security fix live - washingtonpost.com
security fix live - washingtonpost.com
hello
change preferences
|
sign out
sign in
|
register now
print edition | subscribe
news politics business education photos & video nation technology kidspost discussions world entertainment religion corrections metro health post magazine archives politics politics blogs house/senate votes white house congress 2008 campaign in depth polls in the loop dc | md | va opinions columns & blogs feedback on faith toles cartoons outlook postglobal editorials think tank town discussion groups local metro news weather local explorer jobs local life traffic community guides cars dc | md | va crime the extras real estate columns/blogs obituaries local business yellow pages sports redskins d.c. united columns/blogs nfl nationals capitals college football nhl wizards high schools local colleges nba arts & living style movies travel fashion & beauty horoscopes smart living television books home & garden comics entertainment news food & dining museums theater & dance crosswords city guide find restaurants find local events find movies visitors guide find bars & clubs going out gurus cars buy a car sell a car experts & advice dealer specials coupons real estate buy a home sell a home property values rentals find a rental rent your place shopping shop new deals & discounts shopper blog shop used sell your stuff pets search: washingtonpost.com web | search archives
washingtonpost.com
> discussions
brian krebs
security fix blogger
friday, november 9, 2007; 11:00 am
security fix blogger brian krebs will be online friday, nov. 9 at 11 a.m. et to provide advice on how to protect yourself and your personal information online.
submit a question or comment now or during the discussion.
wednesday's sessions
• politics: john solomon, 11
• pearlstein: college tuition, 11
• ask tom: tom sietsema, 11
• federal diary: barr & aetna vp,
• gossip: reliable source, 12
• white house watch: froomkin, 1
• maryland: assembly session, 1
• free range: food section, 1
• chat house: michael wilbon, 1:15
• internet: gaming, 2
• wizards/nba: carter & lee, 2
• books: michael dirda, 2
weekly schedule
recent discussion transcripts
toolbox
resize text
save/share +
diggnewsvinedel.icio.usstumble it!redditfacebook
print this
e-mail this
comment
discussion policy
discussion policy
close
comments that include profanity or personal attacks or other inappropriate comments or material will be removed from the site. additionally, entries that are unsigned or contain "signatures" by someone other than the actual author will be removed. finally, we will take steps to block users who violate any of our posting standards, terms of use or privacy policies or any other policies governing this site. please review the full rules governing commentaries and discussions. you are fully responsible for the content that you post.
who's blogging
» links to this discussion
a transcript follows.
____________________
brian krebs: good morning and happy friday dear security fix readers! welcome, and please feel free to drop in any security questions or concerns. but please try to be as specific as possible about your setup, including information about the type of security software and hardware you're using, and any error messages or strange behavior you may be dealing with.
_______________________
san francisco: what's the latest on the storm virus, which you wrote about recently? do you know how seriously the government takes this threat, and whether a major mobilization of security experts has happened? do we have much chance of beating, or containing, this scary thing?
brian krebs: *gets up on soap box*: there has been a major mobilization of resources to combat storm, which as you say has been incredibly successful, mainly through the use of novel, ever-changing social engineering techniques to trick users into clicking on malicious links to sites that try to foist malware.
the problem as i see it is kind of a classic problem with respect to cyber crime and cyber crime enforcement. the resources being rallied against storm are considerable, and there are a tremendous number of people that are contributing to the effort to blunt the success of this scourge. but the problem appears to be a lack of coordination among these efforts.
the sheer number of storm-infected pcs appears to wax and wane, usually to tune of the amount of attention it generates. so, while there are a great many resources being brought to bear against this monstrously complex virus, those efforts don't appear to be nearly coordinated enough yet to effectively take out the criminals behind this network.
*end soap box rant*
_______________________
chevy chase, md.: if i have a unsecured wireless network, could someone see the data i'm transmitting?
brian krebs: absolutely. say i am joe nosey neighbor, and i'm within a few hundred feet of your house. i could easily jump on your network -- and using freely available tools -- force your machine into routing all of your traffic through mine. with that kind of power, i could redirect your traffic to specific counterfeit sites, i could prevent you from being able to visit sites, eavesdrop on your instant messages, or even boot your machine off the network.
almost all wireless routers come with some kind of encryption technology built in, usually either wep or wpa. wep encryption is fairly easy to crack, while wpa combined with a strong passphrase is fairly solid, though not unbreakable. there is no excuse for not using these built-in protections. at the very least, you're asking for someone to park outside your home and use your open wi-fi network to do something illegal.
a while back, i blogged about some very user-friendly and easy-to-follow online videos that walk you through setting up encryption on the most commonly sold wireless routers. check it out at this link here.
