united networks
Security and Abuse
Thu. Mar. 23, 2017 @06:23 UTC
Security and Abuse
@networks.org Email
@networks.org Donate!
Launch UN-Cast | Launch Ticker
Computer and Internet Security
Abuse/Spam 4 Stars- General security, abuse, spam, and DoS related resources and sites.
Guide to Secure Practices 4 Stars- General computer security awareness and tips.
Security Advisories 4 Stars- Security news, system advisories, and vulnerability/anti-virus databases.

Operating System Advisories and Updates
Apple/Mac Security 4 Stars- Apple, Macintosh system advisories, updates and patches.
Microsoft Security 4 Stars- Microsoft Windows system advisories, downloads, updates and patches.
UNIX Security 4 Stars- UNIX system advisories, updates and patches.

Security and Virus Assessment Tools/Info
ClamAV 4 Stars- Excellent anti-virus/phishing/malware scanner and detection open source software/data, available for UNIX, Windows and other projects/apps.
Gibson Research 4 Stars- Live web-based port and security scans (ShieldsUP), tools and news.
SecureMac 4 Stars- Apple/Mac OS X news, security advisories and software like MacScan.
Sygate Online Scan 4 Stars- Live web-based port security, protocol and trojan scan.
Secunia OSI 4 Stars- Live web-based Online Software Inspector security, program and vulnerability scan.
Symantec Security Check 4 Stars- Live web-based anti-virus and port security scanner.
TrendMicro Housecall 4 Stars- Live web-based anti-virus scanner and cleaner for Microsoft Windows.
AntiVirus Rescue Bootable CDs List 4 Stars- Listing of bootable anti-virus/malware and rescue/recovery software for download gathered by TechMixer.com

Guide to Secure Practices and Policies
It is extremely important for all computer users, especially those who use the Internet, to be "security aware" and do their part to protect themselves and others. Everyone must keep their Operating Systems, software and devices up-to-date, as there are constantly new security patches and upgrades that are CRITICAL to protecting data and networks from hackers, virii and trojans.

ALL computers on the Internet are scanned for vulnerabilities by hackers who scan whole ISP's and IP Address ranges randomly. They are looking for computers that are vulnerable to an attack, virus or trojan.

There are several reasons why hackers attempt to hack or "own" computers, the most common reason is so they can USE your computer to:
- Hide themselves from you and others
- Use your IP address to use the net (as you)
- Attack or flood others, knocking or crashing them offline (as you)
- Spam other users in chat and email (as you)
- Hack other people, systems and networks (as you)

If you do not run upgrades, security patches, firewalls or anti-virus often (or ever) then there is almost a 100% chance that you are a carrier of a virus or trojan that harms and attacks you and others. You may even be one of those "email spammers" or "hackers" you so despise, and not even know it!

Most users will want to pay particular attention to and follow items 1, 2 and 3 below. Item 4 is also very important if you are running any kind of local or wide area network.



[1] SOFTWARE UPGRADES, UPDATES AND INSTALLATIONS: WATCH FOR SECURITY ADVISORIES, SOFTWARE UPDATES AND PATCHES FOR NETWORKING PROTOCOLS, HARDWARE AND SOFTWARE. UPGRADE OFTEN.

  • During and/or after every installation of any Operating System, all the updates, file patches, or upgrades available (usually from the manufacturers website or your distributor) should be performed. Following a system install, always install a firewall package or rules. Always install virus and trojan detection and protection. Update often.
  • Windows users will want to visit http://windowsupdate.microsoft.com/ often and for anti virus they may want to visit http://www.grisoft.com/ for AVG. Both are free.
  • UNIX users should check their distribution site for upgrades often. Most are free.



    [2] - FIREWALLS: CLOSE UNECESSARILY OPENED PORTS, SERVICES AND PROTOCOLS ON NETWORKED ROUTERS, SWITCHES, HUBS AND COMPUTERS OR DEVICES. BLOCK, FILTER OR QUALIFY NEW PROGRAMS, SERVICES, PLUGINS, DOWNLOADS, AND SCRIPTS.

  • Know what you're allowing in or out so an unauthorized program cannot access the net and so the net can't talk to you unless you or a program you authorize allows it.
  • Windows users that don't have a hardware firewall will want to try a software firewall like the free ZoneAlarm at http://www.zonelabs.com/
  • UNIX users that don't have a hardware firewall will want to learn more about their systems firewall rules or ipchains or whatever their OS uses. Most are free.



    [3] - BEHAVIOR AND PRACTICE: BEHAVE IN DISCUSSION GROUPS, EMAIL AND CHAT, JUST BE QUIET AND COOL OFF. DON'T SEND SENSITIVE INFORMATION OVER THE NET WITHOUT ENCRYPTION.

  • Don't use easily guessable words in passwords. Change your passwords often.
  • Use appropriate encryption like SSL for email, web, and secure telnet (SSH) when possible.



    [4] - NETWORKS: KNOW YOUR ISP/UPSTREAM/NOC, VERIFY THE SECURITY OF NETWORKS, ROUTERS, SWITCHES AND HUBS FROM YOUR SIDE ALL THE WAY TO THE NET.

  • Know the vulnerabilities of devices and protocols so you are not snooped or able to have your IP or traffic hijacked and redirected. Learn about ARP, RIP, ICMP, TCP, and UDP type protocols and what to disable or block.


  • Features
    - Security
    - Abuse
    - Advisories/Patches
    - News/Headlines

    UN-Cast News
    - APPLE-SA-2017-03-22-1 iTunes for Windows 12.6 (00:10 UTC) BUGTRAQ
    - Cisco Application-Hosting Framework CVE-2017-3852 Arbitrary File Creation Vulnerability (21:10 UTC) BUGTRAQ
    - Cisco IOS XE Software CVE-2017-3858 Command Injection Vulnerability (20:10 UTC) BUGTRAQ
    - Cisco IOS XE Software CVE-2017-3859 Denial of Service Vulnerability (20:10 UTC) BUGTRAQ
    - Cisco IOS and IOS XE Software CVE-2017-3857 Denial of Service Vulnerability (20:10 UTC) BUGTRAQ
    - Honeywell Tuxedo Touch Controller contains multiple vulnerabilities (13:46 UTC) CERT
    - Lenovo Solution Center LSCTaskService privilege escalation, directory traversal, and CSRF (13:46 UTC) CERT
    - PCAUSA Rawether for Windows local privilege escalation (20:22 UTC) CERT
    - Proxy auto-config PAC files have access to full HTTPS URLs (13:46 UTC) CERT
    - Commvault Edge contains a buffer overflow vulnerability (13:34 UTC) CERT

    Other News: [RSS Feed] [Last 1-2hrs] [Last 24hrs] [About UN-Cast] [Blogger]

    Features
    - Advisories
    - Entertainment
    - Downloads
    - IRC
    - News
    - Open Directory
    - Reference
    - Search
    - Security
    - Space

    Over 130,012,274
    served since 01/01/01
    -----
    © United Networks 1995-2014