A fake Facebook password reset email seems to be doing the rounds in the last few days. When and if you see this email I suggest you delete it. If you get this we can remove it for you. The Facebook password reset email says the following:
Subject: Facebook Password Reset Confirmation! Customer Support
Dear user of Facebook,
Because of the measures taken to provide safety to our clients, your password has been changed. You can find your new password in attached document.
Thanks,
Your Facebook.
Not necessarily by the meaning of the actual cost of a certain solution.
Roughly speaking, in a company, you’re paying for the actual software, for the man hours to deploy it, troubleshoot it, and work around the occasional bugs quirks, to keep it updated, and you also pay for the hardware to run it (directly or indirectly). Then you also use up more of the IT department’s time by having them monitor the whole mess. You also might be paying for support as well.
Now think about the benefit, in a world where the custom malware market is booming. It seems that you’re using all those resources to detect old stuff.
There are countless examples, essays, papers, etc. that show how easy it is, even for relatively unskilled malware writers, to make custom binaries.
Then there’s the response time, which is infinity for custom malware. Think about that.
Also, heuristics kind of contribute to the uselessness of the solution, contrary to what they would want you to believe. In an attempt to score high in the various charts, vendors ramp up their heuristics up to the point where you need to disable the solution entirely to be able to do any real work.
There are various other aspects which have been discussed over the years in great detail.
I’m not saying antivirus solutions are totally worthless. But they cost too much money and resources, while providing a marginal benefit.
It seems to me, that as a whole, you could be spending these resources on something more useful, something that actually contributes to the overall security of your assets.
The risk gets higher when you start to rely on antivirus software to protect your ass. It won’t.
Vulnerability assessment done for an organization’s network gives a report of the security status of the network. While setting up the WiFi connection in the home or in an office PC most people ignore the WiFi Security. But if you don’t secure the network path with some tools probably your neighbors will be able to browse the web using your Wi-Fi connection. If the security levels are not adequate there are hackers who will intrude into your computer system with the intention of destroying the data.
An organization might have a network which is very secured. Yet as an exercise to vulnerability assessment attacks from internal or external network are simulated and these are mapped to certain parameters. Once the security is assessed then a report to detail the security breaches is made. Several solutions and fixes and patches to these vulnerabilities in the network are also suggested. The research and development team normally discover these security vulnerabilities in the network in the company.
This vulnerability assessment of networks is required in companies due to more threats with greater severity and frequency. The assessment helps to strengthen the security of the current network against worms and virus from internal and external sources. There is need to have security solutions that are beyond core level technology to cover the entire network. The needs of the software customers is changing, the access rights, and the permissions required for software are growing, and hence assessing the network for vulnerability is extremely essential. Security compliance is a big matter of concern in the software sections of a company as much as the upgradation of the software.
It is always a rushed job to set up a WiFi connection for a home PC and one tends to ignore WiFi Security. It can take time to install the security features of the WiFi networking product and so you normally end up with a not so secured network.
To connect to WiFi networks you need an access point called a router. To set up a router normally you enter the network address and account information. Now the account information for the routers normally has username and password which can be easily decoded by the hackers. You should change these to something complex and unique to yourself to enhance WiFi Security and should employ the highest measure to save its integrity.
It is advisable to turn on the WPA or WEP encryption with lowest denominator for your WiFi messages over the web to enhance your WiFi Security. Thus the information will travel in a scrambled manner over the World Wide Web.
The default SSID for the access points and routers should also be changed to increase WiFi Security. Connecting to your neighbors open WiFi is not advisable. You might think that a free wireless hotspot is there for you to connect but then you are exposing your computer and hence this is also violation of WiFi Security.
Special software can be installed to get a real time picture of the entire networks security. A picture of conformance to IT security standards and integrity are also obtained with the help of this vulnerability assessment software. To enhance WiFi Security it is required to assign static IP addresses to devices. This can prevent internet hackers from knowing your private IP address range for your company and accessing your computer using the World Wide Web.
