In my last post, I wrote about the risk of not changing the router passwords. Well, if you need one, Bruce Schneier just posted a link to an extensive list of default passwords: http://www.schneier.com/blog/

I think that it would be time that router and access point manufacturers think about "secure by default" and start to use settings that make their users secure rather than just make it work... I think a can remember a time, where we had to learn that the hard way. Remember, when our servers (IIS) have been attacked by Code Red and all the servers (webserver or print server or file server or...) was successfully infected....

Roger

It is interesting to see, how the threats and problems move over time - but basically the core problems remain the same: Standard passwords that have not been changed, poorly configured systems, unpatched computers, and - last but not least - no "Secure by Default". And all of a sudden you do not own your router anymore and you router is used for a pharming attack.

If you ready the following article, take a special look at the end: Do not use Windows 95, 98 or Windows XP SP1 anymore! Upgrade to supported versions of Windows in order to make sure that the Operating System is able to defend attacks that are common today (and were not, when the OS was developed).

http://www.itwire.com.au/content/view/9803/1103/

Roger

You know that feeling, don't you: Your neighbor has set up a wireless network, you switch on your PC and see it. It is completely open and unsecured - as they are out of the box. Now you have two options: Ignore it and leave your neighbor vulnerable or give him/her a call - and loose one of your precious evenings to configure yet another wireless LAN.

Well, there is a pretty good article on how to secure a wireless LAN, you could point your neighbors or friends to: http://www.dailywireless.com/features/secure-wireless-lan-021507/

Roger

Well, a lot of time when I talk to people about Windows Vista, two things pop up: User Account Control and Digital Rights Management. I will save DRM for an other post but I think that there are two blog posts you could read with regards to UAC:

Jeff Jones wrote an excellent article about how he uses it: http://blogs.technet.com/security/archive/2007/02/12/the-value-of-uac-in-windows-vista.aspx

And then, if you want to get technical, it is (once more) Mark's blog that is worth reading. http://blogs.technet.com/markrussinovich/archive/2007/02/12/638372.aspx

For me it comes down to the number of pop-ups with UAC and this really has to be put into perspective: I am working as a standard user on my Vista box and rarely need any elevation at all - unless I have to install stuff (and then I want UAC to ask me for elevation). The challenge with UAC is, to survive the first few days - the time during the setup of the machine. There you get a certain amount of prompts (obviously). Once, your machine is set-up and running, well there is barley any need for elevation.

Roger

Over the last few days, we have seen some DDOS-style attacks to some root DNS. Still a lot of speculations are going on. If you look at the traffic pictures at: http://dnsmon.ripe.net/dns-servmon/domain/plot?domain=root&day=5&month=2&year=2007&hour=16&period=48h&plot%2F=SHOW you see that g and h and partly l got most of the traffic.

US-CERT issued bulletin (http://www.uscert.gov/current/current_activity.html#dnsanom) and it started to make the press http://hosted.ap.org/dynamic/stories/I/INTERNET_ATTACKS?SITE=WIRE&SECTION=HOME&TEMPLATE=DEFAULT but at the moment nobody seems to have a clue what is going on and especially why it is going on...

Roger