Friday, August 28, 2009

And Let The Games Begin...Again!!

I am happy to report that my second term at Kaplan University has (finally) begun this past Wednesday the 26th. The last day of my first term was on August 9th. And let me tell you something. I never in this world ever thought that I would actually be happy, no make that ECSTATIC, to be back in school. This comes form a woman who, in her childhood and teen-aged years, hated everything about school. I would do anything to get out of going. And it was a little too easy to do. I went to a very large high school on Long Island in NY for my first two years, and the late and absent policies were very easy to get around. That was until I finally got caught and sent to an "alternative" school. Most parents and students alike I think will agree with me when I say that this alternative school was a vacation at the very least! Monday through Thursday from 5PM till 8PM. No labs, no P.E.. What more could any student ask for?

Then after two years of this school and getting into the usual headstrong teen-age "phases", I had tried to commit suicide. I was always really messed up. It wasn't my parents fault at all (I know they are probably reading this, so I want to make this absolutely clear - Mom, It was NOT YOUR FAULT!). After this episode Mom had moved us away from the chaos, a new town, a new life. Or so we thought. After about two months, just enough to get us settled, I made some new "friends". It was all downhill from there. I will save you all form most of the gory details, but in the end I wound up getting pregnant and dropping out.

Fast forward two years. I had moved to Florida in 1997 with my then husband and our daughter. I was pregnant again and had decided to get my GED. Probably one of the best decisions I had made at the time. The other one being separating form my abusive (now ex) husband (that is another story for another day). That was the last time I had been in school or anything school-like for 12 years.

So here I am. I finally decided to go back to school. How it happened was pretty miraculous in itself. I think that is a story for another day as well (don't worry, I will definitely write about all of that soon). I enrolled in Kaplan University's KU Campus, an online program, and it has got to be THE best decision I have made so far (well, that and moving in with my fiancee almost two years ago). I am really enjoying it. I am studying for my Associate in Science degree in Computer IT with emphasis in Web Design. I was studying programming when I started, but Visual Basic Kicked my ass, so I decided to switch this term to the Web Design program. Honestly, I think Visual Basic is a demon that must be excised.

So last term I took Academic Strategies for the IT Professional and Visual Basic (the DEVIL) and this term I am taking English Comp I and Web Development, which is basically just a class to learn Adobe Dreamweaver CS4. I must say that I am loving the web design and development aspect of things. The intro class I took, which I had won a scholarship for, was the Intro to Web Design, and I passed with a 4.0. I seem to be able to grasp HTML and the like pretty quickly and easily. VB was a nightmare and I barely passed by the skin of my teeth.

Ok, so enough of my ranting. I am really enjoying this class and the school and I can't imagine anything else I would rather do with my time and money right now. So wish me luck, and I will keep you all posted on my progress!

And like I always say in my other blog...

UPDATE!! I almost forgot to mention... I met the most wonderful Admissions advisor at Kaplan, and her name is Nancy Ziv-Rothman...and she has helped me get through some things that I am not too sure I would've been able to otherwise... So Thank you Nancy, for all that you do!

Thursday, August 27, 2009

Why Are Botnets So Important?

The Botnet and What It Is And Does

What used to be a meaningful piece of software allowing the legitimate sharing of program processing amongst a network of business PC's has now been turned into one of the most exploited and maliciously used pieces of software in the history of the internet.

The Botnet is now being used easily and maliciously for many things including the creation or misuse of SMTP mail relays for spamming (a SPAMbot), spamdexing (the practic of dishonestly manipulating search engines), click fraud, theft of sensitive information like application serial ID's, login ID's and passwords, and financial information like credit card numbers. But the most recent and problematic attacks have been the Denial of Service attacks on Twitter, Google, Facebook and Live Journal, just to name a few. They have been said to be "Massive and sustained (DDOS) attacks...and they are not finished yet!" stated a Security expert from Symantec's Security Technology Response Group.

The twitter attacks were one of the easiest to implement.

A trojan horse called Downloader.Sninfs was using Twitter's @update account to deliver commands to infected PC's. It posted links for web updates just like any account holder would. Then the unsuspecting users clicked on the links and received and spread the commands. After enough people did this, it created the DDOS attack in which we are all familiar with. The account on Twitter has since been disabled and is under investigation.

The botnet works by installing malicious software through what is known as "drive by downloads". These are downloads in which the user has authorized the download without fully understanding the consequences, or maybe unknowingly downloads a virus that is tacked on to an Active X control. The botnet's originator, or "Bot Herder", can then remotely compromise your PC and the network it is on rendering it a zombie.

The scariest thing about a botnet is that you most likely won't even know that you are infected unless you know what you are looking for! This is because most PC's involved in a botnet work normally. They hide their code within legitimate applications and email, and you are spreading them unknowingly but willingly. So what are you supposed to do about it? Tune in next time for solutions and tips and tricks for sniffing out a botnet and removing it from your machine...

Isn't it time to take back your PC?

Tuesday, August 25, 2009

WINS Security Vulnerability


The Windows Internet Name Service, or WINS is Microsoft's answer to the question that no one ever asked. No really, WINS is the core service which translates the names of computers into their numeric IP addresses. This is a necessary service for one computer to be able to talk to another.


The vulnerability found within the WINS service has been classified as critical, and can "...allow remote code execution if a user has received a specially crafted WINS replication packet on a affected system running the WINS service...", states a representative from Microsoft. The replication packet allows the attackers to write arbitrary memory locations and execute the arbitrary code via a modified pointer within the packet sent to TCP Port 42. This attack has been found to be coming form China, and is targeting no less than 70,000 IP addresses daily.


What this means is that if you or a member of your team have manually installed this particular WINS component, you WILL be affected. A representative of Shavlik Technologies says that this " an unauthenticated server-side attack. The bad guy simply points and shoots some packets at the WINS server and they can execute code of their choice on that server." This could mean that anyone can gain access to all of your sensitive information remotely.
And you would never know!

View My Portfolio & Samples

View Samples at Virtual Copy and JC Torpey's Portfolio.

Get writing tips and general news at the VCopy Blog.