yayasiri's Blog
Category Internet Security
If you believe what you hear in the media, there are an awful lot of viruses going around. No, I'm not talking about the make-you-sick kind of virus, though they get plenty of airtime, too. I'm talking about the kind of virus that enters via your internet connection rather than your nasal passages.
What the mainstream media often don't tell you--at least, in most radio and television newscasts and in the crucial headlines and opening paragraphs of newspaper articles-- is that many of these "viruses" are not viruses at all.
What Computer Viruses Really Are
The main reason the mainstream media always are in alarm over viruses is that they tend to call any malicious computer program a virus. In reality, there are at least eleven distinct types of malicious software, or malware, commonly affecting computers today. The most common of these are worms, Trojans, and spyware.
So, what's the difference between computer viruses and the other types of malware? The difference is that computer viruses are just about the only ones that regularly shut down computers and cause other obvious damage. The most common of the other kinds of malware--worms, Trojans, and spyware--are usually only detectable with a special scan.
The Real Danger of Computer Viruses
If the other types of malware are so unobtrusive that they can only be detected with a special scan, then what's to worry about? For starters, these programs are called malicious for a reason: they are designed to cause some kind of damage, if not to your computer, then to someone else's.
Worms are most famously used to damage, destroy, or disrupt other computer networks than the one on which the host computer is located. For instance, worms have been used by website owners to shut down rival websites by sending overwhelming numbers of requests to the computer that hosts that website. Worms have also been used to send out viruses to other computers, often without infecting the host machine--after all, what would it benefit the worm to shut down its host computer?
Trojans, in turn, are often used to insert worms and other malware on your computer, even if the Trojan itself does no damage.
But even if you don't care what happens to anyone else, you should still be concerned about one kind of malware: spyware, a kind of malware that, true to its name, collects data from your computer and sends it back to a remote host.
Most spyware is only interested in monitoring your internet usage so it can tell other programs, called adware, what advertising to popup on your computer. However, there are criminal spyware programs that steal financial data, or perform a thorough identity theft. Don't think you have personal or financial data on your computer? Some spyware programs contain a keylogger, which is a program that copies whatever you type, usually in order to snatch passwords. Even if you keep no financial information on your computer, if you ever buy anything over the web, the keylogger would allow its owner to buy stuff using the same information you typed in to buy stuff yourself.
Why Blame the Media?
Given the danger of all these different types of malware, isn't it a good thing that the mass media are becoming hysterical about it? And can't they be forgiven the sloppy reporting of calling Trojans, worms, spyware, and other malware "viruses"?
No, no, no.
This is a classic case of bad reporting doing more damage than no reporting at all. In this case, the damage bad reporting has done is to promote a common myth that goes something like this: "The only malicious software is a virus. Viruses damage your computer. Therefore, if my computer is working OK, my computer has no malicious software. I only need to scan my computer for problems when there is a sign of problems."
Thanks to this myth, many people complacently let their antivirus software go months out of date, not wanting to be bothered with scheduling an automatic update. Just as bad, many people don't have any extra software to combat the other types of malware that may not be covered by antivirus software.
In fact, it's not uncommon for people who have found malware on their computers after a scan to say, "but I never had malware on my computer before!" But how would they have known if they had never scanned!
Until the biggest mainstream media--and especially television--start educating the public about the need to have their computers automatically scanned at least daily, the world will continue to have major, drawn-out problems with malware that could have been wiped out as soon as soon as the anti-malware software makers discovered it.
And until that day, the mainstream media will have many more opportunities to run hysterical stories about "viruses," thereby forcing them to sell more newspapers and broadcast to even larger audiences of people who suck at the information trough yet somehow never become full. By: John Pawlett Article Source: http://www.expressyouridea.com
 |
| |
Fighting Spam..
Industry experts estimate that three out of every five e-mail messages that are sent today are spam.
This is not only a nuisance; it is costing us all time and money which could be better spent on productive ventures.
Bizwala is committed to fighting spam & blocks a great deal without customer intervention. Our systems are updated daily and we are always working to improve our spam filtering.
Though we may never be able to block it all, we can offer some suggestions to combat spam effectively. Q: How can I prevent spam from reaching my e-mail account?
A: People who send spam compile their mailing lists in many ways. Methods to compile such lists include:
Sending spam to e-mail addresses that are most commonly used. A common tactic consists of building lists of targeted addresses that use frequently used words such as "webmaster" or "info" (for example, "webmaster@mydomainname" or "info@mydomainname").
