This article was pubished on 8-8-2005. Thinking this article might be usefull. I go to the source SpamButcher which sells yet another anti-spam application for only $29.95. Which I am sure it is as good as any though I did not test it. Since SpamBayes is my personal choice as it is a plug-in to the outlook client and is free. I was still interested in the article none the less it might prove useful.

The article starts with this quote. "This document is intended to help people with relatively little networking experience identify if they have a spam zombie problem and provide some basic strategies for dealing with them."  Let's cut to the chase, and find how we can get rid of the bad guys.

So, what should you do?

1. Disconnect the system from the network - do this now!
2. Backup any important data (just get your data- try to avoid copying any installers or executables that could've been the source of the zombie or exploit)
3. Format all drives

This may seem a bit extreme, but is generally a good idea. The best practice in any situation you've had a security compromise that you can't account for 100% is to "level" the computer in question."

We can make it much simplier than a five page article. The statement was that there are millions of hacked and zombied sytems. Everyone who has an infected computer format and start from scratch. Also don't worry about a backup just reinstall everything from scratch. This way you can be certain you are not inserting mal-ware. Also make sure you do the same for all the infected machines in your LAN. Inject dry humor here.

I personally view having to format your disks as a a bit of a pain. So can we look at the menu again, perhaps another option?

Online criminals trying to pry passwords and other sensitive information out of companies have started using phony e-mails that look as if they were sent from powerful executives of the targeted organizations, experts said yesterday.

Known as "spear phishing," the technique is an ingenious wrinkle on the "phishing" e-mail scams that try to trick consumers into giving up bank-account information and other sensitive details that can be used in identity theft.

Businesses are typically reluctant to publicly disclose when they are the targets of online attacks, but online security company MessageLabs Inc. said in June that it has seen the tactic grow steadily during the year to the point where it now sees one to two spear-phishing campaigns a week.

Rather than posing as a bank or other online business, spear phishers send e-mails to employees at a company or government agency that appear to come from a powerful person within the organization, several security experts said.

Unlike basic phishing attacks, which are sent out indiscriminately, spear phishers target only one organization at a time. Once they trick employees into giving up passwords, they can install Trojan horse programs or other malicious software to ferret out corporate or government secrets.

Spear phishing can be devastatingly effective even among employees who are aware of online threats.

At the U.S. Military Academy in West Point, N.Y., several internal tests found that cadets were all too willing to give sensitive information to an attacker posing as a high-ranking officer, said Aaron Ferguson, a visiting faculty member there.

"It's the 'colonel effect.' Anyone with the rank of colonel or higher, you execute the order first and ask questions later," he said.

Cadets in more recent tests have been somewhat more likely to report the messages as suspicious as awareness has grown, he said.

CUPERTINO, Calif. - August 16, 2005 - Symantec Corp. (Nasdaq: SYMC) today announced that it has signed an agreement to acquire Sygate Technologies, a technology leader in endpoint compliance solutions. Sygate’s technology will complement Symantec’s presence on the endpoint to create a holistic solution to address the security, compliance, and remediation requirements of today’s large enterprises. The acquisition is expected to close shortly after receiving customary regulatory approvals.

"Securing the ‘endpoints’ of a corporate network is a challenge that affects all enterprises," said Chris Christiansen, vice president of security products and services, IDC. "Companies are looking for integrated offerings that can both protect the network and ensure that endpoints are compliant with security policies. This acquisition will give customers a complete endpoint compliance solution while helping to reduce complexity and cost."

Endpoint compliance solutions help enterprise organizations enforce security by guaranteeing that all devices connected to a network – desktops, laptops, servers, and mobile devices – are running the appropriate security solutions, are configured correctly, and possess up-to-date patches. Symantec will now be able to help businesses enforce business policies and automate security practices to regain control of network security, reduce costs, and ensure compliance across the organization.

“It is critical to have an endpoint compliance solution that will allow companies to leverage their existing IT infrastructure to control the myriad devices connecting to the network,” said Enrique Salem, senior vice president, Security Products and Solutions at Symantec. “A recognized leader in endpoint compliance, Sygate provides the first universal network access control system designed to protect the entire enterprise network – from mobile devices to servers to unmanaged devices. The fact that their technology is built on industry standards means that companies don’t have to implement expensive infrastructure changes to deploy this solution.”

Original release date: 8/19/2005
Source: US-CERT/NIST

Keyloggers are one of the most dangerous spyware parasites.

Activity of these usually small malicious programs is really catastrophic. Although keyloggers do not destroy the operating system or installed software and don't corrupt files, they steal the most valuable user information, including all the passwords, login names, everything written in priceless documents, every letter in a chat conversation or e-mail message.

