And the hits keep on coming .... CYBER ATTACKS
AH! The Kuban government has declared war on the anti-KaSStro web sites and BLOGS around the world. To tell ya the truth I am giddy about this, cause they are a BUNCH of incompetent assholes and ALWAYS leave a trail that a blind dog with chloroform soaked cotton in his nostrils can find.
We have been having a couple of pro-KaSStro email posts in the last two days. Today one from a wiley freeman who just happen to open his Blogger account TODAY.. DUH!
At any rate this is clearly the first line of “attack” , leving totally inanae comments on anti-KaSStro blogs.
The nasty part will soon raise its ugly head and most of you will have a tough time
So , with that in mind and as a public service let me give you some TIPS that may make your life easier if you are on a WINDOWS system (If you’re a MAC guy you’re on your own )
First download ALL security patches , do it ONE at a time cause they may BREAK something and if they do they can be uninstalled if you just install 6 of them at one pop you have no idea which was the guilty party.
Microsoft has NO idea you are using some port to play online poker so they may feel that is a dangerous port and lock it and your poker playing is gone. SO Security patches ONE AT A TIME. Test them for a day or so and go to the next. As soon as VISTA is released GET IT , forget about the $$$ GET IT!
When an attack is performed at this scale these pricks are NOT hunting YOU down personally, (well maybe a FEW of us) they are going on the basis of some stupid email that contained the addresses of 100 people, so do not take it personally . They are playing the odds and the odds are that most of PC users really have NO idea how exposed they are so..
The targeting is not done one fish at a time (at least that is not the way *I* do it when I attack THEM and I DO ATTACK THEM!
The targeting is done en masse, they just grab the whole list put it through an IP spoofing routine and send it out. HTML emails are especially dangerous because the pictures are in THEIR server and if your securities settings are not set to PLUTONIUM PROOF you are fucked if the EMAIL contains an AVI file you are REALLY fucked because the AVI format may include malicious scripting.
ALL email clients have an option to accept only TEXT files; I recommend you use THAT setting.
Fortunately for all, most of the new viruses and worms do not KILL your machine; they just use you to continue their dirty deed. They look through you contact list and send the nasty code to THAT list and so on and so on and you get the point.
As far as antivirus and email protection get yourself AVG (www.grisoft.com) they have MICROSOFT money & resources - not a known fact – (Bill avoiding that pesky MONOPOLY charges) so their product ROCKS.
Get yourself ROBOFORM – (I HAVE NO PERSONAL INTERESTS IN THIS COMPANY BY THE WAY but it is what *I* USE) ROBOFORM will produce passwords that are 128 bit strong (DoD class) and it will remember them. Most people’s passwords are something like jimmy77 or shit like that. (I know of a MAJOR C level guy at a MAJOR BANK whose email password was CAT!!! And he wondered how his emails were making it all over the company!) Shit like that gets cracked in about 17 seconds now a 128 bit encryption password will take about 12 years to crack on a brute force method (That is when there is no BASIS to begin a crack sequence) (I love those movies where some kid in a basement breaks into a bank and in 5 minutes comes up with the password to a Swiss bank account and rips off the bad guy outta 5 quazillion bucks)
ROBOFORM will generate these passwords for you but you will NEVER remember something like:
Y!M5QEr9&iwusV9%h!XTbc
Well a brute force crack of that password will take AGES!
But ROBOFORM will remember them! When you enter a site ROBOFORM will remember the password for THAT particular site and fill it in. Put your ROBOFORM database in a JUMP DRIVE (USB) so it can go with ya or stick in a vault if you’re the paranoid type . If you loose the database you will be SOL!
Another advantage of ROBOFORM is that if you have a keystroke-capture worm sitting in your PC it can not capture your keystrokes because there are NO keystrokes. ROBOFORM PASTES the password on the password field!
Tighten your firewall as much as possible; it will be a PAIN in the ass.... (For example BLOGGER has a problem with this) and set your cookies protection to max (again Blogger chokes on this, but they are “fixing it) but it keeps your PC safe.
AND.. don’t be too worried about a virus but BE worried about a back door to your PC or a key logger because your online banking account is being hacked , and you're gonna show up one day and have a nice negative balance in your savings account!
Backup often (I do every other day) run your antivirus DAILY, run any adware or malware every other day (just set them to run at 3AM) and for the LOVE OF GOD , STOP sending emails to a zillion people at a time , it is easy for YOU but youre fucking their lives up!
I have blocked every mailing list I am in, so if you send me an email that includes more than two people I am NOT gonna get it! Sorry, NOTHING you have to say is THAT important that will make my life a living hell for 5 days!
DO NOT forward emails within email within emails. AOL users have a nasty habit of doing this. You get one forward and then you have to open 10 attachments to get to the real email. Sorry, AOL forwards should be deleted without looking at them because they pick up a LOT of shit as they are being bounced from one PC to the other.
Use public email addresses as much as you can and change them every so often still put a ROBOFORM type password in them!
Free email accounts are infamously weak as far a security is concerned (They are FREE, remember?) but they are there for the taking
These are some point to immediately get you a LOT more protection that you have. The new VISTA version of windows and the upcoming IPv6 will improve things for all of us . In the meantime (specially to BLOGGERS) get your admin account as SECURE AS POSSIBLE, give it a password that is 256 bit strength and use ROBOFORM. You will be glad you did.
