[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Computer security



PureBytes Links

Trading Reference Links

I believe this will be of interest to all, especially given the 
discussion going on in RT recently.

Yesterday, while digging into security issues, I found several sites 
that actively probe your system to test its security.  The one at 
http://grc.com seems to be one of the best.  Among other things, it 
includes an eye-opening (and absolutely terrifying) explanation of 
exactly what hackers can do to most systems, and how easily they can 
do it.

Then, just this morning I got this referral to it in the latest 
LangaList, which is a newsletter put out by former BYTE and PCMag 
editor/columnist Fred Langa.  

Enjoy!  And may your system be safe.  Let's be careful out there!

Gary

==============================================================

>From the LangaList:

FREE Internet Security Check

Steve Gibson is a very smart and prolific guy--- he's been
producing very cool, very useful software for, gosh, 15
years or more now.

A lot of his stuff takes a unique spin or tack at solving
problems, and often does a better job than some of the more
widely-know apps from the giant software houses.

Last week, I got a note from Steve describing a new free
service he's offering:

     Hey Fred,
     I wanted to apprise you of my just-this-instant
     finished contribution to the Internet-connected
     Windows-based personal computer community:
     http://grc.com/x/ne.dll?bh0bkyd2   or
     http://grc.com/ShieldsUp

     When I recently switched my office from ISDN to
     DSL (our servers live on an off site T1 trunk), I
     did some research into the insecurity of typical
     Windows-based Internet connections ... which is
     exacerbated by "persistent" connections to the Net
     such as those now being established by DSL and
     Cable Modem technologies. I was SHOCKED by the
     number of people with insecure connections, and
     then by the ease with which Internet scanners can
     find, target, and penetrate their systems. (This
     is all documented in tutorial form on my new web
     site, but you can quickly peek here: <
     http://grc.com/su-nbscan1.htm > and also here <
     http://grc.com/su-nbscan2.htm >)

     On Friday of Labor Day weekend (9/3) I realized
     that when someone came to my web server, their
     connection gave me the IP address of their
     machine. This meant that I could perform an ACTIVE
     SECURITY ANALYSIS of their system on the spot and
     display the results as a web page. So I started
     coding and the concept grew into a comprehensive,
     free service and extensive tutorial -- including
     some freeware -- to quickly secure ANY Windows
     system.

     Given the inherent "default" insecurity of most
     Windows connections -- and the significant
     financial gain possible for intruders who can now
     easily install keystroke-monitoring Trojans into
     people's computers to capture online banking
     passwords, account numbers, etc. then eMail the
     results -- I worry that Internet Intrusion and
     Theft is a "growth industry." So I think this is a
     VERY important message to get out to the
     population at large.

     The ratios of exposure as shown by the graphs on
     the visitor history page demonstrate the extent of
     the problem! http://grc.com/x/ne.dll?bh1akydu
     If you agree and wanted to help me spread the word
     that would be totally terrific!

Steve's site attempts to sniff back through your internet
connection and will show you everything it can find out
about your system, your files, your printer and so on.