1. START-UP FOLDER. Windows opens every item in the Start Menu’s
Start Up folder. This folder is prominent in the Programs folder of the Start Menu.
Notice that I did not say that Windows “runs” every program that is represented in the
Start Up folder. I said it “opens every item.” There’s an important difference.
Programs represented in the
Start Up folder will run, of course. But you can have shortcuts in the
Start Up folder that represent documents, not programs.
For example, if you put a Microsoft Word document in the Start Up folder, Word will run and automatically open that document at bootup; if you put a WAV file there, your audio software will play the music at bootup, and if you put a Web-page Favourites there, Internet Explorer (or your own choice of a browser) will run and open that Web page for you when the computer starts up. (The examples cited here could just as easily be shortcuts to a WAV file or a Word document, and so on.)
2. REGISTRY. Windows executes all instructions in the “Run” section of the Windows Registry. Items in the “Run” section (and in other parts of the Registry listed below) can be programs or files that programs open (documents), as explained in No. 1 above.
3. REGISTRY. Windows executes all instructions in the “RunServices” section of the Registry.
4. REGISTRY. Windows executes all instructions in the “RunOnce” part of the Registry.
5. REGISTRY. Windows executes instructions in the “RunServicesOnce” section of the Registry. (Windows uses the two “RunOnce” sections to run programs a single time only, usually on the next bootup after a program installation.)
7. REGISTRY. Windows executes instructions in the HKEY_CLASSES_ROOT\exefile\shell\open\command “%1″ %* section of the Registry. Any command imbedded here will open when any exe file is executed.
Other possibles:
[HKEY_CLASSES_ROOT\exefile\shell\open\command] =”\”%1\” %*”
[HKEY_CLASSES_ROOT\comfile\shell\open\command] =”\”%1\” %*”
[HKEY_CLASSES_ROOT\batfile\shell\open\command] =”\”%1\” %*”
[HKEY_CLASSES_ROOT\htafile\Shell\Open\Command] =”\”%1\” %*”
[HKEY_CLASSES_ROOT\piffile\shell\open\command] =”\”%1\” %*”
[HKEY_LOCAL_MACHINE\Software\CLASSES\batfile\shell\open\command] =”\”%1\”
%*”
[HKEY_LOCAL_MACHINE\Software\CLASSES\comfile\shell\open\command] =”\”%1\”
%*”
[HKEY_LOCAL_MACHINE\Software\CLASSES\exefile\shell\open\command] =”\”%1\”
%*”
[HKEY_LOCAL_MACHINE\Software\CLASSES\htafile\Shell\Open\Command] =”\”%1\”
%*”
[HKEY_LOCAL_MACHINE\Software\CLASSES\piffile\shell\open\command] =”\”%1\”
%*”
If keys don’t have the “\”%1\” %*” value as shown, and are changed to something like “\”somefilename.exe %1\” %*” than they are automatically invoking the specified file.
8. BATCH FILE. Windows executes all instructions in the Winstart batch file, located in the Windows folder. (This file is unknown to nearly all Windows users and most Windows experts, and might not exist on your system. You can easily create it, however. Note that some versions of Windows call the Windows folder the “WinNT” folder.) The full filename is WINSTART.BAT.
9. INITIALIZATION FILE. Windows executes instructions in the “RUN=” line in the WIN.INI file, located in the Windows (or WinNT) folder.
10. INITIALIZATION FILE. Windows executes instructions in the “LOAD=” line in the WIN.INI file, located in the Windows (or WinNT) folder.
It also runs things in shell= in System.ini or c:\windows\system.ini:
[boot]
shell=explorer.exe C:\windows\filename
The file name following explorer.exe will start whenever Windows starts.
