 |
| WebProWorld Security Forum |
Help!! My mailbox has been hijacked
This is a little unnerving. This morning, I logged on to my site's default mailbox, and found there were 354 messages waiting for me. They were all Mail Delivery Notices from my server. Apparently, someone has used my mail id to send around 354 (or more if they actually made it to some inboxes) spam emails around the web.
What is a good hardware firewall?
I am running my own server in house, using linux. I need a good hardware firewall. I know Symantec used to make a really cool firewall /vpn appliance, but I can seem to find it anymore. I need something with a dual port wan to load balance 2 pipes. I also want something that will protect against DoS attacks.
Intusion detection whats out there what is good
I am currently running Portsentry on a Centos 4 server. I have had several weeks of scans on port 445; someone must think Microsoft is in there somewhere. I am considering Snort 2.1 in place of Portsentry on all servers. The problem.... before I leap I would like to know if there is an IDS that is better than Portsentry or Snort.
|
|
|
|
|
|
The second annual report, published by AOL and the National Cyber Security Alliance,
called the Online Safety Study found some alarming numbers regarding home computer
security. Phishing scams raid home PCs regularly and many receive the phishing
emails thought they were from legitimate companies.
More than two-thirds of consumers who've received the scam emails said they thought
the emails were legitimate. This puts those home computer users at a very high
risk of losing sensitive, personal information to identity thieves or criminals.
 The study sent experts to homes to examine personal computers for known security
risks and threats. The numbers weren't good. One in five respondents said they
had a friend or family member who had already been hit by identity fraud scams.
Only 42% said they even knew of the term "phishing" and only 57% of those folks
could explain it. Yet one in four Americans are affected by phishing scams.
The way the scam works is people receive emails that often look quite legitimate.
It usually looks like it comes from a financial institution. Bank of America is
a popular one although any bank is possible. Also companies like eBay or their
subsidiary PayPal also get a lot of traction. They say they need to "update" your
information or some other nonsense and they provide a link. That link provides
all the info they need to play your finances.
"Phishers are getting better at tricking consumers into revealing their bank account
and financial information, and most Americans can't tell the difference between
real e-mails and the growing flood of scams that lead to fraud and identity theft."
said Tatiana Platt, Senior Vice President and Chief Trust Officer for AOL.
"Consumers need to be aware of the risk, and they need to use critical protections
like anti-virus software, spyware protection, and a firewall to help protect them
from online threats."
Perhaps the worst news was finding that 81% of home PCs lack at least one the
three critical protections - updated computer virus software, spyware protection
and a secure firewall - all necessary to help guard against the evils hackers
do. These include guarding against viruses, spyware, hackers and other threats.
The study said more than half (56%) lacked anti-virus protection or had not updated
it within the last week, almost half (44%) did not have a properly configured
firewall, and four in ten (38%) lacked spyware protection. They said despite these
findings, most of the users (83%) believe they were safe from online threats.
"There is a major perception gap: Even though most consumers think they are protected,
this study shows the opposite. Far too many people still lack the three fundamental
protections they need to stay safe online - current anti-virus software, spyware
protection, and a secure firewall," Ron Teixeira, executive director, National
Cyber Security Alliance.
 "As we move into a broadband
world, where consumers have an always-on connection to the Internet, these core
protections are even more vital. This is particularly troubling, given that more
than two-thirds of those surveyed say they keep sensitive information on their
PCs."
These findings come as consumers get ready to spend billions over the Internet
this holiday season. According to Jupiter Research, online shopping is expected
to top $26 billion for the year (an 18% increase over 2004), with millions of
consumers putting financial and personal information online.
Some other interesting points to note included half of wireless customer lack
even basic protections. Two few of them are properly set up to keep out intruders.
The study said more than one in four homes had a wireless network and almost half
of those homes failed to encrypt their connection, a safety precaution needed
to protect wireless networks from outside intruders.
"Although we have made some strides in helping consumers protect themselves, the
threats are growing broader and more dangerous, so the risk of failure can be
that much more catastrophic," said Platt. "When a single virus, a simple scam
or hidden spyware program can shut down your computer or cause a person to lose
their bank account, their family pictures, or all of their personal records, it
is vital that consumers take every possible step to protect themselves. You can't
lock just a few of the windows in your house and expect to stay safe from thieves."
Read the rest of the article.
Discuss this at WebProWorld.
About
the Author:
John Stith is a technology writer with SecurityProNews. |
|
,
Inc. 2549 Richmond Rd. Lexington KY, 40509
