zachlipton writes "DSL Reports has an interesting question posted: should users with pirated copies of Windows be allowed to download security updates, such as for Sasser? Apparently, without a valid CD key, users cannot download these updates. Do they get what they deserve, or should they be allowed these updates through Windows Update in order to reduce the impact of these worms on the rest of the net? Should security updates only for worms be made available to pirated users, or also updates for issues that while not posing a risk to other internet users, would open the pirate up to a security hole?"

rbrandis writes "Dealing with widespread worms like Sasser raises the cost of using Windows, a research analyst said Wednesday. "This is part of the carrying cost of using Windows," said Mark Nicolett, research director at Gartner. "The cost of a Windows environment has gone up because enterprises have to install security patches very rapidly, deal with outages caused by secondary problems with these patches, and deploy additional layers of security technology." "The Sasser worm attacks confirm our prediction that mass worm attacks against the multiple vulnerabilities disclosed by Microsoft on April 13 were likely," said Nicolett and his Gartner colleague, John Pescatore, in an alert posted on the Gartner site."

The Original Yama writes "Strong passwords are your first step in securing your systems. If a password can be easily guessed or compromised using a simple dictionary attack, your systems will be vulnerable to hackers, worms, Trojans, and viruses. PCLinuxOnline provides an alphanumerical list of list of commonly used weak passwords that should never be used. If any of these passwords look hauntingly familiar and are being used, you should change the password immediately."

zoombat writes "NTBugtraq has a post looking for volunteers to run WormRadar nodes. The nodes are essentially honeypots that watch for suspicious activity. Its purpose is to both measure the frequency of known, current worms and to alert us all when something new becomes active. A graph (updated every 30 minutes) shows what was detected. Currently it looks like only a Windows client is available, though."

AMuse writes "After taking a course at SANS from Ed Skoudis (and later hacking with him at the DefCon "Capture the Flag" contest in Las Vegas), I decided it was time to buy a copy of his latest book and see if he writes as well as he teaches. "Malware: Fighting Malicious code" is his most recent computer security book and was definitely a worthy purchase. Though the topic itself is not for novices, Skoudis does a splendid job of reviewing the basics with each chapter so that a less experienced security professional can follow along and learn. Additionally, he is very careful to show both Windows and UNIX/Linux examples of the topics, making the book accessible to a far wider crowd than some platform centric books I've read." Read on for the rest of AMuse's review.

otterit writes "A story in the Washington Post discusses how chief executives of U.S. corporations and their boards of directors should assume direct responsibility for securing their computer networks from worms, viruses and other attacks, an industry task force working with the federal government said."

xandroid writes "Just a couple days after talking about free hardware, Bill Gates has sent an email to customers saying that Microsoft will continue to focus on security, titled 'A Microsoft Progress Report: Security' (MSNBC story, PC Magazine story, Google News' related stories). The email mentions that fast-spreading and destructive viruses and worms are 'threatening the potential of technology to advance business productivity, commerce and communication', but says that to counter the threats, Microsoft will make 'major investments in customer education and partnerships that will help make the computing environment safer and more secure'. He also talks about the XP Service Pack 2, and says that Microsoft is 'working with microprocessor companies, including Intel and AMD, to help Windows...support hardware-enforced data execute protection (also known as NX, or no execute)'." Reader Zephyr_in writes "Macworld reports that the beta-release of Longhorn is likely to be postponed to early 2005 because Microsoft is concentrating first on a security-focused update (SP2) to Windows XP. Earlier this week Gates said Longhorn is 'not a date-driven release.' and said the speculation that the operating system will come out in 2006 is 'probably valid.'"

TwistedSpring asks: "As bandwidth costs become cheaper and more people adopt cable or DSL over standard dial-up connections, the time it takes to distribute worms and other unwanted or malicious material (read: spam) across the Internet decreases. After noting the current surge in Internet worms and the so-called Darwinist evolution of these things into more and more powerful incarnations, I wonder: will the proliferation of broadband Internet access deal a serious blow to current freedoms on the Internet?"

cuzality writes "The media is now beginning to suggest that this recent onslaught of new viruses (with new versions of major-impact viruses being found daily) the result of a virus gang turf war, kinda like the India/Pakistan virus conflict, in which official Pakistani sites were savaged by such infamous groups as Indian Snakes and Indian Hackers Club. The gangs are shooting fast and loose: variations of the big ones are being discovered daily (as of March 4, we are up to MyDoom.H, Netsky.F, and Beagle.K), and in the space of three hours on Wednesday morning, five variants of these three were first discovered. Typically these viruses (or more correctly, worms) do little damage to the infected computer, intent mostly on spreading far and wide, and sometimes inflicting DoS on some poor evil empire."

Ethereal writes "InternetNews.com reports that Microsoft has begun beta-testing a built-in virus scanner for its Windows XP Service Pack 2 (SP2) that will be included in the final product in mid-2004. The tool is among the operating system enhancements the Redmond, Wash., company is developing as part of its Security Center initiative to rebuff viruses, worms, trojans and crackers. Microsoft will also provide free online training to help developers make the most of SP2's security features, Chairman Bill Gates said at today's RSA Security conference. It's the first time the company has offered training with a Windows service pack release."

