Welcome to PChuck's Network News.

Tuesday, October 31, 2006

Another Reason To Avoid ICS

I've told you so many times that using your computer to share your Internet service - using ICS - is not a good idea. My reasons center around the needless complexity, and load, placed upon the server.

Now we have a new reason to avoid ICS. This week, ICS is being used as an attack vector. NetworkWorld: New Windows attack can kill firewall points out

The code, which was posted on the Internet early Sunday morning, could be used to disable the Windows Firewall on a fully patched Windows XP PC that was running Windows' Internet Connection Service (ICS).

So, if you're running ICS because you have 2 computers, and you think that Windows Firewall protects you, think again. Even if your computer is fully patched, if you have ICS behind WF, you are at risk.

Perimeter protection, aka a NAT router, is the only real protection.

>> Top

Thursday, October 26, 2006

And Now Fake Codecs

So an EBud just sent you an E-Card greeting, supposed to be soo cute. And you play it, and you get a notice

Your player needs an extra codec. Shall we find it for you?

STOP! Right now, it's time to close the browser, flush your cache, and restart the computer.

Sometimes, you may see the above advice when surfing to various web sites that provide free movies (and no, we won't discuss what type of movies, though this problem is more common on certain types). It's the same thing though. The content (E-Card, online movies, whatever) is the attraction. The trojans are the payload. It's all just another way of hacking your computer.

Lavasoft News Beware - Desktop Hijacks on the Rise Again says
Watch out for the Zlob Trojan that poses as a codec needed to view a video, then installs a fake virus and urges its victims to download a rogue anti-spyware program to remove it.

And again we see the repeated advice
...even a spoofed e-mail that claims to be Windows Update (Microsoft never sends updates via e-mail)

as if I haven't harangued you about that before.

The best prevention is avoidance. Stay safe.

Wednesday, October 18, 2006

Email Offering IE7? PASS!

Did you recently get email from "support@microsoft.com"? How many times have I pointed out that

Microsoft does not email software offers or updates.

Today, The Register: Trojan download site spoofs IE7 release outlet points out that

Hackers have created a bogus Internet Explorer 7 download site that attempts to load Trojan code onto the PCs of visiting surfers.

Traffic to the malicious website is being driven by a spoofed email message, claiming to be from support@microsoft.com, offering a link to download Release Candidate 1 (RC1) of Microsoft Internet Explorer 7.

Once again, here's a clue.
Microsoft does not email software offers or updates.

And, if you ignore the warning, yet another chance to become part of a growing trend: botnet membership, a club that you do not need to join.

Would You Like Fries With Your Virus?

A couple years ago, music giant Sony got caught loading their customers with hidden software, when they were stupid enough to load "extra content" from legally purchased CDs onto their computers.

Today, we hear of Apple, who shipped a small quantity of iPods infected with a virus.

As you might imagine, we are upset at Windows for not being more hardy against such viruses, and even more upset with ourselves for not catching it.

And earlier this week, we hear that MacDonalds in Japan gave out MP3 player infected with yet another virus.
We haven't seen these players ourselves, so we can't confirm how exactly you would get hit by this trojan, but some sources report you only had to plug it into your Windows PC.

Once again, practice Layered Security on all computers. Please. Botnets are more and more useful, so don't contribute to the population.

Wednesday, October 04, 2006

The Good Guys Win One

From Nigeria, actual tape of a cybercafe raid, with a band of 419 scammers arrested.

Interestingly, those not directly involved in the scamming still profit. Neighbours outside the cafe didn't react well to the arrests being made.