extends The Cisco Online Support Community (CSC) Technical Knowledgebase!

2013-07-22T07:00:00+10:00

July 22nd, 2013 - Firewall.cx, one of the world’s leading websites dedicated to the global IT Network and Security community, is proud to announce that it will be officially extending Cisco’s Online Support Community (CSC) knowledge base and technical expert documents. These will now include Firewall.cx’s popular articles based on Cisco technologies, Cisco services and equipment. Readers and users of Cisco’s Online Support Community around the world will be able to enjoy additional high-quality articles aimed at helping them master, troubleshoot and work with Cisco Technologies such as VPN security, Firewalls, Routing, Switching, CallManager / CallManager Express, Wireless and much more.

Firewall.cx is the world’s only official Cisco Press review partner and is recommended by the Cisco Network Academy and Cisco CCIE/CCNP experts. With more than 13 years of online presence, hundreds of uniquely written, high-quality articles tackling general networking, Cisco network security - VPN, VoIP, wireless, Linux administration topics and much more, Firewall.cx is considered to be one of the most up-to-date and reliable sources of information for IT Managers, Network Administrators, Engineers and Cisco Certification Candidates around the globe.

Free Downloads: Latest Cisco Configuration Professional, Cisco Network Assistant and Cisco Anyconnect Secure Mobility Client

2013-06-24T00:59:06+10:00

Firewall.cx has just updated its download section to include the latest versions of the popular Cisco Configuration Professional (CCP), Cisco Configuration Professional Admin and End-User Bundle, Cisco Network Assistance (CNA) and Cisco Anyconnect Secure Mobility Client. All software are available for Windows, MacOS and Linux platforms.

To access and download the software, visit Firewall.cx’s Cisco Tools & Applications download section.

Book Review: Your CCNA Exam Success Strategy: The Non-Technical Guidebook for Routing & Switching

2013-06-11T05:54:16+10:00

For those of you who have read the review of the author’s “Your CCIE Lab Success Strategy”, Dean Bahizad and Vivek Tiwari don’t need any introduction. Their non technical guides have propelled many aspirants towards their Cisco goals while dispelling myths and fears they would have encountered on the way to success. Their current offering is no less informative and spectacular in literary value. Both being double CCIEs, the authors unravel their experiences of the first steps to their current status. Being a CCNA is the foundation of a career in networking, namely in handling Cisco based devices.

This awesome non-technical guide enables novices and experts alike in taking the formative steps towards gaining their first certification, or retaining it.

Our review tells you how this book can help you achieve your CCNA Routing & Switching certification, why it is considered an essential ingredient for any CCNA R&S candidate and much more that none else will every tell you!!

Your CCNA Exam Success Strategy: The Non-Technical Guidebook for Routing & Switching Review

Merry Christmas and a Happy New Year!

2012-12-23T07:56:23+11:00

GFI LanGuard 2012 SR1 - Enhanced Network Management, Device Vulnerability Checks, Patching & Reporting

2012-12-20T06:49:37+11:00

With the new release of GFI's LanGuard 2012 SR1, we've got a number of much wanted features now available to further assist network administrators and engineers make their life much easier!

Mac OS Patching Support

GFI LanGuard now automates patching on Apple Mac OS X computers as well as Windows computers, all from the same console.

Enhanced Compliance Reporting

GFI LanGuard includes dedicated reports for additional compliance standards (Health Insurance Portability and Accountability Act (HIPAA), Public Services Network - Code of Connection (PSN CoCo), Sarbanes–Oxley Act (SOX), Gramm–Leach–Bliley Act (GLB/GLBA) as well as the Payment Card Industry Digital Security Standard (PCI-DSS).

Relay agents

With relay agents, patching may be offloaded from the GFI LanGuard server to agents on machines designated as relays. These contain copies of the patches that were previously stored on the GFI LanGuard server. This is extremely effective in large networks and in multi-site networks where it is much faster to patch machines from a local relay agent than it would have been from a remote LanGuard server.

Microsoft Non-security Patches

GFI LanGuard has long supported patches for Microsoft applications and operating systems, as well as for third-party applications. GFI LanGuard 2012 now also supports non-security patches for Microsoft operating systems and applications. (With third-party applications there has not traditionally been a distinction between the two types of patches, so we continue to support all patches for these applications). This means that there is no longer a need to run Microsoft WSUS to apply non-security patches. GFI LanGuard does it all.

Device Vulnerability Checks

GFI LanGuard can now detect vulnerabilities in the firmware of network devices such as printers, routers and switches, from popular manufacturers such as HP and Cisco. In total GFI LanGuard now checks for over 50,000 vulnerabilities on your network.

Smartphone and Tablet Identification

When auditing your network, GFI LanGuard can now identify iPhones, Android smartphones
and iPads.

Latest Platform Support

Windows 8 is now supported – as usual GFI LanGuard is ahead of the curve
regarding support for the latest Microsoft platforms.

Cisco VPN Client Software Download (Windows 32bit - 64bit, Linux 32bit - 64bit, MacOS)

2012-12-13T00:00:00+11:00

The Cisco VPN client software is one of the most popular Cisco software downloads on the Internet, so we've made it available on Firewall.cx! Cisco Administrators, Engineers and users can now freely download the latest Cisco VPN Client software directly from our Cisco Tools and Applications section. You'll find the necessary files to support all Windows operating systems, Linux (32-bit and x86_64 [biarch]) and MacOS (Mac OS X 10.5 and 10.6.). With over 90,000 downloads already, this is one of the most popular freebies on Firewall.cx!

Readers interested in learning how to configure Cisco Routers to support the Cisco VPN Client can read our popular article:Cisco VPN Client Configuration - Setup for IOS Router.

Network Fax Server Solution: GFI FaxMaker. Fax over IP, SMS, Email (SMTP/POP3), OCR, ISDN & More!

2012-12-02T06:02:52+11:00

Firewall.cx is always on the lookout for unique products and solutions that can help automate important services within your network environment. We recently ran into GFI's FaxMaker for Exchange/ SMTP and Lotus, which offers unique features not found in other similar products and which we are sure many would benefit from. While you can grab a copy of GFI's Faxmaker from our Free Download Section we would like to provide a brief overview of GFI's FaxMaker capabilities, which are very impressive!!

This award-winning fax server will allow you to send and receive faxes in a simple and secure manner where no fax boards or phone lines are required. It is used by thousands of companies worldwide and works with Exchange, Lotus and SMTP/POP3 or cloud-based email servers such as Office 365™ and Gmail™.

GFI FaxMaker is easy to install, is light on maintenance and integrates with messaging clients and customized solutions. It seamlessly integrates with mail servers, allowing users to send and receive faxes and SMS messages via their email client. Your company can also search for and back up all faxes in the same way that emails are stored and retrieved on the network.

Also included is an Optional OCR (optical character recognition) module that enhances recognition quality and provides support for over 119 languages, allowing you to search for words or phrases in received faxes for faster retrieval.

This fax server supports connectivity via analog, ISDN, Fax over IP and other online fax services allowing true hybrid faxing as no phone lines or fax boards are required. The fax over IP (FoIP) support integrates with IP-enabled PABXs and Brooktrout’s SR 140 or TE Systems XCAPI technology to send faxes over an IP infrastructure.

All you need is GFI FaxMaker, an account with a supported online fax service and an Internet connection. GFI FaxMaker is extremely flexible, competitively priced and very well-suited for small to medium-sized businesses.

VMware: End of Availability of ESX 4.x

2012-11-28T11:17:43+11:00

VMware Announces End of Availability Date for VMware vSphere® ESX hypervisor 4.x and VMware Management Assistant Versions 1 and 4

On November 28, 2012, VMware is notifying customers of an End of Availability (“EoA”) date for VMware vSphere® ESX hypervisor 4.x and for VMware Management Assistant (“vMA”) versions 1 and 4. The end of availability date is August 15, 2013. This is a follow-on communication to the general announcement made in July 2011 in connection with the launch of vSphere 5.0.

This notification has NO IMPACT on existing vSphere ESXi 4.x environments, and your customers are NOT required to take any action. However, it is recommended that customers make a backup or keep an archived copy of these binaries and generate any necessary license keys in order to maintain or expand a vSphere ESX hypervisor version 4.x or vMA versions 1 and 4 environment. These steps should be completed prior to August 15, 2013. VMware will not provide any binaries or license keys for vSphere ESX hypervisor 4.x or vMA versions 1 and 4 after August 15, 2013.

Please note:

vSphere ESX hypervisor 4.X and vMA support lifecycle
The end of support life (“EOSL”) date remains May 21, 2014. Learn more about VMware’s support lifecycle.
Customer’s ability to use the binaries of vSphere ESX hypervisor 4.x or vMA versions 1 and 4 past August 15, 2013
Customers retain the ability to use licensed binaries past the EoA or EOSL dates. However, they will not be able to download binaries or generate new license keys after the EoA date or obtain technical support and subscription after the EOSL date.
vSphere ESXi 4.X availability and support – There is NO impact
vMA 4.1, 5, or 5.1 availability and support for all versions – There is NO impact

Book Review: The Official VMware VCP5 Certification Guide

2012-11-23T08:00:00+11:00

The moment we find a book that gears us for a certification, straightaway we get into ‘I need to achieve’ mode. With it comes the urge to use shortcuts and randomly ignore things that you might think are irrelevant. I have said this before and I will say it again: a certification is just one milestone in the journey to attaining expertise, it is not the endgame. In spite of the fact that this book is written for the purpose of a certification, it does much more than that.

This is tailored to make you competent on vSphere 5. I would, however, tip my hat to the author for making that task much more manageable and entertaining. He has given careful attention to the goals and has kept the journey as simple as possible. I would not waste your time extolling the need for virtualisation. That is a well established fact. What this book does is prepare you to extract the best out of some really efficient virtualisation tools brought to us by VMware, which holds the position of being pathfinder in the virtualisation industry.

To continue reading this excellent VMware certification guide review by Arani Mukherjee, and learn how it can help you achieve your VCP5 certification, click here: Book Review: The Official VMware VCP5 Certification Guide.

Book Review: Securing Cisco IP Telephony Networks - By Akhil Behl Double CCIE (Voice & Security) #19564

2012-11-11T00:10:40+11:00

Reviewer: Arani Mukherjee

The days of staring at a mess of wires under the desk coming out of a PSTN Master Socket are truly over. The advent of VoIP has broken the stranglehold of a telephone cable and the network has finally taken over. I would not say that IP Telephony has revolutionised the telephony sector. That momentous transition happened years ago. We currently are going through a phase where it is common to have IP Telephony integrated into any enterprise and network administrators are actively implementing security measures and policies to it. Network security is of paramount importance and IP Telephony is not to be left behind. The fact is that Cisco, the market leader in network technology, also happens to be leading the IP Telephony field. Hence it has rightly decided that establishing robust security architecture is core to Cisco IP Telephony.

The latest Cisco title addresses the aforementioned issue promptly and efficiently. Whenever a technology becomes efficient, scalable and portable and is seen as an improvement on the incumbent technology, it is deemed indispensable. From that moment it also becomes a point of failure that can cripple a business because it has now inherited security vulnerabilities and threats. The same can be said about Cisco IP Telephony. What this book aims to achieve is, and I quote, “to explain an End-to-End IP Telephony Security approach and architecture…” And I assure you, this title does plenty of justice to that aim. So let’s dig deeper into the way this book deals with the issues and how it tackles security policies, principles and their respective implementations.

To continue reading our exclusive review click on the following link: Securing Cisco IP Telephony Networks.

Upcoming: Exclusive interview with the author, Akhil Behl Double CCIE (Voice & Security) #19564

Firewall.cx - Cisco CCIE Experts & Cisco Press Authors Collaboration Annoucement

2012-11-08T23:41:31+11:00

8^th November 2012

Firewall.cx, the world’s only awarded Official Cisco Press Reviewer and leading website in Cisco technologies, Linux and networking, announces its new collaboration with Cisco Press's CCIE experts and authors.

With this new collaboration, Firewall.cx aims to bring closer to the community the people who write the great Cisco Press books we've all come to love and rely on. Cisco Press authors who hold at least one CCIE certification will be contributing as guest writers on Firewall.cx, sharing their valuable knowledge and technical expertise with our global IT community, covering new exciting topics in Cisco Unified Communications, Cisco Security, Cisco Certifications, Cisco Wireless, Cisco Firewalls, Cisco Routing and much more!

In addition, Firewall.cx will be interviewing these gurus, providing a first-hand insight into how they obtain their certifications, how they deal with challenging problems, revealing their proven troubleshooting techniques, listen to their advice for newcomers and engineers seeking to increase their knowledge and expertise, plus much more!

To kick-start this new collaboration, Firewall.cx has invited CCIE Voice Akhil Behl, Senior Network Consultant with Cisco Advanced Services and author of the recent Cisco Press title: Securing Cisco IP Telephony Networks.

Akhil Behl will be providing the Firewall.cx community with a new technical article based on VoIP security and we’ll be publishing a number of upcoming events where the community will have the chance to interact with the author and ask questions!

Keep your eyes on Firewall.cx for updates as they become available.

The Firewall.cx Team

Expert: Akhil Behl Double CCIE (Voice & Security) #19564

Akhil Behlis a Senior Network Consultant with Cisco Advanced Services, focusing on Cisco Collaboration and Security architectures. He leads Collaboration and Security projects worldwide for Cisco Services and the Collaborative Professional Services (CPS) portfolio for the commercial segment. Prior to his current role, he spent 10 years working in various roles at Linksys, Cisco TAC, and Cisco AS. He holds CCIE (Voice and Security), PMP, ITIL, VMware VCP, and MCP certifications.

He has several research papers published to his credit in international journals including IEEE Xplore.

He is a prolific speaker and has contributed at prominent industry forums such as Interop, Enterprise Connect, Cloud Connect, Cloud Summit, Cisco SecCon, IT Expo, and Cisco Networkers.

He is the author of ‘Securing Cisco IP Telephony Networks’ by Cisco Press.