_______________________
melbourne, australia: g'day brian,
i think i may be overdoing the security bit, but am not sure. i have xp pro desktop with: eset nod32, zone alarm pro, windows defender, spybot sd resident, ad-aware 2007, spyware blaster, secunia update inspector, sp2 and a broadband router with firewall. is this overkill? if so, which applications do you recommend i uninstall?
also, are third-party tracking cookies really dangerous? most of the above virus/security aps listed above treat them as dangerous. but a few websites (i.e. google page creator) don't work as well if i don't allow tracking cookies. what will happen if i decide to simply allow all the tracking cookies they want to dump on me?
thanks. basically i'm starting to get security fatigue and would like to ease off a bit on the vigilance bit.
brian krebs: well, other than that, maybe take some vise grips and apply about 100 foot pounds of pressure on the internet cable going into your house. that ought to make for a great hardware firewall.
seriously, though, i know what you mean about "security fatigue." it's unfortunate that so many people have to become de facto system administrators just to stay safe with windows these days, but that's sort of the reality.
you sound like you've got a pretty good setup there. my thought it you could probably do without one or the other anti-spyware tools (i'd lose windows defender, but that's just me).
tracking cookies? not much of a threat. as you mention, some sites don't work quite right if you refuse cookies, or delete them all the time. but in the grand scheme of things, cookies are pretty innocuous, imho.
_______________________
new york ny: hi brian!
i'm a luddite with a macbook pro (dangerous combination, like a 5-yr old violin student with a strad). after my latest go-round with verizon dsl cust. service (i'm on the phone with them for a couple hours once every month or 2 because their internet dsl service disappears for no apparent reason... but that's another story). this time, the tech hooked me up wirelessly. i'm now connecting w/my modem via airport and a password. unbelievably convenient, but is there a possibility of being hacked into? do i need to turn on the mac firewall-thingy?
thanks, i read your chats religiously & forward crucial stuff to my pc friends!
brian krebs: hello, new york. your luddite description made me laugh. but, if you're an inexperienced internet/computer user, you could hardly do better than to go with a macbook. good for you.
the built-in firewall "thingy" on the mac is pretty solid, and i'd recommend turning it on and keeping it on. there really is no reason not to.
_______________________
great falls, va.: brian,
i have always learned something new from your column. thanks.
is vista included in patch tuesday ?
brian krebs: yes, microsoft uses the second tuesday of each month to push out security updates for its software, which includes patches for windows vista, windows 2000, windows xp and server 2003. the company also uses patch tuesday as its called to release security updates for most of its other products, including microsoft office.
to your question, it does not appear, however, that microsoft intends to ship any updates for vista this month. neither of the two patches microsoft has said it plans to push out next week apply to vista, but microsoft always cautions that its plans can change, so check back at the security fix blog next tuesday for the rundown on the latest updates.
_______________________
antwerp, belgium: hi brian,enjoy your chats.i have a smc wireless rooter barricade 802.11g hooked on to my main pc. for a second pc which is a few rooms and walls away i use a smc usb wireless n adapter. but i have difficulties getting an internet connection. the adapter gives a good-very good connection 50-60 percent but can't get a web page. only way i can is using an extension cord&bringing it a few feet closer to the main pc but its still a bit away. my service guy suggests i get a dlink n rooter dir635 with 3 antennae that carries further & should give a better reception. better than a g type rooter. and what is best positions of the antennae, straight or slanted?any comment? thanks and have a nice weekend
brian krebs: hello, belgium. thanks for coming by. i don't have much experience with smc's products, but i referred another guy who asked a similar question recently about the n adapter to dsl report's faq page on smc products, which is fairly comprehensive. check it out here. good luck, and sorry i can't be more helpful here.
_______________________
arlington, va.: what's this cyber jihad all about and can they really cause mass havoc?
brian krebs: the reader is asking about recent stories suggesting that some coordinated "cyber jihad" attack is supposed to take place against american commercial and government web sites. i didn't write about this mainly because it seemed pretty thinly sourced (the sole source is a vehemently pro-israeli site).
we've seen these kinds of rumors come and go before, and each time they turn out to be much ado about nothing.
symantec has a writeup on a e-jihad for dummies type tool that is apparently designed to let even your dog conduct denial-of-service attacks against web sites with the click of a mouse. however, the download sites are all....well, down at the moment.
the reality is that e-jihad or no, there are no shortage of these point and click tools that any idiot could use to try and knock a web site offline. it's also true that these kinds of coordinated attacks happen every day.
so, in short, nothing to see here.....move along.
