Security Information and Review

Collection of security information and review

Archive for the 'Windows Security' Category

Tips and Tricks Protect Your System from Malware

Author : Admin

Malware, also known as scumware, short for malicious software. It’s designed to secretly access a computer system without the owner’s informed consent. Some malware programs have been written with a profit motive ( financial or otherwise ) in mind. This can be taken as the malware authors’ choice to monetize their control over infected systems: to turn that control into a source of revenue.

Some malware are produced to gathering information of the victim activities and then showing pop-up advertising, it’s known as Adware. Some adware programs will redirect to search engine results to paid advertisements. Another way that financially motivated malware creators, use sensitive information from a victim. In this case, some malware program install a key logger that will automatically transmitted a password, credit card number, account and other information to the malware creator. It’s called Stealware, example of this type of malware : bancos, Gator, Legmir and Qhost. So, It’s very dangerous ….! In this post, we will explain how to protect our system from malware. … continue reading : Tips and Tricks Protect Your System from Malware.

28 October 2010 at 12:59 - Comments

The Latest Microsoft Windows SMB Vulnerability

Author : Admin

In this week, the latest Microsoft Windows vulnerability was reported in several sites or blogs, such as securityfocus site, g-laurent blog and others. In the newer Microsoft Windows operating system comes with a new SMB protocol version, it’s known as SMB2. This vulnerability in Microsoft Server Message Block ( SMB ) implementation with specific at SMB2 negotiate protocol request.

The SMB2 ( Server Message Block v2 ) protocol has been introduced in Microsoft Windows Vista and newer Microsoft Windows operating system. SMB2 comes with significant improving performance and reducing the number of commands and sub commands. … continue reading : The Latest Microsoft Windows SMB Vulnerability.

15 September 2009 at 10:03 - Comments

Basic Concept Domain Security Authority and Active Directory

Author : Admin

Domain concept in the Microsoft Windows was introduced by Microsoft in Windows NT technology such Windows NT 4.0, Windows 2000 and other Microsoft Windows based on NT. A domain defines as the first place a management boundary. It’s an administrative grouping of users, machines and resources that can be managed by the same domain administrator whereby a user may be granted access to a number of machines and resources with the use of a single username and password combination. It’s called single sign on ( SSO ). … continue reading : Basic Concept Domain Security Authority and Active Directory.

11 August 2009 at 14:58 - Comments

Windows Security Authority with Local Security Authority LSA

Author : Admin

In the Microsoft Windows operating system, there are two types of security authority : the local security authority and the domain security authority. In this discussion, we will explain Local Security Authority ( LSA ). Simple describe of Local Security Authority is a process in Microsoft Windows operating system that is responsible for enforcing the security policy on the system. The Local Security Authority will provides role in the authentication and authorization security process in the local machine, including the auditing policy, user logon, privileges and others rules of security policy. It also describes how to create and call authentication packages and security packages. … continue reading : Windows Security Authority with Local Security Authority LSA.

4 August 2009 at 01:10 - Comments

How to Securing Microsoft Internet Explorer – IE

Author : Admin

In this discussion, we will be showed how to securing Microsoft Internet Explorer ( also called IE ), one of the most popular web browsers, see Web Browser Wars, Popularity and Market Share. As we know that IE – Internet Explorer is a web browser integrated into the Microsoft Windows operating system and it’s bundled with every copy of Windows.

 

Securing Microsoft Internet Explorer – IE involves applying updates and patches, modifying a few setting and practicing intelligent surfing. Microsoft routinely release Internet Explorer with specific security patch, so it’s very important to configure the Microsoft Windows Update Automatically or visit the Microsoft Windows Update site regularly. … continue reading : How to Securing Microsoft Internet Explorer – IE.

14 July 2009 at 09:27 - Comments

Microsoft Windows Authentication Spoofing Attack

Author : Admin

The common way to attack Microsoft Windows Sytem is pass through the Windows File and Print Sharing Service, which operates over protocol called SMB ( Server Message Block ). SMB protocol listening on TCP port 445 and 139 ( also known as NetBIOS based service ). An attacker commonly attacked via password guessing on Microsoft Remote Procedure Call ( MSRPC ) listening on TCP port 135, Terminal Services on TCP port 3389 and other services.

 

In this discussion, we will describe how to attack MS Windows System via password guessing and assuming that SMB is accessible. The most effective method for breaking into a Windows System is remote share mounting such as IPC$ or C$. Combination username and password is used to connect to an enumerated share. We will use the net use command like this. … continue reading : Microsoft Windows Authentication Spoofing Attack.

4 July 2009 at 17:55 - Comments

Microsoft IIS 5.0 WebDAV Vulnerability

Author : Admin

WebDAV : Web distributed Authoring and Versioning is an extension to the Hyper Text Transfer Protocol ( HTTP ) that defines how basic file functions such copy, move, delete and create are performed by a computer using HTTP. So, WebDAV is extension in Microsoft Internet Information Services (IIS) 5.0 which is default activated.

 

A vulnerability was found in Microsoft IIS 5.0, 5.1 and 6.0 with WebDAV extension is activated. With this vulnerabilty  allowing an attacker to gain access to locations which normally require authentication.

… continue reading : Microsoft IIS 5.0 WebDAV Vulnerability.

19 June 2009 at 13:20 - Comments

Hacking Technique and defenses Strategy part 1

Author : Admin

Footprinting

Footprinting is the process of accumulating preliminary data about a target using publicly available methodes. This information can be used to gain a better understanding of the target’s network architecture. There are many ways and techniques to get information about a target such the use of search engines, domain and network block registrars.

Enforcement of the following defensive tactics are strongly recommended in order to minimize the risks associated with exposure of sensitive information by search engines and web server misconfigurations. Administrators perform routine audits web server configuration and the data it is allowed to server. Administrators also must be instructed not to post job vacancies on technical news groups, message boards and mailing list using their real names and e-mail address.

… continue reading : Hacking Technique and defenses Strategy part 1.

4 June 2009 at 08:48 - Comments

Tips and Tricks Security Enhancements

Author : Admin

One use of the term computer security refers to technology to implement a secure operating system, especially Microsoft Windows. Before We spend a dime on security, there are precaution that we can take to protect our system from the most common threats. In this case, system will be used is Microsoft Windows Operating System.

Automatic Update

Make sure Microsoft Windows Automatic Update enabled and check update Microsoft Windows Uodate and Office Update regularly. Microsoft Windows ME, Microsoft Windows 2000 and Microsoft Windows XP can configure automatic updates. If we want to configure automatic update, click on the Automatic Updates tab in the system control panel and choose the appropriate options.

… continue reading : Tips and Tricks Security Enhancements.

3 June 2009 at 13:35 - Comments

Conficker Worm and Windows vulnerabilty

Author : Admin

The Conficker worm is a computer worm that can infect your computer and spread itself to other computers across a network automatically, without human interaction. Conficker is effecting and targeting the Microsoft Windows Operating System that it’s most sophisticated capability. Conficker, also known as Downup, Downadup and Kido. The first variant of Conficker propagated through the internet by expoliting a vulnerabity in a network service [ MS08-067 ]. This list of Microsoft Windows Operating system that has been affected by RPC DCOM vulnerability :

… continue reading : Conficker Worm and Windows vulnerabilty.

30 May 2009 at 18:03 - Comments