Book Review: VMware vSphere 5 Building a Virtual Datacenter (VMware Press Technology)

2012-10-28T21:34:15+11:00

These are challenging times for every industry and especially for IT. Every day IT managers are facing an uphill task to deliver a high level of service against the mounting odds of cost and shrinking budgets. Virtualisation is able to address all such issues and give added benefits of modernising the infrastructure.

VMware has been the trend setter in everything to do with virtualisation. Some of the key aspects it delivers are cost reduction, improved SLA, flexibility, operation efficiency, automation and standardisation. This publication from VMware Press uses VMware vSphere 5 to demonstrate how, as an IT Manager, one can use this in a datacentre environment. Full credit goes to both authors who have taken care to carry out a full analysis of all the product in their entirety, ensuring readers would be able to derive the full benefits.

To continue reading our extensive review of this terrific title, follow this link:

VMware vSphere 5 Building a Virtual Datacenter (VMware Press Technology

Firewall.cx's Alan Drury (TheBishop) Publishes His First Book Novel!

2012-09-18T06:27:49+10:00

It is with great pleasure we announce that Alan Drury (TheBishop), a long-time contributor and forum moderator of Firewall.cx, has just published his first novel!

An action/adventure story written for young adults and teens, Ammonia and the Gardener deals with issues of identity and prejudice from a broadly Christian perspective and was shortlisted for the Nemesis Publishing Debut Novel Competition in 2011.

The ebook is available world-wide from the Amazon Kindle store and physical copies are being distributed via lulu.com.

If you'd like to know more, check out the links below:

Amazon Kindle Store:

https://www.amazon.com/dp/B008ZDRJYE

https://ww.amazon.co.uk/dp/B008ZDRJYE

We wish Alan all the best with his novel!

Book Review: CCNP Security VPN 642-648 Official Cert Guide

2012-09-17T08:00:00+10:00

The Cisco CCNP Security VPN title is aimed at network administrators, network security administrators, network architects and experienced network professionals who need to apply security principles and features to their networks. In the complex world of network security, it is a prerequisite to have an in-depth experience and understanding of networking before one can start applying security principles.

This book is a product of the Cisco VPN program which was geared towards remote-access and site-to-site VPN features and products. These features or products have been integrated into the Cisco ASA family of devices, associated softwares. As always this book serves the dual purpose of knowledge on one hand and primary text for the CCNP Security VPN certification on the other. So let’s take a round trip of the chapters and understand the key benefits of pursuing the certification and gathering the expertise.

To read up on this latest CCNP Security VPN title review by Arani Mukherjee, follow this link:

CCNP Security VPN 642-648 Official Cert Guide Review

Firewall.cx Welcomes a New Team Member - Arani Mukherjee

2012-09-17T01:15:39+10:00

Firewall.cx is happy to welcome its new team member - Arani Mukherjee. Arani first joined Firewall.cx on the 19th of May 2005 as a typical community member and has since actively participated on our website forums, helping engineers and IT administrators around the globe. In the recent years, Arani's effort was recognized and was appointed a site Forum Moderator.

Since then, Arani has continued his participation in our forums, but also expressed his interested in writing for Firewall.cx, producing unique articles that have managed to capture a lot of attention. His background education and skills has helped him deliver outstanding results, impressing Cisco Press, VmWare Press, and of course all the Firewall.cx team.

Recent articles and book reviews include:

You can read more on Arani by visiting our Meet The Team page.

Book Review: CCNP Security FIREWALL 642-618 Official Cert Guide

2012-09-11T06:26:08+10:00

Cisco CCNP Security Firewall 642-618 Official Cert Guide is a one stop shop for all professionals who value their network security and give it their highest priority. It teaches you how to work and play with devices like the Cisco ASA family, and works as a definitive guide to all forms of network security features.

The publication is a master class in itself. Not only does it inform us about each Cisco ASA device, but also skilfully explains various types of network security flaws, weaknesses, points of security failures and attacks. Then it goes about explaining how such network security issues can be dealt with by showing a corresponding firewall feature to counter such risks. This publication carries all the other hallmarks of Cisco publications such as the ‘Do I already know this?” quiz after each chapter, key topic pointers, note sections and a very clear topical approach about the entire subject matter.

So let’s dig in deep to understand what awaits us in the world of Cisco ASA family, and why CCNP in Security on Firewalls is a skill much needed by a network manager.

To read up on this latest CCNP Security title review by Arani Mukherjee, follow this link:

CCNP Security FIREWALL 642-618 Official Cert Guide Review

Colasoft Launches Version 3.1 nChronos Back-in-time Network Analysis Solution

2012-08-21T06:17:16+10:00

Chengdu, China - August 16, 2012 – Colasoft, an innovative provider of network analysis software and solutions, today announced a new version of its flagship product, nChronos back-in-time network analysis solution. Capability, customization and user experience are all enhanced in v3.1 which allow network administrators to easily complete back-in-time and real-time network analysis on high performance enterprise networks over a long period of time.

nChronos now delivers real-time network monitoring, key real-time traffic statistics and charts are available, such as throughput and top IP talkers. It helps maintain a productive enterprise network by providing visibility of the bandwidth usage. Besides, it provides long-term packet capturing and recording, you can zoom in any traffic anomaly which needs deeper investigation and rapidly find out the root to solve the problem. Now, 40-Day time window is available, much longer traffic trends can be displayed and analyzed.

“Our customers want to control both back-in-time and real-time network,” said Kang Lin, Vice President at Colasoft. “The new nChronos capability fulfills both of these needs, and unlike existing solutions in the market, we enable customers enjoy this without paying a high price for what is fundamentally a very simple software solution. It is more flexible.”

Also, alarm is the first line of defense for business networks. Alarm is critical for network administrators to instantly identify and resolve network problems. Practical alarms including email, domain and signature alarms are now available. Traffic anomaly alarm is also enhanced which enables you customize alarms with complicated thresholds to monitor network faults and abnormal activities.

The new nChronos also optimized user interface, security settings and activation mechanism which make a better user experience.

About nChronos

nChronos is a back-in-time network analysis server for high performance & critical enterprise networks including the following key features:

- Back-in-time network analysis of historical traffic for forensics;

- Benchmark and visualize trends of network performance;

- 7x24 real-time network traffic capturing and recording;

- Critical links monitoring & alerting;

- In-depth network analysis for performance optimization;

- Efficient drill-down for data-mining & index;

Technical articles covering nChronos and Packet Analyzers can be found in our Network Protocol Analyzers Section.

Announcing Firewall.cx - Colasoft Collaboration

2012-08-19T07:00:00+10:00

Greece, 19th August, 2012

Firewall.cx, one of the world’s leading networking technology websites, announces its official collaboration with popular Colasoft, a company dedicated to the development of innovative network analysis software and solutions. Colasoft is a fast-growing company with more than half a million users in over 80 countries. Featured customers include IBM, Dell, Philips, Emerson, and other industry leading companies.

With this collaboration, Firewall.cx aims to provide its world-wide audience access to Colasoft’s popular and multi-awarded software applications covering network and packet analysis solutions.

Colasoft’s products, including popular Capsa Free Network Analyser – Packet Sniffer, Capsa WiFi Network Analyser, nChronos back-in-time network analysis server and many more, will be made available through Firewall.cx’s free download sections and will also be used in upcoming packet analysis articles

Book Review: Your CCIE Lab Success Strategy: The Non-Technical Guidebook

2012-06-26T07:00:00+10:00

Cisco's CCIE certification is regarded as one of the highest level of certifications in the world. Simply put, it's a master's degree in networks.

Many people in the IT industry set to achieve their CCIE certification as a long-term goal, but is there more to it than just studying and preparing for the exam?

Your CCIE Lab Success Strategy: The Non-Technical Guidebook is a unique title in every way and you won't find any close to it in any book store. The book does not contain any technical information regarding the CCIE certification, however it includes just about everything else you'll need to truly understand what it takes to nail the CCIE certification.

Authors Vivek Tiwari & Dean Bahizad are both double CCIEs and having been down the CCIE road twice in their lifetime (so far!), they've managed to capture all the experience, problems and sacrifices one must make to achieve in their CCIE certification. The book will literally open your eyes and help you build your own strategy to success.

We invite our readers to read our review on this excellent title that shouldn't be missing from any CCIE or even CCNP/CCVP candidate's bookshelf!

Cisco VPN Client for MAC OS & Linux

2012-06-25T07:00:00+10:00

Cisco's latest VPN clients for the following operating systems are now freely available in our Cisco Tools & Applications section:

Mac OS X 10.5 & 10.6 (VPN Client version: 4.9.01.0280)

Linux OS (VPN Client version: 4.8.02.0030)

The Cisco Tools & Applications section has a number of Cisco Clients and Utilities which are all free to download (no registration required).

Book Review - Cisco Press CCENT - CCNA 640-802 Official Certification Library 3rd Edition

2012-06-09T07:15:16+10:00

Thinking of starting on your Cisco CCENT / CCNA certification or already working your way there? Don't miss out on Arani's review of Cisco Press's popular CCENT - CCNA 640-802 Official Certification Library 3rd Edition!

Arani analyses this 1500 page library that's been designed to get you through your CCENT & CCNA exam on your first go! Updated to include all the latest additions on the CCNA certification, the CCNA Certification Library 3rd Edition is a companion that should not be absent from any Cisco's CCENT / CCNA bookshelf!

Click here to read the review on this hot title!

Book Review: Cisco LAN Switching (CCIE Professional Development Series)

2012-05-10T07:00:00+10:00

John Korakis, another respected Firewall.cx member, takes a look at one of Cisco Press's popular releases: Cisco LAN Switching (CCIE Professional Development Series). Read what John has to say about this exciting title and how it can help engineers, administrators and IT Managers understand more about their LAN switching environments.

"If “Routing TCP/IP Vol 1 & 2” by Jeff Doyle and Jennifer Carroll is considered the bible of Routing, this book should definitely be considered the bible of LAN Switching. The authors cover a wide spectrum of technologies in great detail, combining technical with easy to read writing...."

To continue reading this review, please click here: Cisco LAN Switching (CCIE Professional Development Series).

Book Review: Automating vSphere with VMware vCentre Orchestrator

2012-04-13T00:33:21+10:00

Arani Mukherjee, a well respected Firewall.cx member for his contributions to our community, takes a look at one of VMware's latest press releases: Automating vSphere with VMware vCentre Orchestrator. Read what Arani has to say about this exciting title and how it can help engineers and administrators around the globe, get the most out of vCentre Orchestrator.

"To begin with, I was impressed with the informal style of the writer’s delivery. Sometimes this makes or breaks a book’s popularity. Virtualisation is no mean subject, and it can become confusing at times. But the writer’s style has ensured that the content is presented in a very lucid way without compromising the reader’s ability to grasp the matter. Core technical books can become a chore to read through, thanks to a writer’s inability to explain things in a simple way. This cannot be said for this book, which is a welcome change..."

To continue reading this review, please click here: Automating vSphere with VMware vCentre Orchestrator.

Firewall.cx Private Messaging Service Now Online!

2012-03-06T01:17:20+11:00

In continuing our efforts to introduce enhancements on Firewall.cx, we are pleased to announce the new ‘Private Messaging’ (PM) system is now available to all registered users.

With this new messaging system, registered users are able to send and receive instant messages to and from any other Firewall.cx member from a variety of areas within the site and its forums.

We hope our members make good use of the new Private Messaging system and look forward to your feedback and comments.

Greek Ministry Of Justice Hacked For the 2nd Time!

2012-02-22T10:55:49+11:00

For the second time during this month, the Greek Ministry Of Justice was hacked by the 'Anonymous Group', early morning hours of the 22nd of February 2012 in a protest against the Greek government's signing of the Anti-Counterfeiting Trade Agreement (ACTA), which is designed to reduce internet piracy.

Following are the screenshots saved by Firewall.cx. You can click on the images to load the full resolution image.

Note in the second image that the Greek Ministry Of Justice website is running on a Microsoft IIS webserver :)

Approximately 45 minutes after the website was hacked, it was brought offline, and replaced by the default plesk page!

Seems like the Greek Ministry of Justice should considering moving to a more secure platform like Linux & Apache, and also improve their network security with a Cisco ASA with integrated IPS appliance :)

CPU Wars - A Firewall.cx Team Member Made Card Games a Lot Geekier

2012-02-09T09:17:57+11:00

Harry Mylonadis (The_Berzerker) has been part of the firewall.cx team since 2005. His latest project has come to shake the waters of card games and make them a lot geekier. Last November he launched a campaign on the crowdfunding site kickstarter in order to raise the funds to produce his uber-geeky card game CPU Wars .

CPU Wars is a trump card game built by geeks for geeks. For Volume 1.0 he chose 30 CPUs that he believes had the greatest impact on the desktop history. The game is ideally played by 2 or 3 people. The deck is split between the players and then each player takes a turn and picks a category that they think has the best value. He has chosen the most important specs that could be numerically represented, such as maximum speed achieved and maximum number of transistors.

For more information and to grab a deck head over to the dedicated shop -> http://shop.cpuwarsthegame.com/

Cisco CallManager Express CME v9.0 Available

2011-12-20T10:57:34+11:00

For all those engineers working with Cisco CallManager Express, you might be interested in knowing that Cisco has released their Cisco Unified CME version 9 only a few days ago IOS 15.2(2)T. While at the time of writing this article, CCME v9 is not yet listed in Cisco Unified Communication Manager Express Compatibility Information page, we have managed to obtain a direct link to the page which can be found in our popular CallManager Express GUI Software Installation & Configuration - Part 1. Amongst other newly supported devices, Cisco CCME v9 finally adds support for the newer ATA 187 (SIP only) which has replaced the popular ATA 186.

CCME Engineers should note that Cisco has decided not to provide support the 2800/3800 series routers from CME version 8.6 and above, forcing many CallManager Express customers to upgrade to the newer Cisco 2900/3900 series routers. Of course, this strategy to push the newer 2900 & 3900 series routers into the market, has not been embraced by existing Cisco customers.

