 |
Modemsite's Forum56 - The Modem Board Main | profile | register | search | help | Ad-free Login |
| Forums | Chit-Chat | US-CERT warns against use of Windows IE | Thread Closed |
| Author | Topic |
| mainbuss Tl Posts: 145 USA | Posted - 7/1/2004 2:00:09 AM    Edited by - mainbuss on 7/10/2004 9:48:36 PM |
| charles Tl Posts: 5879 USA | Posted - 7/1/2004 10:00:06 AM I would like to know if this is on all OS and would a pop up blocker stop this? Another good reason to have a good firewall but do not rely on the default settings.Read all the information on your firwall set up to make it more secure. One thing that will help in Sygate is to go to Application,right click the app,go to advance,take the check out of act as sever.Go down the list and do all app this way,if you have a connection problem with a app in this setting you can go back and change it or set up it own advance rules. When your done check the traffic log and you will notice that most incoming pings have been blocked. In advance rules you can block ports that are use to infect your system. |
| v.Richard Tl Posts: 6222 USA | Posted - 7/1/2004 6:48:55 PM  I think the latest problem is OS-independent - problem will occur if using IE. I recommend the Firefox browser - tabbed browsing is really good. I use it almost exclusively now. Aloha! Richard. |
| mainbuss Tl Posts: 145 USA | Posted - 7/2/2004 2:00:02 PM Edited by - mainbuss on 7/10/2004 9:14:16 PM |
| mainbuss Tl Posts: 145 USA | Posted - 7/2/2004 5:54:40 PM Edited by - mainbuss on 7/10/2004 9:15:34 PM |
| charles Tl Posts: 5879 USA | Posted - 7/3/2004 1:24:04 AM For those that still want to use IE be sure to check windows update or you can add the fix below.Thanks for the info Richard will check it out. http://www.microsoft.com/security/incident/Download_Ject.mspx For other OS like 98 check this page. Also might want to add the pop up blocker.
|
| mainbuss Tl Posts: 145 USA | Posted - 7/3/2004 3:24:17 AM Edited by - mainbuss on 7/10/2004 9:16:07 PM |
| charles Tl Posts: 5879 USA | Posted - 7/4/2004 11:37:52 PM Been working on locking this system up,this is the results using IE. Your Internet port 139 does not appear to exist! One or more ports on this system are operating in FULL STEALTH MODE! Standard Internet behavior requires port connection attempts to be answered with a success or refusal response. Therefore, only an attempt to connect to a nonexistent computer results in no response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents advanced computer and port stealthing capabilities. A machine configured in this fashion is well hardened to Internet NetBIOS attack and intrusion. Unable to connect with NetBIOS to your computer. All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet. (Had to do some work on ICMP traffic.) Port scan on all ports. Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice. (again did some changing the way ICMP allows incoming packets.) Determine the status of system's first 1056 ports. Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice. Have some work to do on IE sending info with URL request and search engine request. http://www.microsoft.com/technet/community/columns/cableguy/cg0204.mspx
|
| mainbuss Tl Posts: 145 USA | Posted - 7/5/2004 8:51:29 AM Edited by - mainbuss on 7/10/2004 9:19:58 PM |
| charles Tl Posts: 5879 USA | Posted - 7/5/2004 10:28:36 AM It is best to use a hardware firewall and a router,might come a day when these will be standard on all PC. |
| charles Tl Posts: 5879 USA | Posted - 7/5/2004 9:29:24 PM I don't think you realize in you last post you include a link in which the author agrees with the "computer industry security experts" to "stop" using Internet Explorer. Do you agree with this or just overlooked it. Its his opinion not mine. I knew of his idea of using IE just posted for the info not to back mine up.I was in to hacking myself in my younger years but gave it up but we were more into fixing and setup of hardware.Some of my friends turn into some good program writers.I will not give in to this and since my 4 children are all married and on there own I will spend more time on this. The biggest problem is that people just want to use there pc and not spend hours setting one up to be secure online.Microsoft even came up with the idea that if someone did not install the updates it would shut them down or set the pc up to force the updates.Most of the port pings that I am getting are from home pc that are infected and they do not have any idea what is going on. I try to let some of them know about there system. If I get a hit there is a email sent out to them. Sometime I get a reply for help.With all the info on firefox and how safe it is the virus writers are going to try this software with a vengeance.Just give them a dare and they will work on this day and night untill it is broken.
http://www.theeldergeek.com/index.htm http://www.windowsstartup.com/wso/browse.php |
| charles Tl Posts: 5879 USA | Posted - 7/6/2004 9:16:06 AM This problem they are talking about has been around for a long time.Nothing new here ,these holes always have been a hackers best tool to get in a system.Microsoft's configuration change blocks the ability of the ADODB.screen ActiveX component to write to the PC's hard drive. ActiveX, which adds interactivity to Web sites viewed with Internet Explorer, has long been thought to have security issues. Though written configuration hardening instructions have been available online for a while, it's nice to finally see this particular security tweak in Internet Explorer distributed to the masses.What Microsoft fail to say in this update is that this has to with a keystroke logger and it is tied to MDAC. |
| charles Tl Posts: 5879 USA | Posted - 7/9/2004 2:59:26 AM It is all ready starting. http://news.com.com/Security+hole+found+in+Mozilla+browser/2100-1002_3-5262676.html?tag=nefd.top |
| mainbuss Tl Posts: 145 USA | Posted - 7/9/2004 5:01:47 AM Edited by - mainbuss on 7/10/2004 9:22:30 PM |
| charles Tl Posts: 5879 USA | Posted - 7/9/2004 9:37:35 AM You base this post on a perfect world and most people use Microsoft products such as windows and if they have a problem setting it up secure it will trail with them in other OS or browers.Mozilla, Firefox and Thunderbird browsers and linux need more user input and will make most user think they are safe now but are not.These problems will always be with us so running from them will not fix it. They will not get the updates for there system also. your point is what, moot Do not know what moot means but not tring to make any point here on this site. This info that I post is just that info for others to read.
|
| mainbuss Tl Posts: 145 USA | Posted - 7/10/2004 3:32:58 AM Edited by - mainbuss on 7/12/2004 7:09:35 AM |
Click Here To Close Thread, Administrators & Moderators Only.
Show All Forums |
Thread Closed