_______________________
san diego, calif.: good morning rob. i recently got a message from zonealarm that it encountered a problem and had to shutdown. the problem reported was with sonicwall.net and the service that stopped was mantispam. i don't have any sonicwall hardware or software. za was actually still running but not mantispam. i restarted za and the problem has not reoccurred. any idea what happened?
brian krebs: um...this is brian krebs, not rob.
now that we've got that straight, i'll bite. unless i'm mistaken, mantispam is a component of zone alarm pro (you don't say you're using pro, but i'll be you are) designed to integrate with outlook and help you block spam, nasty e-mail viruses etc. i'm guessing for some reason the program just crashed. if it hasn't happened since, i'd say no worries. but if you're not using it, i'm pretty sure zonealarm has an option to turn it off or disable it.
_______________________
pittsburgh, pa.: hi brian. enjoy your column. have a dell quad core notebook at high end. yet it is slower than emachines desktop with athalon 64 3500+ in opening and running a stock graphics program. standard spy and utities sweeps yield zilch. task mgr shows isass.exe. some sites say worm and "buy our product", others say not. any insight?
brian krebs: hi pittsburgh. is the machine slow only when you use the stock graphics program? if so, it may be a glitch in that program itself.
lsass.exe is a normal windows system component, and at least one version of that system process will be running as long as windows is.
if a virus check and anti-spyware run give you a clean bill of health, consider checking to make sure you don't have a large number of harmless but otherwise unnecessary programs running at startup. a couple of great tools for this check are process explorer-- which tells you in plain english which processes are running and who made them -- and hijackthis!, which lets you control which programs should be allowed to start up when you boot into windows.
run both of those programs on your system, and whittle away at programs that don't need to be run at startup (quicktime helper programs, other pre-installed crapware, etc).
_______________________
mac osx: hello - i haven't upgraded yet to the newest mac version. am i ok, or should i go ahead and upgrade asap?
brian krebs: you're asking about upgrading to mac os x 10.5 (leopard)? upgrade if you want, but as long as you've got the latest patches installed, you're fine. a number of my co-workers and friends have updated and are happy with it, but i don't plan to anytime soon, as i don't really see the need.
if, however, you're looking for a good backup solution for your mac, upgrading to leopard might make sense. i have heard rave reviews of the built-in time machine backup feature that supposedly makes backing up your data on a mac a cinch.
_______________________
rockville, md. : brian:
i used to use ghost for backups to an external hard drive, but my last three system backups have used the windows backup (windows vista ultimate).
can i start my computer with the install disc? or do i need some boot program on a cd or flash memory?
i should know this, but for some reason it has never been presented in a way that i understand.
brian krebs: i'm not sure i completely understand your question, but i'll give a shot at answering it anyhow.
most computer data backup solutions come with or prompt you to create a boot disc that is designed to be used when your windows installation fails to boot up for whatever reason. these boot discs generally allow a small bootloader program to run that is then capable of finding backed up images of your drive on external or networked drives.
generally, then, you are given the option to replace the current image of windows installed on your machine with a known, working backup. bear in mind that if you choose this option, you are essentially overwriting any data on the drive that was not saved during your last backup.
hope that answers your question.
oh, and since there are still several unanswered questions in the queue about which type of backup software i use, i use acronis true image 9.x, which has helped me on numerous occasions to fix machines that for one reason or another failed to boot up correctly.
_______________________
brian krebs: that's all the time we've got today, folks. thanks to everyone who stopped by to read or toss a question in the hopper. we'll have another security fix live two weeks from today. in the meantime, please consider visiting the security fix blog regularly to stay up to date on the latest security warnings, news and advice. be safe out there!
_______________________
editor's note: washingtonpost.com moderators retain editorial control over discussions and choose the most relevant questions for guests and hosts; guests and hosts can decline to answer questions. washingtonpost.com is not responsible for any content posted by third parties.
related
security fix livetranscript | security fix blogger brian krebs answered your questions about the latest computer security threats and offers ways to protect yourself and your personal information.
security fix live
security fix live
related articlesdisney to launch cellphone service in japan: paperthe points of it alllatin music fans going mobile in spainstudy debunks theory on teen sex, delinquency: new analyses challenging many old assumptionsun report: human cloning ban neededpowered by inform
» related topics & web content
» top 35 most viewed
to refresh page: press the f5 key on your keyboard or click here.