To read more on the latest Cisco Unified CME v9.0, please visit our CallManager Express GUI Software Installation & Configuration - Part 1 and select the relevant link from our Cisco CME table.

To download CME files for all available version, visit our Cisco Tools and Applications download section.

Cisco Configuration Professional & Cisco Network Assistant Download Now Available!

2011-11-14T09:30:31+11:00

We would like to inform our readers that we have updated our download section to include the popular Cisco Configuration Professional and Cisco Network Assistant.

The Cisco Network Assistant is available for both Windows and MAC operating systems. Unlike Cisco.com, these tools are freely available without user registration.

To download the software simply visit our download section and look for our new 'Cisco Tools' category!

User Registrations Now Open!

2011-09-22T02:37:37+10:00

We would like to inform our community that user registrations have opened. You are now able to register for an account on Firewall.cx using the '+' icon on the top right corner, below the login section.

User registration is not an automated process. Each account will be reviewed before activated.

Due to the large amount of spam accounts, additional caution is taken for users registering with Gmail, Hotmail, Yahoo and other similar free email account services. User accounts rejected will not be notified.

Thank you.

The Firewall.cx Team

Cisco VPN Client (32bit, 64bit) Download Now Available!

2011-09-19T06:43:11+10:00

We would like to inform our readers that we have updated our download section to include Cisco's popular Windows VPN Client. The Cisco VPN Client is available for both 32bit and 64bit Windows operating systems.

To download the latest Cisco VPN Client, simply visit our download section and look for our new Cisco Tools category!

Welcome to the New Firewall.cx!

2011-09-14T06:41:51+10:00

The new Firewall.cx has been completely redesigned from scratch to make the site more flexible and functional for our community. With over 5 months of work, after many pitfalls, we have managed to get online the new Firewall.cx and maintain all articles and forum posts from our previous site!

While navigating through the new Firewall.cx is extremely easy there are a few functions that will be disabled for the next couple of days until we bring all services online.

The following services are not operational or are restricted:

1) New member registrations are disabled until the redelegation process is complete and a site-wide check is performed for bugs and other problems.

2) Only members with forum posts have been migrated to this new site. All other accounts have been deleted.

3) Members migrated to this site are able to log in and use the site's forums.

4) Existing members are requested to log into their account and edit their profile in order to set their Avatar, location, gender, birthdate and other information. Where there is a password problem, please use the password-reset procedure provided.

If you experience problems with our site or your account, please email us at info at firewall.cx

Thank you and we hope you enjoy the new Firewall.cx!

The Firewall.cx Team

How to Detect Hackers on your Web Server:

2011-07-12T05:10:58+10:00

Catch Hackers Red-Handed through Real-Time Security Event Log Management

This white paper focuses on how administrators can set up their web servers successfully and safely. Describing the tools used by hackers to gain backdoor access to your IIS web servers, this paper details the necessary steps to detect successful intrusions on your network, as well as explaining how to prevent such attacks to your web server.

To read hot security articles covering this topic, please visit our Security section.

New TCP Topic Now Available!

2004-02-22T17:20:57+11:00

After months of hard work, our new TCP protocol section is now ready!

This new section is perhaps one of the most comprehensive analysis of the TCP protocol on the web, covering over 12 pages of information on the protocol and colourful diagrams to make sure you are not left with any unanswered questions!

The analysis is broken into two parts, the first one being a quick overview of the protocol, while the second one dives into the protocol's structure and includes information on how hackers use certains features of the protocol to hijack sessions and tap into TCP streams.

New Linux Section Online

2005-01-10T08:28:51+11:00

We are once again pleased to publish the first Linux article for our new section. The OpenMosix Clustering system is a great project which will allow you to take advantage of those old computers collecting dust in your garage!

We are already working on new, exciting articles that will cover topics requested by our respected members through our Linux Forums, so keep a lookout for them!

The Editoral Team.

Londoners Cruising Thames Get Wi-Fi

2006-02-23T23:25:31+11:00

Jack Writes: Free Wi-Fi service covering an eight-mile stretch of the River Thames in London was inaugurated Thursday as a free introductory period for the service got underway. The Thames Online Service said Wi-Fi will be available on boats cruising the river for about $5 an hour at the conclusion of the free trial period.

"Regular commuters on the river will now be able to access the Internet from their laptops whilst on the move," said Mike Weston, managing director for London River Services, in a statement. "Over the past few years, services and information on the river have greatly improved."

Weston noted that telecommuting workers are increasingly using Wi-Fi as they travel to and from their jobs.

Thames Online Service said the river service is just a beginning, as the firm plans to expand the network inland from both banks of the river. As things stand now, passengers on boats cruising the Thames will be able to use the service as boats move through the heart of London, Europe's largest city. London itself has widespread deployment of Wi-Fi

Google plans Web pages for users

2006-02-24T19:52:40+11:00

Google Page Creator is one example of the Mountain View, Calif.-based company's efforts to attract and keep more users. Google already lets people publish Web logs, or personal online journals, through its Blogger site. Yahoo!, the most visited Internet site, also offers Web-site creation and blogging through its GeoCities and Yahoo! 360 services.

Shares of Google rose $12.58 yesterday, or 3.4 percent, closing at $378.07 in Nasdaq Stock Market composite trading. They have fallen 8.9 percent this year.

Google said it will offer 100 megabytes of storage for Web pages, enough space for as many as 50 photos taken with today's digital cameras. The pages will be accessible to Google's search engine within a few hours of being posted, Google said.

DoJ strikes back against Google

2006-02-27T23:32:54+11:00

Jack Writes:THE Department of Justice has ordered Google to turn over data to help the Bush administration to re-instate a failed child pornography law.

Google had rejected a request from the DoJ to hand over the search results of millions of Americans to the US government, and now it seems that the Justice Department has replied on Friday with a court filing.

In an 18 page brief the DoJ argued that because the information provided would not identify or be traceable to specific users, privacy rights would not be violated.

Previously Google called the Bush administration's request for data on Web searches "so uninformed as to be nonsensical". It said that it would result in breaching the privacy of its millions of users and would take a week of engineer time to complete.

The Bush administration wants the data to revive an online child protection law that the Supreme Court has blocked. It wants to show that Internet filters are not strong enough to prevent children from viewing pornography.

Microsoft touts PC-like portable ''Origami'' device

2006-03-01T00:32:13+11:00

Jack Writes:A new portable media device that allows users to listen to music, play video games, browse the Internet and jot hand-written notes is the initial vision of a product in development by Microsoft Corp. and its partners, the software giant said on Monday.

Microsoft acknowledged that an early version of its new hand-held PC-like device was featured in a video on the Web site for marketing firm Digital Kitchen.

"While Origami is a concept we've been working on with partners, please know that the video seen on Digital Kitchen's Web site is a year old and represents our initial exploration into this form factor, including possible uses and scenarios," a Microsoft spokesman said.

While some media reports flagged the product as a possible rival to Apple Computer Inc.'s iPod digital music player or Sony Corp.'s PlayStation Portable game device, "Origami" seemed to incorporate more functions and appeared to be much larger than those gadgets.

The company declined to disclose details about the device, including when it might be available for sale, but it said there would be announcements over the coming weeks.

The device appeared to be a tablet PC, a notebook-shaped computer that allows users to write with a digital pen to input text on handwriting recognition software. It was about the size of a oversized post-card.

The video showed young people using the "Origami" device to sketch pictures, use a map with global positioning satellite technology, listen to digital music and play "Halo", a popular Microsoft video game.

It was not immediately clear whether the product would be a Microsoft-branded device or if the software giant would simply provide software and services. Microsoft would not reveal the identity of its partners on the project.

Former government IT worker guilty of hacking

2006-03-02T23:30:54+11:00

Jack Writes:A former IT systems auditor for a U.S. government agency faces a possible five-year prison sentence on a computer hacking charge after secretly monitoring his supervisor's e-mail and computer use, the U.S. Department of Justice said.

Kenneth Kwak, 34, of Chantilly, Va., pleaded guilty today in U.S. District Court for the District of Columbia to unauthorized access to a protected computer in furtherance of a criminal or tortious act, the DOJ said.

Kwak was a systems auditor working on federal information security management audits as a member of the U.S. Department of Education's Office of Inspector General. Kwak placed software on his supervisor's computer that enabled him to access the computer's storage at will, the DOJ said.

Kwak later used that software on numerous occasions to view his supervisor's e-mail and Internet activity as well as other communications, and he shared those communications with others in his office, the DOJ said.

Kwak, who faces a maximum sentence of five years in prison and a $250,000 fine, monitored the communications for personal entertainment, and there is no indication that he profited financially from his actions, the DOJ said.

The case highlights the DOJ's "zero-tolerance approach to public corruption and computer hacking," U.S. Attorney Kenneth Wainstein said in a statement. Wainstein is U.S. attorney for the District of Columbia.

The Party is Over: IT Departments Prepare for Hurricane Season

2006-03-05T06:35:48+11:00

Now that the Mardis Gras parades are finished, and all celebrators are over their hangovers, one date is collectively coming to mind. June 1, 2006. This is the first official day of the 2006 hurricane season, and IT departments across the United State's Gulf Coast are scrambling to prepare their systems.

CIO's are trying to add more resilient data back-up capabilties, power production, advanced routing, and alternate data connections such as wireless or satellite links. One strategy has now been to send data back-ups to remote sites over the internet in addition to their existing tape back-ups.

Jim Burgard of University of New Orleans explained that his staff was unable to retrieve their back-up tapes located in an office building in downtown New Orleans until three weeks after Hurricane Katrina. They now have a mirror site at Lousiana State University in Baton Rouge to avoid problems with data back-ups. Burgard also is having his staff install additional Uninterruptable Power Supplies and a natural gas generator at the university's campus in New Orleans.

Hurricane Katrina not only showed IT departments what additions that needed to be made, but also what parts of their system needed to be modified. Blue Cross and Blue Shield of Louisiana experienced an unexpected network outage after the storm because their routing scheme was all routed through a single site in New Orleans that failed.

Other critical companies are investing in alternate communication connections like satellites. Keesler Federal Credit Union in Biloxi, MS is one. After the storm knocked out all commercial communications across the Mississippi Gulf Coast, the credit union decided to add satellite capabilities to all of it's branch locations, giving them the capability of getting back to business even if all other communications were destroyed. At the same time, the company is investing in a data and voice converged network that will replace their aging Cisco data network and PBX phone systems.

All across the Gulf Coast, IT departments are facing staffing shortages that is making the challenge of these important upgrades all that more difficult. Some IT staffs are at less than half their pre-Hurricane Katrina level, and the prospects for additional employees is dismal. In a recent advertisment for a senior level position at the University of New Orleans only 4 applications were received when normally at least 20 are received.

Popular Weblog Site 'MySpace' Looks to Enhance Security

2006-03-05T06:43:37+11:00

Boston, MA, USA: In response to the arrest of two adult men alleged to use the popular MySpace online weblog community to arrange illegal sexual crimes with minors, MySpace CEO Chris DeWolfe announced a new security screening technology that will be revealed in the coming weeks. Recently, MySpace has been under intense scrutiny in the United States media because many see the site as a place for online child predators to easily find unwitting children.

DeWolfe diagrees with this assessment of his company, pointing to existing security policies that disallow children under the age of 14 to register with the site, and restricting access to the profiles of members under 16 years old. Also, approximately 200,000 profiles have been removed from the site with suspicion that their owners' were underage.

The two men arrested were Sonny Szeto, 22, of New York, who attempted to meet an 11 year old girl; and Stephen Letavec, 39, of Pennsylvania, who attempted to meet a 14 year old girl.

Samsung SGH-i310 - World's First 8GB Hard Disk Smartphone

2006-03-07T18:19:10+11:00

Jack Writes:Samsung has announced the world's first 8GB Hard Disk embedded smartphone, the SGH-i310, which is expected to start shipping in Europe during the second half of this year.

With a hefty 8 gig of onboard storage you can leave your iPod at home, with the Samsung offering capacity for around 2,000 songs.

The phone comes in a familiar 'candy bar' form (we're still looking for a UK equivalent of this American phrase - 'Mars Bar shaped' doesn't sound quite right!) and is compatible with the GSM (Global System for Mobile Communications), GPRS (General Packet Radio Service) and EDGE (Enhanced Data Rates for GSM Evolution).

The i310 is powered by the latest version of Windows Mobile 5.0 for Smartphone which makes it easy for users to transfer their music libraries from their desktop machines via USB 2.0 connectivity and a Plug & Play feature allows the phone to be used as a removable hard disk.

A fully featured smartphone, the i310 comes with a 2 inch, 240 x 320, 65,536-colour display, onboard 2 megapixel camera with flash, microSD memory expansion slot, document viewer and TV output.

The camera can also record video (MPEG4/H.263), and there's enhanced music functionality, with Bluetooth stereo (A2DP), high quality digital power amp, dual speakers and support for MP3, AAC, AAC+, WMA, WAV and Ogg music file formats.

The smartphone seems pretty pocketable too, measuring 111.9 x 48.5 x 19.8 mm and weighing 120g.

Will HD-smartphones kill off dedicated music players?

Pundits are expecting an onslaught of mobile phones using hard-disk drives as manufacturers continue to pack in memory-hungry functions and features into handsets.

Cornice, a US-based maker of mini-hard drives used in portable music players and mobiles reckons that the mobile phone disk drive market will explode at a compound annual growth rate of 325 per cent between 2004 and 2009.

The company expects to see around 72 million mobile phones with embedded drives shipped in 2009 out of a global total of around 1 billion handsets - making it bigger than the personal storage and portable audio player markets (Cornice predicts these to stand at 10 million and 43 million shipments, respectively, in 2009.)

The i310 will be shown to public at CeBIT in Hanover, Germany from March 9th to March 16th. No pricing for the handset has been announced yet.

Intel unveils Core Microarchitecture, says will slug it out with AMD

2006-03-08T22:11:39+11:00

Jack Writes:Intel Corp has announced that it will be building on a new line of microprocessors called "quad-core chips" as it attempts to regain lost ground in the market that is currently swinging towards Advanced Micro Devices.

