Jump to content


  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by ritchie58

  1. Microsoft has issued a patch for the zero-day exploit vulnerability for the ASP.Net application. More info at this link. Microsoft Patches ASP.Net Web Application
  2. Alparsla, the ASP.NET Web application has a zero-day vulnerability. Please click this link to eEye Digital Security web site for more info. ASP.NET Viewstate Padding Information Disclosure I also posted in the General Forum earlier today about zero-day vulnerabilities and some web sites that have some comprehensive lists of affected patched & unpatched software applications.
  3. How confident are you that your computer is safe from an online attack? Chances are you rely on vendors like Microsoft and Apple to let you know when a security update is ready to be installed. (Google updates systems automatically.) But until a patch is released, that hole--known as a zero-day vulnerability--in effect makes your computer a sitting duck for anyone who writes an exploit for it and bothers to distribute it via e-mails and drive-by downloads on Web sites. EEye Digital Security launched a Web site recently that lists current zero-day vulnerabilities and offers an archive on ones that have been patched. The Zero Day Tracker compiles information on publicly disclosed security holes and provides details on them including what software they affect, how severe they are, the potential impact and suggestions for workarounds and other protection techniques. Marc Maiffret, co-founder and chief technology officer of EEye, describes the free site as a "one-stop shop" for zero-day information. "For the longest time the only company that would notify you about zero-days was Microsoft, and recently Adobe has started doing that," he said. "But there are still many other companies that have zero-day vulnerabilities that go unreported." The most widely used database of software vulnerabilities is the National Vulnerability Database sponsored by the Department of Homeland Security's National Cyber Security Division/US-CERT and run by the National Institute of Standards and Technology. There is also the Open Source Vulnerability Database, the US-CERT Vulnerability Notes Database and one run by SecurityFocus. But you have to do some digging on the sites to find the vulnerabilities that are unpatched.
  4. Here is a link to a Cnet security article that tells you how to delete flash based or "super cookies" using Firefox and if you use a web cam, someone might be watching and listening to you without your knowledge or consent (that's scary isn't it!). Definitely worth the time to read if you use Firefox and/or use a web cam. Two simple ways to thwart Web Spys
  5. Thanks for the info on the conficker troubles. I read somewhere that this type of malware can hide in what would otherwise be legitimate software. Something good to remember if IMP quarantines some application you think is safe. A good rule of thumb would be then, if in doubt submit the file(s) for evaluation before taking it out of quarantine, right?
  6. I just posted in the issues/defects category concerning the difference in full scan times between Online Armor and COMODO Firewalls. After reading Alfred's post now I'm wondering that the discrepancy between scan times is due to the tweaking going on with the detection engines. What ever it is I'm just glad that a full scan doesn't take over an hour now.
  7. I was using Emsi Software's Online Armor Free Firewall until very recently when a new update (version rendered this application very buggy (mainly start up issues) so I decided to give another firewall a try. I switched to COMODO Firewall 4.1. Since doing so I COULDN'T HELP but notice the disparity between the time it took to run a full scan with IMP. With Online Armor (with the older version as well) it took well over an hour to run a full scan. Since I've switched to COMODO a full scan is blindingly fast compared to the way it was. It takes under 8 minuets to scan all 3 drives now! The logical extrapolation would be that something was interfering with the scan process with Online Armor. Since I uninstalled OA one can only guess if it was something in the software itself or a security setting I made. ???
  8. Just read the blog and I am glad to see Immunet get some justly deserved recognition as to the outstanding software it is! Cool beans!
  9. I use IObit's Advanced System Care Pro utility app on my machine and recently they asked to contribute to a survey they're doing. They are thinking about getting into the antivirus business as well. Of course I submitted my request that if they follow through to make their AV a cloud based application instead of a traditional signature download AV. Have to wait and see what they do. If they do enter development I doubt I would change what I've got now. I would keep Panda and Immunet. They seem to work well together since I haven't been infected with anything for some time. Knock on wood, I hope that trend continues!
  10. Blogs? What blogs? If you're referring to the Immunet Forum here there are new posts by users almost every day.
  11. Also It's possible to see if the WMI is working properly by: Right-click the My Computer icon and select Manage. (Alternate: Click Start, Control Panel, Administrative Tools, Computer Management.) Left-click the [+] next to Services and Applications to expand the tree view. Left-click on WMI Control. Now, right-click on the same WMI Control item and select Properties. If WMI is working properly, you will see "Successfully connected to <local computer>". If WMI is broken, you will see one or more error messages in the dialog.
  12. I'm not sure if this utility is Windows 7 supported but Microsoft has a WMI Diagnosis Utility here. WMI Diagnosis Utility Version 2.0
  13. Although I'm a die hard Firefox user (with all the add-ons available it's one of the most customizable) if this browser had all or most of the features listed in your post, Spainach, I would give it a test drive. I'm not afraid to try new software applications. Are you waiting for the poll results or is there a beta version in the works now? I assume you would need beta testers if actual development commenced. I would be willing to be a beta tester if it comes to fruition. I've been a beta tester for Firefox and Panda Security in the past.
  14. Here are some tips on how to avoid becoming a victim to the increasing phishing site scams. Just click on the link. New phishing sites and how to avoid them If I kept just one person from being duped then this post was well worth the time.
  15. I didn't know Avast! had such an application Orlando. Thanks for enlightening me. I still think if Immunet came out with something comparable I would definitely use it instead of the Auslogics screen-saver defrag tool that I'm using now.
  16. Here is an idea I've never seen any security vendor offer. A screen-saver application that is also an antivirus scanner. A screen-saver doesn't activate, usually, unless your system is idle, so instead of having a water fall, twinkling lights, dancing elves or whatever, why not have an app that would do your system some good instead of eye candy that just uses up system resources. It wouldn't need to have a lot of gee whiz special effects. Just keep it simple and functional. You could make it a stand alone application or incorporate an option in the GUI itself. If having that much extra code written in the software is unfeasible then go with the stand alone approach and make it a separate download. Seems like a good idea to me and I bet users would appreciate and use the application. I use Auslogics Disk Defrag (instead of the much slower Windows defrag tool) and they recently came out with a screen-saver that is also a defrag tool (a stand alone application) which I am using and thought was very innovative. That's where I got the idea.
  17. ritchie58

