You are currently browsing the archives for the Patches category.
| S | M | T | W | T | F | S |
|---|---|---|---|---|---|---|
| « Jul | ||||||
| 1 | 2 | 3 | 4 | 5 | 6 | |
| 7 | 8 | 9 | 10 | 11 | 12 | 13 |
| 14 | 15 | 16 | 17 | 18 | 19 | 20 |
| 21 | 22 | 23 | 24 | 25 | 26 | 27 |
| 28 | 29 | 30 | 31 | |||
- Acceptable Use (1)
- Administration (2)
- Beta Versions (1)
- Computers (10)
- drive imaging (1)
- e-mail (1)
- eKarma (1)
- email (1)
- File Recovery (1)
- honesty (1)
- integrity (1)
- Malware (5)
- Monitoring (1)
- Networking (7)
- patch testing (1)
- Patch Tuesday (1)
- Patches (2)
- peripherals (1)
- Power Failures (1)
- Power Supply (1)
- Power Surge (1)
- remote support (1)
- Software (2)
- Surge Protectors (1)
- Trojan (5)
- Troubleshooting (6)
- Uninterruptible Power Supply (1)
- UPS (1)
- Virus (5)
- Worm (5)
- 15. July 2008: Aliens Working for McCain Campaign?.... Film at Eleven !
- 10. July 2008: Another "Day Zero" Balancing Act...
- 2. July 2008: Oh what tangled webs we weave...(sub-title: Flame Bait)
- 27. June 2008: Opps, they did it again...
- 7. June 2008: Drive-By Infections... The Innocent Suffer... The Guilty Rejoyce.
- 3. June 2008: Ah... April Showers Bring... May Flowers and June Thunderstorms!
- 29. May 2008: They shoot horses ... why not software ?
- 26. May 2008: Mouse Tails
- 23. May 2008: These Days, Malware Plays Hide 'n Seek
- 23. May 2008: What goes around comes around.... eKarma?
Archive for the Patches Category
Aliens Working for McCain Campaign?…. Film at Eleven !
15. July 2008 by admin.
Dang… I didn’t know that Barack Obama had an affair with Hilary Clinton… Wow…
Or, at least that was the subject line on an email I received this morning. It even sneaked through my SPAM filter, apparently unscathed.
Of course, the yellow journalists haven’t really moved their wares from the supermarket checkout rack to the world wide web… And Obama didn’t really have an affair with Hilary (I hope).
This is just the Storm Worm using sensational, or should I say ‘SINsational’ “headlines” to try and regain a foot-hold after having lost some ground during April and May as a direct result of Microsoft’s security efforts.
So if you get an email about Barack or Britney or McCain or Martians at Madonna’s, don’t become a Storm Worm statistic. The hackers who wrote the malware with its hundreds of variants are really good at exploiting human weaknesses.
Some examples of the headlines:
“Beijing Olympics canceled due to terrorists’ dirty bomb threats.”
“Oil actually less than $75 a barrel.
“Scandal rocks Obama campaign as sex video is leaked.”
“Jessica Simpson found dead in bathtub.”
The security firm MessageLabs has reported that the average user is getting about 60 of these phony news releases every day. With overwhelming numbers like that, and human nature being what it is, the Storm Worm will most likely expand exponentially once again. Try not to help them.
The Storm Worm appeared on the scene early in 2007, with a sensational headline about deadly storms that hit Europe — “230 dead as storm batters Europe,” it said, offering a link to what was supposed to be the full story. The hundreds of thousands that fell for for that little trick found themselves to be the original infectees of the Storm worm.
How do you avoid becoming a statistic yourself? Simple…never ever click on a link in an e-mail, no matter how interesting it may sound. As we tell clients of my Delaware network support company; If you weren’t expecting an email and can’t confirm who sent it, DO NOT OPEN IT ! You may just create a nuisance, but you also may bankrupt your company with that one thoughtless, errant click.
If you really, really, really MUST know if Brad Pitt is the first pregnant man, go to a legit news site. If it’s all that sensational, it will be there, for sure.
Good Luck and Good Networking,
From way down in the trenches…. I’m Tom
Custom Search
Posted in Patches, e-mail, email, Worm, Virus, Malware, Trojan, Computers | No Comments »
Another “Day Zero” Balancing Act…
10. July 2008 by admin.
I feel kinda lucky I am able to write this blog entry… or at least to upload it to this site… This morning I woke up, fired up the old laptop, clicked on IE7 … and …. nothing. Everything just kept timing out.
Huh… what to do…what to do… I tried different browsers…Firefox, Opera, Safari, Polstergeist… same ole … same ole…
The first troubleshooting step I tried was ipconfig… Yep… I did indeed have a valid IP address all right, and in the right range too…huh… Let’s try… ipconfig /release; ipconfig /flushdns; ipconfig /renew… I got the same IP address I originally had and the same problem too… No web browsing happening here.
Then I tried pinging one of the web sites for my Delaware network support company; good old www.adminassociates.com …. Huh… weirder and weirder… no lost packets… ping works, so apparently the DNS server is servin’ too but still, browsers don’t work.
Then I tried disabling my Zonealarm Pro Firewall (but turned on the Windows firewall, just in case). Wow… the browser now works fine… so what’s up with Zonealarm? I looked at everything and nothing seemed out of spec. I felt it was odd since this particular firewall has never a problem for me… very reliable; very easy to configure…very trustworthy. I re-enabled Zonealarm, disabled the Windows firewall, moved the “Internet Zone” slider down from high to medium and the browser started working again. Move the slider back up and the browser stopped working again.
Like I said… weirder and weirder…so it’s definitely a Zonealarm problem, but why…What could have happened? Aha… yes… two days ago was patch Tuesday. I’ll have to Google this, but first, what else I need to find out what else is happening in my world.
I went back to my working combo of Windows Firewall on and Zonealarm off and started my email client. About the third message I received was from Microsoft talking about a major bulletin revision … not a patch revision mind you, just the bulletin:
Bulletin Information:
=====================
* MS08-037 - Important
- http://www.microsoft.com/technet/security/bulletin/ms08-037.mspx
- Reason for Revision: V2.0 (July 10, 2008): Bulletin revised to
inform users of ZoneAlarm and Check Point Endpoint Security
of an Internet connectivity issue detailed in the section
So, in the final analysis, downloading a newer version of Zonealarm (that apparently wasn’t available before today) solved my problem, but can you imagine if this happened at a corporate office with a couple hundred workstations?
I know not too many offices use Zonealarm, but what if they did? What a pain to update 200 workstations, in emergency mode (read pressure), and probably with the expectation that it would (could) be completed in one morning.
This is just another example of why all patches should be thoroughly tested on a lab unit before being put into a production environment.
Now, I became a victim by not following my own advice, but that was on my personal laptop. I create an image of the drive at least every couple of days and sync important files to my basement server so I am never in danger of losing too much, but it’s a real balancing act when you are responsible for for than your own machine.
On one hand, you want to wait for version 2 of all the patches… let someone else report the pain…and at the same time you know “Day Zero” is a real threat and today might just be that day.
I always make sure I get a really good full backup, especially on Monday nights… just in case.
Good luck and good networking !
From way down in the trenches…. I’m Tom
Custom Search
Posted in Patch Tuesday, patch testing, drive imaging, Patches, Worm, Malware, Trojan, Virus, Networking | No Comments »