The quad-core chips are basically a package of two dual-core chips, but Intel is apparently in a hurry to bring them on the market as it battles reduced quarterly revenues due to fierce competition from AMD. These next generation computer chip designs are supposed to be more efficient and consume less power. In other words, Intel has taken note of the fact that AMD's performance per watt is giving it a distinct advantage in this market.

"Energy is on everyone's mind. It's the next frontier. Not only has it become a critical concern in our daily lives, it's become a critical concern in just about every platform we have," said Intel's Chief Technology Officer Justin Rattner. He was speaking at the Intel Developer Forum in San Francisco. The chips have been dubbed as Intel Core Microarchitecture and are being touted as the next big thing from Intel's stable that is bound to steal the thunder from AMD.

These chips are all set to hit the markets in the latter half of the year and have been codenamed as Conroe for desktop, Woodcrest for servers and Merom for laptops. All these are dual core processors. Rattner also revealed as the processor performance was increasing, they had found that energy consumption was also going up, "We've been studying this for years, and the trend was a bit alarming," he said.

"The amount of energy required to execute a single instruction has increased significantly--well over a factor of four over this time frame." Paul Otellini, Intel's chief executive also spoke at the forum and said that he foresaw a big year for Intel. “We are at one of those dual transitions – a new micro architecture and new silicon technology - and we have the capacity to retake share and that's our statement of intent this year," he told reporters.

Otellini admitted that Intel had been unable to build their chips fast enough last year, but all that was bound to change this year. Intel revealed that it is a part of the Ultra Mobile PC project that has been dubbed as the Origami project by Microsoft.

80-nanometer DDR2 Memory Production, Samsung

2006-03-13T21:29:15+11:00

Jack Writes:With 80-nm process technology, Samsung is able to increase its production efficiency by 50 percent over the previous 90-nm process. The production economies of scale afforded by moving to 80-nm process technology will better enable the company to meet increasing demand for DDR2.

Samsung was able to smoothly transition from 90-nm to 80-nm process technology because it utilized many of the basic features of 90-nm geometries, and as a result required minimal upgrades to its fabrication lines.

The move to 80-nm circuitry was sped up by the use of a recess channel array transistor (RCAT). This three-dimensional transistor layout greatly enhances the refresh rate, which is a critical element in data storage. Samsung's RCAT also reduces cell area coverage, which allows for increased process scaling by freeing up space for chip-per-wafer growth.

Mozilla Firefox 2.0 Alpha 1 Is Not Officially Released

2006-03-21T00:08:49+11:00

Jack Writes:It's been more than a week now since Mozilla announced it will release the Alpha 1 version of its rapidly increasing in popularity browser, Firefox, but the schedule wasn't respected. This weekend, though, a couple of blogs began spreading the word out there that Alpha 1 is out, mentioning that it is a nightly build version and cautioning on its installation.

The official Firefox site had no news on this matter, but that's usually the case with versions which are still not in their final form of release to the public. However, most of the extatic fans and browser modding amateurs proceeded to downloading the version offered in the given links, most of them considering that even if it's not the final version, it will still be better than its predecessor.

The most expected fixes seem to be those regarding the memory leaks – after a while of running and usually in combination with some extensions or more browsing tabs opened, the browser tends to eat up unjustified quantities of memory. Aside from that come the increasing security (the anti-phishing implementations), the better standard compliance and a new bookmarking technique. More detailed features are available here.

But then the complaints began popping up from some users who didn't bother to read the whole announcements and take any precautions: crashing browsers, incompatible extensions and themes and others alike.

Mozilla's Asa Dotzler's blog came as a blunt response to this matter:

"When we make a new release, we'll say so. Please don't report new releases because someone checks in a change to the user agent or similar. If we're actaully doing a release, we'll announce it. Thanks."

In a comment on TechCrunch, Niall Kennedy explained the current situation:

"I believe the Mozilla team is shooting for a Tuesday release of Firefox 2.0 Alpha 1. It's called 'Bon Echo' in these early stages to avoid confusion with better tested versions. Alpha 1 is frozen but enters QA testing before official release. The copy of Alpha 1 you download tonight will likely differ from the officially released Alpha 1 as the team tweaks for a developer release. Firefox extensions check for your current version to ensure compatibility. Some plugin developers like to test and tweak for each new version of Firefox before releasing a new version."

"You can always download the latest nightly build of Bon Echo anytime you would like and keep up with Firefox 2 planning and progress on the public wiki", he added.

So right now it seems that Firefox 2.0 Alpha is a developers' release, nicknamed "BonEcho Alpha 1" (after a Provincial Park in South Central Ontario) and casual users shouldn't start downloading it yet.

French Govt. To Vote On Legalized P2P

2006-03-21T14:00:00+11:00

Jack Writes:French nationalists and free market advocates, whose sniping over cross-border takeovers has grabbed headlines, may now have something they can agree on: protecting freedom of choice on song and video downloads from the Internet.

This could be bad news for Apple Computer Inc. and Microsoft Corp., which have for the most part locked consumers into their own downloading systems with proprietary anti-piracy software.

The French parliament is set to vote early this week on a new law that would allow consumers to legally circumvent existing software that protects copyrighted material.

Analysts say that the French are on to something that the rest of the world has yet to figure out: It needs to set rules for this new market now or risk one or two U.S. companies taking control of online access to music, video and TV.

"Whoever controls access to digital information also controls access to consumers," said Willms Buhse, product and marketing officer at Germany-based CoreMedia, a company that builds digital rights management systems used for copy protection.

"For network operators, DRM (Digital Rights Management) has the potential to become the universal billing system for the Internet," Buhse said.

The law wants different copy protection software programs to be able to communicate with each other, so that downloads from the Web can be transferred to any device, not just iPods or Walkmans, as long as the number of copies stays within limits set by media publishers.

LOCKING IN USERS

Apple's iTunes store currently dominates online media sales, while Microsoft has successfully sold its Windows Media format to telecoms carriers that are hoping to sell copy-protected music, TV and videos to subscribers.

The possibility of one or two proprietary U.S. standards dominating the market is not just a concern in France, whose leaders have recently been touting "economic patriotism".

It also unnerves any company that has content to sell or distribute, since songs or videos purchased from one store will often not play on systems from another store, locking in users.

For that reason, Swisscom Broadcast has decided for now not to start a mobile TV service, said Klaus Pilz, the head of its mobile TV broadcast project.

"Protection systems must be interoperable," Pilz said. "Shall we invest in such a technology mess? No."

Todd Chanko, an analyst specializing in digital rights management technology at market research group Jupiter in New York, said his surveys of service providers showed that interoperability of copy-protection systems would be key to convince telecoms firms and others to invest in systems that distribute content such as songs and video.

Consumers, for their part, are prepared to pay twice as much for a song that can freely move between different devices, a recent study of the European Union-project Indicare showed.

But this interoperability is not necessarily in the interest of companies such as Apple and Microsoft.

CHEAPER PLAYERS

Apple may sell fewer of its money-spinning iPod music players, for example, if iTunes tracks can play on less expensive players.

Apple provided no comment on this possibility despite repeated requests for it from Apple representatives in the United States, Britain and France.

Microsoft, eager to expand its tiny footprint in the 816 million unit-per-year mobile phone market, is promoting its Windows Media software to get telecoms operators to use Windows.

Microsoft's Marcus Matthias, product manager of Windows Digital Media at Microsoft, said his company was following the French debate with interest but was not preparing to adjust its policy to make Windows Media a "common denominator" for digital media, whether on a TV, mobile phone or computer.

Customers agree that, given the lack of an industry-wide standard, Windows Media could well be on its way to becoming the de facto format.

"In a converged world where everything travels between PCs and phones, there isn't any DRM other than Windows Media that's likely to cut it," said Dominic Strowbridge, marketing director at BT Movio, British telecoms operator BT Group Plc's mobile TV service.

One group of companies, however, is trying to forestall a balkanized copyright protection system, or one that is dominated by Microsoft.

Telecoms operators and consumer electronics companies joined forces several years ago to develop an open standard called Open Mobile Alliance (OMA) DRM.

Until a year ago, the protection standard appeared destined to be the preferred anti-piracy system for media companies, telecoms operators, mobile phone vendors and consumer electronics companies.

However, negotiations over licensing fees have been deadlocked for nearly a year and a half, with the six companies controlling the patents on the technology for OMA DRM 2.0 resisting calls for lower fees.

This has hampered the uptake of OMA DRM by hardware vendors and service providers.

"It has had an impact. It (adoption of OMA DRM 2.0) would have gone faster if licensing terms had been agreed," Buhse said.

Kazaa, MediaPipe, SpyAxe Named in StopBadware.org's 'Badware Watch List'

2006-03-22T21:05:03+11:00

Jack Writes:StopBadware.org, the consumer protection initiative developed to combat spyware, today released its first "Badware Watch List" report, spotlighting a number of companies that embed malicious spyware without the online user's knowledge or consent.

The report is the first in a series to be released by Harvard Law School's Berkman Center for Internet & Society and Oxford University's Oxford Internet Institute as a part of an ongoing effort to battle malicious spyware programs.

"Since the launch of stopbadware.org in January, we've heard from more than one thousand consumers about problems with badware and we've taken those complaints seriously," said John Palfrey, co-director of StopBadware.org and Executive Director of the Berkman Center for Internet & Society at Harvard Law School. "Today, we're shining the spotlight on four applications pointed out by consumers that failed our test for badware in our lab. Our intention is for these reports to help consumers make a more informed decision before they download one of these applications. And we hope our work will encourage these and other application developers to clean up their act."

"Other companies that follow similar practices beware: This is just the beginning of what we hope to identify and publicize," said Palfrey.

Whether spyware, incessant pop-ups or other obtrusive programs, badware today plagues millions of people by turning their computers into machines to spy on them and steal their personal or private information. Unlike viruses and worms, badware becomes embedded in a computer by downloading games or software or just by visiting certain websites.

According to a recent Pew Internet & American Life Project, roughly 59 million American adults today have badware on their computers. Problems related to badware forced home computer users to spend roughly $3.5 billion in 2003 and 2004 to replace or repair their hardware, according to Consumer Reports.

With the advice and input of a panel of research experts, StopBadware.org isolated seven categories of behaviors that many users reported as unwanted in software they download: deceptive installations, unclear identification, harm to other computers, modifying other software, transmitting user data, interfering with computer use, and being difficult to uninstall completely. Badware is software which engages in these behaviors without adequately disclosing that fact to the user and without seeking the user's consent. In addition, there are some classes of behavior which cause irreversible harm to a user's computer - software which engages in these behaviors also constitutes badware, regardless of whether the behavior was disclosed to the user.

Stopbadware.org examined four applications reported by consumers who submitted stories and technical reports and have added them to the "Badware Watch List." The first, KaZaa, is a peer-to-peer file sharing program that misleadingly advertises itself as spyware-free, makes undisclosed changes to Internet Explorer, and does not completely remove all of its components during the uninstallation process. The second application, called MediaPipe, identifies itself as a "Download Manager." MediaPipe does not fully disclose what it is installing and does not completely remove all components and "obligations" during the uninstallation process.

The next application examined, SpyAxe, advertises itself as a spyware removal program. StopBadware.org found it to be badware due to inadequate disclosure during the installation process, the failure to remove itself completely during uninstallation, and repeated, difficult-to-avoid requests to purchase the full version of the product. The final application, Waterfalls 3, is a screensaver, and includes components that are generally considered spyware, and modifies other software without disclosure.

Launched on January 25, 2006, StopBadware.org's consumer- driven online community serves as a central resource to help educate people about badware and spotlight those companies who embed these programs into downloadable software applications. Internet users can visit StopBadware.org to check whether programs they want to download are infected with badware and alert others to programs they have encountered that include malicious software such as spyware, incessant pop-up ads or other obtrusive programs. StopBadware.org will continue to collect information from the public and to publish short, user-friendly reports on programs they have identified as badware, as well as more detailed academic studies on the problem of badware.

Beatles take rival Apple to court over core business

2006-03-27T09:00:54+11:00

Jack Writes:IT IS the ultimate battle of the generations over an image of a half-eaten piece of fruit.

In one corner Sir Paul McCartney and Ringo Starr, the ultimate stars of vinyl who defined music in the 1960s. In the other, the creators of a small white box that has revolutionised the way we buy and listen to music.

This week the Apple Corps goes to the High Court seeking multimillion-pound damages against Apple Computer, the creators of the iPod, over their hugely successful iTunes Music Store.

Apple Corps, owned by the former Beatles and their heirs, still owns the licensing rights to Beatles’ products. It is claiming that the introduction of iTunes broke a $26 million settlement under which Apple Computer agreed to steer clear of the music business, for which the Beatles’ company retains the famous trademark. It is the latest clash in one of Britain’s longest-running corporate legal battles.

Any damages for this latest clash could amount to tens of millions of pounds because it concerns Apple Computer’s hugely successful iTunes Music Store and iPod digital music players.

The court will be treated to a demonstation of an iPod, but it is unlikely to play a Beatles song, as they have not been licensed for download and it would therefore be illegal.

The Beatles first used a logo of a Granny Smith in 1968 when they founded the Apple Corps to distribute their records and those of other artists they signed to the Apple record label. The records had a ripe apple on one side and a neatly sliced half on the reverse.

The Apple Records subsidiary is still active as the licensing agent for Beatles products.

Steve Jobs, chief executive of Apple Computer, founded his company in 1976 with a logo of a rainbow-coloured apple with a bite taken out of it. Apple Corps sued him five years later, accepting an $80,000 settlement and a promise that the computer company would stay out of the music business.

The companies clashed again in 1989 after Apple Computer introduced a music-making program. The computer company settled in 1991, for $26 million. Apple Corps was awarded rights to the name on “creative works whose principal content is music” while Apple Computer was allowed “goods and services . . . used to reproduce, run, play or otherwise deliver such content”.

Critically, however, the agreement prevented Apple Computer from distributing content on physical media. This was designed to cover CDs and tapes, but it is unclear whether it included later inventions such as digital music files or devices used to play them.

