Month: June 2006

Get noscript installed in firefox!

There’s a new zero day exploit for firefox and internet explorer which involves javascript. So if you are running firefox, then installing NoScript will give you added protection. If you are running IE – then ooooooops 🙂

Having said that, it doesn’t look that malicious – you would have to be tricked into entering data into one page, which can then be sent to the malicious site at the same time, so you are probably only at risk if you do random surfing or surf in dodgy web site areas in the first place – and if you are doing that then I really hope you are not running internet explorer (or as an admin!)

Vista Download

After attending a Vista Management webcast yesterday I was all fired up to install Vista on one of my older pc’s – unfortunately it was only open to msdn subscribers (which my company is) but I didn’t have the information to download it. However, thanks to the JCXP I’ve got my own copy as it was released today. Currently downloading the ISO now. Not sure how long it will take and I hope that the huge thunderstorm we are having right now doesn’t take the powerout at 99%

Symantec patch lists

I was initially under the impression that only 10.1 was vulnerable to the new exploit that went out, but apparently it’s almost every 10. version of the software. The web page at symantec’s sym06-010 page is good for providing links on what needs to be upgraded to what version. This is something that symantec is VERY poor at doing – I’ve never received a new patch level notification or anything, apart from the marketing push to upgrade to the latest version – but even then the latest versions that I’ve been sent haven’t been the latest version and have needed patching!

Spammers adding you to spamtraps?

I got asked a question at work today that had me stumped (although spf might be a solution).
The scenario:- The spammer create a spam email and spoofs the from email address. The From email address is set to be a spamtrap email address – one of the emails that will blacklist your domain if you send email to it.
The email then gets sent out to a million people – several of whom have out of office assistants turned on, and so they reply to say they are out of the office.
The result:- The spamtrap email address gets an email from your domain and your domain gets blacklisted. Your users can’t send emails to valid recipients and spamcop takes forever (12-24 hours on the best of days) to get your machine white listed again.

So my question is – how do you solve this problem or work around it? You need to keep out of office on so that genuine users will know if their email is going to get read or not. I was thinking that possibly spf would work. A user who is likely to check spamcop for blacklists is also likely to check spf records. If you have spf records set, then the spoofed email would not be accepted in the first place…… The only flaw with this is that it relies on both the relay machine AND the recipients to do spf checking – and not a lot of people do that.

I contacted 1&1 the other day to see if I could set up spf records for but they don’t support it on any of their packages – seems a shame, but also seems to be in keeping with their policy of not letting you getting your hands dirty in the real management of the network and making everything gui-ized.