Gmail secure paypal and ebay users
Phishing emails are being used by the hackers to obtain data of the email users. The emails which they target is not on specific peoples. They just send emails in bundle to different email addresses and waitfor the peoples who do mistake of clicking the phishing link becomes victim and their personal data fall in the hands of phishers who use this to hack their personal accounts etc.
It’s good news for all PayPal and Ebay customers. You don’t have to worry about phishing mails if you have a Gmail account. Phishing mails are a kind of spam mails that try to deceive the account holder to gain access to their valuable account information like password . Although, Google already have spam filters in place in their Gmail servers, many spam mails still come through these spam filters. Now onwards, Any mail coming from PayPal or Ebay will be delivered to customers inboxes only if they are digitally signed using DomainKeys and DomainKeys Identified Mail (DKIM) tools. They won’t even go to spam folder.
I think its a good move by gmail to secure the email users. Now the user can feel confidence on gmail services as this type of effort had been taken by yahoo long time ago.
Matt Cutt gave new wordpress security tips
Matt Cutt is a well know google engineer. He gave recently security tips on wordpress. Wordpress security is always a concern for bloggers who using this platform. The following tips can be helpful for bloggers to get secure from hackers.
1. Drop version string in header.php
The tag in your header.php that displays your current version of wordpress.
<meta name=”generator” content=”WordPress <?php bloginfo(’version’); ?>” />
Since everyone knows your wordpress version this way, your blog is prone to hackers if you have not upgraded to the new version.
Hide your wordpress version by deleting it or simply changing it to
<meta name=”generator” content=”WordPress” />
2. Put a blank index.html in /plugins/ directory.
In a normal wordpress installation, anyone can access your Wordpress plugin folder to see which plugins you have installed. The path is
http://www.yourdomain.com/wp-content/plugins/
Try it for your blog and your entire directory structure is revealed. Just create a blank file in notepad and name it index.html and drop it in your plugins folder and the folder details will no longer be visible to the public and prevent hackers from cracking a plugin security hole.
3. Put .htaccess in /wp-admin/
He points to this article of Protecting the Wordpress wp-admin folder. This will limit access to this folder by IP address and attempts at accessing any file within this folder will be greeted with a Forbidden error message.
The above tips does not gurantee the security of your blog but it may help for small hackers not to invade in your wordpress files. For complete wordpress security one should update the wordpress regularly as wordpress is an open source platform so vulnerabilities is an issue which will continue as it develops more.
July 13, 2008
Safe mode helps you diagnose problems
Safe mode helps you diagnose problems. If a symptom does not reappear when you start in safe mode, you can eliminate the default settings and minimum device drivers as possible causes. If a newly added device or a changed driver is causing problems, you can use safe mode to remove the device or reverse the change.
There are circumstances where safe mode will not be able to help you, such as when Windows system files that are required to start the system are corrupted or damaged. In this case, the Recovery Console may help you.
Safe Mode also bypasses startup programs. Bypassing startup programs reduces system complexity and enables you to see whether a startup program is the source of the problem.
In safe mode, the operating system does not run network-based startup programs. To enable network logon scripts in safe mode, select Safe Mode with Networking on the Windows Advanced Options Menu.
To start your computer in safe mode:
1. Remove all floppy disks and CDs from your computer, and then restart your computer.
2. When prompted, press F8. If Windows XP Professional starts without displaying the Please select the operating system to start menu, restart your computer. Press F8 after the firmware POST process completes, but before Windows displays graphical output.
3. From the Windows Advanced Options Menu, select a safe mode option listed in the following list:
(Windows 2000 Boot menu screenshot)
Safe Mode: Loads the minimum set of device drivers and system services required to start Windows XP/2000/2003. User specific startup programs do not run.
Safe Mode with Networking: Includes the services and drivers needed for network connectivity. Safe mode with networking enables logging on to the network, logon scripts, security, and Group Policy settings. Nonessential services and startup programs not related to networking do not run.
Safe Mode with Command Prompt: Starts the computer in safe mode, but displays the command prompt rather than the Windows GUI interface.
Enable Boot Logging: Creates a log file (Ntbtlog.txt) in the system root folder, which contains the file names and status of all drivers loaded into memory. System root is an environment variable that can vary from one system running Windows XP/2000/2003 to another.
Enable VGA Mode: Starts the computer in standard VGA mode by using the current video driver. This option helps you recover from distorted video displays caused by using incorrect settings for the display adapter or monitor.
Last Known Good Configuration: Restores the registry and driver configuration in use the last time the computer started successfully.