As with Win.ini, file names might be preceeded by considerable space on such a line, to reduce the chance that they will be seen. Normally, the full path of the file will be included in this entry. If not, check the \Windows directory
11. RELAUNCHING. Windows reruns programs that were running when Windows shut down. Windows cannot do this with most non-Microsoft programs, but it will do it easily with Internet Explorer and with Windows Explorer, the file-and-folder manager built into Windows. If you have Internet Explorer open when you shut Windows down, Windows will reopen IE with the same page open when you boot up again. (If this does not happen on your Windows PC, someone has turned that feature off. Use Tweak UI, the free Microsoft Windows user interface manager, to reactivate “Remember Explorer settings,” or whatever it is called in your version of Windows.)
12. TASK
SCHEDULER. Windows executes autorun instructions in the Windows Task Scheduler (or any other
scheduler that supplements or replaces the Task
Scheduler). The Task
Scheduler is an official part of all Windows versions except the first version of Windows 95, but is included in Windows 95 if the Microsoft Plus Pack was installed.
13. SECONDARY INSTRUCTIONS. Programs that Windows launches at startup are free to launch separate programs on their own. Technically, these are not programs that Windows launches, but they are often indistinguishable from ordinary auto-running programs if they are launched right after their “parent” programs run.
14. C:\EXPLORER.EXE METHOD.
C:\Explorer.exe
Windows loads explorer.exe (typically located in the Windows directory)during the boot process. However, if c:\explorer.exe exists, it will be executed instead of the Windows explorer.exe. If c:\explorer.exe is corrupt, the user will effectively be locked out of their system after they reboot.
If c:\explorer.exe is a trojan, it will be executed. Unlike all other autostart methods, there is no need for any file or registry changes – the file just simply has to be named c:\explorer.exe
15. ADDITIONAL METHODS.
Additional autostart methods. The first two are used by Trojan SubSeven 2.2.
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Currentversion\explorer\Usershell folders
Icq Inet
[HKEY_CURRENT_USER\Software\Mirabilis\ICQ\Agent\Apps\test]
“Path”=”test.exe”
“Startup”=”c:\\test”
“Parameters”=”"
“Enable”=”Yes”
[HKEY_CURRENT_USER\Software\Mirabilis\ICQ\Agent\Apps\]
This key specifies that all applications will be executed if ICQNET Detects an Internet Connection.
[HKEY_LOCAL_MACHINE\Software\CLASSES\ShellScrap] =”Scrap object”
“NeverShowExt”=”"
This key changes your file’s specified extension.
Hey Everyone,
Since there has been a huge influx of people reporting Viruses, Spyware, and Adware both here, I figured I would offer a “walk-through” of sorts to successfully remove these annoying items that plague us all. However, in this post I have made a few of assumptions.
These are:
1. You are a local administrator of your computer, and you know all of the passwords to your computer.
2. You have Internet access
3. You are able to boot successfully in to Windows XP SP3 (Latest)
4. You understand that there is absolutely no way to prevent Viruses and other forms of Malware 100% of the time.
—
So, lets begin.
First you will need to boot to Windows in normal operating mode. This is your standard operating environment. Once in Windows perform the following steps to turn off the System Restore function built-in to Windows XP. This is a useless feature anyway:
1. RClick on My Computer -> Select Properties
2. Choose the “System Restore” tab
3. Select/Check the checkbox that says “Turn off System Restore on all drives”
4. Click “Apply” -> Click “OK”
Now you will go download your prefferred removal utility. As a Systems Engineer I am constantly searching for softwares that are able to successfully remove dangerous malware/spyware. Currently, I am recommending the following softwares:
http://www.malwarebytes.org
http://www.superantispyware.com
http://free.avg.com
http://www.spybot.net
These are all free software programs. Absolutely no charge, but work extremely well when used in conjunction with eachother. Of the four software titles, SpyBot works the least and should be used last.
–
Once you have downloaded your preferred softwares you will need to install them. Once you have installed the software titles, make sure you update them to their latest definitions. When you are positive you have the latest definitions for all of your software tools shut your computer down completely.
