Software presentation, p-reviews for progz
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Software presentation, p-reviews for progz

  1. #1
    Senior Member
    Join Date
    Mar 2002
    Posts
    166

    Software presentation, p-reviews for progz

    After my suggestion has been rejected, i made a thread where i'm going to post everything i hear about software (presentation, p-reviews, secrets & warnings about progz). But first of all i would like to tell you that my source isn't one, but from magazines, sites and friends, i make completed opinion about the topic i'm searching for.

    I'm starting this thread with this topic: "(Outlook 2002) be careful with this thing ".
    Outlook 2002 has many bugs which can destroy your PC. Be careful.

    The most dangerous problem is that Outlook will automatically download e-mail messages. The warning work to e-mails with IFRAME HTML tags embedded in the message. If a user reads an e-mail such this , Outlook will begin downloading executable files from a Web specified in the message. Outlook will put up a dialog box asking a user if they want to open the file, save it, or cancel the download. There is no security warning that the executable file might be dangerous. Unfortunately, the default action of the dialog is 'Open'.
    Another HTML-related bug allows JavaScript code to run in e-mails even though scripting is turned off in the default settings of Outlook. A malicious hacker could bury the JavaScript code in a seemingly harmless link, causing hidden dangerous code to execute when the user clicks on a link. In Outlook, URLs are limited to about 2,000 characters which is probably enough space to contain a simple worm which could exploit one of the known Internet Explorer security holes. Cookies* can be set and read in HTML e-mails despite Outlook's default settings to turn cookies off.

    [IMPORTANT NOTE]: These problems likely affect earlier versions of Outlook as well as Outlook Express.

    * =Cookies are small programs that collect information about which sites users visit on the Internet. While cookies can make life easier by identifying users when they return to a site, they can also be used to track Internet usage, making them a contentious privacy issue.

    TNXs to : My friends biLl, mIkeintosh and PU

  2. #2
    Senior Member
    Join Date
    Oct 2001
    Posts
    689
    I often read magazine articles from computer mags praising Outlook and Outlook Express as two of the top email clients. Of course there is no mention in the articles of the many Outlook specific email viruses out there, and the little holes that can allow malicious users to run code on your system. It seems odd to me that MS has had these problems since the very first versions of Outlook were released, yet they still exist.
    Wine maketh merry: but money answereth all things.
    --Ecclesiastes 10:19

  3. #3
    Senior Member
    Join Date
    Mar 2002
    Posts
    166
    Everything i've written exist on Outlook 2002

  4. #4
    Senior Member
    Join Date
    Jan 2002
    Posts
    883
    Funny thing though. Outlook is actualy a good program if you turn off preview, set the security high, and filter it. You can also get a script for it called "nohtml" that converts it all to text only. I've used it for years on my Win32 boxes without a hitch.

    The article here:
    http://www.techtv.com/screensavers/d...364064,00.html
    The COOKIE TUX lives!!!!
    Windows NT crashed,I am the Blue Screen of Death.
    No one hears your screams.


  5. #5
    Senior Member
    Join Date
    Jan 2002
    Posts
    883
    The COOKIE TUX lives!!!!
    Windows NT crashed,I am the Blue Screen of Death.
    No one hears your screams.


  6. #6
    Originally posted here by {PP}Apocalypse
    You can also get a script for it called "nohtml" that converts it all to text only.

    Plain text is the only way to go when sending email.....Anything else is just plain rude. Plain text people!

  7. #7
    Senior Member
    Join Date
    Mar 2002
    Posts
    166

    NEW RELEASE. Netscape 6.2.2

    AOL which bought Netscape at the end of 1998, presents the 6.2.2 version of the popular broswer. The version 6.2.2 is a minor release so as u know it has new actions, but only fixes of bugs.
    The new Netscape is available for this OSs: Windows (Win95 and newer), Mac OS (MacOS 8.6, 8.6.1, 9.x, MacOS X) and Linux (Red Hat Linux 6.0, 6.1, 6.2, 7.0 with X11 R6). Also is has with it the following progs:
    • Netscape Navigator
    • Netscape Mail
    • Netscape Instant Messenger
    • Netscape Composer
    • Netscape Address Book



    The requierments of Netscape 6.2.2 is:
    For Windows and Linux, CPU Pentium 233MHz, 64MB RAM and 26MB free on HDD.
    For MAC OS, CPU PowerPC 604e 266 MHz or G3 or G4, 64MB RAM and 36MB free on HDD.

