Ajit Gaddam: TechNews and Security

Working in Computer Security, one of the biggest threats we face today is the threat of an Insider, an Employee who might casually walk in with his 4 GB USB Flash drive, plug it in to their computer within the corporate network and walk away with valuable data. I have seen solutions ranging from expensive Intrusion Prevention Systems to disabling access to the USB drive all together.

In the first scenario, a company might not have enough financial resources for such an expensive IPS solution. The second scenario is impossible to implement in a corporation, think about the external USB keyboards, mouse or a LCD screen.

Prevent a user from writing to a USB drive

In this scenario, let us think that a corporation has migrated to Windows Vista from Windows XP. It does not wish to use an expensive solution but at the same time lock down users from having access to the WRITE capability with regard to a USB device.

1. Open Notepad and copy the following

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
“EncryptionContextMenu”=dword:00000001

2. Save the file as USBNoWrite_Vista.reg

Read the rest of this entry »

This is a new form of Spam Email I am seeing. In this email, apparantly a seconday email address has been added to my Paypal account. This email could definitely jump out for most people as most of us have a secondary email address which we enter when we sign up in case we forget our primary account user name which would be an email address at Paypal and/or our password. The email lacks proper formatting, etc. I have received two such emails with the same PayPal Email ID of PP025197. The email address I am supposed to reply to varied. The links used to sign in have been removed

Following is the content of this email

You’ve added an additional email address to your account.
If you don’t agree with this email orkydork2<at>hotmail.com and jrwiz4rd<at>msn.com and if you need assistance with your account,
click here and login.

To make sure you can use your PayPal account the next time you make a purchase,
all you need to do is confirm or not your email address.
If your email program has problems with hypertext links,
you may also confirm your email address by logging in to your account.

Thank you for using PayPal!
The PayPal Team
Please do not reply to this email. This mailbox is not monitored and you will not receive a response. For assistance,
log in to your PayPal account and click the Help link located in the top right corner of any PayPal page.

PayPal Email ID PP025197

Read the rest of this entry »

In this Blog, I give out a lot of examples of Spam Email. The most popular discussion takes place at the Microsoft Lottery Award Spam. Spammers use many evasive tactics like using University Message boards for hosting spam and looks like their methods are being successful.

However, lets go back into the ages, May 1, 1978 to be exact to learn about the first spam email ever.

On this day, 29 years ago, Gary Thuerek, a marketer for Digital Equipment Corporation sent out the first spam email to more than 400 people with mail they did not correspond to. And yes, the email was send in all CAPITAL LETTERS ughhh!!!

Mail-from: DEC-MARLBORO rcvd at 3-May-78 0955-PDT
Date:  1 May 1978 1233-EDT
From: THUERK at DEC-MARLBORO
Subject: ADRIAN@SRI-KL
To:   DDAY at SRI-KL, DAY at SRI-KL, DEBOER at UCLA-CCN,
To:   WASHDC at SRI-KL, LOGICON at USC-ISI, SDAC at USC-ISI,
To:   DELDO at USC-ISI, DELEOT at USC-ISI, DELFINO at USC-ISI,
To:   DENICOFF at USC-ISI, DESPAIN at USC-ISI, DEUTSCH at SRI-KL,
To:   DEUTSCH at PARC-MAXC, EMY at CCA-TENEX, DIETER at USC-ISIB,
To:   DINES at AMES-67, MERADCON at SRI-KL, EPG-SPEC at SRI-KA,
To:   DIVELY at SRI-KL, DODD at USC-ISI, DONCHIN at USC-ISIC,
To:   JED at LLL-COMP, DORIN at CCA-TENEX, NYU at SRI-KA,
To:   DOUGHERTY at USC-ISI, PACOMJ6 at USC-ISI,
To:   DEBBY at UCLA-SECURITY, BELL at SRI-KL, JHANNON at SRI-KA,
To:   DUBOIS at USC-ISI, DUDA at SRI-KL, POH at USC-ISI,
To:   LES at SU-AI, EAST at BBN-TENEX, DEASTMAN at USC-ECL,

……

YEH@LLL-COMP
YONKE@USC-ISIB
YOUNGBERG@SRI-KA
ZEGERS@SRI-KL
ZOLOTOW@SRI-KL
ZOSEL@LLL-COMP
DIGITAL WILL BE GIVING A PRODUCT PRESENTATION OF THE NEWEST MEMBERS OF THE
DECSYSTEM-20 FAMILY; THE DECSYSTEM-2020, 2020T, 2060, AND 2060T.  THE
DECSYSTEM-20 FAMILY OF COMPUTERS HAS EVOLVED FROM THE TENEX OPERATING SYSTEM
AND THE DECSYSTEM-10 <PDP-10> COMPUTER ARCHITECTURE.  BOTH THE DECSYSTEM-2060T
AND 2020T OFFER FULL ARPANET SUPPORT UNDER THE TOPS-20 OPERATING SYSTEM.
THE DECSYSTEM-2060 IS AN UPWARD EXTENSION OF THE CURRENT DECSYSTEM 2040
AND 2050 FAMILY. THE DECSYSTEM-2020 IS A NEW LOW END MEMBER OF THE
DECSYSTEM-20 FAMILY AND FULLY SOFTWARE COMPATIBLE WITH ALL OF THE OTHER
DECSYSTEM-20 MODELS.

Read the rest of this entry »