Apple Computer will argue that its music service, which has sold more than a billion songs since 2002, is merely data transmission.

The case is scheduled to begin on Wednesday at the High Court before Mr Justice Mann, a self-professed fan of music and computers. He is no stranger to the iPod, having inquired of both sides some time ago if he should disqualify himself from hearing the case because he owned one.

The owners of Apple Corps — Sir Paul, Ringo Starr, Yoko Ono and Olivia Harrison — will not attend the hearing, but witnesses will include Neil Aspinall, the company’s managing director and the former Beatles road manager; and Eddy Cue, head of internet services at Apple Computer.

Mobile Browsing Seen Changing Face Of The Web

2006-04-21T01:30:00+10:00

Jack Writes:People are turning to mobile phones for Internet use more quickly than they are adopting laptops for the same purpose in many parts of the world, according to a recent study of Internet trends.

Personal computers are still the most popular way to gain Internet access, but the rapid pace of mobile phone installation and the development of wireless networks is driving robust growth in the use of phones for browsing, according to results from The Face of the Web, an annual study by Ipsos Insight.

Four in 10 adults in Japan used their wireless handsets to browse the Internet in 2005, according to an announcement from Ipsos this week. That is double the rate from 2003, but the trend is leveling off in other markets, including the United States and Canada, where notebook PCs appear are emerging as stronger on-the-go platforms.

Twenty-eight percent of mobile phone owners worldwide have browsed the Internet on a wireless handset. That is up just 3 percent since 2004, and the trend is being driven in part by people over age 35, rather than younger, early adopters.

The study, which was conducted in November and December 2005, showed that text messaging is the most popular mobile and wireless activity. More than half of all mobile phone households have sent text messages and more than one-third have send or received e-mail on their mobile phones. Most mobile device activities increased in 2005, including mobile commerce, sending and receiving pictures and downloading entertainment content, according to the sample of 6,544 adults in Brazil, Canada, China, France, Germany India, Japan, Mexico, Russia, South Korea, the United Kingdom and the United States.

Applications are expected to grow and mobile phones are poised to overtake the personal computer as the dominant Internet platform in some markets, according to Brian Cruikshank, senior vice president and managing director of Ipsos Insight's Technology & Communications practice.

"Accessing the Internet on a wireless handheld device is no longer a novelty for consumers in the major global economies," Cruikshank said in a prepared statement. "It's becoming a common, everyday occurrence for many people. In the long term, many of today's PC-centric online activities could be complemented through the mobile phone or migrate to the mobile phone altogether, due to greater convenience and faster connection speeds."

Seagate To Launch World's First Perpendicular 750GB Hard Disk Drive.

2006-04-27T02:09:02+10:00

Jack Writes:A new record will be set by Seagate Technology, world leader in hard drive market, as the company announced their upcoming desktop hard drive, which will offer no less than 750GB of storage space.The monster drive is part of the new Barracuda 7200.10 family built on perpendicular recording technology to meet the growing storage capacity, performance and reliability requirements of desktop computers and low-end servers.

The new Barracuda 7200.10 family is now shipping to the worldwide distribution channel. With the introduction of these drives, Seagate now delivers perpendicular recording technology across its desktop, notebook, enterprise, consumer electronics and retail hard drives. The technology stands data bits vertically onto the disc media, rather than horizontal to the surface as with traditional longitudinal recording, to deliver new levels of hard drive data density, capacity and reliability. The new data orientation also increases drive throughput without increasing spin speed by allowing more data bits to pass under the drive head in the same amount of time.

To meet the growing storage capacity requirements of both PCs and servers, the Barracuda 7200.10 family provides 200GB to 750GB of capacity on the strength of industry-leading data density of 130 Gigabits per square inch (up to 188 Gigabytes per disc). Seagate's unmatched data density delivers the best reliability and performance of any PC hard drive in its class.

Barracuda 7200.10 also features cache sizes from 8MB to 16MB and 1.5Gb/s and 3.0Gb/s Serial ATA (SATA) data transfer rates with Native Command Queuing. NCQ enhances reliability in heavy workloads by reducing head movement and streamlining the delivery of queued commands to the drive.

With Barracuda 7200.10, Seagate offers even more technological advances, delivering these unique, leading-edge capabilities: * Adaptive Fly Height - Maximizes the consistency of read/write performance across the entire disc by adjusting the fly height (distance between the disc head and platter) according to changes in environmental operating conditions. * Clean Sweep - Helps maintain media integrity and drive reliability by passing the drive head over the entire platter during power-on to smooth out any irregularities in the disc surface.

Backed by Seagate's industry-leading 5-year warranty, the 7200-rpm Barracuda 7200.10 family is ideal for system builders requiring the industry's leading combination of hard drive capacity, performance and reliability for single-user systems such as desktop PC RAID, digital editing, hot-rod gaming, single-drive external storage and consumer PCs. The drives also provide the high throughput and low cost-per-gigabyte storage required for multi-user systems such as low-cost servers for small offices.

New ransomware on the spread

2006-05-01T19:42:12+10:00

Jack Writes:A new computer malware is spreading and dangerously too. The malware, called Troj/Ransom-A, once run on a computer, freezes the system and threatens to delete files every 30 minutes until an amount of $10.99 is sent to a particular account in the Western Union Holdings money transfer service.

Security experts said the new Trojan belonged to the emerging "ransomware" class of viruses. It has been prevalent in Russia, but recently one such attack was reported in England, the experts said.

The virus also leaves an e-mail address for the affected person to get in touch with in case the infected computer does not function properly after the ransom is paid.

U.K.-based computer security firm Sophos said the trojan puts up a message after freezing the computer about the ransom to be paid and about the deletion of files. The message claims that anti-virus software is not effective against the trojan, that deleted files cannot be retrieved, that the Ctrl-Alt-Del function will not release the computer and that the malware runs every time Windows boots.

Sophos said ransomware is rare, but this is the second such trojan in the last five weeks. Earlier in March, two similar trojans, Cryzip and Zippo.a, had sought payment of $300 in return for a password to free the users' files from a maliciously created zip file.

Security experts cautioned that Troj/Ransom-A is spreading as a disguised file on peer-to-peer networks and may also land on systems as spam. Once the file is activated, it displays pornographic images with a message, "Listen up muthaf*cka. is this computer valuable. it better not be. is this a business computer. it better not be. do you keep important company records or files on this computer. you'd better hope not. because there are files scattered all over it tucked away in invisible hidden folders undetectable by antivirus software the only way to remove them and this message is by a CIDN number."

The computer user can obtain the CIDN number after paying the ransom to the Western Union account.

Senior technology consultant at Sophos Graham Cluley said the trojan does not appear to be "smartest tool in the box" and that he had passed on the details to the police, who are looking into it.

Cluley is concerned that this could be a new trend to extort money.

Sophos said computer users connected to the net should make backups of their data and run updated security software. People should be vary of opening e-mail attachments.

AMD launches new Athlon dual-core processors

2006-05-23T21:44:29+10:00

Jack Writes:Chip maker AMD has announced availability of its new high-end dual-core processors, the Athlon 64 FX-62 and the Athlon 64 X2 5000+. The processors are compatible with AMD's new socket AM2 platform, which is designed to enable Virtualisation and high-performance, unbuffered DDR2 memory.

Virtualization on desktop computers allows a single PC to act like multiple virtual machines, enabling users to more easily run multiple operating environments on a single computer.

OEMs shipping systems with socket AM2 processors include Alienware, Fujitsu Siemens, HP, and Lenovo, as well as more than 40 leading system builders worldwide.

"The introduction of socket AM2 is another example of AMD delivering on our customer promise, on time and with industry support from our AMD64 ecosystem," said Bob Brewer, corporate vice president, Desktop Division, AMD. "We are again pushing new levels of performance in our dual-core processors while enabling meaningful innovations like AMD Virtualisation and DDR2 memory."

According to AMD, all AMD64 processors are ready and capable today to provide users with the foundation needed to experience the power of Windows Vista. AMD has been working closely with Microsoft to identify and develop key hardware and system requirements for Windows Vista.

"We are excited about the socket AM2 processors launching from AMD in preparation for Windows Vista," said Mike Sievert, corporate vice president, Windows Client Marketing at Microsoft. "The AMD Athlon 64 FX and AMD Athlon 64 X2 dual-core processors offer powerful capabilities for new business and consumer scenarios using Windows XP today and will enable even more compelling business and consumer breakthroughs for users of Windows Vista."

"Our goal is to provide our customers with the newest, industry-leading technology as it becomes available," said Tom Anderson, vice president of marketing, global consumer PCs, Personal Systems Group, HP. "With the addition of these AMD solutions, consumers can complete demanding graphics projects, download images and watch movies without missing a beat."

"Our Aurora family of high-performance systems based on the AMD Athlon 64 FX and AMD Athlon X2 dual-core processors enable Alienware to offer our customers amazing custom AMD64 computers," said Frank Azor, senior vice president and general manager, Worldwide Product Group, Alienware Corporation. "Our customers expect a remarkable computing experience using processors from AMD and these new processors are just what our customers are looking for."

Police act on German file-sharing

2006-05-25T20:54:14+10:00

Jack Writes:Police in Germany have charged 3,500 users of a file-sharing network in the biggest single action against the illegal distribution of music online.

The International Federation of the Phonographic Industry (IFPI) - the record industry's global body - said each could face five years in prison.

They may also have to pay compensation for offering up to 8,000 files at a time for download on the eDonkey site.

The investigation led to searches in 130 locations across Germany.

The charges affect people who upload "large amounts" of music to file-sharing networks, not those who solely download tracks to their computers or who use legitimate services such as Apple's iTunes.

"No-one should be surprised that we are stepping up our campaign in this way," said John Kennedy, chairman and chief executive of the IFPI.

"Internet piracy has hurt the whole music community in Germany, with legitimate sales falling by a third in just five years."

The organisation claimed more than 400 million music files were downloaded illegally in Germany in 2005 alone.

The German recording industry has brought legal proceedings against more than 7,000 people over the past three years.

Several hundred settlements have resulted in file-sharers paying an average of 2,500 euros (£1,705) in damages.

Symantec Admits to Serious Hole in its Antivirus Software

2006-05-30T21:07:50+10:00

Jack Writes:Researchers at eEye Digital Security have discovered a serious flaw in Symantec Corp.’s antivirus software that could put millions of computers at risk of a crippling worm attack.

The vulnerability in Symantec’s business security software means an attacker could create a worm capable of taking over a user’s computer and destroying programs and files. The threat has been given a “high” rating because a malicious hacker could exploit the flaw to get on a user’s PC to edit, remove and delete programs and files.

"This could potentially result in an Internet worm," eEye spokesman Mike Puterbaugh told Reuters. "It is a flaw that can be triggered from another location and provides the attacker with system-level access."

An Internet worm is a computer virus that spreads by distributing copies over a network. Most of today’s viruses are worms because almost all computers are linked on a network. This particular hole in Symantec’s software is especially dangerous because a user’s computer can be hijacked even if the user does nothing (like click on a link).

In a published statement, Symantec confirmed eEye’s findings were correct. It said there was indeed a problem with its Client Security 3.1 and Antivirus Corporate Edition 10.1 software, but said the flaw does not affect its widely popular Norton consumer branded products.

"Fixes have been identified for all affected products and work on these fixes is ongoing," the company said in a statement. "To date, Symantec has not had any reports of any related exploits of this vulnerability."

The news comes at the same time experts are warning about heightened activity among cyber criminals who are increasingly interested in breaking into PCs for financial gain rather than simply crashing others’ systems.

IE, Firefox Sport New Zero-Day Flaw

2006-06-07T20:30:58+10:00

Jack Writes: Multiple security organizations warned Tuesday that Internet Explorer, Firefox, Mozilla, and SeaMonkey -- on Windows, Linux, and the Mac -- are vulnerable to a JavaScript bug that could allow a determined attacker to dupe users into giving up sensitive personal information such as credit card or bank account numbers and passwords.

Multiple security organizations warned Tuesday that Internet Explorer, Firefox, Mozilla, and SeaMonkey -- on Windows, Linux, and the Mac -- are vulnerable to a JavaScript bug that could allow a determined attacker to dupe users into giving up sensitive personal information such as credit card or bank account numbers and passwords.

According to Symantec, which issued an alert late afternoon Tuesday, all versions of the Microsoft and Mozilla browsers could be used to harvest data through a JavaScript key-filtering vulnerability.

"This issue is triggered by utilizing JavaScript 'OnKeyDown' events to capture and duplicate keystrokes from users," went the Symantec warning.

The bug would let crafty criminals filter keystrokes entered into a form, say a credit card form to pay for online goods, to an invisible file upload dialog on the same Web page. Once the information's trapped in that hidden dialog -- the vulnerability discoverer used the analogy of the keystrokes "bouncing" from the legit (or at least legitimate-looking form) to the cloaked one -- the data could be sent to the attacker.

"Exploiting this issue requires that users manually type the full path of files that attackers wish to download…[and] may require substantial typing from targeted users, so keyboard-based games, blogs, or other similar pages are likely to be utilized by attackers to entice users to enter the required keyboard input to exploit this issue," continued Symantec.

Danish vulnerability tracker Secunia also posted warnings of the bug Tuesday, and ranked it as "less critical," the second-from-the-bottom rating in its five-step scoring system.

The bug is unusual in that it affects not only Internet Explorer -- including fully-patched IE 6.0 and even IE 7 Beta 2 -- but also Firefox (though the most current version 1.5.0.4), the Mozilla suite, and the separately-developed successor to Mozilla, SeaMonkey. It's also out of the ordinary by virtue of its multi-platform impact: users of those browsers running Windows, Linux, and Mac OS X are vulnerable, said Symantec.

Charles McAuley, who first posted information about the bug on the Full Disclosure security mailing list Monday, also published proof-of-concept code to demonstrate how an exploit might work.

Symantec advised users to avoid unfamiliar Web neighborhoods and/or disable scripting or active content capabilities of the affected browsers.

