Saturday, January 08, 2005

Top Ten Virus Monthly Report

Top ten virus December 2004

Monday, January 03, 2005

Largest IPv6 network launched in China

...China China China! Who are the chinese realy? We have to believe them I think.They're aiming to become the leading player in the creation of the next generation of the Internet.

An IPv6-based network linking 25 universities in 20 cities across China began operating on Saturday.

The China Education and Research Network Information Center (CERNIC) announced the launch of the network, called CERNET2, which is thought to be the largest single IPv6 network yet created. CERNIC claimed it makes China a world leader in the race to build the next generation of the Internet.
China's National Development Reform Commission (NDRC) has set aside 1.4bn yuan (US$169m) to support six next-generation Internet networks, according to People's Daily , China's main daily newspaper. Half of it will be used on projects linked to the university network, with the remaining money given to five telecom operators.
China is not the only Asian country with a strong interest in IPv6. Japan has already implemented an IPv6 production network, which is used by every service provider in the country. South Korea is working with the EU to develop applications and services using IPv6.
IPv6 exponentially increases the number of possible Internet protocol (IP) addresses. It has been created and deployed in response to the fear that the existing Internet address pool could run dry within a few years as more people go online, especially as Web use in Asia rises sharply.
IPv4, the incumbent Internet protocol standard, gives its data packets just 32 bits of address space. By increasing this to 128 bits, IPv6 provides billions more IP addresses and allows many more devices to be simultaneously linked to the Internet.
Many network operators and equipment vendors are pushing IPv6. However, most companies have been reluctant to spend the money needed to make their networks IPv6-compatable by upgrading IP stacks on network gear, applications, PCs and servers.
Some have said that techniques such as network address translation (NAT) -- which lets up to 257 nodes in a corporation sit behind a single IP address -- mean it is possible to work around IPv4's limitations.
Some experts have predicted that once China have embraced IPv6, Western countries who wish to do business with Asia will have to upgrade their own networks.

Windows XP flaw opens door to Trojan attack

The 'Phel' program works through Internet Explorer's 'Help' controls to allow an infection passed from a Web site to open up an infected computer to external control.

Online miscreants have released a Trojan horse that can infect computers running Microsoft's Windows XP, installing programs to remotely control a victim's system.

Symantec warned in an advisory this week that the program -- dubbed "Phel", an anagram of "Help" -- infects visitors to a maliciously created Web site through Internet Explorer's Help controls. A bug in the malicious program may prevent it from infecting some computers, the security company said.
The Symantec advisory can be found on the company's Web site.
The Trojan horse exploits a vulnerability, found in October, in how Internet Explorer and Windows XP Service Pack 2 handle help files called from Web pages.
The flaw is unrelated to the recent help-file flaws outed by a Chinese security company last week. In that instance, Microsoft took the Chinese security group to task for disclosing the vulnerability without giving the company a chance to develop a way to fix the problem.
A company spokesperson said: "Microsoft is working to forensically analyse the malicious code in Phel and will work with law enforcement to identify and bring to justice those responsible for this malicious activity."
A patch is not yet available from Microsoft for the October flaw, nor the most recent flaws, but the software giant said its programmers are working on the issue.
"Microsoft is taking this vulnerability very seriously, and an update to correct the vulnerability is currently in development," the spokesperson said. "We will release the security update when the development and testing process is complete, and the update is found to effectively correct the vulnerability."

Linux distro tackles spam

Astaro claims to have added sophisticated spam-blocking features in the latest version of its distribution, but security experts say it's nothing new.

The latest version of Astaro Security Linux includes various features that can be optionally enabled to improve spam protection.
Astaro Security Linux is a distribution of Linux that includes integrated security features such as a firewall, VPN gateway and antivirus capabilities. The Astaro distribution was started in 2000 and is now used to protect over 20,000 networks, according to the company.
Astaro Security Linux 5.1, released last week, includes functionality that can verify the source of the email by using the Sender Policy Framework (SPF). Other features include quarantining emails and greylisting, which can block some spam by requesting the mail agent to send the email a second time.
Other features include easy integration with network management systems, and a tool to allow customers to monitor bandwidth usage.
Astaro chief executive Jan Hichert said that the improvements in the new version will make the systems more resilient and easier to manage.
"Astaro Security Linux 5.1 builds on all the award-winning features available with 5.0 by adding sophisticated spam-blocking features and management tools that eliminate threats and empower IT staff to act quickly, thereby ensuring overall security of corporate IT assets," said Hichert in a statement.
But Graham Cluley, senior technology consultant for security firm Sophos, said the features added by Astaro are standard anti-spam technology.
"From that shortlist it doesn't sound like anything earth-shattering," said Cluley. "Features such as quarantining and greylisting have been available for months, if not years, in anti-spam products."