Obtaining e-mail addresses that are automatically "harvested" from web sites by specialized software.
Compiling lists of e-mail addresses that are either chosen or generate at random (for example, " joe1@mydomainname", "joe2@mydomainname" or "joe3@mydomainname". This method is becoming increasingly frequent.
Because spammers often send spam to undefined e-mail aliases such as aabbcc@domain.com, ccddee@domain.com, mfrds@domain.com, you can combat the receipt of spam effectively by not using a catch-all address . (The catch-all is an alias that is used to recieve mail sent to undefined addresses/aliases .)
Q: What is spoofing and how can I fight it?
A: "Spoofing" occurs when a spammer uses some version of your domain name in the "From" address field. Spammers use spoofing to try to hide their identities and to pass blame for spam to innocent Internet users. The large amount of spam messages -- many of which are sent to invalid address -- result in a significant amount of "bounced" e-mail (that is, mail that returned as being undeliverable). Unfortunately, bounced mail is sent back to the address found in the "From" line of the spammed message.
Typically, the "From" line is also an undefined e-mail address not found in your mail settings. To combat receiving bounced mail messages, you can use the "devnull" alias that we mentioned in the previous question and answer.
Q: Even if my account is not generating any spam, can the mail server I use get blocked because of spam?
Unfortunately, yes. The main cause for blacklisting your mail server depends on where the spammed e-mail is ultimately received and how the ISP who maintains that location reacts to spam and to spam complaints. Many account holders with Bizwala forward e-mail messages that are sent to there hosting account. For example, a message sent to info@mydomainname could be forwarded to myaccount@aol.com or myaccount@yahoo.com. At other times, clients may be forwarding e-mail messages to accounts that are invalid or otherwise not in use. The processing of the forwarded e-mail message is handled by the mail server that your account uses (specifically, the MTA or Mail Transport Agent). Because a Bizwala mail server is the MTA, it is possible that the mail server could be blacklisted even though you (or any other Bizwala client) is not responsible for sending the spam in the first place.
In short, you must be careful about where you forward e-mail, how you report spam, and to whom you report it.
Note: Bizwala reserves the right to terminate a client's services for violations of our Acceptable Use policy. Unacceptable use includes forwarding e-mail messages to addresses that are invalid (not within the client's control) and/or sending mail with malicious intent.
Q: How can I filter spam in my Inbox once I receive it?
First, do NOT click any links in the spam or try to reply or unsubscribe to the spammed e-mail message. Often, these links will subscribe you to even more spam lists despite the fact that those links appear to promise that you will be unsubscribed. And, as spammers are always looking for legitimate e-mail addresses to spam, replying to a spam message in any way only tells the spammer that your e-mail address is valid.
Second, some e-mail programs have built-in functionality that deals with spam that reaches your Inbox. Outlook 2000 (and newer) is one such a e-mail program.
Outlook creates a folder called Junk Mail, where you can move junk e-mail and then review it before deleting. Or, you can have junk e-mail delivered to your Inbox, but color-coded so you can easily identify it. The list of terms that Outlook uses to filter suspected junk e-mail messages is found in a file named Filters.txt.
You can also filter messages based on the e-mail addresses of junk and adult content senders, allowing you to move or delete all future messages from a particular sender. You can review the Junk Senders list and add and remove e-mail addresses from it.
If you do not use Outlook 2000 or higher, please refer to your mail program's help files for any information related to spam filtering.
Q: Are there any low cost programs out there that I can install to help filter the spam?
A: Yes. There are many programs available that use a variety of methods to help e-mail end users filter spam. Effective spam prevention should include client-side software (that is, software that is installed on your local computer). Below are some links that you may want to visit:
Cloudmark Safety Bar: http://www.cloudmark.com
Realize that there are many products on the market that you can install on help filter spam. However, as we are not affiliated with the vendors or authors of those products, we cannot specify which of those products would work best for your specific situation. We ask that you "do your research" in order to locate which product is best for you.
Q: The spam that is reaching me is being sent to defined e-mail accounts. What can I do about it?
A: If any of your defined e-mail addresses are receiving too many spam messages, it may be well worth it to you to change your e-mail address. For example, if "info@mydomainname" is the recipient of too much spam, it may be a good idea to delete "info@mydomainname" in favor of "information@mydomainname. We realize that this may be a tough decision, but such an action could be a huge benefit as it would immediately reduce -- if not entirely eliminate -- the amount of spam that you would be receiving at your e-mail address.