We have been having a couple of pro-KaSStro email posts in the last two days. Today one from a wiley freeman who just happen to open his Blogger account TODAY.. DUH!
At any rate this is clearly the first line of “attack” , leving totally inanae comments on anti-KaSStro blogs.
The nasty part will soon raise its ugly head and most of you will have a tough time
So , with that in mind and as a public service let me give you some TIPS that may make your life easier if you are on a WINDOWS system (If you’re a MAC guy you’re on your own )
First download ALL security patches , do it ONE at a time cause they may BREAK something and if they do they can be uninstalled if you just install 6 of them at one pop you have no idea which was the guilty party.
Microsoft has NO idea you are using some port to play online poker so they may feel that is a dangerous port and lock it and your poker playing is gone. SO Security patches ONE AT A TIME. Test them for a day or so and go to the next. As soon as VISTA is released GET IT , forget about the $$$ GET IT!
When an attack is performed at this scale these pricks are NOT hunting YOU down personally, (well maybe a FEW of us) they are going on the basis of some stupid email that contained the addresses of 100 people, so do not take it personally . They are playing the odds and the odds are that most of PC users really have NO idea how exposed they are so..
The targeting is not done one fish at a time (at least that is not the way *I* do it when I attack THEM and I DO ATTACK THEM!
The targeting is done en masse, they just grab the whole list put it through an IP spoofing routine and send it out. HTML emails are especially dangerous because the pictures are in THEIR server and if your securities settings are not set to PLUTONIUM PROOF you are fucked if the EMAIL contains an AVI file you are REALLY fucked because the AVI format may include malicious scripting.
ALL email clients have an option to accept only TEXT files; I recommend you use THAT setting.
Fortunately for all, most of the new viruses and worms do not KILL your machine; they just use you to continue their dirty deed. They look through you contact list and send the nasty code to THAT list and so on and so on and you get the point.
As far as antivirus and email protection get yourself AVG (www.grisoft.com) they have MICROSOFT money & resources - not a known fact – (Bill avoiding that pesky MONOPOLY charges) so their product ROCKS.
Get yourself ROBOFORM – (I HAVE NO PERSONAL INTERESTS IN THIS COMPANY BY THE WAY but it is what *I* USE) ROBOFORM will produce passwords that are 128 bit strong (DoD class) and it will remember them. Most people’s passwords are something like jimmy77 or shit like that. (I know of a MAJOR C level guy at a MAJOR BANK whose email password was CAT!!! And he wondered how his emails were making it all over the company!) Shit like that gets cracked in about 17 seconds now a 128 bit encryption password will take about 12 years to crack on a brute force method (That is when there is no BASIS to begin a crack sequence) (I love those movies where some kid in a basement breaks into a bank and in 5 minutes comes up with the password to a Swiss bank account and rips off the bad guy outta 5 quazillion bucks)
ROBOFORM will generate these passwords for you but you will NEVER remember something like:
Y!M5QEr9&iwusV9%h!XTbc
Well a brute force crack of that password will take AGES!
But ROBOFORM will remember them! When you enter a site ROBOFORM will remember the password for THAT particular site and fill it in. Put your ROBOFORM database in a JUMP DRIVE (USB) so it can go with ya or stick in a vault if you’re the paranoid type . If you loose the database you will be SOL!
Another advantage of ROBOFORM is that if you have a keystroke-capture worm sitting in your PC it can not capture your keystrokes because there are NO keystrokes. ROBOFORM PASTES the password on the password field!
Tighten your firewall as much as possible; it will be a PAIN in the ass.... (For example BLOGGER has a problem with this) and set your cookies protection to max (again Blogger chokes on this, but they are “fixing it) but it keeps your PC safe.
AND.. don’t be too worried about a virus but BE worried about a back door to your PC or a key logger because your online banking account is being hacked , and you're gonna show up one day and have a nice negative balance in your savings account!
Backup often (I do every other day) run your antivirus DAILY, run any adware or malware every other day (just set them to run at 3AM) and for the LOVE OF GOD , STOP sending emails to a zillion people at a time , it is easy for YOU but youre fucking their lives up!
I have blocked every mailing list I am in, so if you send me an email that includes more than two people I am NOT gonna get it! Sorry, NOTHING you have to say is THAT important that will make my life a living hell for 5 days!
DO NOT forward emails within email within emails. AOL users have a nasty habit of doing this. You get one forward and then you have to open 10 attachments to get to the real email. Sorry, AOL forwards should be deleted without looking at them because they pick up a LOT of shit as they are being bounced from one PC to the other.
Use public email addresses as much as you can and change them every so often still put a ROBOFORM type password in them!
Free email accounts are infamously weak as far a security is concerned (They are FREE, remember?) but they are there for the taking
These are some point to immediately get you a LOT more protection that you have. The new VISTA version of windows and the upcoming IPv6 will improve things for all of us . In the meantime (specially to BLOGGERS) get your admin account as SECURE AS POSSIBLE, give it a password that is 256 bit strength and use ROBOFORM. You will be glad you did.
1 Comments:
Some good news for the Mac crowd: there are no viruses written for Mac, and most of the ones which can attack Mac are generally benign. Don't think it will not change in the near future, the boys in charge of virus warfare have a an ax to grind with all of us, and they will try to get any one of us.
There are not security procedure that is sufficient to protect you. So please don't be dumb and cheap!
Post a Comment
<< Home