Search Results - Antionline Forums - Maximum Security for a Connected World

Search:

Type: Posts; User: omalakai; Keyword(s):

Page 1 of 2 1 2

Search: Search took 0.01 seconds.

  1. Replies
    22
    Views
    3,441

    Another site where you can go to not get malware,...

    Another site where you can go to not get malware, but to get videos of the malware being installed, is the site of Ben Edelman. He's got some videos of this exact same thing: going to a web site and...
  2. Replies
    11
    Views
    2,288

    Bropha.K

    On the blog from F-Secure, their latest post mentions a new version of this one, called Bropha.K that came out Sunday.
    The link to their blog for a little more info is here.
  3. Replies
    15
    Views
    1,378

    W32.Spybot.Worm

    For me, Symantec came up and listed it as W32.Spybot.Worm. Maybe it's a new version???
  4. Thread: Win XP SP2

    by omalakai
    Replies
    11
    Views
    1,612

    XP SP2 RC1 Available

    Service Pack 2 Release Candidate 1 for Win XP is out. Info and to download it is here:
    http://www.microsoft.com/technet/prodtechnol/winxppro/sp2preview.mspx
  5. Replies
    14
    Views
    1,729

    IE Exploit Found Using Windows Source Code

    A proof-of-concept for a new IE exploit has been released. The person who found the problem used the relently leaked Windows source code to find this. You can see it here
    It is a Bitmap file with a...
  6. Replies
    29
    Views
    2,072

    SCO.COM has removed their WWW A record from DNS...

    SCO.COM has removed their WWW A record from DNS to stop the onslaught. Take a look at this article, just posted, on Netcraft:...
  7. On vacation

    It looks like the guy who makes CWShredder at Merijn.org has been on vacation from Jan 9 to Jan 19. So, that is probably why it does not take care of this new version.
    But he is back tomorrow, I...
  8. Replies
    2
    Views
    1,002

    Well, here...

    Well, here is Symantec's write up of this one. It lists the REgistry key in the Run portion this spam relay trojan sets up.
    Check it out.
  9. Replies
    14
    Views
    1,669

    I will take a stab at this. First, NMAP is...

    I will take a stab at this.

    First, NMAP is now on version 3.48, so running this older version could impact the OS detection. Version 3.00 has a datestamp of July 28, 2002. So, right there, I do...
  10. Replies
    12
    Views
    949

    New built-in popup blocker in IE?

    The article is here.
  11. Replies
    46
    Views
    2,765

    Here is my most embarrassing story. It is not...

    Here is my most embarrassing story. It is not very security related, but it is fun!
    I once worked at a small long-distance phone company as a junior IT tech guy. One day, there was a power blackout...
  12. Replies
    24
    Views
    1,694

    thanks

    TH13, thanks for the warning.
    I've already talked to my company's security officer, and we are gonna send out an alert on this. We have had 4 offices that had Welchia outbreaks, and I know some...
  13. Replies
    10
    Views
    999

    Command.com

    Oh, you already reinstalled? Rats!
    For future reference, here is one trick you can use. When the Default value for HKEY_CLASSES_ROOT\exefile\shell\open\command gets changed, thereby preventing any...
  14. Replies
    6
    Views
    1,502

    yes

    Yes, Yahoo! Inc. has registered both of those domains, in addition to their real one. Here is the registrant info:

    Registrant:
    Yahoo! Inc.
    (DOM-269234)
    701 First Avenue Sunnyvale
    CA
    ...
  15. Thread: Net Send

    by omalakai
    Replies
    25
    Views
    3,765

    In Event Viewer

    Open up the Event Viewer on any Windows NT/2K/XP/2K3 machine.
    Select the System log.
    The Event ID number for Net Send messages is #26, from the "Application Popup" source.
    And you will see 1 popup...
  16. Replies
    18
    Views
    2,281

    Hopefully, this information will not be abused in...

    Hopefully, this information will not be abused in any way.

    The K-Otik French security site has the exploit code. There are also compiled versions of the code bouncing around.
  17. Replies
    5
    Views
    1,335

    There are cleaning tapes

    I have been working with Tivoli Storage Manager running on Win2K for almost 2 years now. 1 year ago, we migrated from a IBM Magstar 3570 tape library (which is really a dinosaur!) to the IBM 3584...
  18. Thread: Ms03-39

    by omalakai
    Replies
    15
    Views
    1,331

    Also patching

    I started patching some "non-critical" machines last night. I checked their Event Viewer logs after the reboot, and there was nothing abnormal. Full functionality was available. I ran this on an IIS...
  19. Thread: Ms03-39

    by omalakai
    Replies
    15
    Views
    1,331

    New scan tool

    CXGJarrod, you posted:



    The Technet article on this one says that this situation is true, that scanners that scan for MS03-026 will not detect it being patched if you have this new patch only...
  20. Replies
    14
    Views
    1,459

    winpup32.exe

    There is a virus that is farily recent called WINPUP32.EXE that your friend might have.
    It can load a trojan file on the target system. I had a user who had a problem with this.
  21. I had patched about 30 servers for this the last...

    I had patched about 30 servers for this the last week in July. Due to the firewall settings and the patches, I have not had any problems at work.

    But from a personal level, 9 people so far have...
  22. Replies
    27
    Views
    1,203

    Automatic Updates already can be auto

    Win2K SP3 added the new Automatic Updates process that ships with XP.
    With this version, you can currently set it to "Automatically download the updates, and install them on the schedule that I...
  23. Replies
    19
    Views
    1,291

    Event log errors?

    Is there anything in the Event Viewer logs that relates to the failed install of these apps? You could post what the logs say.
  24. Thread: Nachi Worm

    by omalakai
    Replies
    22
    Views
    1,836

    Cat 4 now

    Symantec just upgraded W32.Welchia.Worm to a Category 4 "Due to an increase in submissions."

    It exploits RPC/DCOM over port 135. Plus, the new twist to this one that I think warrants a brief...
  25. Replies
    1
    Views
    718

    What is your problem????

    What is wrong with you that you have to post these meaningless statments that do nothing but demean the work we are trying to do here. This new Msblaster.EXE RPC worm is flying everywhere causing...
Results 1 to 25 of 48
Page 1 of 2 1 2