© 2007 washingtonpost.newsweek interactive
discussion archive
november 14, 2007: discussion on small business
guest: senator john kerry
october 11, 2007: positive parenting
guest: dr. lonnie carton, ph.d.
june 28, 2007: secure collaboration - communicate confidently and effectively with cisco unified communications
guest: don weiner
june 14, 2007: good governance deserves good security
guest: john n. stewart
may 24, 2007: the power of ipv6
guest: dave west
may 3, 2007: cisco secure wireless
guest: stephen orr
march 29, 2007: the prospects and challenges of a u.s.-taiwan free trade deal
guests: mr. fadah hsieh, vice minister of the ministry of economic affairs, the republic of china (taiwan) and mr. john chen-chung deng, current deputy representative, taipei economic and cultural representative office (tecro) in the united states and chief negotiator, office of trade negotiations, moea, the republic of china (taiwan) beginning in april.
february 13, 2007: breach film forum
guests: writer/director billy ray, actor chris cooper and former fbi operative eric o'neill.
news | politics | opinions | local | sports | arts & living | city guide jobs | cars | real estate | rentals | shopping search: washingtonpost.com web search archives washingtonpost.com: about us | work for us | advertisers | site map | search terms | topics index | | mywashingtonpost.com | mobile | rss | widgets the washington post: subscribe | subscriber services | advertisers | electronic edition | online photo store | the washington post store | about the post | national weekly the washington post company: information and other post co. websites © copyright 1996-2007 the washington post company | user agreement and privacy policy | rights and permissions help | contact us
Acceuil
suivante
security fix live - washingtonpost.com ThinkGeek :: No, I will not fix your computer Lauren Fix: The Car Coach ~ Automotive Expert BigFix :: Home NANIA RÉHAUSSEUR DREAMWAY SP FIX SILVER acheter comparer prix ... > pivx_ - home & office The Fix - Yeah:No Recordings Get The Curse Pack Ski+Fix avec le guide du matériel ski/snow d'annuaire-ski.com Josh Fix Microsoft Excel : Calculation Issue Update (Fix Available) Livre The PC Doctor's Fix-it-yourself Guide - A. Kingsley-Hughes ... Fix Our Ferals gratuit : bug in Excel 2007 Calculation Fix available. : tout le ... fix buffalo today [ Esport Magazine - EsportsFrance - Rotterdam est sérieux, FiX non ] The Sunshine Fix Data Recovery Disk Recovery Hard Drive Recovery software by ... Le Blog de la Mobilité Data: Zoom sur SFR One Fix Connected ... Paul Fix Disque Pharma-Fix en Silicone/PTFE de 20mm Django Weblog Security fix released Mozilla Firefox 2.0.0.5 Released with Fix for firefoxurl ... Dial-a-fix - TechWiki The Gossip Fix Modernfix.com Motorpsycho - You Gotta Hang On To The Trip You're On... PNG in Windows IE Pants'Fix trousers solution men homme - Vidéos Actualités Mode ... Geek to Live: How to fix Mom and Dad's computer REGO-FIX, Swiss Precision Tools - collets, toolholders, nuts ... Top case Topcase bleu claire fix. adossoir moto scoot en vente sur ... Digg - How Nintendo Can Fix Wii's Storage Space Problem without a ... BBC - Languages - Spanish Quick Fix NPR : Oprah Pledges to Fix School amid Abuse Reports Geotag your blog, site or feed Address Fix WordPress 2.0.6: Feedburner issue, and fix « Mark on WordPress High-fi fix for malfunctioning Guitar Hero III Les Paul - Engadget FIX, starring Shawn Andrews, Olivia Wilde, Megalyn Echikunwoke ... WinSock XP Fix 1.2 Freeware download page - tested and reviewed ... Tricky fix-up plan devised for space station- msnbc.com fix M i c h a e l F i x WinXpFix.com Home page (wixpfix.com) Windows xp news, Tips, Free ... Coldplay – Fix You – Music at Last.fm Amazon.com: War Fix: Books: Steve Olexa,David Axe FIX-TIPS Free Football picks & Best Soccer betting tips, soccer ... Screenplay Coverage from ***** script-fix ***** Editor's Daily Blog: A Temporary Fix fixoyun fix oyun fiks oyunlar fıxoyun fıx oyun fiks oyun fix ... Fix 4 RSO The Fix - Salon.com It's not always malware: How to fix the top 10 Internet Explorer ... Download details: SafeDisc Windows XP Fix for Microsoft Games Fix Your Own Printer Jim Fix Don’t Throw Out Your Broken iPod; Fix It via the Web - New York Times Ezee-Fix WMP Scripting Fix Conservatives to fix glitch that could block rural voters Heroes: The Fix - TV.com Fix - Wikipedia