At this point you will need to press the power button on your system to power the machine on. Once you have done so, and have received your POST beep-code begin pressing the F8 key once every second. This is most frequently found above the number 7/8 keys accross the top. After a time you will be prompted to select a Windows Startup mode. You are going to go all the way to the top, and select “Safe Mode”. Then press Enter.
*Important* At this point you will see a ton of directorys and files flood the screen, and your system will halt at the end for approximately 1-3 minutes while the safemode environment loads. This is normal. *DO NOT TURN OFF YOUR COMPUTER*
Once you have entered Safe-Mode you will be prompted with a Yes / No dialog box informing you that the computer is running in safe mode. Please Click Yes to continue running in safe mode. Then log in as the local Administrator.
Now that you are in safe mode, open the first of your preferred removal utilities. I recommend using MalwareBytes first for those of you using my recommended list. Perform a full system scan. This will take approximately 1-2 hours depending on the size of your computer, and the number of files it must scan. Once this is complete, move on to remove the items listed. Do not be concerned if any items are not able to be removed successfully. Remember: You have more software titles to run!
Now run the second of your preferred removal softwares. I recommend using SuperAntiSpyware at this time, if you are using my recommended list. Perform a Quick system scan. This will take approximately 1 hour. Perform appropriate removal.
Now run your Antivirus utility. If using my recommended tools, this will be a quick system scan using AVG Free Antivirus. This will take approximately 1 hour. Removal will be performed automatically with AVG in Safe Mode.
Finally, perform the same steps using your last scan using another alternative removal utility. This is when I would determine if I need to run SpyBot, or if I am comfortable with the results I have received with my other tools. Perform the appropriate steps for removal.
Now you can reboot your computer. I know, that was a long process but well worth it! 2-4 hours is better than rebuilding your system OS, and then having to reinstall all of your applications and drivers!
Once you have rebooted in to your normal Windows Operating environment, you can choose to re-enable the Windows XP System Restore feature I had you disable previously. I strongly recommend leaving it disabled, but some people swear up and down that stupid feature actually works. I just don’t agree.
At this time your system should be virus, spyware, and adware free! (Relatively speaking)
Remember folks: The only way to be 100% certain you will never receive Malware is to simply not use the Internet and to not allow ANYONE to touch your computer. This is usually not a viable option, particularly for gamers so BE CAREFUL!
I hope this is found helpful by at least one person.
Securing Your Wireless Network in 10 Easy Steps
Securing your wireless is as important as securing your house by locking your doors and closing windows. There are many ways how intruders and hackers can access your network, but there are also many efficient ways to prevent them. For an average home user securing the wireless network can be a frustrating experience.
Following 10 steps should make this process a bit easier.
1) Change Your Router’s Default Password
This is the first brick in your defense wall. Many users often forget to change default password, putting themselves into risk of being hacked. Also, majority of computer users choose passwords easy to remember, which can be dangerous too. It’s been suggested that you should change your router password immediately after the login. Create a strong password with a mix of upper and lowercase letters and numbers, as well as symbolic characters. Password length should be between 8 and 15 characters, or longer in length, and should not be familiar word obvious to you (such as kids or wife name, birthdays, nicknames, etc). If your wireless router requires a username, it’s a good idea to change it to another name other than the default name.
2) Upgrade Your WiFi Encryption
Side by side with changing the default router password is using encryption, which encodes the data transmitted between your PC and your wireless router. Most routers ship with encryption turned off, and many users don’t know how to turn it on, leaving themselves completely exposed to hackers.
Go with WPA or WPA2 when possible, since WEP is relatively easy to be cracked. The keys used by WPA and WPA2 change dynamically, which make them harder to hack.
If your hardware does not support WPA2, use WPA. Creating a strong shared key (PSK) will lessen the chance of attackers successfully breaking into your network. If you have older router that supports WEP only, and you’re concerned about security, you’ll be safer if you use 128-bit WEP keys. You may also consider upgrading to a new router along with your PC NIC cards.
