Over the last two weeks, I've discussed how to prevent crackers from gaining access to your Linux computer (see 10 minutes to an iptables-based Linux firewall and How to stop crackers with PortSentry). This week, we continue the series with ways you can tell if someone has cracked your machine.
The CERT/CC statistics on incidents handled, vulnerabilities reported, security alerts and notes published, hotline calls handled, and email messages handled have been updated with information from the third quarter of 2001.
The difference between good and bad security often comes down to someone’s understanding of the “Principle of Defense in Depth.” Here’s the soundbite definition: It’s best to have multiple layers of security and to put them as close as possible to the valuables they’re designed to protect.
A computer virus purporting to provide information about anthrax and its side effects has been discovered, computer security experts said on Tuesday. The new computer virus, technically a worm because it is self-propagating, is spreading through e-mail instant relay chat channels on the Internet, according to Steven Sundermeier, product manager at Central Command which monitors corporate e-mail systems for viruses.
Anti-American cyberpunks in Pakistan are among potential hackers who could launch cyber attacks against the USA as an aftermath of the American air attacks on Afghanistan. A study titled “Cyber Attacks During the War on Terrorism,” conducted by the Institute for Security Technology Studies at Dartmouth College, USA, immediately after the September 11 attacks, has warned the US Government that several Pakistani groups who have defaced several Indian sites in the past were potential attackers in the current scenario.
Any infrastructure that is built with inherent weaknesses is bound to crumble, sooner or later. Similarly, the huge potential of the Internet, e-commerce, and all it can offer cannot be expected to be realized and flourish long term unless its weaknesses in the areas of trust and security issues are addressed.
In an effort to help customers better respond to security threats, Microsoft said it will begin adding severity ratings to its security bulletins. Under the new severity rating system, vulnerabilities in Microsoft's products will henceforth be classified as either "critical," "moderate," or "low," according to a document released by the company's Security Response Center.
Security experts are raising alarms about a technique that computer hackers could use to penetrate a company's wired data networks from its wireless networks, Monday's Wall Street Journal reported.
Wireless links are increasingly being used by companies to connect desktop and laptop computers without using wires. Cigital Inc., a computer-security company in Dulles, Va., said it has identified a new way to exploit vulnerabilities that have been uncovered in a technology used for wireless local networks.
Here's a chance for Bill Gates to redeem himself politically.
Our nation is under attack, and our computer systems are undeniably vulnerable - a House Science Committee hearing made that all too clear last week. But there's no major government funding source for computer security research, and with so little money out there, few academics focus on the subject.
There's no question the problem is immense. But it's one that Gates could help solve. And solve it soon we must.
It appears that the folks over at TFO have been under an attack of some sort over the past hour or so...