Debugging Mode: Starts Windows XP/2000/2003 in kernel debugging mode, which allows you to use a kernel debugger for troubleshooting and system analysis.
Start Windows Normally: Starts Windows XP/2000/2003 in normal mode.
Reboot: Restart the computer.
Encrypting through USB drive
All encryption solutions which work thru an encrypted drive with drive letter have on thing in common: Administrator privileges are required, at least once to install the ecryption software. This is a problem on foreign computers.
When a guest wants to install his encryption software, he must been trusted unconditional because he is granted to execute his software with administrator privileges. But no one can be sure what this software does despite the encrytion job. The computer is just compromised then!
Even an antivirus software is useless because the foreign software is executed with admin privileges an the user will grant all requests to make it work.NTFS encryption is no help too because dealing with certificates is no fun and they are not compatible between Windows 2000 and XP.
Solution: The approved open source software TrueCrypt: http://www.truecrypt.org
It requires admin previlegs too but only once for installation. And the admin can download the software itself and validate its integrity by checking its PGP signature.
Using TrueCrypt is documented on countless pages in the internet, just enter TrueCrypt at your preferred search engine.
July 10, 2008
This security update resolves two privately reported vulnerabilities in Outlook Web Access
This security update resolves two privately reported vulnerabilities in Outlook Web Access (OWA) for Microsoft Exchange Server. An attacker who successfully exploited these vulnerabilities could gain access to an individual OWA client’s session data, allowing elevation of privilege. The attacker could then perform any action the user could perform from within the individual client’s OWA session.
This security update is rated Important for all supported editions of Microsoft Exchange Server 2003 and Microsoft Exchange Server 2007. For more information, see the subsection, Affected and Non-Affected Software, in this section.
The security update addresses the vulnerabilities by modifying the validation of HTTP session data within OWA. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.
Recommendation. Microsoft recommends that customers apply the update at the earliest opportunity.
Known Issues. Microsoft Knowledge Base Article 953747 documents the currently known issues that customers may experience when installing this security update.
Domain Name System (DNS) is responsible for translating host names to IP
The Domain Name System (DNS) is responsible for translating host names to IP addresses (and vice versa) and is critical for the normal operation of internet-connected systems. DNS cache poisoning (sometimes referred to as cache pollution) is an attack technique that allows an attacker to introduce forged DNS information into the cache of a caching nameserver. DNS cache poisoning is not a new concept; in fact, there are published articles that describe a number of inherent deficiencies in the DNS protocol and defects in common DNS implementations that facilitate DNS cache poisoning. The following are examples of these deficiencies and defects:
- Insufficient transaction ID space
The DNS protocol specification includes a transaction ID field of 16 bits. If the specification is correctly implemented and the transaction ID is randomly selected with a strong random number generator, an attacker will require, on average, 32,768 attempts to successfully predict the ID. Some flawed implementations may use a smaller number of bits for this transaction ID, meaning that fewer attempts will be needed. Furthermore, there are known errors with the randomness of transaction IDs that are generated by a number of implementations. Amit Klein researched several affected implementations in 2007. These vulnerabilities are described in the following vulnerability notes
June 18, 2008
WEP is an encryption scheme based on the RC-4 cipher
WEP is an encryption scheme, based on the RC-4 cipher, that is available on all 802.11a, b and g wireless products. WEP uses a set of bits called a key to scramble information in the data frames as it leaves the access point or client adapter and the scrambled message is then decrypted by the receiver. Both sides must have the same WEP key, which is usually a total of 64 or 128 bits long. A semi-random 24 bit number called an Initialization Vector (IV), is part of the key, so a 64 bit WEP key actually contains only 40 bits of “strong” encryption while a 128 bit key has 104. The IV is placed in encrypted frame’s header, and is transmitted in plain text. Traditionally, crac*ing WEP keys has been a slow and boring process. An attacker would have to capture hundreds of thousands or millions of packets—a process that could take hours or even days, depending on the volume of traffic passing over the wireless network. After enough packets were captured, a WEP crac*ing program such as Aircrac* would be used to find the WEP key. Fast-forward to last summer, when the first of the latest generation of WEP cracking tools appeared. This current generation uses a combination of statistical techniques focused on unique IVs captured and brute-force dictionary attacks to break 128 bit WEP keys in minutes instead of hours. As Special Agent Bickers noted, “It doesn’t matter if you use 128 bit WEP keys, you are vulnerable!” WEP is an encryption scheme, based on the RC-4 cipher, that is available on all 802.11a, b and g wireless products. WEP uses a set of bits called a key to scramble information in the data frames as it leaves the access point or client adapter and the scrambled message is then decrypted by the receiver. Both sides must have the same WEP key, which is usually a total of 64 or 128 bits long. A semi-random 24 bit number called an Initialization Vector (IV), is part of the key, so a 64 bit WEP key actually contains only 40 bits of “strong” encryption while a 128 bit key has 104. The IV is placed in encrypted frame’s header, and is transmitted in plain text. Traditionally, cracking WEP keys has been a slow and boring process. An attacker would have to capture hundreds of thousands or millions of packets a process that could take hours or even days, depending on the volume of traffic passing over the wireless network. After enough packets were captured, a WEP cracking program such as Aircrack would be used to find the WEP key. Fast-forward to last summer, when the first of the latest generation of WEP cracking tools appeared. This current generation uses a combination of statistical techniques focused on unique IVs captured and brute-force dictionary attacks to break 128 bit WEP keys in minutes instead of hours.