3) Change Default SSID Broadcast on your Wireless Router
Usually, manufacturers assign identical SSID sets to their devices, and probably 80 percent of WiFi home users leave their system on the default setting and with the default name. Leaving your network SSID on default can be strong signal to hackers that you didn’t perform necessary steps to protect your network.
Change the SSID name to something other than the default immediately when you configure your LAN. This may not completely offer any protection as to who gains access to your network, but configuring your SSID to something personal, i.e. Chuck Norris Network may discourage hackers from targeting you and also differentiate your network from other “Defaults”.
4) Use MAC Addressing Filter on Your Wireless Router
If you already had an experience with unsecured networks, be sure that at least one of your neighbors used it to connect to the Internet. In order to check who has been using your network, you’ll have to check the MAC address. Many routers allow you to restrict access to known MAC (Media Access Control) addresses. Each network device, such as computer network cards, has unique MAC address. By allowing access only to predefined MAC addresses you can reduce the risk of rogue users and neighbors connecting to your home network.
Be aware that this feature is not as powerful as it may seem. While it will stop your neighbor with average knowledge or some amateur hacker, professional hackers will use advanced software programs to fake MAC addresses.
5) Change the Default Router IP Address Setting
Router manufacturers set every router with certain IP address. For example, Linksys routers are usually configured with an IP address of 192.168.1.1.
These address settings are well known and published, and can be easily discover by hackers if they find out the router manufacturer and type.
Changing the IP address during the setup process to something different than default will not secure the router, but will make any hackers guessing for the IP address. Changing this setting will automatically change the DHCP IP addresses handed out by your router to PCs with an access to your network.
6) Use a Firewall
Two important security layers are router firewall and your individual PC’s firewall. Make sure to use them both. Router firewalls come with related built in security featured which block anonymous internet requests or pings. This will help hide your presence to the internet, and thus help protect your network, making harder for hackers to infiltrate what they can’t find.
Also, it’s recommended that HTTPS is enabled for connecting to the router administration setup over your local network. Disable remote access over the Internet setting as well. If you have to use it, enable it only when needed and change the default management port setting to something other than 8080.
7) Enable and Monitor Your Wireless Access Logs
Check your logs frequently for rogue access or clients attached to the network. If you spot unknown clients connected to your network, change your WEP or WPA code immediately.
Additionally, check the status screen that shows the MAC addresses of all clients currently connected to the network, and verify if they are known devices.
Position the Wireless Router Correctly
WiFi signals usually don’t know where your house ends and your neighbor’s begins. This signal leakage gives hackers and neighbors the opportunity to find your wireless network and access it. The further your signal reaches out of your house, the easier it is for others to detect and exploit.
Make sure to position the router or access point in the center of the home rather than near windows or doors. Signal sometimes cannot pass through certain materials, so you should take that into consideration when installing the network. Mounting your WiFi in a closet may be a good idea in order to reduce signal strength.
9) Stop Publicly Broadcasting your Network
Renaming your network is a good idea, but wouldn’t it be even better if hackers didn’t know you had a WiFi setup at all? By default, your access point or router is programmed to broadcast the network name (SSID) over the air at regular intervals. While broadcasting is essential for businesses or mobile, it’s not needed at home, so you can turn it off.
Depending on your router model, you have to check the manual for your hardware for specific instructions on how to disable broadcasting for your router.
10) Turn off Your Wireless Router When Not in Use
When your router is powered off, your network cannot be compromised. Consider doing this when you go on vacation or if you won’t use you network for extended periods of time.
It’s inconvenient, but shutting down the network is effective security measure that can protect your network when you are not around to protect it from hackers.
Also, when using your laptop in public places, always turn your WiFi radio off when you’re not at a hotspot. Hackers can use it to create peer-to-peer Wi-Fi connections with your computer and access it directly.
Bonus Tips
Change your router password occasionally. Also change your PSK several times a year. Limit the maximum number of DHCP users allowed on your network to just number of PC’s in your house.
All mentioned should help you in managing your home wireless network safe and secure.
