Enllaços
Contingut actualitzat
Categories
Contingut antic
(ja no s'actualitza)
Versions anteriors
d'aquesta pàgina
Arxiu
|
|
 |
divendres, 25 / juny / 2004 |
Per saber si el codi malèvol que s'instal·la automàticament a través de l'Internet Explorer quan es visita un servidor web afectat pel cuc està present a la nostra màquina, cal cercar la presència d'aquests fitxers:
Si hi són, vol dir que la nostra màquina està infectada.
|
21:51 (# Enllaç permanent) ()
|
|
Microsoft ha publicat un butlletí sobre Download.Ject, que és el cuc que atacant els servidors web Microsoft Internet Information Server 5.0.
Reports indicate that Web servers running Windows 2000 Server and IIS that have not applied update 835732, which was addressed by Microsoft Security Bulletin MS04-011, are possibly being compromised and being used to attempt to infect users of Internet Explorer with malicious code.
|
21:45 (# Enllaç permanent) ()
|
|
 [Treocentral] 4th Gen Treo: "Ace"? A Treocentral parlen de les primeres pistes de com pot ser el Treo de quarta generació, que segurament no el veurem fins a finals d'any (ells parlen de la tardor) o més probablement l'any vinent... de moment no es res més que un simple rumor, però promet. Entre d'altres novetats destaca la pantalla a 320x320 (sensacional!), Bluetooth, càmera de 1,3 Mpixels, processador més ràpid, més memòria, possibilitat de fer servir targetes WiFi...
|
21:09 (# Enllaç permanent) ()
|
|
[Infoworld] MS issues warning on Web attacks, pushes XP2 SP2 beta
Microsoft Corp. acknowledged Thursday that Internet Information Server (IIS), a component of the Windows 2000 Server, and holes in the Internet Explorer Web browser are being used in widespread attacks that are compromising Web pages and using them as launching pads for malicious computer code.
Microsoft issued an alert late Thursday and posted a Web page with information on the attacks. The company urged customers to apply the latest security patches for both IIS and the Internet Explorer Web browser and increase the security settings on Internet Explorer browser. In an unusual move, Microsoft noted that users that are running its as-yet-unreleased Windows XP Service Pack 2 operating system are protected. (See: www.microsoft.com/security/.)
|
19:28 (# Enllaç permanent) ()
|
|
Ahir incidents.org (veure això i aìxò) va recollir el que sembla ser un nou atac massiu contra els servidors web basats en l'Internet Information Server. L'objectiu sembla convertir aquestes màquines en sistemes per a la distribució de correu brossa així com la instal·lació de troians a les màquines dels usuaris que visiten els servidors infectats:
A large number of web sites, some of them quite popular, were compromised earlier this week to distribute malicious code. The attacker uploaded a small file with javascript to infected web sites, and altered the web server configuration to append the script to all files served by the web server. The Storm Center and others are still investigating the method used to compromise the servers. Several server administrators reported that they were fully patched.
If a user visited an infected site, the javascript delivered by the site would instruct the user's browser to download an executable from a Russian web site and install it. Different executables were observed. These trojan horse programs include keystroke loggers, proxy servers and other back doors providing full access to the infected system.
The javascript uses a so far unpatched vulnerability in MSIE to download and execute the code. No warning will be displayed. The user does not have to click on any links. Just visiting an infected site will trigger the exploit.
If your SERVER was compromised, you will observe:
- All files sent by the web server will include the javascript. As the javascript is delivered by the web server as a global footer, images and other documents (robots.txt, word files) will include the javascript as well.
- The files on your server will not be altered. The javascript is included as a global footer and appended by the server as they are delivered to the browser.
- You will find that the global footer is set to a new file.
- For snort signatures, see http://www.bleedingsnort.com.
|
19:06 (# Enllaç permanent) ()
|
|
[ZDNet] New security spec could shore up Wi-Fi
The Institute of Electrical and Electronic Engineers standards board will decide Thursday whether the current version of the 802.11i specification is reliable enough to become an industry standard. The current draft has already been through a review committee, said Brian Matthews, publicity chairman of the IEEE 802.11 working group and vice president of AbsoluteValue Systems.
Wi-Fi products establish wireless local area networks that allow devices to connect to one another, transmitting and receiving data within a range of 150 feet. The final 802.11i specification ensures that the data sent along those networks is encrypted and can't be broken by anyone who may intercept it.
|
07:25 (# Enllaç permanent) ()
|
|
© Copyright 2003-2004 Xavier Caballe.  . El contingut d'aquest weblog és responsabilitat única i exclusivament del seu autor i no té cap relació amb les seves activitats professionals.
|
|
|