Basic Directions:
1)Boot from cd
2)get the wep key
3)write it down
4)reboot into windows
5)connect using wep key.
May 29, 2008
McAfee, Inc. Endpoint Encryption Deployed by NHS for Widespread Data Protection
National Health Service Connecting for Health (NHS CFH) has selected solutions from McAfee to provide encryption and port control, to protect confidential data on NHS computers and devices. As part of the NHS contract, McAfee Data Protection will provide 700,000 licenses for device encryption, port control, secure content encryption and mobile encryption to NHS organizations and related bodies across England.
McAfee Data Protection’s world-class enterprise solution will encrypt confidential staff and patient data, helping to safeguard the NHS from data breaches and protect those whose data resides on NHS systems. Data will be protected on all devices such as PCs, laptops, PDAs and smartphones, content on hard drives and removable media; and computer ports to prevent unauthorized use of portable media connected to USB, serial and parallel ports.
The technology integrates with existing software deployment tools and can be deployed centrally across the network to all endpoints. The installation process is quick and effective. The technology is completely transparent to the end-user and does not impact productivity or require any specialized training. It also mitigates human error, thereby reducing data security threats. Its central reporting function aids compliance and the graphical presentation of information assists ICT teams in their management reporting.
“McAfee Data Protection technology closely matched our extensive requirements and at a price that represents exceptional value for the taxpayer,” said Mark Ferrar, director of infrastructure, technology office, NHS Connecting for Health. “Protecting patient data and NHS operational data against data security threats is essential. The McAfee product is an enterprise class solution that integrates with existing software deployment tools, can be deployed in both standalone and organization-wide scenarios and meets the required stringent security standards.”
“The desire for a national agreement for encryption software followed guidance to NHS organizations issued by NHS Chief Executive David Nicholson,” said Jan Van Vliet, vice president of sales, McAfee Data Protection Business Unit, EMEA. “As part of the agreement, we are also working closely with our partner, Trustmarque Solutions, to set up a nationwide structure to offer training and implementation for IT managers within the applicable NHS bodies across England.”
May 27, 2008
Symantec Announces New Versions of Veritas Storage
Symantec Corp. (Nasdaq: SYMC) today announced Veritas Storage Foundation and Veritas Cluster Server 5.1 for Windows, the industry leading heterogeneous storage management and high availability solution providing data and application availability for Windows environments. A key component of the Symantec Solutions for Windows portfolio scheduled to be available in June 2008, Veritas Storage Foundation 5.1 High Availability for Windows introduces support for Windows Server 2008 and delivers significant improvements to operational effectiveness and ease of use including enhanced availability and disaster recovery, centralized storage visibility and SmartMove for efficient array migrations.“Customers today face overwhelming demands in managing disparate islands of storage and meeting strict service level agreements for high availability,” said Aaron Aubrecht, senior director of product management, Symantec. “Veritas Storage Foundation for Windows and Veritas Cluster Server provide organizations with a common set of easy-to-use tools that work across virtually every server and storage platform to provide online volume management, storage and application availability, application integrated quick recovery and storage area network path management. Enabling IT organizations to use a single software solution to manage their storage infrastructure and recover applications in the event of a local failure or disaster can significantly reduce both capital and operational costs, while simultaneously ensuring confidence that existing service level agreements are met.”
Expanded Operating System, Application and Storage Support
Veritas Storage Foundation for Windows and Veritas Cluster Server are extending support for Windows Server 2008 and Windows Server 2008 Server Core environments, with support for Standard, Enterprise, and Datacenter versions across x86, x64, and IA64 platforms. Additionally, this release provides expanded support for Windows Vista, Microsoft Exchange 2007 Service Pack 1, Microsoft SharePoint Portal Server 2007, Symantec Enterprise Vault 2007 and Blackberry Enterprise Server.
