<$BlogRSDUrl$> Marcus P. Zillman, M.S., A.M.H.A. Author/Speaker/Consultant
Marcus P. Zillman, M.S., A.M.H.A. Author/Speaker/Consultant
Internet Happenings, Events and Sources


Friday, August 15, 2003  

Security Advice from Microsoft
http://biz.yahoo.com/prnews/030815/sff017_1.html

Genie Tyburski of TVC Alert and The Virtual Chase posted this excellent information this morning:

(15 Aug) A lot of folks probably aren't too happy with Microsoft this week. Nonetheless, it wants to help you secure your computer. You can follow the advice in this press release. It will keep you safe some of the time.

But if you really want to secure your computer, first set the Windows Update default so that it allows you to review the details of the patches Microsoft wants to install. Doing this requires affirmation and lets you to decide whether or not to allow the installation. Sometimes patches do more harm than good, and it might be worth making sure you have an un-do plan in place.

Second, before you make changes to your computer, check its vulnerability at Gibson Research (GRC) <http://grc.com>. Follow the links for Shields UP, a free, but currently very busy, security check service. Because the current worm takes advantage of a vulnerability in Microsoft's DCOM (Distributed Component Object Model) RPC interface, you want to ensure that the port for the DCOM Service Control Manager (port 135), as well as the ports for NETBIOS Session Service (139) and Microsoft Directory Services (445) are closed.

Follow the Shields UP links until you see a button for User Specified Custom Port Probe. Enter 135, 139, 445 in the search box. If the check responds with anything other than "closed" or "stealth," you need to close these ports.
(While you're at Shields Up, you should also probe the common ports on your PC. Click the Common Ports button.)

Windows XP users can close these ports by following instructions available at MS Using the Internet Connection Firewall <http://snurl.com/2263>. Others should install current versions of software and hardware firewalls, and then test them at GRC. (Even Windows XP users may want to install a hardware firewall. I run both a hardware and software firewall on my Windows XP machine.)

ALSO, How Firewalls Work
HowStuffWorks.com
http://www.howstuffworks.com/firewall.htm

Note from Marcus: Just received this Alternative Download Site for Microsoft Security Patches by clicking
here.

posted by Marcus Zillman | 10:23 AM
archives
subject tracers™