    Cloud Firewall

    Sweidre, I like to save installers in a backup folder just in case I need to re-install something and I have run into the same problem on several occasions myself. Where Panda Cloud Antivirus had detected what it thought was an infection in the install.exe file for an application days or even weeks after the software has already been installed and shows no signs of infection itself (after running AV scans). I did the same thing, delete the (maybe) corrupted install file just to be on the safe side. It could have been a false positive but I didn't take the chance. The last time that occurred was with the latest version of VLC Media Player 1.1.2 installer.
  18. ritchie58

    Cloud Firewall

    A cloud based firewall does seem like a good idea to explore. I also liked TheA's idea to have a whitelist and blacklist function for such a firewall. That would help users from installing malware infested software from the start. Another idea for the firewall would be the option to view all incoming and outgoing active connections and what program is associated with each connection. Perhaps even show the local and remote IP addresses of each connection. That way you could see if a program is connecting to the web that shouldn't be (malware). Also another idea would be the option to run an application that your not entirely sure of in a kind of "safe mode". The app could run and function but would not have the ability to permanently change anything in the operating system and once the system is rebooted the app would revert back to it's original state. The only drawback to this would be if the software was legitimate and perhaps it updated itself, the update would be lost once a reboot occurred. Then again, that would give you time to see if the app was doing something it shouldn't be. If all is well then just add it to your whitelist which would disable the safe mode for the app.
  19. Here is an article I found interesting at Cnet. I thought the Immunet forum community might find it interesting too. So here is a link to the article. Cnet Article Since mobile devices are becoming so popular there is a niche to be filled by security vendors.
  20. ritchie58

    Usb Protection

    Some security vendors offer a functionality where you have the option to disable the autorun feature for external drive(s) connected through the USB ports. A lot of malware is inadvertently transferred in this manner. One prime example is the conficker worm which primarily used an infected flash drive to ingratiate itself on the next PC it's plugged into. With the autorun feature disabled you can run a context menu or custom scan to check for malware before any files are opened thus detecting and eliminating the threat before it has a chance at infection. There is stand alone software that does just that (I use Panda's USB Vaccine 1.0.1) but why not consider incorporating such an option into the GUI settings feature for users that don't have that function with their primary AV. You could go something like this, give the free users the disable autorun feature and offer an option where you can install a disable autorun.inf file on the external drive itself for the pro users. So the function would still work on a different PC.
  21. Thanks for enlightening me. I'm glad the people will get the latest installer there. I guess I was misled because the information page offers the older 2.0 version.
  22. I should also mention that I have some services disabled for security reasons such as: messenger, net meeting remote desktop sharing, network dde, network dde dsdm, nt lm security support provider, remote access auto connection manager, remote access connection manager, remote desktop session manager, remote registry, secondary logon, server. I also use a couple of security add-ons for Firefox which are: BetterPrivacy 1.48.3 (deletes flash cookies or "super cookies"), KeyScrambler (encrypts keystrokes), NoScript (malicious script and java blocker).
  23. My signature has the info you requested.
  24. I have an account at Cnet's download.com. In fact that's where I first learned of Immunet. Out of curiosity I was going to read some of the latest reviews about this product, while there, and noticed that the installer being offered was the old 2.0 version. I wrote an update to my review and told whoever reads it that a new version is available and the URL to download it. My review that I posted at Cnet was back in mid June so it's several pages back from the newest reviews. I doubt many people will read my update because of that. It may not be high on your priority list but it may not be a bad idea to update the installer at download.com so people get the best version so far. Also why not offer an installer package at filehippo.com and majorgeeks.com to help get the word out. Those three web sites are the ones I like the best to check out new and interesting software.
  25. You guys are pushing out updates rather quickly which is cool! Every new software has it's growing pains and I'm glad to see your working hard to make the product that much better. Keep up the great work guys!
  • Create New...