attacks because VoIP runs continuous media over IP packets. The ability to dial in and out of VoIP overlays allows for control of an application via a voice network, making it almost impossible to trace the source of an attack. In addition, proprietary protocols - intended to protect a company's technology edge and prevent ISPs from blocking the VoIP application - inhibit the ability of ISPs to track DoS activity. Encryption for user privacy, peer2peer and a superpeer system to assist with call routing and NAT/Firewall traversal further obscure the command traffic http://www.communicationsresearch.net/news/news26jan06.html
well they are only beginning to talk and study security and unsecurity of VOIP (after selling thousands of installations to people who don't care that much about security) so what will be next ?
The new firewall will filter both incoming and outgoing network traffic, meaning that it can be used to block machines that are trying to connect to the Windows PC as well as applications on the PC that are trying to connect to other systems on the network. Microsoft is dubbing it a "two-way" firewall.
The ability to block outgoing traffic does not exist in Windows XP, but will give powerful options to Vista admins, Wilson said. They could, for example, ensure that their PCs only use a preferred instant messaging application. "If you tried a different instant messaging application, it would be blocked," he said. "It's really something that we're targeting toward enterprise administrators in corporations."
so that wasn't that hard
and the difference it can make if it is well configured..... no more rogue open attacks into networks, every pc in the network is an island
test it here with 5 stupid questions and if you can't answer them, buy a book
first it happened during 15 minutes, but that was enough for 3 people to download 600 MB of logs about the users and files of that webserver
These files were NOT encrypted.
Following the publication of some details it is clear that some users used hidden directories to place songs and other files that weren't supposed to be public. They are now in the 'public arena'.
Telenet did not really say sorry and did not announce a more thorough securityplan nor the encrypting of this kind of data.
Telenet itself did not describe the data that were lost and only reacted to publications of parts of it by one of the downloaders, so how sure can you be what is in the files ?
LiveJournal, an online community that boasts nearly 2 million active members, on Thursday announced sitewide changes for users logging into their accounts -- changes prompted by a hacker group's successful hijacking of potentially hundreds of thousands of user accounts
they say others will follow
their philosophy is here
(it is all your own fault if you become infected)
Nymex or blackworm is a very dangereous worm because it will destroy the third friday of the month all documents in normal formats as .doc, etc....
so it is important to coordinate the cleaning up operation before the THIRD of February
the Internet storm center called upon us
Blackworm infected machines reported to a 'counter' site the fact that they got infected. The TISF BlackWorm task force obtained the logs from this counter, and is notifying networks represented in the logs. These notifications will use a from address of "email@example.com" or "Randy_Vaughn@Baylor.edu". Please e-mail jullrichat/sans.org if you would like to obtain a list for your network, and have not received an automated e-mail.
Please include information to support that your e-mail address is associated with administering the respective networks, or a phone number to validate the information.
technical cleanup information is here
any connection in your logs to this site with the counter
webstats.web.rcn.net can be interpreted as connection to the virus counter
the total data package is something like that
alert tcp any any -> any 80
(msg:”webstats.web.rcn.net count.cgi request
without referrer (possible BlackWorm infection)”;
content:”GET /cgi-bin/Count.cgi|3f|”; depth:23; content:”df|3d|”;
content:”Host|3a 20|webstats.web.rcn.net”; content:!”Referer|3a|”;
classtype:misc-activity; sid:1000376; rev:1;)
http://blogs.securiteam.com/index.php/archives/229 more technical info
http://www.lurhq.com/blackworm.html a deep analysis
The Tel Aviv District Court is still hearing the case against some of Israel’s largest private investigator agencies, including Modiin Ezrachi Ltd., Zvi Krochmal Investigations, Pelosoff-Balali, and Target - Detective Work, Information & Investigations. However, prosecutors are struggling to indict the companies that ordered the business information, due to the legal difficulties in proving that they knew that the information was obtained by illegal means
and you can find more links on this page
quite amazing and alarming in fact
all economic info is critical