-
FAQ: Inside Microsoft's Client Protection
Date: 10/07/05
(Security) Keywords: security
Product marks company's entry into market for desktop security products for businesses, but not much is known about it yet.
Source: http://news.zdnet.com/FAQ%3A+Inside+Microsoft%27s+Client+Protection/2100-1009_22-5890448.html?part=rss&tag=feed&subj=zdnn
-
Slew of Windows patches coming
Date: 10/07/05
(Security) Keywords: security, microsoft
Microsoft plans to release eight security alerts with fixes for Windows flaws--and at least one hole could be used for a worm attack.
Source: http://news.zdnet.com/Slew+of+Windows+patches+coming/2100-1009_22-5890442.html?part=rss&tag=feed&subj=zdnn
-
Microsoft: Nothing to gain from Firefox flaws
Date: 10/07/05
(Security) Keywords: security, microsoft
Chinks in the armor of the open-source rival to IE don't benefit anyone, Microsoft security advisor says.
Source: http://news.zdnet.com/Microsoft%3A+Nothing+to+gain+from+Firefox+flaws/2100-1009_22-5890922.html?part=rss&tag=feed&subj=zdnn
-
A beginner question from this new member
Date: 10/07/05
(Web Development) Keywords: html, security, web
Assume:
- I am beginning to learn HTML and Flash, and I have a semi-photographic memory and a learning curve that approaches infinity over a matter of a dozen hours or so.
- I've never put up an actual website before--I've stuck pretty much to LiveJournal.
- I want to start a website (I've already registered the domain name) with the following features:
- an embedded Livejournal
- A few nice, classy, low-graphic-content text pages, some photos, and a ton of links
- the ability to handle up to a few million page views and click-throughs per day, once it gets going (yes, I'm extremely humble)
- scalable so I can add graphics and more advanced content as I go
- zero popups.
Where should I be looking for a service to host a site with these features? What's the price range I should expect (I need to start cheap now, but if it explodes I can pump in cash later)? I place a premium on security and stability, and would love to support Open Source folks wherever I can.
I know some of this might sound contradictory--like I know what I'm talking about, and then I'm a complete newbie the next sentence. I'm just getting started and would love to hear whatever anyone has to offer.
Case (yes, I'm big on literary references)
Source: http://www.livejournal.com/community/webdev/251924.html
-
Nessus creator challenging the community
Date: 10/08/05
(Open Source) Keywords: security
Nessus is a good tool, but security professionals I've talked to say it's a poor substitute for the proprietary competition. The GPL security community deserves something better, and since Deraison is tired of people freeloading on his work, that means it's up to the rest of y'all.
Source: http://blogs.zdnet.com/open-source/?p=465&part=rss&tag=feed&subj=zdblog
-
A step in the right direction?
Date: 10/09/05
(Computer Geeks) Keywords: software, security, virus, antivirus, spyware, spam, microsoft
Firstly, I just want this to be known that this isn't an anti-windows rant or anything. There is a question being posed here, I promise :P
With that said, companies like McAfee and Symantec have basically been making a living solely from Microsoft's security oversights. They've been charging people to use their software which protects those people from the vulnerabilities that Microsoft left open. The quality of these programs varies from function to function. Even then, they ignore adware since it's not considered 'malicous'. And even still, they have issues with using the same name for similar viruses. Users are faced with these same problems with any anti-virus/anti-adware/anti-whatever software they use. There is a lot of similar companies, but they don't have a common agreeance on what is and isn't a virus, or if they should detect adware. There's also the issues that come with the firewall program they install. Traffic from the internet isn't always malicious, but those firewalls can't usually tell the difference. Very few of these programs are free. None of these problems actually FIX the problem. They're only removing programs that exploit the initial vulnerabilities, leaving room for reuse value.
As many of you surely know already, Microsoft has recently released a beta version of their anti-crap (to summarize anti-spam, anti-virus, anti-adware, anti-spyware, etc) scanner and removal tool. Before that, they've included a firewall program in XP SP2. Microsoft is not charging anything for either of these programs. At least not as of yet if they ever decide to.
So, my question is this; Do you folks think Microsoft is taking a step in the right direction by adding the firewall and scanner tools? Will they do a better job than the other Antivirus vendors? Do you think maybe they are taking a step in the WRONG direction, like, why aren't they fixing the actual problems instead of covering them up? What do you all think?