* Scheduled Emergency Maintenance *

2006-07-01T03:22:04+10:00

We would like to inform our community that our server is scheduled for an emergency maintenance.

The maintenance window will begin today, 30th of July, at 23:00 EST (GMT -5) and is expected to last no longer than 2 hours, during which our site and services will not be available.

We apologise for the inconvenience caused and assure you we will be up and running as soon as possible.

Chris Partsenidis

Cisco Lab 1 - Tutorial No.2 available

2007-06-11T18:00:00+10:00

Our Cisco lab users would be pleased to know that our second tutorial for Lab 1 is now online and available.

The second tutorial covers more advanced topics than the first lab, including real ISDN dialup, CHAP Authentication to an ISP and real Internet connectivity via the ISP router!!

In addition, Cisco's popular Access Lists are introduced along with Network Address Translation, port forward and much more.

Note: The Firewall.cx Free Cisco Lab is no longer available. This article post has been kept for historical purposes only.

Basic Cisco ISDN Configuration

2007-10-07T20:00:00+10:00

Following our successful article describing the ISDN WAN Protocol (Networking/WAN Technologies), we've prepared a new article that will help put a bit of practice on the theory covered. The new article covering basic ISDN configuration for Cisco routers, explains how the ISDN protocol is configured on Cisco routers, along with the most common options and configurations.

Furthermore, the article has been designed to be 100% compatible with our upcoming 2nd Cisco lab, while existing users can use our 1st lab to explore the functions and options covered.

For more information, please see our 'Cisco Routers' section.

The Firewall.cx Team.

Cisco Lab Update

2007-10-17T10:04:47+10:00

Firewall.cx's Cisco Lab is a world-class project that aims to provide free educational services to the world's IT professionals, allowing them to work with expensive equipment without restrictions.

While every effort was made to create a service that would work without human intervention, there were problems discovered which withheld us from making the rest of our labs publicly available.

The most common problem is the 'password reset' issue, which unfortunately relied on how well the Cisco lab users were able to follow our guidelines.

We now would like to inform our community that we have already begun working on a new daemon that will not only resolve this issue, but introduce new 'cool' features such as equipment power-cycle, on the spot configuration reset, and many more.

These new features will enhance our Cisco Labs, ensuring a new level of experience and availability for every user.

This also means that we will be forced to take off line Cisco Lab No.1, in order to proceed with our testing and troubleshooting phase of the new daemon.

The dates which the Cisco Labs will be unavailable will be announced within the next couple of weeks.

The Firewall.cx Team.

Note: The Firewall.cx Free Cisco Lab is no longer available. This article post has been kept for historical purposes only.

GFI Software Promotion - up to 50% off the list price

2007-11-13T22:56:35+11:00

Software developer GFI Software has announced a promotion during Q4 with up to 50% off the list price of GFI MailEssentials, GFI MailSecurity, the GFI MailEssentials & GFI MailSecurity Suite and fax server solution GFI FAXmaker.

GFI MailEssentials for Exchange/ SMTP is an anti-spam package that is easy to install, captures over 98% of spam and also eliminates the need to install and update anti-spam software on each desktop.

GFI MailSecurity is an email anti-virus solution that uses multiple anti-virus engines to offer a higher level of protection to your network.

The GFI MailEssentials & GFI MailSecurity Suite combines both products to offer a security solution that will protect networks again spam, malware, phishing sites and much more.

GFI FAXmaker makes sending and receiving faxes an efficient, simple and cheaper process and allows users to receive and send faxes directly from their email client. It is the leading fax server for Exchange Server, Lotus and SMTP/POP3 servers.

Running until the end of December 2007, new customers purchasing these products will benefit from reductions ranging from 15% to 50%, as follows.

Hannaford Supermarket Data Breach Caused By Malware

2008-04-01T00:30:22+11:00

Jack Writes: Boston - It is now believed that malware is to blame for the security breach at Hannaford supermarket stores. This comes following a letter that Hannaford sent out on Friday.

Hannaford sent out a letter to Massachusetts regulators late last week. The letter, according to reports, stated that malicious software is to blame for the security breach.

The breach allows data from customers to be sent overseas. When customers paid with credit cards, their data was sent out before it was taken in by the cash register.

The security breach put 4.2 million customer credit cards at risk.

The Boston Globe has reported that this malware was installed on computer servers at 300 Hannaford locations.

The investigation continues now as they try to find out how the malware actually made it onto the servers.

Windows Vista Crashes Blamed On Nvidia

2008-04-01T01:32:01+11:00

Jack Writes: Boston - According to a 158-page pack of e-mails released as part of the Windows Vista Capable lawsuit, 30% of Vista crashed were caused by problems with Nvidia drivers. The report in regards to Nvidia drivers on Vista comes from Ars Technica. They have stated, after reviewing the pack of e-mails released, that in 2007, 30% of all Vista crashes were due to Nvidia drivers. The report states that Nvidia caused 479,000 of the 1,663,748 Vista crashed Windows logged last year over a period of time.

Behind Nvidia, it was found that Microsoft drivers caused 17.9% of crashes, following by ATI causing 9.3% and Intel causing 8.8%.
This comes a month after U.S. District Judge Marsha Pechman ruled in favor of consumers. Pechman stated that consumers have the right to continue class action lawsuits against Microsoft over their Vista Capable advertising campaign.

Many consumers were none too happy with Microsoft in how they handled their Vista Capable campaign.

The idea behind it was to educate consumers to teach them which computers would be capable of running Windows Vista Basic.

Microsoft is hoping to fix a lot of the current bugs with the release of Windows Vista Service Pack 1, which was made available for download on Microsoft’s Windows Update Web on March 18.

Microsoft will push the fixes to those who get automatic updates starting in the middle of April.

Vista SP1 fixes many of the big bug problems with the operating system.

The Adventure of Many Lifetimes

2008-04-02T04:41:56+11:00

Jack Writes:

An invitation. Earth has issues, and it's time humanity got started on a Plan B. So, starting in 2014, Virgin founder Richard Branson and Google co-founders Larry Page and Sergey Brin will be leading hundreds of users on one of the grandest adventures in human history: Project Virgle, the first permanent human colony on Mars.

For thousands of years, the human race has spread out across the Earth, scaling mountains and plying the oceans, planting crops and building highways, raising skyscrapers and atmospheric CO2 levels, and observing, with tremendous and unflagging enthusiasm, the Biblical injunction to be fruitful and multiply across our world's every last nook, cranny and subdivision.

Visit: Project Virgle for more info.

Second Life CEO Speaks To House About In-Game Terrorists

2008-04-04T04:20:57+11:00

Jack Writes: Boston - The founder and chief executive officer of Linden Lab, Philip Rosedale, spoke before the House Energny and Commerce subcommittee on telecom and the Internet on Tuesday. Rosedale stated that their game, Second Life, did not harbor any type of terrorist activity.

A February report was released from director of national intelligence. It called for an investigation into virtual worlds such as Second Life, as well as MMO experiences played out by gamers.

The idea behind the investigation was to see if, in these social environments, any type of terrorist activity took place.

He told the House during his talk, in regards to terrorism, that “we have never seen any evidence that there is any such activity going on in Second Life.”

He stated that the players, as well as the money in Second Life are controlled. They have the ability to police everything in a far more effective manner than that of which in the real world.

So it seems that terrorists have not learned to play Second Life just yet.

Google App Engine: Cashing in on the user data

2008-04-11T07:05:17+10:00

Jack Writes: Google's announcement of its App Engine has naturally generated a lot of buzz, as well as some fear, uncertainty, and doubt. There is the concern that Google will corral even more user data via its App Engine, becoming a kind of 21st century data and advertising baron, as Microsoft has been the operating system and productivity software baron in the last three decades.

If you extrapolate from Google's growing share of search and advertising, and include a growing share of Web applications through its APIs and the fledgling App Engine, you could imagine a Google that becomes the dominant Internet operating system and infrastructure provider. It's still the early days of cloud computing, but the ground is shifting.

"It's funny that we waged the war to free ourselves of (the) shackles of Microsoft and Hailstorm (a failed attempt to manage personal data)," said David Young, CEO of cloud infrastructure provider and App Engine competitor Joyent. "Now, for some reason, the digerati are anxious to run into exact same thing with Google. It's not evil, but they are tracking users and clickstreams, which (are) the real currency of the Web, and most people don't care. If you can get all data, you can target ads and the user experience, such as showing a site in a different color, depending on user profile."

The Web currency of user data and clickstreams is also vital to Joyent's business. The company has 10,000 customers, handles 5 billion page views a month, and provides infrastructure for 25 percent of the third-party applications running on Facebook. Through its Player's Club, Joyent provides free hosting to Facebook developers, as well as OpenSocial developers, in exchange for the data.

"We gather the data and work with ad networks to help their clients target sites," Young said. Joyent works with ad networks such as Slide, RockYou, Social Media, Federated Media, and AdBrite. "With billions of visitors, Google can gather the data on its own, but the social networks allow companies like Joyent to get access to it as well," he said. Basically, the majority of developers are willing to share their user data in exchange for free infrastructure services.

"If I were Google, I would buy every big Web application, such as Six Apart and WordPress, out there to get access to clickstream and user data as people move across the Web. I think that is what App Engine is all about," Young said.

In light of App Engine, Joyent is offering a similar infrastructure service (but using MySQL, Postgre SQL, or Oracle databases rather than Google's Bigtable and file system). Like App Engine, the Joyent "Garden of Eden" program includes free infrastructure for Python Web applications in exchange for customer information and clickstream data.

However, Joyent isn't limiting the usage, and it will provide unlimited compute, storage, memory, and bandwidth, as well as root control. Google's App Engine, which is in beta, is limited to 500MB of storage, 200 million megacycles of CPU, and 10GB of bandwidth per day. Young figures that this would support 25,000 unique users a month, while Joyent will support a million users for free.

With all the hand-wringing about Google's increasing footprint and clout, the company is contributing code to the open-source world and driving data portability standards, such as the OpenSocial and Social Graph APIs. David Recordon notes the potential for App Engine sites to log in via Google Accounts.

Today that means that every App Engine site could have a shared sense of a user; the ability to understand who someone is across different App Engine sites and Google services. (Obviously I'd love to see Google move toward supporting OpenID for this sort of thing, but small bits piece by piece work for me.)

Imagine if Google Accounts added support for the (upcoming) OpenSocial REST APIs. All of a sudden, each of these App Engine sites could start injecting activity and querying for activity across each other. Maybe you'll argue that this just means that Google Accounts could become the next big social network, but isn't it a bit different when this functionality is just a part of your hosting infrastructure? What if Google Accounts ignored the notion of friends and instead left that to actual social networks? If done right, this really could be the first shipping glimpse of the distributed social Web that there is to come.

If Google's growth trends continue to accelerate, the company will colonize more Web territory, collecting more data and monetizing it across billions of users and sites. So far, Google has a head start, with its highly profitable search and ad business (which is why Microsoft is in hot pursuit of Yahoo) and is moving into new application territory.

The old guard--Microsoft, IBM, Hewlett-Packard, Dell, Sun Microsystems, Cisco Systems, Oracle--haven't yet revealed plans for colonizing Web users with end-to-end, cloud-based platforms. They have stood by while Salesforce.com becomes a company with $1 billion in annual revenue. Will they be standing on the sidelines as Google and others, such as the 22-person Joyent, prove the viability of cloud platforms as a service?

Hacker releases working GDI-bug attack code

2008-04-16T03:54:59+10:00

Jack Writes: Security researchers on Monday spotted malicious code that triggers a critical vulnerability in the Chinese version of Windows 2000, and warned users of other editions to expect attacks.

Symantec Corp. confirmed that the proof-of-concept code publicly posted to the milw0rm.com site earlier in the day successfully attacks Chinese editions of Windows 2000 Service Pack 4 (SP4) by exploiting one of the two critical bugs in Windows GDI (graphics device interface) that Microsoft Corp. patched last week.

But while the attack code works on Chinese versions of Windows, it doesn't when pitched against other editions. Rather than allow hackers to execute additional code -- malware to hijack the PC, for instance -- the exploit simply crashes Explorer, the Windows file manager, on non-Chinese versions of the operating system.

"This exploit will not successfully allow for remote code execution against English systems, [but it] can successfully trigger a crash on English versions of Microsoft Windows," Symantec wrote in an analysis for customers of its DeepSight threat notification service.

The news followed reports from Symantec last Thursday that it had captured an exploit. Analysis then, however, determined that the attack -- made up of multiple Enhanced Metafile images disguised as JPEG files -- wasn't crafted properly and wouldn't actually trigger the vulnerability.

A week ago, Microsoft patched the GDI bugs in every currently supported version of Windows, including the very newest, Vista SP1 and Server 2008. Windows XP SP3, the not-yet-finished final service pack, did not require patching because it had been fixed two weeks before.

The publication of the exploit sent Symantec to the alarm button. "Due to the availability of this public exploit for Chinese versions of Windows, it is likely that attackers will modify this exploit to target English versions of the operating system," it said Monday. As it did last week, the company also urged users to deploy the fixes outlined by Microsoft in its MS08-021 security bulletin if they have not already done so.

Death knell for mobile web?

2008-04-17T03:22:59+10:00

Jack Writes: The mobile web is “limited at best and dying at worst” said former Yahoo! Mobile evangelist and programmer Russell Beattie as he shut down his mobile browser start-up Mowser barely a year after its launch.

“I don’t actually believe in the mobile web anymore,” said Beattie in a post on his official blog, explaining how he has come to believe that a web experience developed solely for the mobile handset is just not a concept that is taking off.

“Two years ago I was convinced the mobile web would continue to evolve in the west to mimic what was happening in countries like Japan and Korea, but it hasn’t happened, and now I’m sure it isn’t going to.”

Although there are around three billion mobile phones in use worldwide, Beattie claims the argument that this is tilting the online market in favour of the handset over the PC is simply not true because the current browser experience on a handset is not full enough, unless you are using a device like the iPhone or Nokia N95.

