LabMice.net - The Windows 2000\XP\.NET Resource Index
Home | About Us | Search |

Last Updated December 10, 2003

LabMice Link of the Day Archive - Feb 2003
As we surf the web in our pursuit of additional content for LabMice, we occasionally stumble upon a really cool, humorous, unusual, or very useful link that we think should stand out from the hundreds we add every week. So we developed a small section on our front page to highlight these, and will archive the rest here.
 
This Month:

Behavioral rules vs. signatures: Which should you use?
Many security products on the market today detect malicious attacks, but few take action to prevent them. Even more confusing for IT and security professionals is the debate over the best way to detect and prevent hacking activity: signatures or behavioral rules. Each approach has advantages and disadvantages, but by combining the two, enterprises can ensure that servers and data are fully protected. Source: ComputerWorld

Behind the Scenes of the SQL Slammer Worm Virus
Learn how the Slammer worm exploited the vulnerability of unpatched systems. Source: Windows & .NET Magazine

Manage and protect against new breeds of application vulnerabilities
Hackers are more sophisticated and are now looking to attack at the heart of the organization: databases and groupware applications. Source: ServerWorld

Spammers hiding behind students
University networks already stressed by file-sharing programs, viruses and hackers now face a new threat: students who sublet their network access to spammers for as little as $20 per month. Those practices might not have to be confined to schools, experts say. It's possible that the mail relay program could be slipped onto corporate PCs without users noticing via rogue Web sites or spam packed with a virus. Source: NetworkWorldFusion

Cleaning Up After Sysprep
Using Sysprep to build client images might create a few problems that you need to clean up. Paula Sharick shows you how. Source: Windows & .NET Magazine

XP Hole Plagues All Similar Apps
A security flaw in Microsoft Windows XP that allows anyone with another operating system's emergency boot disk unfettered access to a computer -- despite multiple passwords -- is actually a problem in many applications of its ilk. Source: Wired

For Sale: A Piece of Mac History
A rare Apple I computer -- one of the first 200 machines built in the 1970s by Steve Wozniak and Steve Jobs -- hits the online auction block on Friday. Organizers hope to bring in at least $16,000, even though it doesn't work. Source: Wired

Trustworthy Yet?
Microsoft is making significant strides to clean up its security mess, but Trustworthy Computing still has a long way to go.
Source: InformationSecurityMag

Are You Infected? Detecting Malware Infection
Once executed, malware can perform its intended malicious function on a system. Unfortunately, it may not always be apparent to users that their system is indeed infected. This article will discuss how to determine whether or not the system has been infected and will offer some tips on to manually disinfect the system. Source: SecurityFocus.com

What Symantec Knew But Didn't Say
Security experts are fuming about a Symantec press release indicating the company knew about the devastating Slammer worm hours before the general public did. The company shared the knowledge with select customers but kept mum with everybody else.
Source: Wired

Forensics on the Windows Platform, Part Two
This is the second of a two-part series of articles discussing the use of computer forensics in the examination of Windows-based computers. In this article we will concentrate on the areas of a Windows file system that are likely to be of most interest to forensic investigators and the software tools that can be used to carry out an investigation, Source: SecurityFocus.com

Time to Upgrade?
Microsoft will end all assisted support for Office 97 and Outlook 98 in January 2004 and Outlook 97 is already an unsupported product, so this might be the year to move to Outlook 2002. Source: Windows & .NET Magazine

How safe is your data center?
Have you ever tripped over an old and buckled floor tile? Ever stepped into a hole where a floor tile had been lifted up? Here are some tips for avoiding possible data center mishaps. Source: NetworkWorldFusion 

Deploying a Secure Commerce Server 2002 Site
This paper provides detailed instructions for deploying Microsoft© Commerce Server 2002 in a secure configuration. These instructions assume you are performing a new deployment, and therefore instruct you to install and configure each server in this sample deployment. It is recommended that you use the instructions provided in this paper as a guideline for deploying your own secure site. Source: Microsoft.com

Post-SP3 FRS Update Polishes Performance; and First 2003 Security Hotfix
Microsoft releases a post-Win2K SP3 FRS tune-up that addresses several inefficiencies in the original replication model, and the company issues the first security hotfix of 2003 to eliminate a buffer overflow condition. Source: Windows & .NET Magazine

Read The SP1a Fine Print
Even though the court of appeals ruled in Microsoft's favor and stayed the lower court's order that would have forced Microsoft to carry the latest version of Java, Microsoft still went ahead and posted an update to its first XP service pack. SP1a removes Microsoft's own Java virtual machine. But Microsoft's not encouraging users to apply the update. In fact, Redmond is doing its best to discourage users from upgrading. "There is no benefit to installing SP1a if you are already running Windows XP SP1. Microsoft does not recommend that you install SP1a if you are already running SP1," Microsoft warns. Source: Microsoft-Watch

Microsoft Solution for Securing Windows 2000 Server
To help customers deploy its products more securely, Microsoft is developing free security solutions that address their business needs. The first solution©Securing Windows? 2000 Server©is aimed at helping customers reduce their security risks while lowering their security management costs. The Securing Windows 2000 Server Solution is delivered in 11 chapters, plus a Test Guide, a Delivery Guide, and a Support Readiness Guide, each with applicable job aids, script files and test cases. Source: Microsoft.com

Prevent social engineering
Experts recommend providing security awareness training on at least a quarterly basis to keep security ideals fresh in users' minds. Concepts on social engineering - what it is, and how to prevent it - should be a mainstay of your training. Source: ITWorld

Digex: IIS 6.0 Delivers the Goods
IIS 6.0 isn©t in final form yet, but that doesn©t mean it?s not in use. In fact, one of the largest managed hosting companies in the world has been using it for two years now©and not just on a test network. Source: ENTOnline (Jan 31, 2003)

Sneaky Toolbar Hijacks Browsers
Internet users are mystified by a tricky browser add-on called Xupiter that installs itself without permission and defies attempts to remove it. Once active in a system, it periodically changes users' designated homepages to xupiter.com, redirects all searches to Xupiter's site, and blocks any attempts to restore the original browser settings. The program also attempts to download updates each time an affected computer boots up, and has been blamed for causing system crashes. Some are calling the program the most insidious thing on the Web. Source: Wired


Past Archives

This site and its contents are Copyright 1999-2003 by LabMice.net. Microsoft, NT, BackOffice, MCSE, and Windows are registered trademarks of Microsoft Corporation. Microsoft Corporation in no way endorses or is affiliated with LabMice.net. The products referenced in this site are provided by parties other than LabMice.net. LabMice.net makes no representations regarding either the products or any information about the products. Any questions, complaints, or claims regarding the products must be directed to the appropriate manufacturer or vendor.