JJP writes "ZDNet Australia is reporting that two new worms, Doomjuice and Deadhat, are taking over computers previously infected by the MyDoom virus. Apparently they try to uninstall the MyDoom virus and then take over the PC to start their own malignant work. Whilst the threat these two worms pose shouldn't be too big, both needing a MyDoom backdoor, it is still a novel way to spread a virus. In the Netherlands there is a newspaper reporting this proves MyDoom was initialy spread by organised crime in a dark plot to wage cyber-war and steal confidential data from our computers."

treerex writes "NIST (the US National Institute of Standards and Technology) has just released a 148 page report entitled Computer Security Incident Handling Guide (PDF). It covers the gamut, from setting up a response team to dealing with specific types of attacks: DoS, trojans, worms, malicious code, and unauthorized access. While written by a team from NIST and the contractor Booz-Allen Hamilton (BAH), they appear to have taken input from CERT and luminaries like Spafford. It is an interesting read."

An Anonymous Reader writes "If you recently set up a new PC with Windows XP, or if you had the pleasure to do a 'reinstall from scratch,' you probably found that many XP systems as they are shipped today are not patched against common issues like Blaster. Given that these worms are still going strong, it doesn't take long for a new system to be infected. In particular, if you have to connect it to the Internet to download all the patches. Well, help is in sight. The SANS Institute released a paper entitled Windows XP: Surviving the First Day." (Read on below.) Update: 12/24 17:59 GMT by T : Thanks for reader Bill Curnow for the updated link. Update: 12/24 19:15 GMT by T : Besides the workaround suggested below, Roblimo has a good suggestion on avoiding the first-day-of-Windows altogether.

Geekboy writes "Arguing proprietary interests, the Liberal Party of Canada has set out to force the closing (article mirrored in case the site closes) of a satire web site that takes aim at the new unelected Canadian Prime Minister, Paul Martin. The site in question is paulmartintime.ca, which is a satire of paulmartintimes.ca, but this opens a whole can of worms in regards to copyright and fair use of web content, and it involves the controlling party of Canada. Clearly there are mixed messages when one site mimics another, but where does one draw the line when it involves political satire and accountability?"

santos_douglas writes "Forget ATMs coming under attack by worms, MSNBC has this article about Dateline NBC's investigative report into fake ATMs and other ATM related scams. ATM frauds are a clever combination of social engineering and hardware hacking. The most sophisticated thefts involve the purchase and setup of real ATMs that actually do dispense cash to avoid suspicion, but are altered to save both the card's magnetic signature and the customers PIN, which are later added to false cards and used to empty bank accounts at real ATMS. The 'ATM gang' profiled managed to purchase and setup 50+ machines and steal over $4 million from over 21,000 customers. The machines can be purchased legitimately and hooked into the banking network with no more than a regular bank account. Less sophisticated attacks include building and attaching false fronts to existing ATMs to collect info, and using covert cameras to collect PINs from afar. The articles has some handy tips for avoiding scams."

Truist writes "My wife and I have started playing games together (side by side at the computer) recently, and we're having a hard time finding games that we both like. Specifically, I tend to like FPS games (Quake) and she tends to like puzzle games (Myst), but we're both happy to meet in the middle. She doesn't seem to like Worms, but Return to Castle Wolfenstein was a huge success for both of us. What are your suggestions for good games that we can play together, and that we'll both enjoy?"

The Computing Research Association recently invited 50 of the top scientists, educators, business people, and futurists in cyber security to an executive retreat in Virginia and locked them away for three days until they identified a set of "Grand Challenges" in information security research -- ideas that should "shape the research agenda in the field over the next few decades." The conference participants identified four: eliminate epidemic-style attacks (viruses, worms, email spam) within 10 years; develop tools and principles that allow construction of large-scale systems for important societal applications -- such as medical records systems -- that are highly trustworthy despite being attractive targets; develop quantitative information-systems risk management to be at least as good as quantitative financial risk management within the next decade; and give end-users security controls they can understand and privacy they can control for the dynamic, pervasive computing environments of the future. They haven't written the final report yet (due in early 2004), but they've already told Congress about it. Sounds like they've got a lot of work to do.

buxton writes "The Economist is running an interesting story which overviews the current global situation on internet security in hackers, terrorism, worms & virii, Microsoft's 'monoculture', and a bunch of other interesting points. Some nice suggestions made by big names in the software industry have been included, such as creating more easily traceable methods of people (i.e. trying to eliminate online anonimity) as a method of preventing hackers. One suggestion which I thought was partictularly interesting involved a bounty system whereby a price would be put on 'hacker's heads', incentivating other hackers to go after them and bring them forward."

mindsuck asks: "As of this Wednesday, my ISP blocked my port 25, leaving my mailserver useless to the outside world as a consequence of spammers and their nasty worms. So I decided to ask the nice people of Slashdot. What can I do now to restore my smtp service, besides changing ISPs, is there a obscure way to run a mailserver off a non-standard port? What about services similar to those provided by dyndns.org for this kind of situations? Pros and Cons of using this services? Should I move my MX to a more 'stable' server than my homegrown one?" This topic was last touched upon in this article, from 2002. It's been over a year since SMTP blocks have become commonplace. Have you noticed a slowdown in your SPAM? Are ISP SMTP blocks really helping the problem? Updated: It looks like Charter is also blocking SMTP. Might there be a way to work with your ISP to get them to unblock port 25 for you, if you can sufficiently satisfy them that you are not a spammer?

Rathumos writes "The network security world has been waiting patiently for a definitive study of internet worms and defenses against them. Defense and Detection Strategies against Internet Worms by Dr. Jose Nazario has arrived to fill that space with a clear and concise analysis of the current state of worm defense." Read on for the rest of Rathumos' review.