    The packet is about 26MB and it is available here

  8. #8
    Senior Member
    Join Date
    Mar 2002
    Posts
    166

    Another new release. Winamp 2.79

    Nullsoft, which bought by AOL on June 1999, anounce the release of the new version 2.79 of the popular programme Winamp (which plays sound's files).
    The new version has many improvements and bugs' fixes:
    • Correction of security problem with decompression zip via the support of the version 1.1.4 of zlib.
    • Improvement of the routines which allow the user to execute many files at the same time.
    • Improvement of the routines " Agent Tooltip ".
    • Improvement to the support of the sections of support of the files MIDI and WAV, also the action of immediately record on HDD
    • Support to the tags id3v2

    Winamp 2.79 is available in three version (Full, Standard and Lite) from a page of Nullsoft's site.

  9. #9
    Senior Member
    Join Date
    Mar 2002
    Posts
    166

    Be careful with share-programmes

    Peer-to-peer file swapping networks have been growing in popularity ever since Napster emerged, with Morpheus, Gnutella, and Kazaa being the more popular
    options in use today. In addition to the copyright issues and bandwidth problems these programs often cause, they can introduce numerous security risks into your organization.
    Morpheus popped up in the news again recently, after a purported attack against its network. According to StreamCast CEO Steve Griffin, the Morpheus network was the recipient of a DoS (denial of service) attack and had its client software attacked -- encrypted messages that changed registry settings were sent to Morpheus users. As a result, Morpheus is switching from the FastTrack-Kazaa network to Gnutella.
    Any user connected to a file-sharing network is vulnerable to attack, whether in the form of information pilfering, session hijacking, or DoS. Additionally, some files available for download are infected with viruses. In preparation for this column, I downloaded a handful of files from Morpheus and found two of them carrying viruses.
    How can you protect your organization's network from these file-sharing applications? First and foremost, define a policy on how to deal with these applications. If you want to deny access to these services (as do most organizations), ensure that your policy clearly states this and outlines consequences for failing to adhere to the policy.
    The most common step to enforce this kind of policy is to block access to these services at the firewall. An excellent resource for information about configuring your firewall to block various file-sharing services can be found here . The site even contains the specific IPchains or IPtables rules you need to implement.
    One note about this approach: You should block both port access and IP addresses. Although some file sharing systems use a specific port number, many can be tunneled through HTTP port 80, bypassing virtually any firewall rules because port 80 is almost always allowed. Blocking access to the service by IP address can be more effective, but it also takes a little more effort because the IP address ranges can change periodically.
    Second, you can try to stop the issue at its source by preventing users from installing the client software on their system through Windows Group Policy or a personal firewall configured to prevent unknown applications from accessing the network.
    One of the more unique solutions I have heard about involves using Snort, the open-source IDS (intrusion detection system), to identify file-sharing users. In this solution, Snort signatures are created to identify the file-sharing services; when usage is detected on the network, you can easily identify where the traffic originated and remove the client application from that system.
    Whichever tactic you employ when it comes to file-sharing applications, make sure it starts -- and ends -- with your company's security policy.

  10. #10
    Senior Member
    Join Date
    Mar 2002
    Posts
    166

    Post HOLE ALLEGED TO LET ATTACKER TAKE OVER SYSTEMS WINDOWS NT/2000

    A recently discovered security vulnerability in a software debugging component of Microsoft's Windows NT and 2000 operating systems can allow an attacker to elevate their privileges on a system and take the system over, according to intrusion detection system vendor Entercept Security Technologies. An exploit is already circulating among potential attackers, the company said.
    Entercept is set to release details on the vulnerability later Thursday in an alert to its customers, security e-mail lists and the press. An initial posting about the issue was made to the Bugtraq security list on March 14th.

    For the full story go here

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •