11.16.05
Posted in Email, Software, Windows at 12:40 pm by Keith
Most pop3 email clients (Outlook Express, Netscape Mail, etc.) are configured to move emails from the server to the client by default. This means that when you check your email the copy of the email on the server is copied to your computer, then deleted from the server. If you check your email from multiple locations this configuration is not ideal. You’ll end up with some emails in one location and others in your other location. Use the following steps to configure what is likely the most popular pop3 email client, Outlook Express, to leave your emails on the server; only moving a copy to your computer.
- Open Outlook Express
- Select Tools > Accounts.
- Click on the Mail tab, highlight YourAccount and click on the Properties button.
- Click on the Advanced tab.
- In the Delivery section, select the checkbox to Leave a copy of messages on server.
Powered by Gregarious (34)
Share This
Permalink
09.29.05
Posted in Malware, Software, Windows at 1:48 pm by Administrator
Here are a couple free online services for virus discovery.
Trend Micro’s House Call will scan your PC for viruses through your web browser (IE only, installs an ActiveX utility). You can do a virus scan, a security scan (spyware & known security vulnerabilities), or combine the two for a “complete scan.” Testing it out it claims to have found 11 viruses and 1 spyware program on my machine that is regularly scanned with McAfee and Adaware.
Virus Total allows you to upload a file to their server for scanning. It will detect whether the file is a virus using several antivirus engines. You can use their web interface to upload the suspicious file, or email it them. It currently scans with the following antivirus engines: AntiVir, Avast, AVG, Avira, BitDefender, CAT-QuickHeal, ClamAV, DrWeb, eTrust-Iris, eTrust-Vet, Fortinet, F-Prot, Ikarus, Kaspersky, McAfee, NOD32v2, Norman, Panda, Sophos, Symantec, TheHacker, and VBA32.
I would warn that neither of these should be considered a replacement for regular virus and adware scanners.
Powered by Gregarious (34)
Share This
Permalink
09.01.05
Posted in Malware, Windows at 6:54 pm by Keith
McAfee has a free program for finding and removing viruses called Stinger. This stand-alone executable is especially effective if you rename it and run it in safe mode to avoid detection by clever viruses.
Stinger is a stand-alone utility used to detect and remove specific viruses. It is not a substitute for full anti-virus protection, but rather a tool to assist administrators and users when dealing with an infected system. Stinger utilizes next generation scan engine technology, including process scanning, digitally signed DAT files, and scan performance optimizations.
Powered by Gregarious (34)
Share This
Permalink
08.27.05
Posted in Windows at 4:48 pm by Keith
Although it reportedly doesn’t work in unpatched Windows XP (run Windows Update now!) at is useful command line program. I found out about it when trying to figure out a way to schedule a daily reboot of Windows XP. You can use the at command to do this with the following:
at hh:mm /every:M,T,W,Th,F,S,Su shutdown -r
where hh is the hour (24 hour clock a.k.a. military time) and mm is the minutes that you want the reboot to happen. You can use at with any other CLI command. To view what you have scheduled type at; to remove your scheduled commands type at /delete; to see all of at’s options type at /help.
Powered by Gregarious (34)
Share This
Permalink
08.24.05
Posted in Malware, Windows at 4:29 pm by Keith
SANS has a tip about hidden registry entries. Sounds like these could be a real PITA, allowing malware to be even sneakier than usual.
Powered by Gregarious (34)
Share This
Permalink
08.19.05
Posted in Windows at 9:10 am by Keith
I ran into a dial-up problem that I’de never seen for the first time in quite a while. Windows dial-up has a terminal login feature built into it. A user had inadvertently turned on this feature, so his dial-up connection attempted to make a terminal connection after dialing.
To make sure this option is disabled:
- Click start, click Control Panel, and then double-click Network Connections.
-
Right-click the dial-up connection on which you want to use Terminal, and then click Properties.
- On the Security tab, make sure the Show terminal window check box is unchecked.
further info
Powered by Gregarious (34)
Share This
Permalink
08.11.05
Posted in Malware, Windows at 3:37 pm by Keith
If you don’t allready know about this tip then read carefully and error on the side of caution. It involves editing the Windows registry; which can ruin your Windows installation (i.e. computer won’t start) if done incorrectly. If in doubt get help from a professional.
Most malware programs set themselves to start automatically when the computer starts up. They do this by making an entry in one of a few specific directories in the registry. Removing these entries will prevent these malware programs from starting automatically, making them less bothersome and easier to remove.
You can edit the registry with regedit. To start regedit go to the start menu and select Run…, then type in regedit and click the OK button. The Registry Editor will open with a list of directories on the left side. The directories you are looking for are named Run, RunOnce, or other variations beginning with Run. They are located in two different places: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ and HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\. You can go through each of these Run folders and look for anything suspicious. It isn’t a good idea to remove everything from these Run folders (and don’t remove the folders themselves!); most of these entries will likely be legitimate such as your antivirus program, CD burning software, or display drivers/applications. Delete keys corresponding to any malware (do a google search for the key/executable name if in doubt) from each of these Run folders. After rebooting the corresponding malware shouldn’t start up. Now you can run your antivirus/spyware-removing programs with a better chance of getting rid of that pesky malware.
Another easier and safer, although not quite as thorough, way to access the same information is through msconfig (not available in Windows 2000). Go to the start menu and select Run…, then type in msconfig and click OK. The System Configuration Utility will open. Click on the Startup tab. Now you can look through the list that comes up for anything that you don’t want to start automatically, unchecking the corresponding check-box. Again, be careful not to remove anything you need. After clicking on the OK button you will be prompted to restart the computer. After restarting you will get a warning that the System Configuration Utility has been used, uncheck the box on this warning so that it won’t bug you everytime you reboot and click OK.
further info
Powered by Gregarious (34)
Share This
Permalink
08.10.05
Posted in Uncategorized at 1:30 pm by Keith
CSUC has some information security tips called The Security 7. Check it out for some helpful information on the following 7 security measures: Protect your password; Protect confidential information; Update system patches, security fixes, and anti-virus software; Use secure and supported applications; Don’t open suspicious e-mail attachments; Back up your data; Use a password protected screensaver to “lock” your computer when unattended, and turn off your computer at night.
Powered by Gregarious (34)
Share This
Permalink
Posted in Software, Windows at 10:36 am by Keith
Outlook Express can sometimes be overzealous in its email attachment blocking. However, before using the following instructions for disabling this attachment blocking check out this attachment opening lecture. If you feel it is safe to proceed…
- Start Outlook Express.
- On the Tools menu, click Options.
- Click the Security tab, click to clear the Do not allow attachments to be saved or opened that could potentially be a virus check box under Virus Protection, and then click OK.
Powered by Gregarious (34)
Share This
Permalink
Posted in Malware, Windows at 10:08 am by Keith
Although there are some viruses that can infect your computer without user intervention through unpatched or unknown vulnerabilities most infections are enabled through the actions of the computer user. The most common method is email attachments. You should keep this in mind every time an attachment shows up in your inbox. There are some common sense things you can do to avoid opening a virus-laden attachment.
- First and most important: don’t open an attachment that you aren’t expecting. Even if it is from someone you know! Many viruses will send through the infected computer’s email program or spoof the sender so that it looks like the email came from someone you know and trust.
- Check out the file extension. If the file has a common file extension like .jpg or .gif it is probably safe. If you don’t recognize the file extension look it up. If it is any kind of executable file don’t open it (.pif, .scr, or .exe). Also, don’t be fooled by something like monkeypicture.jpg.exe; it’s the last file extension that matters. This is far from a foolproof method; so refer to rule #1.
- Keep your PC up to date and secure. If you do open a virus-laden attachment it is less likely to do damage if your PC is up to date and secure. That means running Windows Update frequently (at least once per month), and running and updated Virus scan program (Bit Defender, AVG, McAfee, Nortons)
Powered by Gregarious (34)
Share This
Permalink
« Previous entries · Next entries »