“Let’s face it, you really aren’t going to spend any real time or effort browsing the web on your mobile phone unless you’re using Opera Mini or have a smart phone with a decent browser – as any other option is a waste of time, effort and money,” he said.

Mowser was developed by Beattie as a service that takes regular websites developed for a standard PC or Mac browser and optimises or converts them for a mobile experience.

Theoretically, this gave Mowser an unlimited market but Beattie said analysis of the traffic passing though his site showed around 80pc was related to porn with an absence of a general market.

“Let me say that again clearly, the mobile traffic just isn’t there. It’s not there now, and it won’t be,” he said with an air of finality on his blog.

The solution, said Beattie, is the smart phone. Statistics may support this conclusion: a recent survey by US tech trends firm iSuppli showed that US consumers spend on average 12.1pc of their time using the iPhone for the mobile web, while users of other mobile handsets only use the net on their handsets 2.4pc of the time.

ISP typo pimping exposes users to fraudulent web pages

2008-04-21T16:00:00+10:00

Comcast, Verizon and at least 70 other internet service providers are putting their customers at serious risk in their quest to make money from mistyped web addresses, security researcher Dan Kaminsky says. Speaking at the ToorCon security conference in Seattle, Kaminsky demonstrated an exploit class he dubbed PiTMA, short for provider-in-the-middle attacks. A variation of man-in-the-middle attacks, it stole authentication cookies and injected arbitrary content into trusted web pages by exploiting weaknesses in an ad server Earthlink used when returning results for non-existent addresses.

Once upon a time, mistyped domain names resulted in a browser returning a simple 404 error that said the address didn't exist. Then ISPs realized they could make money by returning a failure notice that included banner ads and other content. This ad injection is done through the magic of the domain name system. As a result, browsers get fooled into thinking a request for qww.microsoft.com is a legitimate address that's controlled by the same network responsible for www.microsoft.com.

"Guys, anything goes wrong on that subdomain [and] it is an element of the parent," Kaminsky said. "It can access cookies, it can do other things. Normally a subdomain is trusted by the parent. Not this time."

Pages that ISPs return for non-existent pages, for example fake.theregister.co.uk, are able to circumvent the so-called same origin policy, which prevents cookies and other types of content set by one domain from being accessed or manipulated by a different address.

Kaminsky's demo relied on an easily exploited cross site scripting (XSS) error in an ad server run by a company called BareFruit, which Earthlink and other ISPs pay to return results for non-existent pages. The flaw meant users of any ISP using the service were at risk of having virtually any website on the internet spoofed by a malicious attacker with knowledge of the vulnerability.

When notified of the error, "BareFruit defecated masonry" and "fixed the bug in about 27 minutes after they heard what they were up to," Kaminsky said.

Even though the specific problem has been corrected, similar ad servers are likely also vulnerable, Kaminsky said, imperiling large swaths of internet. He said the practice should serve as a strong argument in favor of net neutrality, a concept that holds that ISPs should be barred from changing the content of pages they deliver.

"This is not actually rare. This is not a small thing," said Kaminsky added that at least 72 ISPs he's counted are engaged in the practice of spoofing domain names when returning non-existent web pages. They include Verizon, Comcast, and on a smaller scale, Cox and Qwest. "Small amounts of failed net neutrality can lead to catastrophic effects on internet security. Intent not actually required."

To bring home his point, Kaminsky showed how exploitation of the now-patched BareFruit bug allowed him to to return spoofed pages from Microsoft and just about any other web destination he chose. The forgeries are especially convincing because in every case the legitimate domain name appeared in the browser's address bar.

Kaminsky also managed to superimpose a video of Rick Astley on the legitimate web pages of Facebook, Fox News and even Toorcon. "Rick Rolling," as the practice of fooling people into viewing the insipid performer's videos, has grown into a common way to show off hacking and social engineering prowess.

"It's a peculiarly awesome point in one's career when it turns out you get to Rick roll the internet," Kaminsky said in an interview."

Windows market share dives below 90% for first time

2008-12-03T19:00:00+11:00

Microsoft Corp.'s Windows OS last month took its biggest market share dive in the past two years, erasing gains made in two of the past three months and sending the operating system's share under 90% for the first time, an Internet measurement company reported today.

In November, 89.6% of users who connected to the Web sites that Net Applications Inc. monitors did so from systems powered by Windows, a drop of 0.84 of a percentage point from October. The decrease was the largest slip by Windows in the past two years and easily bested other recent down months, including May 2008 and December 2007, when Windows lost 0.51 and 0.63 percentage points, respectively.

Apple Inc.'s Mac OS X, meanwhile, posted its biggest gain in the same two-year period, growing by 0.66 percentage point to end the month at 8.9%. November was the third month running that Apple's operating system remained above 8%.

Vince Vizzaccarro, Net Applications' executive vice president of marketing, attributed Windows' slip to some of the same factors he credited with pushing down the market share of Microsoft's Internet Explorer browser. "The more home users who are online, using Macs and Firefox and Safari, the more those shares go up," he said. November was notable for a higher-than-average number of weekend days, as well as the Thanksgiving holiday in the U.S., he said.

Windows' share typically falls on weekends and after work hours, as users surf from home computers, a larger percentage of which run Mac OS X than do work machines.

Notable in Windows' downturn was a dramatic drop in share of the aged Windows XP -- the largest decrease since January 2008 -- and a major uptick in Windows Vista's share. While XP lost 1.81 percentage points, Vista gained back 1.16 points of that, its largest move since last January.

Windows 2000, the only other edition that Net Applications tracks, continued its slide toward 1%, falling to 1.56% during November.

As expected, Vista cracked the 20% mark for the first time last month, ending November with a 20.45% share.

Windows' share shows no sign of stopping its slow slide; in the past 12 months, Microsoft's market share has fallen from 91.79%, a decrease of more than 2 percentage points. During the same period, Apple has increased its operating system market share by 1.56 points, or a gain of 21.3%.

Net Applications also noted a small boost in market share for the open-source Linux operating system, which grew from 0.71% in October to 0.83% last month. In August and September, however, Linux had a share above the 0.9% mark.

Operating system market share data is available at Net Applications' site.

Firewall.cx advice scores No.1 position on Searchnetworking.com!

2008-12-18T14:22:11+11:00

Firewall.cx earns No.1 position in Searchnetworking.com's 'Top 10 networking advice of 2008'!

Our site provides advice and guidance to millions of readers globally, and we've just received word our advice was voted as the No.1 advice for the year 2008! (Screenshot)

The Firewall.cx Team would like to thank once again its community for its support and trust these past years!

Firewall.cx is all about its thriving community, that has made this site one of the world's Top Network Security & educational sites, where engineers around the globe turn to for help and advice.

Thank you!

The Firewall.cx Team

Google Q4 earnings plummet, revenue up 18%

2009-01-23T12:46:52+11:00

Google's profit took a dive in the fourth quarter, which ended Dec. 31, while revenue grew almost 20 percent, the company announced Thursday.

In a statement, CEO Eric Schmidt said Google performed well despite the difficult economic environment. "Search query growth was strong, revenues were up in most verticals, and we successfully contained costs," he said.

Google reported revenue of US$5.70 billion, up 18 percent compared with the $4.83 billion in 2007's fourth quarter. Subtracting the commissions Google pays to its ad network partners, revenue came in at $4.22 billion.

Net income was $382 million, or $1.21 per share, down from the $1.2 billion, or $3.79 per share, recorded in 2007's fourth quarter.

On a pro forma basis, which excludes one-time items, net income was $1.62 billion, or $5.10 per share. This excludes expenses such as stock-based compensation and costs related to the settlement of the copyright infringement lawsuits brought by the Authors Guild and the Association of American Publishers (AAP) over Google's Book Search service. It also excludes charges such as write-offs of $1.09 billion of Google investments primarily in AOL and Clearwire.

Google also announced Thursday it plans to offer employees a voluntary, one-for-one stock option exchange intended to create more incentives for employees to remain at Google.

Paid clicks on Google sites and partner sites increased approximately 18 percent compared with 2007's fourth quarter.

Google finished the quarter with 20,222 full-time employees, up from 20,123 full-time employees as of Sept. 30, 2008.

Configuring NAT Overload on a Cisco router

2009-03-26T10:06:41+11:00

Our Technical Knowledgebase has just been updated with a new article showing you how to configure NAT Overload (or PAT - Port Address Translation) on a Cisco router.

Our article on NAT Overload configuration contains detailed diagrams, a complete list of commands and step-by-step instructions to ensure you're able to set it up, troubleshoot and verify its operation.

Cisco Technical Knowledgebase Update

2009-04-03T19:00:00+11:00

Our Technical Knowledgebase has just been updated with a new article showing you how to configure ISDN Dialup on a Cisco router so it can connect to your ISP and provide your network with Internet Access.

Our article on ISDN Dialup configuration contains detailed diagrams, a complete list of commands and step-by-step instructions to ensure you're able to set it up, troubleshoot and verify its operation.

Click here for a complete list of topics currently covered on Firewall.cx"

Cisco Technical Knowledgebase Update

2009-04-09T11:10:07+10:00

Our Technical Knowledgebase has just been updated with a new article showing you how to configure Dynamic NAT on a Cisco router.

Our article on Dynamic NAT contains detailed diagrams, a complete list of commands and step-by-step instructions to ensure you're able to set it up, troubleshoot and verify its operation.

Click here for a complete list of topics currently covered on Firewall.cx

Cisco Technical Knowledgebase Update - VPDN PPTP Cisco Router Configuration

2009-04-13T11:09:17+10:00

Our Technical Knowledgebase has just been updated with a new article showing you how to configure a VPDN / PPTP server on a Cisco router.

Our article on Cisco router PPTP setup contains detailed diagrams, a complete list of commands and step-by-step instructions to ensure you're able to set it up, troubleshoot and verify its operation.

Click here for a complete list of topics currently covered on Firewall.cx"

Configuring NTP (Network Time Protocol) on a Cisco Router

2009-04-23T10:02:38+10:00

Our Cisco Technical KnowledgeBase has just been updated with another great article showing you how to configure NTP service on your Cisco router.

NTP is used by all network devices, including workstations, servers, routers, switches and many more, to ensure they are synchronised with the correct date and time.

Because NTP is considered a critical service, we've decided to cover it in the best possible way, showing you not only how to configure it, but also troubleshoot and verify its operation.

To read up on our Cisco router NTP configuration article, follow the link below:
Configuring NTP (Network Time Protocol) on a Cisco Router.

Troubleshooting PPP Internet Connection on a Cisco Router

2009-05-03T11:59:32+10:00

The latest article in our Cisco Technical KnowledgeBase covers most Administrators nightmare: Troubleshooting Cisco router PPP Internet connections.

Our in-depth article will guide you through the most common problems found in router PPP connections and show how to find them, troubleshoot and resolve them using Cisco's best practices.

Another great Cisco article for our community.

Want to help us out? It's simple:If you find our articles useful, take a minute from your time and 'Digg' them using the link provided at the beginning of the page.
By 'Digging' our pages, you provide your vote for Firewall.cx's content and more people will be able to find them through services such as 'Digg.com'.

The Firewall.cx Team.

New! Windows Technical KnowledgeBase

2009-05-14T12:13:31+10:00

Yes you read correctly!

Following the successful launch of the Cisco Technical KnowledgeBase, Firewall.cx taking another step forward and now opening the new Windows Technical KnowledgeBase. This new section will provide engineers and administrators top articles, produced by Firewall.cx and its contributors, that will help them configure, troubleshoot and master hundreds of Windows 2000, 2003 & 2008 services and functions.

A Sample of the articles lined up for publishing are:

- Creating & administering Windows Group Policies
- Creating & using Windows roaming profiles
- Tombstone lifetime attributes in Active directory
- Renaming Windows 2000 domain
... and much more!

Our new section kicks-off with our article "Creating Local & Domain Users and Groups in Windows 2003".

You can read up more on the new section by clicking here.

Windows Group Policies - Configuring Local Group Policy

2009-05-19T08:21:46+10:00

Our latest addition to our brand new Windows Technical Knowledgebase shows you how to configure Local Group Policies to tighten your Windows server security.

Learn what Windows Group Policies are all about and how you can use them to your benefit. Our standard step-by-step instructions and detailed screenshots provide all the necessary information to successfully configure any Local Group Policy.

You can follow the link below to read our article:

Configuring Local Group Policy

How To Configure Windows Domain Group Policy

2009-05-21T12:29:43+10:00

In continuation to our last Windows Technical Knowledgebase article, we've just released a new one showing you how to configure Windows 2003 domain group policies.

This new article is basically a continuation of the previous one covering local group policies.

In this new article, you'll be shown step-by-step instructions how to create, edit and save any domain group policy.

To read more on this excellent article, please follow the link below:

Configuring Windows Domain Group Policy.

Configuring Windows Server Roaming Profiles

2009-05-29T09:59:31+10:00

This latest addition to our Windows Technical KnowledgeBase covers the configuration of Windows Server Roaming Profiles. Our step-by-step guide shows you how to configure and troubleshoot Windows roaming profiles in a workgroup or domain environment.

This article covers all Windows server operating systems.

To read our article, follow the link below:

Configuring Windows Server Roaming Profiles

Changing the Tombstone Lifetime Attribute in Active Directory

2009-06-02T11:04:23+10:00

The Windows Technical Knowledgebase has just been populated with another great article that covers changing the Tombstone Lifetime Attribute in Active Directory.

This article explains what the Tombstone Lifetime Attribute is and how it can help a Windows Administrator control delete operations performed by the Active Directory replication process.

Our article includes using the ADSIEdit Tool & step-by-step screenshots with an in-depth analysis, basically all the necessary information required for the task. We also cover two other methods you can use to configure the Tombstone Lifetime Attribute: 1) Using an LDIF file and 2) Using a VBScript.

Be sure to read through this one-of-a-kind article by clicking on the link below:

Changing the Tombstone Lifetime Attribute in Active Directory.

Renaming Windows 2000 Domain Name

2009-06-05T09:40:22+10:00

Renaming a Windows domain is no simple task. This article will show you how it's possible to safely rename a Windows 2000 domain without causing damage.

