Check your internet speed for free:

Back to Home Page

Tuesday, March 31, 2009

Conficker on April Fools Day.


Conficker is just "hours" away.

So what's the fuss about Conficker? See this excerpt from the TrendMicro APAC newsletter I got three days ago:
Worm_downad had infected more than 15 million computers, making it one of the widespread infections in recent times.

A new variant of worm_downad (aka Conficker) is expected to be launched on April Fool’s day.

Compared to the old variants, worm_downad.kk is more sophisticated. Here are a few of the payloads :
  • Connects to various time servers to determine the current date and time.
  • Register itself as a system service to ensure auto execution every startup.
  • Deletes a registry key to prevent system startup in safe mode.
  • Terminates security-related processes (i.e. procexp, regmon, autoruns, gmer etc.)
  • Blocks access to security and antivirus websites.
  • Generates 50,000 malicious URLs and attempts to connect to around 500 random generated URLs at a time.
In the network, we can scan for Conficker with Nmap, as posted by SkullSecurity. And of course, from Insecure.org (official Nmap website):
The Conficker worm is receiving a lot of attention because of its vast scale (millions of machines infected) and advanced update mechanisms. Its botnet army is scheduled for new updates and instructions starting on Wednesday (4/1), and nobody (except the bad guys) knows exactly what those instructions will be.

Thanks to excellent research by Tillmann Werner and Felix Leder of The Honeynet Project and implementation work by Ron Bowes, David Fifield, Brandon Enright, and Fyodor, we've rolled out a new Nmap release which can remotely scan for and detect infected machines. Nmap 4.85BETA5 is now available from the download page, including official binaries for Windows and Mac OS X.

To scan for Conficker, use a command such as:

nmap -PN -T4 -p139,445 -n -v --script=smb-check-vulns --script-args safe=1 [targetnetworks]

For a deep analysis on Conficker, see this article by SRI International.

Cheers to all!

Thursday, March 12, 2009

Earth Hour 2009


http://www.earthhour.org

8:30PM local time, wherever you live on planet earth. Saturday 28 March 2009.

Friday, March 6, 2009

MS Outlook Tip: "Subject is Empty" prompt.

I got this in my inbox yesterday:

--

Forgot to mention subject, while writing an official mail and feel bad later?

Yes.... It's a concern for all.... A mail without a subject brings a bad impression on us.

To avoid this, just follow the simple steps mentioned below and see the result.

Here below are the steps :

1. Open your outlook.

2. Press Alt+F11. This opens the Visual Basic editor and then Press Ctrl+R which in turn open Project-Project 1 (left side)

3. On the Left Pane, one can see "Microsoft Outlook Objects" or "Project1", expand this. Now one can see the "ThisOutLookSession".

4. Double click on "ThisOutLookSession". It will open up a code pane.

5. Copy and Paste the following code in the right pane. (Code Pane) and save it.


Private Sub Application_ItemSend(ByVal Item As Object, Cancel As Boolean)
Dim strSubject As String

strSubject = Item.Subject
If Len(Trim(strSubject)) = 0 Then
Prompt$ = "Subject is Empty. Are you sure you want to se
nd the Mail?"
If MsgBox(Prompt$, vbYesNo + vbQuestion + vbMsgBoxSetForeground, "Check for Subject") = vbNo Then

Cancel = True
End If
End If
End Sub


6. Now whenever u try to send a mail without subject, it will raise a pop-up to remind.

Quake Live Beta.


thanks for the heads up ace_dman of CNVF.

time to do some serious fragging!

--