Veritas Storage Foundation for Windows Dynamic Multi-pathing continues to enhance support for leading storage platforms– enabling customers to have a single multi-pathing solution without compromising a heterogeneous tiered storage infrastructure. In addition to the 40+ array families already supported –support for Pillar, 3PAR, and newer IBM and HDS arrays has been added.
Enhanced Availability and Recoverability
Veritas Storage Foundation for Windows offers a guided, step-by-step, wizard to ensure Microsoft Exchange and other applications can be quickly recovered from a point-in-time volume copy. IT organizations can now simplify the storage management complexity of recovering consistent Exchange data to an alternate location with this new capability– automated snapshot recovery to Exchange Recovery Storage Groups. Moreover, for organizations requiring a multi-site disaster recovery infrastructure for Exchange or other applications, Veritas Cluster Server has added support for EMC Symmetrix Remote Data Facility (SRDF)/STAR.
Improved Operations, Management, and Performance
Providing visibility across multiple hosts from a single, secure, web-based console can significantly reduce operational costs and risks to application downtime. Veritas Storage Foundation Manager will support Veritas Storage Foundation for Windows and up to 3,000 hosts enabling organizations to gain insight into storage objects including volumes, storage subsystems, and storage area network paths. Complementing the storage infrastructure visibility, Veritas Cluster Server Management Console has been enhanced to dynamically discover physical and virtual (e.g., VMware) clusters across Unix, Linux and Windows in a single global operation, and dramatically simplify operations. For example, clustered applications can be easily identified by geographical site or business unit, thereby making it easier to manage, act and report on the logical groups of Veritas Cluster Server deployments.
Configuration Checker mitigates risk to application downtime by providing a simple and powerful way for organizations to proactively and easily identify configuration-related installation errors, departures from best practices, and incompatible hardware and/or software. SmartMove is a new feature in Veritas Storage Foundation 5.1 for Windows that greatly enhances the efficiency of data-intensive operations by analyzing the data and ensuring that only the necessary blocks of data are moved. This significantly enhances the efficiency of data movement operations, such as creating or synchronizing mirrors or snapshots.
Symantec to Speak at Upcoming Investor Conferences
Symantec Corp. (Nasdaq: SYMC) today announced its executives will be speaking at the following investor conferences in the June 2008 quarter:
- Merrill Lynch Technology Conference on May 6 at 11:15 a.m. ET in New York City
- JPMorgan Technology Conference on May 19 at 8 a.m. ET in Boston
A live webcast and replay of the presentation will be available. Interested parties can view the webcast and the replay over the Internet through Symantec’s Investor Relations Web site at www.symantec.com/invest. Please go to the Web site at least 15 minutes early to register, download and install any necessary software.
About Symantec
Symantec is a global leader in providing security, storage and systems management solutions to help businesses and consumers secure and manage their information. Headquartered in Cupertino, Calif., Symantec has operations in more than 40 countries. More information is available at www.symantec.com.
Symantec Online Fraud Protection Helps Businesses Combat Online Fraud, Protect Brand Equity
Symantec Corp. (Nasdaq: SYMC) today announced the availability of Symantec Online Fraud Protection, a comprehensive program that includes Symantec services, education and ongoing monitoring and management capabilities designed to protect businesses that conduct large volumes of financial transactions and their customers from losses due to online fraud. This offering helps businesses shield their customers from a variety of online threats, including phishing and pharming. By helping their customers safely conduct transactions online, businesses can boost customer loyalty, minimize financial loss and legal exposure, and reduce risks to their corporate brand.Corporate brand erosion as a result of online fraud is a significant problem facing all organizations that conduct business online. Symantec’s most recent Internet Security Threat Report, Volume XIII released in April 2008 indicates that threats from online fraud continue to plague both enterprise organizations and consumers. In the last six months of 2007, Symantec observed more than 85,000 phishing hosts – computers that can host one or more phishing Web sites – an increase of 167 percent from the first half of 2007.
“Fraud attacks are becoming more sophisticated and are increasingly targeting businesses and customers with devastating effects,” said Rob Enderle, president and principal analyst, Enderle Group. “Organizations generally lack an effective comprehensive approach to mitigating online fraud. In addition, the damage that results from fraud now goes beyond just financial damage to impacting the global brand. This combination should make reducing the related risks a primary business objective.”