Read this article by following the link below:

Renaming Windows 2000 Domain Name.

How To Configure Router-on-a-stick - 802.1q Trunk To A Cisco Router

2009-07-12T12:23:45+10:00

Learn how to configure router on a stick for Cisco routers. This article provides the necessary background information and code to ensure you can successfully configure router-on-a-stick (802.1q Trunk) for Cisco routers. Detailed diagrams and step-by-step information available.

You can read this article here:

Configuring Cisco Router-on-a-stick (802.1q Trunk)

Installation Of A Cisco Catalyst 4507R-E Layer 3 Switch

2009-08-04T10:18:35+10:00

Since many engineers don't get the chance to work with expensive & hard-to-come-by Cisco equipment, we've decided to start populating our Technical Knoweldgebase with articles that show you the whole installation process of these equipment.

To kick-start this new exciting area, we present our first article covering the Cisco Catalyst 4507R-E installation.

We show you everything from unpacking the 4507R-E, inserting its Supervisor engines, power supply installation, 48port Gigabit modules with PoE support, the 4507R-E, the impressive chassis fantray with 8 fans, system POST test, power consumption, all the way to the synchronisation of its two redundant Supervisor engines!

This great article contains over 20 pictures covering the whole process, ensuring you get the best possible experience and knowledge from our installation!

To read more on this unique article, please follow the link below:

Installing a Cisco Catalyst 4507R-E Layer 3 switch.

Installing & Configuring Basic DHCP Server on Windows 2003

2009-11-09T22:37:31+11:00

DHCP is an essential service in any Windows network. This great new article will guide you step-by-step showing how to successfully install and configure a Windows 2003 DHCP Server.

Learn how to properly configure basic settings of Windows DHCP server, how to specify DNS, WINS, Network Gateway parameters and much more. With plenty of screenshots and our unique presentation methodology, you'll be up and running with all questions answered in no time!

This topic was covered by Nuno Delgado (KiLLaBeE), a highly valued Firewall.cx community member.

To read this great article, please follow the link below:

Installing & Configuring Basic DHCP Server on Windows 2003

Configuring DHCP Windows Server 2003 - Advanced Setup

2010-02-01T09:08:36+11:00

This two-page article will help you explore the advanced features available on the Windows 2003 DHCP Server.
Learn how to setup your DHCP 2003 service to support Cisco IP Telephony, Dynamic DNS, Superscopes, Multicast Scopes, DHCP Database backup and restoration. We'll even show you some neat troubleshooting techniques to help you identify and trace common problems with your DHCP service.

This great article, combined with our Basic Windows 2003 DHCP Server Configuration article will provide more than enough information to help you successfully setup and operate a full functional Windows DHCP server in your network.

This topic was covered by Nuno Delgado (KiLLaBeE), a highly valued Firewall.cx community member.

To read our article, please follow the link below:

Configuring DHCP Server 2003 - Advanced Setup

Installing & Configuring Windows 2003 DNS Server

2010-05-09T11:32:48+10:00

This article describes step-by-step how to install and configure a Windows 2003 DNS server.

The article begins by setting up a cache-only DNS server and progress to creating a primary forward lookup zone, a reverse lookup zone, and finally some resource records.

To read our article, please visit the following URL: Windows 2003 DNS Server Installation and Configuration

WEB SSL VPN - The Next Wave Of VPN Technologies

2010-06-14T10:19:08+10:00

WEB SSL VPN is a term frequently used these days by many vendors such as Cisco, Microsoft, Checkpoint and more, but what exactly is it and how does it differ from the VPNs as we know?

The WEB SSL VPN article aims to introduce the concept of Web VPN and how it works. We analyse the concept, the advantages, why the market is moving to these solutions and how it can help any businessman or engineer get the most out of their network resources when connected remotely.

This very popular article was originally written by Chris Partsenidis, Founder & Senior Editor of Firewall.cx, for Techtarget's SearchEnterpriseWAN.com.

You can read the article by following this url: WEB SSL VPN

Colasoft Capsa v7.2.1 - Packet Sniffer - Network Analyser Tool Review

2010-07-03T09:56:42+10:00

As a popular network security website, we use a variety of tools to help us analyse protocols and illustrate how they work. Many of these tools are found in a network engineer's every-day toolbox, while others not.

Colasoft's Capsa is a network analyser you are likely to find many engineers using and does more than simple packet capturing. We've used Capsa in the past as a packet sniffer but this time we were left very impressed by what we saw, so we decided to check it out in depth and review this terrific tool for our community.

Our review contains a generous amount of pictures and step-by-step guide through the application so you won't need to go elsewhere to figure out what it can do and how it can help you.

If you are interested in network analysis, looking for a tool to help troubleshoot network problems or even would like to get a glimpse of the tools professional engineers use, then make sure you continue to our detailed review.

To read our review of Colasoft's Capsa Network Analyser follow this link: Colasoft Capsa v7.2.1 Review

Configuring Static Route Tracking using IP SLA

2010-07-27T06:29:42+10:00

The Reliable Static Routing Backup using the Object Tracking feature can ensure reliable backup in the case of several catastrophic events, such as Internet circuit failure or peer device failure.

This excellent article shows how to configure Static Route Tracking using IP SLA, so your Cisco router automatically switches between different routes. With the use of IP SLA, the Cisco router can use ICMP echos (PING) to monitor the WAN link and automatically initiate a backup connection in the event of a link failure.

Our legendary step-by-step instructions will teach you how to successfully configure and troubleshoot IP SLA.

This article was written by Sujit Nair who works as a Support Engineer in the Routing Protocol section of Cisco Systems.

To read this article, please visit our Cisco Technical Knoweldgebase or visit the link below:

Configuring Cisco IP SLA

Colasoft Capsa - Free Edition!! Packet Sniffer - Network Analyzer

2010-08-05T04:00:00+10:00

Colasoft, an innovative provider of all-in-one and easy-to-use network analyzer software, today (4th August 2010) announces the release of a free network analyzer software-Capsa Free, which is fully functional with no expiry days. The intuitive, simple graphic network analyzer designed for personal and small business use is now totally free to the public.

Capsa Network Analyzer Free Edition Highlights:

Your own dashboard, important parameters in one place and in graphs
Record network Profile, set your analysis objective and perform customized analysis.
Powerful customizable alarm, customize dozens of alarm trigger combinations.
Identify and analyze more than 300 network protocols, create and customize protocols, analyze unique protocol traffic.
Intuitive TCP timing sequence chart.
Accurate MSN & Yahoo Messenger monitoring statistics.
Email monitor and auto-saving Email content.
Enhanced, Customizable Reports.

Understanding and configuring the Cisco Smart Care Service

2010-08-14T09:44:53+10:00

The Cisco Smart Care service is the most advanced support and warranty coverage services Cisco has offered until now. The Cisco Smart Care service not only provides enhanced warranty coverage, but also includes a free 24/7 around the clock monitoring of your Cisco devices covered by the Smart Care contract.

Our six-page in-depth technical article will show you what the Cisco Smart Care service is all about, what's included in the service, how the Cisco Smart Care appliance is installed, configured and updated, plus the configuration of the service via the Cisco Smart Care portal.

This technical article is a world-first with over 35 pictures and screenshots, as there is no other site providing this level of detail.

Following is a brief summary of the covered topics:

- Introduction to the Cisco Smart Care Service

- Cisco Smart Care Service

- The Cisco Smart Care Appliance

- Configuring the Appliance Network Settings

- Updating the Cisco Smart Care Appliance

- Assigning & Enabling the Cisco Smart Care Appliance

- Discovering Cisco Devices

- Inventorying The Discovered Cisco Devices

You can begin reading about the Cisco Smart Care Service by clicking here:

Introduction to the Smart Care Service

Disabling Cisco Password-Recovery Service

2010-09-16T07:55:23+10:00

This article explains the password-recovery service and how to disable it on a Cisco device. Steps covered in the article are applicable to Cisco routers, switches, access points and more.

You can read more in this article by following the link below:

Disabling Password-Recovery service

New Cisco Voice-over-IP (VoIP) Section on Firewall.cx!

2011-01-14T11:05:00+11:00

VoIP articles are finally a reality on Firewall.cx!

This new -and long awaited- section aims to cover the VoIP gap in Firewall.cx's material and will cover from basic VoIP concepts to advanced and complicated configuration scenarios using leading VoIP technologies such as Cisco's CallManager Express (CME) and Cisco's Small Medium Business solutions such as the Cisco UC520, UC540 & UC560 series.

The New Cisco VoIP section aims to provide a solid VOIP configuration reference guide to the VoIP community.

We are extremely excited about this new section as we feel it is essential to provide a broader and more complete coverage of network technologies to our global community.

The new VoIP section kick-starts with the Introduction of Cisco CallManager Express. Concepts and configuration guides covered also apply to Cisco's popular SMB UC520, UC540 & UC560 series VoIP PBXs.

The introduction article analyses CallManager Express, what it runs on, what IOS software releases support it and how routers are transformed into fully-capable VoIP PBX's. In addition, you'll find information on voice interfaces commonly found on Cisco routers, how important they are and how they are used to connect to the public switching telephony network.

Our Basic VoIP Concepts article illustrates how Cisco's CallManager Express and UC500, UC520 & UC540 systems work along with Cisco network switches and Cisco IP Phones. Voice Vlans are also covered in order to explain how important their existence is within an VoIP network.

We also take a look at basic telephone configuration on Cisco's Call Manager Express by explaining the 'ephone' and 'ephone-dn' concepts, how extensions are assigned to Cisco IP Phones.

Closing, VoIP codecs are also explained (G.711 & G729), which are used frequently on CME systems and why.

Of course, all the above are covered using our popular illustrated diagrams, presented in a simple manner to ensure our material is easily understood.

To read the first VoIP article (three pages), simply follow the link below:

Introduction to Cisco CallManager Express (CME)

All Future VoIP articles covering CallManager Express, UC500, UC520 & UC540 PBXs will be located in the 'Technical KnowledgeBase > Cisco VoIP Technologies' Section of our menu.

Cisco CallManager Express GUI Download, Installation & Configuration

2011-01-26T12:33:49+11:00

Following the launch of our new VoIP section, this new Cisco VoIP article will help you identify the different CallManager Express (CME) versions depending on the Cisco IOS loaded on your router or UC500 platform. We show you how to download the correct CallManager Express GUI files, what they contain, how to extract and install them on to your router or UC500.

Instructions on enabling the router's web interface & creating accounts to access the CallManager Express GUI are also included. Finally, we cover the configuration of basic CallManager Express system parameters and explain what they do.

This two-page article is designed to provide an insight on installing Cisco's CallManager Express GUI web interface, its basic configuration & techniques to overcome problems that might occur during the process.

To read this article, following the link below:

Cisco CallManager Express (CCME) GUI Software Installation & Configuration

Cisco Router VPN Client Configuration - Configuring Cisco Router To Support VPN

2011-02-07T12:09:42+11:00

Configuring Cisco routers to support IPSec VPNs is a fairly common task these days. This article will show you how to setup your Cisco router to support Cisco VPN tunnels for your remote users, using the latest encryption technologies available, to provide a secure connection to your company's network resources.

Split tunneling also covered with the Cisco VPN Client configuration, allows specific networks to be tunnelled through the encrypted IPSec VPN. This feature is also analysed alongside with a number of examples.

Features Covered:

- Router IOS requirements for Cisco VPN (IPSec)

- VPN Network Diagram

- Creation of user VPN accounts

- Configuration of crypto ISAKMP policies for authentication

- Crypto ISAKMP group authentication

- Cisco VPN client tunnel encryption

- VPN Virtual Interfaces

- VPN Split tunneling

- Necessary VPN Group & NAT access lists

- Cisco VPN access list tips to make life easier for larger networks and complex VPN configurations

To read our article on how to setup a Cisco router for remote Cisco VPN client access, follow this link:

Cisco Router VPN Client Configuration - Setup

Engineers and administrators who need to restrict VPN user access to Layer-4 services e.g www, smtp, pop on a specific internal host (e.g web/email server) should read our How to Restrict Cisco IOS Router VPN Client to Layer-4 (TCP, UDP) Services - Applying IP, TCP & UDP Access Lists article.

Colasoft Capsa WiFi Beta testing - Get involved and win an IPAD!

2011-02-14T11:44:21+11:00

Colasoft recently announced the development of their new product - Capsa for WiFi, a wireless packet sniffer and network analyzer for laptop and desktop computers.

Capsa for WiFi wireless, the new member of Colasoft network analyzer product family, delivers professional levels of WLAN network traffic capture, monitoring and analysis for wireless professions to analyze any of the 802.11 a/b/g/n. Based on the latest Network Driver Interface Specification (NDIS) 6.0 library, almost all wireless cards supported by Windows Vista and Windows 7 will work with Capsa for WiFi, no special wireless network adapter required.

The great news is that Capsa for WiFi is free as it is in its beta testing phase. Not only is the program available free to download, but people willing to give it a run and send their feedback, automatically get in the draw for a Free IPAD and Capsa WiFi License!

Colasoft Discounts for the Firewall.cx Community!

2011-04-07T09:16:52+10:00

In recognition of Firewall.cx’s popularity and unique community, Colasoft, a leading vendor on packet & network analysis software, has provided a special discount coupon code that entitles all members to 10% off any of their products!

To take advantage of this offer, simply use the following coupon code: FW10DIS

Colasoft is well known for their Capsa Packet & Network Analysis solution for wired and wireless networks to enable IT staff to predict, pre-empt and resolve network and service delivery problems.

61% of SMEs use email archiving in-house – what about the others?

2011-05-05T08:27:35+10:00

A recent survey on email archiving commissioned by GFI Software, based on 202 US-based SMEs, found that a growing number of organizations are considering or would consider a third-party hosted email archiving service. A total of 18% of those organizations that already use an email archiving solution, have opted for a hosted service, while 38% said are open to using such a service.

This article shows some very interesting findings around the well-known problem of email archiving and security, but also covers various solutions for businesses of any size.

To read more about this topic please click here.