OT: LSASS Attacks?

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Pete,
I'm not sure what forum you need to post this question on but you've posted
it on a Newsgroup for MS Access General questions. MS Access is a database
program. I'd check to see if there's a newsgroup on the software
manufacturer's website.

Charles
 
Pete,

If you havent already, I would head on over to www.grc.com to get
information about computer security. Very informative, and educational site.
There is a test (ShieldsUp) you can perform on that site which will assess
the vulnerability of your system.

Personal desktop firewalls such as zone alarm, black ice, norton are really
not for everyone. They should be used by people who understand what they do
and understand what firewalls are for. For example, port scanners run on the
internet 24/7, and some of these firewalls will report attempts or attacks.
If these firewalls are not notifying users of things like this then as a
consumers users may think that it's not working and therefore not getting
their money's worth. If the firewalls are notifying the users left and
right, the users start panicking because they dont understand that the
notifications are just informational and nothing bad is happening. It's
almost a joke. When people ask me if they need firewalls, I ask them if they
know what firewalls do and how they work. Their answer to my question would
be my answer to their question.

On my home computers, I dont use firewalls, they slow down my computer and
their annoying (as you've found out). To compensate, I do keep up with
security matters i.e keep the latest Windows security patches, and learn how
to use security related utility software such as Spybot, Hijackthis, etc.
These little utilities are much easier to learn and just as effective as
firewalls. But nothing beats education from a site such as www.grc.com.


Immanuel Sibero
 
(Pete Cresswell) said:
On my new PC, I'm trying PC-Cillin instead of McAfee.

It's firewall seems tb detecting (or at least notifying me of...) things that
McAfee did not - specifically something that PC-Cillin refers to as
"MS04_011_LSASS_VULNERABILITY". Some hours later, the message changed to
"MS04_011_LSASS_EXPLOIT".

I think I vaguely understand the implications of LSASS' weakness - and I applied
the relevant fix when I built the PC.

But PC-Cillin keeps popping these notifications..... did a complete scan and
nothing was found, so I'd guess it's reporting incoming attempts rather than a
worm or something working within my own PC.

It's getting annoying bc the notify dialog takes focus - messing up whatever is
being typed at the time. There's an option to turn if off, but that option
turns off all notifications, not just one kind of notification.

Anybody been here? Time for Norton? Will the LinkSys router/firewall that's
on the way be capable of intercepting these before PC-Cillin gets it's shorts
all twisted up?

Hi Pete,

I'm not an internet security expert, but I have a Linksys router, and I have
set it up to "Block Anonymous Internet Requests". When I try the tools at
the website suggested by Immanuel, all I get is this (or similar):

"Your system has achieved a perfect "TruStealth" rating. Not a single
packet - solicited or otherwise - was received from your system as a result
of our security probing tests. Your system ignored and refused to reply to
repeated Pings (ICMP Echo Requests). From the standpoint of the passing
probes of any hacker, this machine does not exist on the Internet. Some
questionable personal security systems expose their users by attempting to
"counter-probe the prober", thus revealing themselves. But your system
wisely remained silent in every way. Very nice."

Well, it makes me sound like some kind of genius, but the truth is that I
did nothing to bring this about, other than, I guess, to set the above
option in the Linksys router. How much significance you attribute to all
this is, of course, entirely up to you!

FWIW, I always found software firewalls to be a royal PITA and I stopped
using them when I got the Linksys router. I also use the (free) AVG
antivirus system from Grisoft, and Spybot Search-and-Destroy to deal with
adware/spyware.
 
On my new PC, I'm trying PC-Cillin instead of McAfee.

It's firewall seems tb detecting (or at least notifying me of...) things that
McAfee did not - specifically something that PC-Cillin refers to as
"MS04_011_LSASS_VULNERABILITY". Some hours later, the message changed to
"MS04_011_LSASS_EXPLOIT".

I think I vaguely understand the implications of LSASS' weakness - and I applied
the relevant fix when I built the PC.

But PC-Cillin keeps popping these notifications..... did a complete scan and
nothing was found, so I'd guess it's reporting incoming attempts rather than a
worm or something working within my own PC.

It's getting annoying bc the notify dialog takes focus - messing up whatever is
being typed at the time. There's an option to turn if off, but that option
turns off all notifications, not just one kind of notification.

Anybody been here? Time for Norton? Will the LinkSys router/firewall that's
on the way be capable of intercepting these before PC-Cillin gets it's shorts
all twisted up?
 
Per Charles:
it on a Newsgroup for MS Access General questions. MS Access is a database
program. I'd check to see if there's a newsgroup on the software
manufacturer's website.

Yes, but:

1) The subject line contained the caveat "OT:..."

2) After reading this group for awhile...like 5 years or so... one becomes
impressed with the depth of knowledge of many of it's regular contributers -
certainly in general computer matters beyond MS Access...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Back
Top