|
|
| GeoCommunity Mailing List |
| |
| Mailing List Archives |
| Subject: | GISList: security for your workplaces |
| Date: |
07/02/2003 11:05:01 AM |
| From: |
viktoras |
|
|
I think everybody is concerned with security of own workplaces.
Think there is a flaw somewhere in the security setup of your system,
suspecting a spyware in your system, or your software provider behaving
unhonestly, or system is just acting strangely although your preffered
firewall seems to be O.K. ? Or what sort of Big Brother is watching you
:-). Then here are some hints for everyone:
1) Always keep your firewall up, otherwise hacking your system (just
peeping in, stealing or spoiling your data or using your computer to
hack others) is a matter of seconds:
2) Scan your system for possible security holes using Seagate services
(free) at http://scan.sygate.com/quickscan.html
3) Windows 98/.../XP users should be aware of a Port 5000 which may be
left open by default on these systems. It can cause a remotely
exploitable buffer overflow that allows an attacker gain SYSTEM level
access to any default installation of Windows XP, a Denial of Service
(DoS) attack, and a Distributed Denial of Service (DDoS) attack. This is
an old issue, still many are unaware of it. Get a patch for it at
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS01-059.asp.
or just use a firewall.
4) Windows XP users again should be aware of a critical security
vulnerability that exists in Windows XP. This vulnerability allows the
files contained in any specified directory on your system to be deleted
if you click on a specially formed URL (sorry, I am not going to provide
a "hands on" demonstration on how it works in this list). It is not
reccomended to use ServicePack 1 to handle this problem as it may wreck
some systems. Use http://grc.com/xpdite/xpdite.htm or download a patch
from
http://www.microsoft.com/Downloads/details.aspx?displaylang=en&FamilyID=731CBB23-D5F5-4F69-A8D0-1072D949320A
instead.
5) Windows users be aware of an open Microsoft SQL Server's monitor port
1434 targeted by several recent worms. Keep attention to a presence of a
vulnerable Microsoft's MSDE server and it's behaviour in your systems.
Usualy it is installed by some popular Windows applications and may be
easily missused.
7) Windows XP users (especially Home version) should pay an attention to
the fact that all users set up on a WinXP system are graded as
Administrators by default.
This little flaw leaves millions of PC's quite open to attack. This can
let hackers to mound DDOS attacks on legitimate web sites using your PC.
This has happened at the begining of this year when a next-generation
distributed denial of service attack employed innocent third-party
Windows servers.
And if you have any server running in your Windows system, look at the
reports of your firewall, you'll still be able to see attempts to
perform Denial of Service attack. My systems used to be attacked for
DDoS in average once per 4 minutes. Luckily I always have a firewall
running. In general these vulnerabilities are types of denial of service
attacks. The first is a fairly straightforward DoS attack, which allows
an attacker to remotely crash any Windows XP system. The crash will
require Windows XP users to physically power down their machines and
start them up again before the system will function. The second denial
of service attack is a DDoS attack. This vulnerability allows attackers
to remotely command many Windows XP systems at once in an effort to make
them flood/attack a single host.
8) Older Zone Allarm firewall versions are known to have a bug which
may crash Windows XP systems when used together with IIS or Apache
server. Be sure installing the latest version of Zone Allarm.
9) http://smb.sygate.com/products/spf_standard.htm - just a good firewall
10) use Linux firewalling capabilities to safeguard your network and
find a good job for your old computers :-)
Hope it helps
Viktoras
To unsubscribe, write to gislist-unsubscribe@geocomm.com
________________________________________________________________________
GeoCommunity GeoBids - less than $1 per day!
Get Access to the latest GIS & Geospatial Industry RFPs and bids
http://www.geobids.com
Online Archive of GISList (and numerous others) available at:
http://spatialnews.geocomm.com/community/lists/
Setup a GeoCommunity Account and have access to
the GISDataDepot DRG & DOQQ Catalog
http://www.geocomm.com/login.php
|
|
Sponsored by:
For information
regarding
advertising rates
Click Here!
|