Source: http://www.livejournal.com/community/computergeeks/793809.html
-
U.S. cybersecurity due for FEMA-like calamity?
Date: 10/10/05
(Security) Keywords: security
Security experts say Homeland Security's cybersecurity division ill-prepared to handle major cyberattack.
Source: http://news.zdnet.com/U.S.+cybersecurity+due+for+FEMA-like+calamity%3F/2100-1009_22-5891219.html?part=rss&tag=feed&subj=zdnn
-
MSN Video/Video conferencing through a firewall without upnp support
Date: 10/10/05
(IT Professionals) Keywords: security, microsoft
Hi,
As you may know, MSN requires upnp for video chat/voice chat to happen, I'm currently using borderware, almost all (heck, maybe all) eal4+ certified firewalls do not support upnp because its a security loophole.
however, the alternative being to open the entire udp 5004-65535 range according to microsoft's documentation...
does anyone have any suggestions?
either an alternative video conferencing tool or a solution to the firewall problem?
Source: http://www.livejournal.com/community/itprofessionals/25519.html
-
I'm considering writing an extension...
Date: 10/11/05
(Mozilla) Keywords: security
Probably the functionality I'm considering already exists and therefore my development would be pointless. I'm thinking that one should be able to click on the security icon, recieve a list of cookies that the most recent page tried to deposit along with their current status. One could then change the status as one wished, go back a page and try again. I block over 300 sites and trying to find the needed cookie/sites that are blocking my latest page access is a royal buttpain.
So whatd'ya think? Is this only useful to me? Does it already exist?
Qvacks.
Source: http://www.livejournal.com/community/mozilla/328866.html
-
Google fixes Web site security bug
Date: 10/10/05
(Security) Keywords: security
Vulnerability could have exposed some users to account hijacks, phishing scams and other attacks, security firm says.
Source: http://news.zdnet.com/Google+fixes+Web+site+security+bug/2100-1009_22-5892525.html?part=rss&tag=feed&subj=zdnn
-
Microsoft plugs Windows worm holes
Date: 10/12/05
(Security) Keywords: security
Patches fix 14 security holes in the OS, including serious ones that could be exploited for a malicious worm attack.
Source: http://news.zdnet.com/Microsoft+plugs+Windows+worm+holes/2100-1009_22-5893344.html?part=rss&tag=feed&subj=zdnn
-
CIO Jury deliberates on Microsoft security
Date: 10/11/05
(Security) Keywords: security, virus, spyware, spam, microsoft
Will Microsoft's announcement of a new security strategy to provide better virus, spam and spyware protection for corporate customers?
Source: http://news.zdnet.com/CIO+Jury+deliberates+on+Microsoft+security/2100-1009_22-5893260.html?part=rss&tag=feed&subj=zdnn
-
Symantec quietly hikes Norton renewal prices
Date: 10/12/05
(Security) Keywords: security, virus, antivirus, microsoft
People now pay more for annual subscription to Norton AntiVirus and other products. Is it a "last hurrah" before Microsoft's security push gets going?
Source: http://news.zdnet.com/Symantec+quietly+hikes+Norton+renewal+prices/2100-1009_22-5894058.html?part=rss&tag=feed&subj=zdnn
-
Expert: Hold developers liable for flaws
Date: 10/12/05
(Security) Keywords: software, security
Former U.S. cybersecurity czar Howard Schmidt says coders should be held accountable for security problems in their software.
Source: http://news.zdnet.com/Expert%3A+Hold+developers+liable+for+flaws/2100-1009_22-5893849.html?part=rss&tag=feed&subj=zdnn
-
Security exec to cops: Talk to us
Date: 10/12/05
(Security) Keywords: security
Police could keep closer tabs on cybercrime if they would consult security companies that track hackers, one exec says.
Source: http://news.zdnet.com/Security+exec+to+cops%3A+Talk+to+us/2100-1009_22-5893816.html?part=rss&tag=feed&subj=zdnn
-
I get a right good fisking
Date: 10/12/05
(Open Source) Keywords: security, linux
There are great tools for Linux security, and Linux security management can be first-rate, but the process needs to be completely automated before the mass market trusts it.
