Code attacks Cisco vulnerabilities

Cisco Systems issued a security warning this weekend to customers after new software code was published on the Internet that targeted certain vulnerabilities on several of its networking products.

The software code, written by a group of teenagers in Italy calling themselves the “BlackAngels,” exploits nine vulnerabilities found in Cisco’s Internetwork Operating System (IOS). This software runs on most of Cisco’s products, including its Catalyst Ethernet switches and Internet Protocol routers.

Many of the vulnerabilities exposed in the new software tool have already been identified and addressed by Cisco. Some of them were identified as far back as 2000. As these problems were discovered, Cisco published software upgrades and workaround scenarios to help customers protect their networks from malicious attacks.

While the vulnerabilities have been known for some time, the program, called the “Cisco Global Exploiter,” makes exploiting them much easier by providing simple streams of code. After the code was published, Cisco posted a warning on its Web site on Saturday. It also provided links to vulnerabilities that had already been discovered.

“Customers should take steps to ensure that they have addressed each of these either via a software upgrade or workarounds in place as appropriate in order to mitigate any risk from this new exploit code,” the company said on its Web site.


Also in Computer World entitled Cisco Warns of new hacking tool kit

Gates Weighs In On Spyware Issue

“We are going to help users be in control,” Bill Gates declared Friday at MSN’s Strategic Account Summit, speaking out against spyware to an audience of advertisers and marketers — exactly the type of people interested in the kind of data such programs, at least the legitimate ones, harvest.

“So-called spyware is turning the Internet into a billboard. We are going to help users be in control and know what [spyware] is on their system and if they don’t want it they can get it off their system,” said Gates. The chairman of Microsoft spoke before an audience of about 500 near the end of the two-day conference for clients and partners.

Gates’ remarks, which appear to advocate a technical solution to the spyware issue, come on the heels of a flurry of legislative action, some of which is thought to have potentially negative consequences for software and Internet firms.

Internet news

Which Antivirus is right for you?

Which Antivirus is right for you?

Chances are that if you have spent any time in a forum or newsgroup, you invariable saw this question posted “Which is the best Anti-Virus (AV) program?” If not, I am sure you have wondered it to yourself.

The quick answer is always “the one you use”, since using an inferior one is better than not using one. In addition, simply having an antivirus program does not mean you are using it. I can’t tell you how many people say, “Yes, I have an antivirus program, it came with the computer” (and they assumed that meant they were protected!)

Determining which is the best, however, isn’t a straight forward answer. It depends upon a number of factors, any of which may, or may not, be important to you. Some use less memory, some are inherently popular with broad name recognition, some come highly recommended by your friends, some provide very fast updates and some have good support. The truth of the matter is, most AV Programs will catch most of the viruses most of the time (I said most, not all). The choice then boils down to personal preferences.

So which anti-virus is right for you? It depends on your individual needs or requirements. It doesn’t matter whether the anti-virus is freeware or the most expensive anti-virus. What matters most is if you are satisfied with the features, functions and will be able to protect you against any type of malicious code in the wild.

Some features to be aware of are:

  • Some AV Programs will scan incoming and outgoing e-mails while it is being up or downloaded
  • Other AV Programs add a certification to the e-mail which states that their e-mails where scanned by an anti-virus (offering recipients a sense of security and the AV Program gets a little free advertising!).
  • Most AV programs automatically provide daily updates. Others are weekly.
  • Others are offering their AV as stand-alone AV program while others bundles the AV with firewall software. This is called Internet Security Suite.

Most AV Programs that charge will provide a free trial period. Take advantage of this trial offers by trying their product before paying for the program. These ‘pay’ programs usually charge twice (or maybe even three) times.

  • First, they may charge you to purchase the program.
  • Next they will charge you a nominal annual subscription fee. This fee allows you to access the ever growing list of new virus ‘definitions’. This list is usually updated weekly, but many offer daily updates.
  • Finally, some may charge you for technical support. I would not dismiss any AV company simply because they charge a fee. A friend of mine had the technical support people walk him through a problem and his computer was fixed within an hour. Going with a free program will save you money, but ask yourself the following question “Who do I call if something goes wrong?” Think of the fee as insurance!

Check your e-mail defense using any of the following free e-mail test service:

More online tests here

Always check the system requirements before installing an AV, or any other, program, for that matter!). Make sure your system meets the requirements. Make sure your e-mail program is supported by your chosen antivirus program. This is the most important, since e-mail and viruses go hand in hand!

Once you have decided on a particular program, and you’ve installed the program, the first thing you need to do is check for updates. Programs are written and many months may pass before you install the program. In the virus community, days are considered a long time, weeks an eternity and months…well you get the point!. Next, run a manual scan. See how the program works. Assuming the scan returns a clean bill of health, try launching applications on your system. Observe if anything is acting strange. There could be a conflict between the AV Program and your installed programs. If so, you should alert the respective vendors. They will create a new patch or, if the issue is known, they will provide you a patch.

You should check that the AV Program has a certification or passed an independent antivirus laboratory test. Certified products means that it was tested if the product can reduce security risks caused by viruses and other malware. You might say … “my antivirus didn’t pass or was not certified, but it does protect my system! In fact it caught a lot of virus and removed them”. How can you be sure? Ask your antivirus author or vendor why they didn’t pass or didn’t acquire a certificate for that particular Operating System (OS)? You might want to ask them why their anti-virus passed the test on one system but failed on another system. Please note that not all AV Programs pass the test on all Operating Systems. For example, some will pass the test on Windows XP but fail on a Windows ME system, or vice-versa.

In this page, you’ll see list of sites that will inform you which anti-virus are certified. In addition the list shows which AV Programs passed or failed the test on the different OS. Listed here are some freeware antivirus programs and other security tools that you might want to check. Only install one antivirus program.  Two antivirus programs are not better than one.

So in conclusion, if your computer meets the system requirements, you like the features, it is fast in providing updates (which can be important when there are new malicious codes), there are no conflicts with any of your applications, your incoming and outgoing e-mails are being scanned and the anti-virus program is a certified product and tested on the system that you are using, then the AV Program is one to consider.

Is that all? I hope so 🙂