As the coming "war" impinges on the safety of the internet, we'd like to remind people to practice safe computing in the coming days and weeks.
Your first order of business should be to back up ALL your important files, email archives, downloaded software, anything and everything that is of importance to you. Back up any patches or version upgrades you download while updating your OS, antivirus, antitrojan, firewall and other security software. Should you encounter a problem and need to reformat, it'll be easier to restore a secured system this way, rather than trying to redownload patches through possible slowdowns and outages during potential DDOS attacks. We can't stress this enough. Just back it all up!
While many nasties can arrive on your computer through email, there are many other avenues by which nastiness can be planted, PARTICULARLY by visiting rogue sites with Internet Explorer and having ActiveX, Javascript and Microsoft Java enabled. We STRONGLY recommend de-activating these functions for those who are not using our IEClean product to do so. We expect the number of hack attempts and "bait" to increase not only by "interested parties" but also among the "usual suspects" who are likely poised to take advantage of the global situation.
IEClean users need only go to the "PRIVACY" tab of IEClean and make sure that the first four items on the left side are checked which cover scripting and ActiveX shutdown. For those few sites that you KNOW you can trust, they can be moved to the "Trusted sites" zone to avoid interference with those sites. Please refer to the very bottom of this notice for instructions from Microsoft on how to move a site in Internet Explorer to the "trusted sites" zone.
Even the US Army, Microsoft and others have been hacked owing to a new
exploit of Internet Information Server (IIS 5.0) on Win2000:
http://www.fcw.com/fcw/articles/2003/0317/web-hack-03-18-03.asp
We *URGE* you to check with Microsoft and any other vendors of internet-based software that you're currently using and be sure to download any and all patches applicable to any software that you may be using which provides internet connectivity and ensure that ALL such software is current and up to date with the latest patches. We also URGE you to make sure that your antivirus, antitrojan and firewall software is up to date, and to spend today making SURE that you're up to date on all of your software that connects to or uses the internet directly, and to avoid downloading software whose authenticity you cannot verify. Don't forget to back up all the patches you install, too.
CERT (Computer Emergency Response Team of Carnegie Mellon University)
has guidelines on how to disable Javascripting and ActiveX here:
http://www.cert.org/tech_tips/malicious_code_FAQ.html
Neohapsis Archive has additional information on settings that would
"harden" your security:
http://archives.neohapsis.com/archives/win2ksecadvice/2000-q4/0011.html
Because Privacy Software Corp will be reassigning technical support people to watch for attacks and new nasties, support availability and email response will be limited for the duration. As a result, we've provided the information above in order to assist you in hardening your own security for your protection. It is most important that you ensure that your system is patched and that your antivirus, antitrojan and other security software is kept updated. Be SURE to download your updates from the actual VENDOR rather than mirror sites to ensure the authenticity of such patches and updates for the duration!
Please forgive us while we focus our attention on possible new nasties and try to respond to those at the possible expense of speed in answering technical support issues in the coming days. Protecting our customers by ensuring that BOClean is updated as SOON as possible in the event of new nasties MUST be our highest priority at the moment.
Another major risk to your computer is having "NetBEUI/NETBIOS" active and exposed to the internet. While these Microsoft unique network capabilities are handy for file and printer sharing between Windows machines, exposing them to the INTERNET is downright dangerous.
Steve Gibson, of GRC.COM has published one of the best and easiest to
understand explanations of what this all means and how you can actually
disconnect this major risk while still maintaining the ability to share
and print files among your machines at your own "site."
http://grc.com/su-bondage.htm
There is a solution to the dangers of HTML mail, but it's limited to
Outlook "Pro". It has the ability (thanks to the DLL that Register
article linked below describes) to shut it down and make email SAFE as
plain text, but no such capability exists for Outlook Express.
http://www.theregister.co.uk/content/4/23223.html
Make your security easier with Virtual Duct Tape from PSC!
FROM MICROSOFT:
To assign a Web site to a specific security zone, follow these steps:
In Internet Explorer 4.x, click Internet Options on the View menu. In
Internet Explorer 5, click Internet Options on the Tools menu.
On the Security tab, click the zone you want to assign a Web site to in
the Zone box, and then click Add Sites.
If you add a Web site to the Local Intranet zone, you can select the
types of Web sites you want to include in the zone, and then click
Advanced to add specific sites. The following rules apply to the Local
Intranet zone options. Note that adding a site to any zone takes
precedence over the following rules:
Include all local (intranet) sites not listed in other zones: Intranet
sites have names that do not include periods (for example,
http://local). A site name such as http://www.microsoft.com is not local
because it contains periods. This site is assigned to the Internet zone.
The intranet site name rule applies to "file:" as well as "http:"
addresses. Note that top-level Internet domains may be accessible using
a name that does not contain periods. If you can gain access to generic
(.com, .org, .net, .edu, .gov, .mil, or .int) or country code domains
(.us, .jp, .uk, and so on), you should clear this option to prevent
these sites from using Local Intranet security settings. For additional
information about top-level domains, see the following Web site:
http://www.iana.org/top-level-domains.html
------------------------------------------
The third-party contact information included in this article is provided to help you find the technical support you need. This contact information is subject to change without notice. Microsoft in no way guarantees the accuracy of this third-party contact information.
Include all sites that bypass the proxy server: Typical intranet configurations use a proxy server to gain access to the Internet with a direct connection to intranet servers. This setting uses this kind of configuration information to distinguish intranet from Internet content for purposes of zones. If the proxy server is otherwise configured, you should clear this option and use other options to designate files that are assigned to the Local Intranet zone. In systems that do not have a proxy server, this setting has no effect.
Include all network paths (UNCs): Network paths (for example, "\\local\file.txt") are typically used for local network content that should be included in the Local Intranet zone. If there are network paths that should not be in the Local Intranet zone, you should clear this option and use other options to designate files that are assigned to the Local Intranet zone. For example, in certain Common Internet File System (CIFS) configurations, it is possible for a network path to reference Internet content.
Type a Web address in the Add this Web site to the zone box, and then
click Add.
Click OK, and then click OK again.
When you add sites to the Local Intranet or Trusted Sites zones, you can require that server verification be used by clicking to select the Require server verification (https:) for all sites in this zone check box.
NOTE: You cannot assign a Web site to the Internet zone. The Internet
zone contains all Web sites that are not on your computer or in the
local intranet zone, or that are not already assigned to another zone.
___________________________________________________________________________
You are receiving this email as part of our Opt-In Newsletter program.
You have either opted in with us or through Digital River. We value
your privacy. If you wish to stop receiving these, please email
newletter@nsclean.com with the subject of OPT-OUT and ONLY the email
address(es) to be deleted in the body of the message. If you have
received multiple copies of the mailing in error, please email
newsletter@nsclean.com with the subject of MULTIPLE and list ONLY the
email address(es) to be deleted in the body of the message, we will
retain the primary address and send one copy to you in the future. Thank
you.
©2003 Privacy Software Corporation. All rights reserved.