Leveraging Symantec’s broad footprint and position as a leader in security, Symantec Online Fraud Protection is a flexible program that combines a variety of offerings based on customer need. This offering is also backed by Symantec’s Global Intelligence Network which provides the most comprehensive view of Internet attack activity based on security intelligence data gathered from around the world. Symantec’s Global Intelligence Network includes 11 security response centers that analyze data from more than 2 million email accounts, 120 million systems and more than 40,000 devices in more than 200 countries. Symantec Online Fraud Protection includes:
- Phishing Monitoring: Watches for new phishing attacks and other attacks on the client’s brand.
- Transaction Monitoring: Reviews transactions on back-end systems and blocks fraudulent activities.
- Online Fraud Incident Response and Countermeasures: Provides rapid response to attacks in order to minimize losses and protect brand reputation, including working with ISPs to curtail the activities of fraudsters.
- Malware Intelligence and Analysis: Provides monitoring of malware targeting a specific brand and analysis of new malware behavior.
- Consumer Education and Protection: Helps organizations educate and protect their end-user customers from online threats and minimize the risk of fraud.
- Expert Resident: The offering also includes an expert resident from Symantec, with access to a variety of security intelligence data sources, who works with in-house staff to provide security expertise and serve as the primary point of contact leading all online fraud protection efforts.
“Symantec’s recent Internet Security Threat Report shows that 80 percent of brands targeted by phishing attacks were in the financial sector,” said Ted Donat, director of product management, Symantec Consulting Services. “As online fraud continues to increase, Symantec is arming its customers with tools to protect against the brand erosion that can result from an attack. With Symantec’s superior malware intelligence and analysis, monitoring and incident response services, customers can quickly respond to online fraud attacks, leverage expert command and control during incidents, and shift their approach to online fraud from reactive to proactive.”
Symantec Online Fraud Protection provides a unique combination of products, services and education, leveraging Symantec’s unparalleled scope and breadth of expertise in the security market. Symantec Global Services is a leader in providing expertise and resources for securing and managing the world’s information. With more than 4,000 professionals worldwide, Symantec Global Services has worked with 99 percent of the Fortune 1,000.
The State of Missouri Selects Symantec Enterprise Vault for Email Archiving and Discovery
Symantec Corp. (Nasdaq: SYMC) today announced that the State of Missouri has selected Symantec Enterprise Vault as its email archiving platform, ensuring the security and retention of electronic communications in accordance with Governor Matt Blunt’s directive to archive government emails. Enterprise Vault enables the state to comply with legal discovery requirements and information access policies such as open-records requests. The state also plans to leverage Enterprise Vault to improve email storage capabilities while streamlining and simplifying email system management.“The protection and retention of email is critical to ensuring transparency and accountability in our state government, and it is one of the most important IT initiatives we are implementing,” said Dan Ross, State chief information officer, Missouri Information Technology Services Division. “Enterprise Vault is the leading email archiving and data protection solution. We are confident that Symantec software and services will enable us to meet our aggressive plans to roll out a highly secure and reliable email retention system.”
The State of Missouri’s Information Technology Services Division (ITSD) supports nearly six million citizens and approximately 60,000 government employees. The ITSD is chartered with implementing an email archiving system for 14 of the state’s 16 executive branch agencies and supporting an IT infrastructure that handles more than 1.5 million emails each day.
“The high volume of emails being processed through the State of Missouri’s IT infrastructure magnifies the scope and importance of implementing a reliable and scalable archiving solution,” said Jim Russell, vice president, Public Sector, Symantec. “Enterprise Vault will enable the state to archive and retrieve all email content and public records in order to fulfill Governor Blunt’s email retention directive.”
The State of Missouri’s licensing agreement for Enterprise Vault further expands the level of standardization on Symantec solutions. The state already uses Symantec AntiVirus to secure the desktop environment for the executive branch agencies as well as Symantec Mail Security, Gateway Security, Ghost Solution Suite, pcAnywhere, and Backup Exec to secure and manage various components of the state’s IT infrastructure.
About the State of Missouri’s Information Technology Services Division
The ITSD for the State of Missouri is the central point for coordinating the data processing policies for the executive branch. The division promotes economy and efficiency in the use of data processing and telecommunications for transaction of state business.
Services provided by the division include the operation of a centralized computer facility used by state agencies and elected officials; a data processing education center for state employees; systems development services; operation of the state telephone switchboard and associated state telecommunications network; desktop support and web development.
About Symantec
Symantec is a global leader in providing security, storage and systems management solutions to help businesses and consumers secure and manage their information. Headquartered in Cupertino, Calif., Symantec has operations in more than 40 countries. More information is available at www.symantec.com .
