BANGALORE: My Trillian problem started rather innocuously. Just another instant
messaging login failure. But after several failed connects to Yahoo
Messaging, I decided to search the Internet as well as the Trillian
forums to see if it was localized (me) or global. While I was browsing
through all the different theories, and approaches, to see which other's
problem best fitted mine. I learnt (via a separate web site), that
beginning October 15, 2003, MSN will be blocking other messengers from
accessing its service ostensibly for security reasons.
Although the Trillian site specifically mentions that it's client
includes the latest MSN security protocols. I received an MSN security
alert that my (Trillian) client used an outdated protocol and I needed
to visit the MSN site to update my Messenger client. Since then not so
coincidentally, attempts to remain logged into the MSN service have
began to fail! So if you too use Trillian -- free or the Pro edition --
go ahead and download the new Yahoo and MSN clients so that when
Trillian fails not so your conversations.
OK, you read it first (I hope) here. Microsoft, contrary to news
reports, hasn't completely abandoned Internet Explorer or Outlook
Express; its companion mail program. Security patches for both software
continue to be released. And a Microsoft Support Bulletin innocuously
href="http://support.microsoft.com/?kbid=822071"
target="_blank">mentions "Microsoft has confirmed that this is a
problem in Microsoft Internet Explorer 6. This problem was first
corrected in Microsoft Internet Explorer 6 Service Pack
2!"
While on the topic of security, I chanced across a very interesting site
on hardening your operating system (OS). UK Security Online's
href="http://www.uksecurityonline.com/husdg/" target="_husdguide">Home
User Self-Defence Guide (HUSDG) are available as separate
href="http://www.uksecurityonline.com/phpBB2/viewforum.php?f=25"
target="_husdguide">PDF & Zip downloads. But before being able to
download, you need to register yourself and respond to an email-based
user authentication message. It's less of a hassle to read the guides
online. The OS versions supported are
href="http://www.uksecurityonline.com/husdg/windows9598.php"
target="_husdguide">Windows 95/98/ME,
href="http://www.uksecurityonline.com/husdg/windowsnt.php"
target="_husdguide">Windows NT,
href="http://www.uksecurityonline.com/husdg/windows2000.php"
target="_husdguide">Windows 2000 and
href="http://www.uksecurityonline.com/husdg/windowsxp.php"
target="_husdguide">Windows XP. With a Linux guide coming shortly.
There's also a white paper on Threats Analysed that discusses the impact
of worms, Trojans, hacking and denial of service attacks.
With Sobig still rampaging across the Internet, I'm taking a very keen
interest in what data my computer broadcasts to the Internet. While I
recommend a weekly visit, especially if you continually modify your
firewall settings, to the free
href="https://grc.com/x/ne.dll?bh0bkyd2" target="_blank">Shields Up
service. The latter is not infallible despite checking the common (and
some not so common ports).
In both Windows XP (Home/Pro) and Windows NT/2000, the OS itself leaves
certain socket open ostensibly to assist in centralized troubleshooting.
Microsoft's version is that these open sockets are only accessible by
the built-in super system administrator and are required to run
background services. Unfortunately, Microsoft's security track record
so far has been pretty poor. So I recommend using Steve Gibson's free
SocketToMe (17 kB, Windows, free) and SocketLock (22 kB, Windows, free)
socket
management utilities to first check if you have any open sockets.
Then block them. I made the changes with trepidation. But everything
continued to work fine even after disabling the sockets.
In the wake of the Sobig worm infection, several tools that scan either
your computer or email box have surfaced. Trust only the ones from
reputed antivirus vendors. And always implement a double-redundant
method using separate scanning and cleaning utilities from 2 separate
vendors. This ensures that anything missed by one utility run is
detected by the other. And don't bother downloading
href="http://www.freshsw.com/" target="_blank">Fresh Software's
NoSoBig utility. It lies. I ran it against my See OL Freeloader account
on Phreaker and it detected infected mail and deleted them. However,
when I ran my Popcorn client to view my non-infected messages, the
infected mails still hadn't been deleted!!!
Actually Popcorn is the neatest, not to mention fastest, client to view
your Inbox. Checking the subject headers and deleting mail with an
attachment is really easy. Plus, because Popcorn views all mail at a
base ASCII-text level only, you can view the top 99 (default) lines of
each message and review the attachment header. Most mail in this
specific account has infected .PIF or .SCR files as attachments.
Finally, there are several software updates, and interesting Betas.
Let's lead with Opera 7.20 Beta 7 whose Public Beta was released on
August 28, 2003. Read the
href="http://www.opera.com/windows/changelogs/720b/"
target="_blank">change log for details on what further modifications
have been made. As befits a public release, Beta 7 is faster and less
crash-prone than its predecessor Beta builds. But Opera's continued
inability to correctly render ActiveX means that many IE-only sites
especially Microsoft's own sites are blocked off.
Also new is Trend's
href="http://trendmicro1.rsc03.net/servlet/website/ResponseForm?mktEw99_
8LmH_Mhkt" target="_blank">Internet Security Suite 11 Beta (23 MB,
Windows, Beta trial) that replaces the PC-Cillin product series. ISS11
includes anti-spam capabilities to detect and filter junk mails,
improved email attachment scanning, as well as enhanced privacy with the
built-in firewall and a friendlier user interface. Also new for security
is
target="_blank">Norton Antivirus 2004 Professional released last
week. This is Norton's first product featuring Product Activation but
existing customers can see if they are eligible for an upgrade.
That's it for the week. See you next week.
G Menon
Disclaimer: Govind menon's views are his own and do not reflect the views of CIOL