Source: http://blogs.zdnet.com/open-source/?p=469&part=rss&tag=feed&subj=zdblog
-
Security Software: What Buyers Look for…
Date: 10/13/05
(Java Web) Keywords: software, security
According to Forrester:
The majority of enterprises worry most about reliability when acquiring security technologies — thus, only 19% experience shaky deployments.
In contrast, just 13% consider cost a top priority when buying, which means that more than one-third suffer from implementation sticker shock.
To summarize:
To sell security software successfully focus on reliability and be flexible and reasonable [...]
Source: http://blog.taragana.com/index.php/archive/security-software-what-buyers-look-for/
-
Security question??
Date: 10/15/05
(Computer Geeks) Keywords: security
Currently I have an XP home system receiving incoming calls. I’ve done this so I can connect to my network from anywhere, that has a phone, and download files I need or if I need access to the internet and the place I’m at currently has none. I do onsite PC repairs and this comes in handy on occasions. Yesterday I inadvertently left my “RAS” machine off and when I got home the answering machine, I never bothered to unplug, had several messages. I listened to the messages and found three of them sounded like computers trying to contact my computer then several hangups.
First off, is anyone still war dialing?? I can’t think of any other way someone could have found out that my phone is usually directly connected to a PC that picks up. Secondly, I do have authentication turned on requiring a user ID and password, not strong ones though since I thought the chances of someone even looking for a system to crack in that way was for the most part pas se'.
Regardless, down to the question, is there a way in XP home to limit the attempts before hanging up to just one?? Eventually I’m going to use a FreeBSD system as a file server with remote access (which I know has much more to offer in the way of security options), but I’m having trouble putting it together so I’m using my XP system for the task. This is also my main system so in my paranoia I’m a bit afraid that someone might…whatever, I just don’t want them in. Any other suggestions will be appreciated.
Source: http://www.livejournal.com/community/computergeeks/797540.html
-
another gallery script
Date: 10/17/05
(PHP Community) Keywords: php, database, security
Im having some trouble writing a thumbnail view for a gallery script ive been working on. Now I have a nice little admin section which allows you to add pictures. It even makes the thumbnails for you. The problem occurs when I want to show these thumbnails. I would like to have a table maybe something like below
gallery title
image 1 |
image 2 |
image 3 |
image 4 |
image 5 |
|
|
|
|
|
image 6 |
image 7 |
image 8 |
image 9 |
image 10 |
|
|
|
|
|
image 11 |
image 12 |
image 13 |
image 14 |
image 15 |
|
|
|
|
|
image 16 |
image 17 |
image 18 |
image 19 |
image 20 |
|
|
|
|
|
image 21 |
image 22 |
image 23 |
image 24 |
image 25 |
|
|
|
|
|
page < 1 | 2 | 3 | 4 | 5 | 6 >
Now in my database I store the filename, its title its security level (either a 1 or a 0), and its group id. Now what I would like to have is a script that shows images as above when the group id is passed into it via the url (something like index.php?group=1). The problems I have are
a) how do I get this to display all the images that are in that group in the format I want showing their title as shown. i.e how do I get it going 5 in a line for only 5 lines for that page
b) how do I get it to display links to the other pages. So if there were 50 image in that group it would show page 1 and 2 at the bottom and if there were 51 images it would show 1, 2 and 3 at the bottom…
c) how do I get it to only show that image if it is either not a secure image (so secure==0) or it is a secure image (so secure==1) but that person has a session var set to true...
ok, I know I’m asking a lot here, and I may not be very clear but this is driving me up the wall as so far I only seem to be coming up with answers that are only dealing with part of the problem, not the whole thing. If anyone has any suggestions/ideas/code/snippets etc it would all be gladly received. I am not new to this, but I haven’t been doing it very long and am so not very good at it.
Thanks
Source: http://www.livejournal.com/community/php/356563.html
-
Homeland Security inches toward makeover
Date: 10/18/05
(Security) Keywords: security
Spending bill, scheduled for president's signature Tuesday, backs earlier reorg plan to further empower cybersecurity.
Source: http://news.zdnet.com/Homeland+Security+inches+toward+makeover/2100-1009_22-5898244.html?part=rss&tag=feed&subj=zdnn