Q: How can I prevent my e-mail address from being added to spammer's mailing lists?
A: As mentioned above, spammers use a variety of methods to compile lists. We have created a help document that will give you some useful tips about how to prevent your e-mail addresses from being added to lists.
Protect Your Privacy
If you plan to enter your information to any Web site, please review the Terms of Service and Privacy Policies of the Web site. If the policies do not clearly indicate what will be done with your information, you should reconsider posting any details to that Web site.
Publishing Your E-mail Address on Your Web Site
Instead of having a simple "mailto" link on your Web site, such as "Please e-mail me at joe@example.com," consider using an approved form mail script that allows Web site visitors to fill out a form to send you e-mail. Bizwala offers such a script free of charge. This will help prevent e-mail address harvesting robots and other spammers from capturing your address. email support@bizwala.net if you need assistance in setting up a spam deterrent form mail
Member Profiles
Try to stay away from creating and posting a member profile, on any Web site, for others to see publicly. Spammers are always reviewing such information for new e-mail addresses.
Product Registration
Many of us register products online. Many times the product registration form has options pre-selected that enable the company to solicit you by e-mail, even though you may not want it. Be sure to review the options you are selecting and any options that may have been selected for you by default.
Posting to a Newsgroup
Never post anything to a newsgroup with your real e-mail address. Consider cloaking the address or using a "disposable" e-mail address. Consider creating and using an e-mail address from one of the free e-mail address providers.
Do Not Reply to Spam or an Unsubscribe Request
Never reply to a piece of spam or request to be unsubscribed. Your reply confirms that your address is working and provides the spammer the opportunity to add your address to their list or sell it to another entity. This actually helps facilitate more spam.
Report Spam
An effective way to help prevent spam is to report it to the ISP or mail administrator where the spam originated. Such reports help ISPs to identify the user or users who sent the spam. Report the spam, including full headers from the spam, to the ISP abuse department or postmaster e-mail address.
Federal law strictly limits the information that online service providers may disclose about their users. However, e-mail messages do contain some information about the sender.
E-mail headers contain an Internet Protocol (IP) address that corresponds to the sender's Internet service provider (ISP). A line in the e-mail message contains an 8 to 12 digit number, separated by periods. For example: "Received: from [123.456.78.91] by . . ." The "123.456.78.91" represents the ISP's unique IP address for the sender. Most spam headers have multiple "Received: from" lines. If the e-mail message has not been forged then, in general, the first such line from the bottom is the true origin of the spammed message.
After you identify the IP address, you can search to determine which ISP provides this person with Internet access. A Web site that attempts to determine the actual computer with that IP address is located at http://www.arin.net/whois/index.html
-Article written by
Wendy Jo McLeod
Spam solution providers
Article Source: http://www.myarticlepub.com - Free Reprint Articles
|
| |
Spam has rapidly evolved from simple e-mails to a contagious “epidemics”. The impressive volume of spam often prevents the good development of any e-mail based activity and, in most of the cases, behind these unwanted messages stands the attempt to attack electronic intimacy, such as viruses or phishing exploits. Most Internet browsers come with free anti spam tools, which are also very competitive.
Programs dealing with anti spam are a thriving area of activity, as spamming has become one of the most often encountered problems in using electronic mail. A spam filter is the best solution against these unwanted mail messages. Its purpose is simple, that is to separate spam from important e-mail messages and condense it in a different folder. Large amounts of spam can overload the user’s e-mail account and decrease work productivity. Of course, this is far from being a desirable situation. In an attempt to decrease the damage done by spam and phishing, besides anti spam programs, Microsoft has become partner with some of the most reliable companies specialized in such programs. Their task has become the reporting of constant updates of different sites known for phishing traps. These pieces of information are to be included in a significant number of Microsoft applications.
It is obvious that anti spam programs, anti phishing programs and programs that act as a spam filter are becoming more and more necessary in these times when communication by means of the Internet has become essential for all fields of activity. E-mail spamming is particularly harmful if you think about large corporations that have to deal with thousands of spamming electronic letters per day.
Just imagine how much it costs them to hire employees to waste such a long time with verifying e-mails that are only “garbage”, so to speak. Think about the time it takes to enter your Inbox and then open an e-mail and realize it is all just spam. Of course, you will not read it entirely, but it still wastes about 5 to 10 seconds of your work time. Now multiply that time with thousands of e-mail spamming flooding corporate Inboxes and you will get a view on the amount of work, time and money wasted with them.
