Justin Fielding from TechRepublic is suggesting that spam is being encapsulated into PDF files for distrubution (http://blogs.techrepublic.com/networking/wp-trackback.php?p=305). I have also seen several suspicious messages with PDF files. I received one from the Arab Emerates, but don’t usually view these messages. ProofPoint will probably not be able to inspect the PDF contents, but it can still filter based on sender and addressing characteristics.
Several countries have changed the dates that Daylight Savings Times (DST) is observed. Australia made the change in March of 2006. The US Energy Policy Act of 2005 established that DST will begin on the second Sunday of March and end on the first Sunday of November starting in 2007. The time is upon us and, unfortunately, it is time to patch everything in sight.
To correct the timezone information on Red Hat Enterprise Linux AS 4.0:
1. Check the timezone settings for 2007:
/usr/sbin/zdump -v /etc/localtime | grep 2007
If you see something like:
Sun Apr 1 07:59:59 2007 UTC = Sun Apr 1 01:59:59 2007 CST isdst=0
Sun Apr 1 08:00:00 2007 UTC = Sun Apr 1 03:00:00 2007 CDT isdst=1
Sun Oct 28 06:59:59 2007 UTC = Sun Oct 28 01:59:59 2007 CDT isdst=1
Sun Oct 28 07:00:00 2007 UTC = Sun Oct 28 01:00:00 2007 CST isdst=0
then the system is set to change to DST on April 1 and revert on Oct 28.
2. Download tzdata-2007c-1.el4.noarch.rpm from an rpm source or up2date and apply (rpm -iv tzdata-2007c-1.el4.noarch.rpm).
3. Install the timezone information:
cp /usr/share/zoneinfo/America/Chicago /etc/localtime
There are a few other ways to install this info and the above is specific for the
Central time zone.
4. Now the zdump command will give:
Sun Mar 11 07:59:59 2007 UTC = Sun Mar 11 01:59:59 2007 CST isdst=0
Sun Mar 11 08:00:00 2007 UTC = Sun Mar 11 03:00:00 2007 CDT isdst=1
Sun Nov 4 06:59:59 2007 UTC = Sun Nov 4 01:59:59 2007 CDT isdst=1
Sun Nov 4 07:00:00 2007 UTC = Sun Nov 4 01:00:00 2007 CST isdst=0
One system patched, now on to … Perhaps I can figure out why Wordpress timestamped this post wrong…
Actually FrontPage 2003 has nothing to do with phishing (where else can you parody an Adams book title?). But Microsoft has announced that 2006 will be the end of the FrontPage package. Having started with FrontPage just after Microsoft purchased it from Vemeer, this was very disconcerting for someone (me) who codes in FrontPage 3 - 4 hours per day. FrontPage will be replaced by several packages: Office SharePoint Designer 2007, Expression Web Designer, Visual Studio 2005, and Visual Web Developer 2005 Express Edition.
FrontPage users will feel at home with the Expression Web Designer. I think I have seen it meta tag a page with “FrontPage 12″, so FrontPage may not be discontinued after all. There are some enhancements to allow easier integration of XML, JavaScript, data sources, ASP.NET, and CSS. Many of the familiar FrontPage menus are included. FrontPage bots may be gone, and this will help keep the Dreamweaver zealots from complaining about non-standard FrontPage constructs. The Microsoft Expression Web Designer beta can be downloaded from the Microsoft web site. Now will it be aded to our educational volume licensing contract?
IT Commandments: Ignore them at your own risk by ZDNet’s David Grober — Here’s a stone tablet’s worth of rules that no IT shop can afford to break.
Spam is clogging the internet. As much as 2/3 of the email delivered on the internet is unsolicited junk mail, i.e. spam. UTMB uses Proofpoint as a spam filter. It uses some very sophisiticated algorithms to detect spam and it is continually tuned (both locally and by the vendor) to remove spam but not “real” email. You can also turn on the Outlook Junk Filter. I also run the Cloudmark SafetyBar ($2 - $3 per month) which filters spam and fraud schemes. To use this with Outlook you need to run Outlook in the caching mode. With three filters scanning email, spam in the inbox is almost non-existent. Well almost, spammers get more sophisticated every day. Sending spam as an image (which can’t be read by filters) and with disguised subject lines stress the filtering programs. Using random “from addresses” also helps fool spam detectors. Rarely can you reply to a spam email (and you shouldn’t anyway).
Phishing scams have also become big business on the internet. The Nigerian banking letter was an early version of such schemes. Phishing emails are usually sent from non-existent addresses. The goal is to get you to respond to a fake web site, where information is requested that will be used to defraud you. Popular phishing emails currently involve big name banks, eBay, PayPal, etc. If you receive an email requesting that you login to a web site and enter your personal financial information (account number, drivers license number, PINs, etc), chances are almost certain that it is a scam. First, hover your mouse over the URL or image and look at the URL displayed by your browser — it won’t be the URL of the vendor, but of a bogus site prepared to look like your vendor’s web site. None of the institutions above are likely to ask you to enter your personal information online. Like with the telephone, don’t give information if you are contacted by the other party.
See http://www.microsoft.com/athome/security/privacy/fraudvictim.mspx for some information on what to do if you become a victim of an internet fraud. This article by Microsoft also discusses phishing, spyware, and e-mail hoaxes.
“Typosquatting” has been around since the days several sites would pretend to be aol.com when you mistyped the aol.com URL. The bogus sites would ask you for your AOL login information and then proceed to hijack your acount. Now a warning that if you fat-finger Google’s URL (as googkle.com) an imposter site will try to run a number of malicious scripts on your PC.
BEWARE! If you see strange activity on your PC after mistyping a common URL, it is probably too late to stop the attack. You can only hope you are not susceptible and that your PC has been patched for security vulnerabilities in a timely manner.
Timely patching brings up what’s known as ZERO DAY ATTACKS, where hackers learn about vulnerabilities by studying the patches that Microsoft and other vendors release. Many times a hacker can learn how to create an attack from the patch files and descriptions. This means that your PC is vulnerable starting at the exact instance (ZERO DAY) the patch is released.
The CheckPoint VPN software starts when you login to your computer. Since the default Virtual Private Network (VPN) policy is to block access to any UTMB network resource, you cannot connect to UTMB unless you authenticate to the firewall. This makes it look like the VPN software really screwed up your computer and you cannot even connect to UTMB any more. Not to worry, you have two choices:
The CheckPoint VPN software only messes with your outbound connections to UTMB. Network connectivity to any other site on the internet is unchanged. It does affect inbound requests to your PC and can interfere with your local network shares, printer shares, etc.
[powered by WordPress.]
jour·nal n. A personal record of occurrences, experiences, and reflections kept on a regular basis; a diary.
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Aug | ||||||
| 1 | 2 | 3 | ||||
| 4 | 5 | 6 | 7 | 8 | 9 | 10 |
| 11 | 12 | 13 | 14 | 15 | 16 | 17 |
| 18 | 19 | 20 | 21 | 22 | 23 | 24 |
| 25 | 26 | 27 | 28 | 29 | 30 | 31 |
McMike - 1999
35 queries. 5.329 seconds