Spyware, Viruses, & Security forum

General discussion

News - Oct. 7,2004

by Brent Welch / October 6, 2004 11:38 PM PDT

Microsoft: Firewalls are failing to keep out hackers

Firewalls aren't doing a good enough job of protecting corporate networks, according to a Microsoft security expert. Speaking in London on Monday at a technical briefing on the need for next generation firewalls, Microsoft security technology architect Fred Baumhardt outlined some of the gaps that traditional firewalls are leaving open.

"We are all bloody lucky that something hasn't obliterated IT on earth," said Baumhardt. "Firewalls are like ******** routers. They just look at the ports, sources and destinations they like. If a train comes from Gare du Nord [Paris] to Waterloo [London] via Eurostar you allow it to enter the country because you trust it. That's what firewalls currently do. They don't check to see if al-Quaeda is riding inside."

Ports allow certain types of Internet traffic to travel if they correspond with the correct port number. For example, HTTP runs on port 80 and is often regarded as a trusted port, and left open. In the past firewalls have often worked on this basis, without checking the content of traffic. But Baumhardt called for IT professionals to ensure they had better equipment.


Discussion is locked
You are posting a reply to: News - Oct. 7,2004
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: News - Oct. 7,2004
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Noomy.A virus spreading via chat rooms
by Brent Welch / October 6, 2004 11:40 PM PDT
In reply to: News - Oct. 7,2004

Security experts have warned internet users to update their antivirus systems to protect against a newly discovered worm dubbed Noomy.A, which "could represent a new trend in malicious code techniques".

PandaLabs said that, although this sophisticated and dangerous worm has not yet spread significantly in the wild, it has a series of unusual but potentially effective characteristics to propagate itself through Internet Relay Chat (IRC).

Written in Visual Basic, the worm creates an HTTP server on affected computers and generates a large number of files containing copies of its code. The names of these files, designed to tempt unwary users into believing that they are software cracks, include '2004serials.pif', 'Ageofempires2crack.exe', 'AgeOfMythologyISO.exe' or 'AnaKurnikovaVirualGirl2004.scr', among many others.


Collapse -
US seeks to fine spyware makers
by Brent Welch / October 6, 2004 11:41 PM PDT
In reply to: News - Oct. 7,2004

The makers of programs that secretly spy on what people do with their home computer could soon face hefty fines. US legislators have overwhelmingly backed a proposal to impose penalties on the creators of so-called "spyware".

These programs gather information about browsing habits, passwords and credit card details and some even turn home computers into spam relays. Later this month a second spyware bill is being debated that criminalises secret spyware installations.


Collapse -
Security concerns put MSN Messenger 7 beta on hold
by Brent Welch / October 6, 2004 11:44 PM PDT
In reply to: News - Oct. 7,2004

Microsoft has suspended the beta testing of the next version of its MSN Messenger client because of a potential security problem, a company spokeswoman said Wednesday.

Testers discovered a potential security issue in the early version of MSN Messenger 7 shortly after Microsoft made the instant messaging client available to a select group of testers over the weekend, according to postings on MSN Messenger enthusiast Web site Mess.be.

The problem lies in a new MSN Messenger feature dubbed "winks" that allows users to send each other sound animations. The feature can be abused to overwhelm a user's system, according to Mess.be.

The company has decided put the test on hold and pull the software while it looks into the issue. It will make available a new version of the client, one without the winks feature, probably some time next week, the spokeswoman said.


Collapse -
Upcoming Service Pack Doesn't Change Much -- And That's Good
by Brent Welch / October 6, 2004 11:46 PM PDT
In reply to: News - Oct. 7,2004

All the emphasis right now is on Windows XP SP2 -- and rightly so. But there's another Windows service pack just around the bend, and if early indications are accurate, Windows Server 2003 SP1 shows how far Microsoft has come in terms of OS security.

There are many changes in SP1, currently scheduled for release in the first half of next year. They include the biggest security enhancement, the Security Configuration Wizard (SCW). The SCW will be able to determine what role a particular server plays on a network, and turn off all non-essential services on that box, considerably tightening up its security.

That's a nice feature to have, along with some of the other enhancements. But it's safe to say that Windows 2003 SP1 isn't an essential upgrade -- and that's a good thing, believe it or not. It's a mantra in the IT world that you don't upgrade OSs (at least Microsoft OSs) until at least the first service pack is released. The belief is that the service pack will squash the big bugs and unravel the major kinks, making it safe for data centers.


Collapse -
Will Microsoft Makes Its Browser Better?
by Brent Welch / October 7, 2004 4:26 AM PDT
In reply to: News - Oct. 7,2004

The success of alternative browsers such as Mozilla Foundation's Firefox may ultimately have an unexpected side effect. It may be causing Microsoft to be more aggressive in leveraging its dominance of Internet client software, says Marc Andreessen, one of the founders of the browser company that Microsoft beat out in the late 1990s, Netscape Communications.

After Internet Explorer surpassed Netscape as the dominant Web client, browser innovation at Microsoft "pretty much stopped in 1998," Andreessen said during a session at the Web 2.0 conference in San Francisco this week.

Increasing pressure from alternative browsers such as Firefox and Opera will ultimately cause Microsoft to take a second look at the browser and how it can better be used to leverage Microsoft's monopoly, Andreessen says.

"Microsoft is certainly going to respond competitively to these things. I can guarantee that," he says. "I think that it is quite possible that this is going to get very interesting over the next two or three years," he says.


Collapse -
Inverted Firewall Prevents Rapidly Propagating Worms And
by Donna Buenaventura / October 7, 2004 6:24 AM PDT
In reply to: News - Oct. 7,2004
Popular Forums
Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?