A spam filter can be easily created by selecting a certain word that, if found in the subject area of the e-mail, automatically delivers it to the spam folder. Although spam is often a means of online marketing – at least to some people’s concern – most of the people who encounter it consider it annoying and useless, because it is a time-wasting, mail-flooding activity, which simply gets in the way of any regular program. This is why they employ filters and anti spam applications in order to keep their work safer.
In short, spam refers to electronic junk mail or junk newsgroup postings. Some people define spam even more generally as any unsolicited e-mail. In addition to being a nuisance, spam also eats up a lot of network bandwidth. Because the Internet is a public network, little can we done to prevent spam, just as it is impossible to prevent junk mail. However, the use of a spam filter in e-mail programs is advantageous for removing most spam sent through e-mail. By: Ckint Jhonson
|
| |
With basic authentication, your server has identified who the client user is by means of a user ID and password. How sure can you be that the user really is who he claims to be? To answer this you have to consider the ways in which the ID and password may have been compromised: The user may have voluntarily given the ID to another person. The user may have written down the ID, and someone may be using it without his knowledge. Someone may have guessed the password. Someone may have intercepted the user ID and password between client and server systems. The first three possibilities are problems which occur in any password-based system. The normal response to such issues is to suggest better user education and password rules. This is quite reasonable, and can be effective within a single enterprise, where you have some control over the users of the system. It is much less effective in the Interne environment, where the users can come from many backgrounds and locations. The last possibility is dependent on the level of protection given to messages by the HTTP protocol. We mentioned at the start of the chapter that base64 encoding is used to protect the user ID and password. The base64 encoding system is described in the Multipurpose Internet Mail Extensions (MIME) standard (RFC1521). It is intended as a mechanism for converting binary data into a form that can be sent through mail gateways, some of which can only handle 7-bit ASCII data. The result of this conversion is to mask the contents of any text string but, although it looks as though the data is encrypted, the protection that Base64 provides is an illusion. We will illustrate this with an example. In order to crack a message, the hacker first has to be able to capture it. There are various ways to do this through hardware and software and none of them are very difficult. What is more difficult is finding a suitable point to make the trace. There are numerous techniques that a hacker can use to divert Internet traffic through his own tracing system, although they are becoming more complex as firewalls and routing controls become smarter. Nonetheless, we can assume that this is not an impossible task for a determined hacker. For our example we used the DatagLANce LAN analyzer to capture an HTTP packet packet that contained a request including a basic authentication header.
|
| |
Another method of controlling access to the server is to use access control list (ACL) files. These are files named .www_acl which reside in the directory of the files to be protected. ACL files can be used in two ways: As a secondary form of access control, on top of the protection offered by protection directives in the http.conf file. As the sole form of access control. You still need Protection and Protect directives, because they define the password file to use and the directory to protect. However if you code the following line in the Protection directive, the Mask entries in it will be ignored, so long as there is an ACL file in the target directory: ACLOverride On An ACL file consists of a series of lines of the form: file : method : user_or_group The file specification can contain wildcards (*) in the same way as the definitions in the Protect directives in the configuration file. The methods supported are also similar to those found in Protection directives, but without the suffix Mask. The user or group specification is exactly the same as in a Protection directive. We will illustrate this with an example. We have a password file (D:\WWW\httpd.password) containing two user IDs, bob and alice. In our httpd.cnf file we have the following Protection and Protect directives: Protection BOB { ServerID Myserver Authtype Basic GetMask A11(*) ACKIverrude On PasswdFile D:\WWW\httpd.password } Protect /bobstuff/* BOB Notice that we are assigning the protection to all files below the /bobstuff subdirectory (in fact, this maps to D:\usserv\bobstuff on our OS/2 server because of the catchall Pass directive). We now create a .www_acl file in the bobstuff directory containing the following lines: *.html : GET : A11(*) *.html : GET : bob Now, user ID alice can retrieve any files with extension html, but only bob can retrieve files with the special extension, html. Any file with a different extension (neither html or htmx) will not be accessible because there is no ACL entry to match it. If we had no specified ACLOverride On in he configuration file , this would not be so.
|
Recent Posts
Top Posts
Recent Comments
Categories
Archive
Syndication Tools
|
|