A typical keylogger not only records all keystrokes, but also captures screenshots of user activity, logs software usage, exact addresses of visited web sites, even mouse clicks and time when the user turns off his computer and sends all quietly sends gathered data to a predefined e-mail address. What can be worse? Keyloggers allow the attacker to be well informed about all your secrets, current works, contacts, interests, your entire life. However, you can prevent such an intervention. In most cases keystroke capture can be revealed and avoided. In this article I will give you several advices that you should always keep in mind.

Depending upon the nature of the information gathered, each piece of spyware may function differently. Some spyware applications simply gather information about a user's surfing habits, purely for marketing purposes, while others are far more malicious. In any case, the spyware attempts to uniquely identify the information sent across a network by using a unique identifier, such as a cookie on the user's hard disk or a Globally Unique Identifier (GUID). [ref 2] The spyware then sends the logs directly to a remote user or a sever that is collecting this information. The collected information typically includes the infected user's hostname, IP address, and GUID, along with various login names, passwords and other keystrokes. " Full article "

The National Institute of Standards and Technology (NIST) has unveiled its mega-database, otherwise known as the National Vulnerability Database. The NVD will issue daily updates of viruses that are wrecking havoc on popular software products and post notices on security trends.

The database was created as a means to warn users about security threats both big and small, according to a report in SecurityFocus.

NVD is a comprehensive cyber security vulnerability database that integrates all publicly available U.S. Government vulnerability resources and provides references to industry resources. It is based on and synchronized with the CVE vulnerability naming standard.

When Zotob infects a computer, it attempts to deliver a malicious file, which is named differently depending on the variant that has infected the computer. If your computer has been infected, this file will be present and your registry will show changes. Use any of the following methods to check for infection. (If you find the file, you do not need to check the registry, and vice versa.)

Learn More about the Malicious File

So many times I get the question about putting a large disk in a windows box that is not seen as the proper size. Whether it is windows 2000 or XP we can point you to the proper page at MS but after that you are on your own. If you are terrified by regkey edits call someone who can do this for you.

XP   http://support.microsoft.com/default.aspx?scid=kb;en-us;303013

Sterling Energy Systems announced an agreement with Southern California Edison on Thursday to build a solar power facility capable of generating 500 megawatts of power. It will be installed over 4,500 acres in the Mojave desert north of Los Angeles.

The system calls for the installation of the company's 37-foot-high dishes which reflect sun into a tube of a Sterling engine where hydrogen is kept. The heat from the sun is focused on hydrogen, which expands and creates enough pressure to turn a piston and crank shaft.

Sterling Energy Systems is testing another installation with Sandia National Laboratories in New Mexico. The Deal.com reports more on the people and business model behind the Phoenix-based start-up.

More commonly used solar installations use photovoltaic cells to convert the sun's energy to electricity.

Meanwhile, FedEx turned the switch on a large solar installation in Oakland, California last week. According to an article in RenewableEnergyAccess.com, the FedEx-owned installation will 904 kilowatts of electricity and be the largest corporate-owned solar installation in California.

Apple executives insisted that Mac OS X would only run on x86 chips used in Apple-developed hardware. Intel PCs distributed to Apple developers with the x86 version of Mac OS X used a security chip to prevent developers from copying Mac OS to other Intel PCs, according to several reports this week from Mac enthusiast sites.

However, several enterprising hackers have figured out ways to bypass the security chip and run the developer's version of MacOS for x86 on any x86-based PC, according to a posting on the Web page of The OSx86 Project. Posters on that site, as well as other sites within the Mac community, claim to have used the instructions to run Mac OS X on their Intel or AMD PCs, with some posting pictures and videos of x86 PCs booting Mac OS X.

The process requires a copy of Mac OS X version 4 (Tiger), VMware's virtualization software, the PearPC emulator that can run operating systems written for PowerPC on any architecture, Apple's Darwin 8.0.1 software, an x86 processor that supports SSE2 (Streaming SIMD Extensions 2), and two files created by an independent developer that can be downloaded using the BitTorrent file-sharing system.

As of Friday afternoon, detailed instructions were available in a wiki created by The OSx86 Project. Another site had posted instructions for installing Mac OS X without using VMware's software.

Simply the most different cooler design seen to date. "More Details" from Tom's   More details "Digital Daily"

A structure like that is already a good radiator which can be successfully used for passive cooling of a low power-consumption processor (e.g. I used Athlon 64 266x4 (Winchester core) with the Cool'n'Quiet enabled, at Vcore = ~1.0V). Very few users would dare for an experiment like that, so most are more interested in the nominal operation mode of StarIce cooler.

Officials at Sunbelt Software, a Clearwater, Fla.-based vendor of antispyware tools, said the company stumbled upon a massive ID theft ring that is using a well-known spyware program to break into and systematically steal confidential information from an unknown number of computers worldwide.

The operation was discovered yesterday during research Sunbelt was doing on a spyware program belonging to a particularly dangerous class of browser hijacking tools called CoolWebSearch (CWS), according to Sunbelt's president, Alex Eckelberry.

CWS programs are extremely hard to detect and remove, and are used to redirect users to Web sites that use spyware tools to collect a variety of information from infected computers.

The CWS variant being researched by Sunbelt turned infected systems into spam zombies and uploaded a wide variety of personal information to a remote server apparently located in the U.S. That server holds a "treasure trove of information" for ID thieves, Eckelberry said.

Sunbelt's research showed that the information being uploaded to the remote server included chat sessions, user names, passwords and bank information, he said. The bank information included details on one company bank account with more than $350,000 in deposits and another belonging to a small California company with over $11,000 in readily accessible cash, he said.

Full Article here |  Removing and detecting

101 Samples for Visual Studio 2005

101 Samples, in both Visual Basic and C#, featuring many of the new features available with Visual Studio 2005 and the .NET Framework 2.0. For more samples using Visual Studio 2003 .NET, see this download.

Download all 101 Samples: C# Version   |   VB Version

These samples have been written and tested with Beta 2 of Visual Studio 2005

MS Page Here

While Spammers might anger you and frustrate, with the daily barrage of endless garbage. We seriously doubt that murder is the right answer to the problem. In Russia though, it appears to be the answer. The image was the product of a contest urging Russians to kill the spammer in question.

Russia’s most (in)famous spammer, Vardan Kushnir, 35, was dead in his apartment in downtown Moscow on Monday, July 25. Someone repeatedly smashed his head with a heavy object, authorities say, and then ransacked his entire apartment. The authorities have obviously got no clue as to who that someone might have been.

And, as a matter of fact, they don’t seem to really care: every day between 10 and 20 people meet a violent death in Russia’s capital, and a significant part of those crimes remains unsolved (Russia’s Interior Ministry reports 1,935 unsolved murders, 73,000 burglaries and 11,400 robberies between January and May in this year alone). There is no reason for Moscow’s law enforcement officials to give Kushnir’s case any special treatment, so they most probably won’t. But the Moscow-based media is awash with comments and speculations, expounding one simple, albeit largely irrational, theory: someone (ranging from God almighty to an irate IT office worker) finally punished Vardan Kushnir for his seemingly unstoppable spamming activities.

Full Article

Frustrated with all the tag differences with XHTML and do not want to trace all the differences. This little app costs nothing and will help you quickly find the errors.

Amaya is a Web editor, i.e. a tool used to create and update documents directly on the Web. Browsing features are seamlessly integrated with the editing and remote access features in a uniform environment. This follows the original vision of the Web as a space for collaboration and not just a one-way publishing medium.

Get it here

Easy Outlook Express Repair is a utility for restoring damaged folders in Outlook Express. If Outlook Express cannot find your messages in its folders, you can use Easy Outlook Express Repair to get your messages back as well as to recover the damaged Outlook Express folders.
     If Outlook Express data files (dbx files) are somehow damaged and you cannot use Outlook Express to view the messages stored in its folders, Easy Outlook Express Repair will help you to extract messages from the damaged folders and save them to the disk. The saved messages can be viewed in Outlook Express and/or imported to any other mail client. Using the program does not require any special skills. You will recover your lost messages just in 2 steps.

More Details

Apple Computer Inc.'s neglect of the humble mouse is over. It now offers a model that's nimble.

Apple introduced on Tuesday its first computer mouse with multiple buttons, including four sensors and a tiny scroll ball. Although a departure from the company's traditional mouse, the "Mighty Mouse" looks very similar to the single-button model Apple has long produced.

The most obvious difference is the relatively tiny scroll ball at the mouse's head, which can move cursors diagonally as well as up and down across display screens and can be pressed to "click" functions.

Find out More

  Mozilla Foundation has set up a commercial subsidiary to cash in on the Firefox browser.

The open-source group on Wednesday announced a major reorganization that includes the creation of the Mozilla Corporation, a for-profit subsidiary to ride the Firefox gravy train.

Mozilla Corp., which will operate out of the Foundation's Mountain View, Calif., headquarters, has been set up as a wholly owned commercial subsidiary to generate revenues to support development, testing, and productization of the various Mozilla open-source technologies.

"The broad adoption of Mozilla Firefox has created significant economic value both in Firefox itself and in a commercial ecosystem that is developing around Firefox," Mozilla said in a statement.

Mitchell Baker, who has served for the past two years as "chief lizard wrangler" at the Mozilla Foundation, will assume the title of president of Mozilla Corp. All 36 employees at the Foundation will immediately move over to the Corporation.

Brendan Eich, a co-founder and longtime technical leader of the Mozilla project, is now the chief technical officer of the new corporation, while the board of directors will remain the same except for the addition of Reid Hoffman, chief executive of social networking service LinkedIn Corp.

"[The] purpose is not to generate a return on investment in the financial sense. It is not an investment vehicle or an IPO candidate. It is completely owned by the Mozilla Foundation," Baker said in a blog entry detailing the reasons for the reorganization.