Original release date: January 5, 2006
Last revised: --
Source: US-CERT
Systems Affected
* Systems running Microsoft Windows
Overview
Microsoft Security Bulletin MS06-001 contains an update to fix a
vulnerability in the way Microsoft Windows handles images in the
Windows Metafile (WMF) format.
I. Description
TA05-362A describes a vulnerability in the way Microsoft Windows
handles Windows Metafile images. This vulnerability could allow a
remote attacker to execute arbitrary code. Microsoft Security Bulletin
MS06-001 contains an update to fix this vulnerability.
The vulnerability is described in further detail in VU#181038.
II. Impact
A remote, unauthenticated attacker may be able to execute arbitrary
code if the user is persuaded to view a specially crafted Windows
Metafile.
III. Solution
Apply a patch from your vendor
Install the appropriate update according to Microsoft Security
Bulletin MS06-001.
Monday, January 09, 2006
Thursday, January 05, 2006
Sunday, December 25, 2005
Enable IP Routing on various systems
... This topic is a quick help to enable IP routing as fast as possible on various systems & platforms without needing to another program to be run or so on.
Beginners Note:
IP routing also known as IP Forwarding, needs when the system has more than one NIC or network interface or network connection (such as LAN connection, PPP,...) & you want to route between them to provide for example a gateway, NAT, firewall,... .
1. Cisco Routers/Access Servers :
IP routing is automatically enabled in the Cisco IOS software for routers. To reenable IP routing if it has been disabled on "Global Configuration" type: IP Routing
2. All Microsoft Windows Platforms :
Run "regedit" program and go to the following path :
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters"
then change the REG_DWORD value (or add new if no exists) from "0" to "1" and reboot the system.
3. Linux :
Add the following command to "/etc/rc.local" then reboot :
echo 1 > /proc/sys/net/ipv4/ip_forward
Or ff you're running Debian linux, you can just put :
ip_forward=yes
spoofprotect=yes
in /etc/network/options
4. BSD Unix Family :
On "/etc/rc.conf" change the following variable to "YES" then reboot :
gateway_enable=YES
For on demand routing enable/disable using sysctl for "net.inet.ip.forwarding" either to "1" or "0".
5. Sun Solaris :
Run this command at prompt:
ndd -set /dev/tcp ip_forwarding 1
But this only lasts until reboot.
To make this happen every boot, put it in a shellscript in /etc/rc2.d -- it must run after S69inet, so call it something like S70ipforwarding
Under certain circumstances (such as more than one interface and no default router), ip_forwarding is automatically turned on, but the precise circumstances vary with Solaris releases, and never suit everyone.
6. Novell Netware :
Edit autoexec.ncf, look for the "load tcpip" line.
Change it to read "load tcpip forward=yes".
Reboot.
Beginners Note:
IP routing also known as IP Forwarding, needs when the system has more than one NIC or network interface or network connection (such as LAN connection, PPP,...) & you want to route between them to provide for example a gateway, NAT, firewall,... .
1. Cisco Routers/Access Servers :
IP routing is automatically enabled in the Cisco IOS software for routers. To reenable IP routing if it has been disabled on "Global Configuration" type: IP Routing
2. All Microsoft Windows Platforms :
Run "regedit" program and go to the following path :
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters"
then change the REG_DWORD value (or add new if no exists) from "0" to "1" and reboot the system.
3. Linux :
Add the following command to "/etc/rc.local" then reboot :
echo 1 > /proc/sys/net/ipv4/ip_forward
Or ff you're running Debian linux, you can just put :
ip_forward=yes
spoofprotect=yes
in /etc/network/options
4. BSD Unix Family :
On "/etc/rc.conf" change the following variable to "YES" then reboot :
gateway_enable=YES
For on demand routing enable/disable using sysctl for "net.inet.ip.forwarding" either to "1" or "0".
5. Sun Solaris :
Run this command at prompt:
ndd -set /dev/tcp ip_forwarding 1
But this only lasts until reboot.
To make this happen every boot, put it in a shellscript in /etc/rc2.d -- it must run after S69inet, so call it something like S70ipforwarding
Under certain circumstances (such as more than one interface and no default router), ip_forwarding is automatically turned on, but the precise circumstances vary with Solaris releases, and never suit everyone.
6. Novell Netware :
Edit autoexec.ncf, look for the "load tcpip" line.
Change it to read "load tcpip forward=yes".
Reboot.
Saturday, December 24, 2005
Before You Connect a New Computer to the Internet
... I called two sections for this topic: 1. General guidelines. 2. OS specific.
By now, I'm going to write about (1). I decide to write as simple as & short so you
can read as fast as.You can do (2) with refer to your OS website,... .If desired ask here.
1. General Guidelines:
a) For CD/DVD/Local HDD installation, unplug the network connection GOTO (c) !
b) If you cannot unplug the network connection because of the network installation, then do at least one of the following:
- Put system behind the firewall.
- Using private IP addresses.
- Create private segmentation using VLANs or so on.
OR any way that you cann't see the Internet!
c) Intall the Antivirus.
d) If exist enable the OS specific firewall, such as WindowsXP firewall GOTO (f).
e) Install personal firewall (Optional - if enterprise firewall exist & the system is behind it).
f) Apply any service pack & update, so on, which can be found local or on private network.
g) Plug the network connection & connect to the Internet then update the system online.
By now, I'm going to write about (1). I decide to write as simple as & short so you
can read as fast as.You can do (2) with refer to your OS website,... .If desired ask here.
1. General Guidelines:
a) For CD/DVD/Local HDD installation, unplug the network connection GOTO (c) !
b) If you cannot unplug the network connection because of the network installation, then do at least one of the following:
- Put system behind the firewall.
- Using private IP addresses.
- Create private segmentation using VLANs or so on.
OR any way that you cann't see the Internet!
c) Intall the Antivirus.
d) If exist enable the OS specific firewall, such as WindowsXP firewall GOTO (f).
e) Install personal firewall (Optional - if enterprise firewall exist & the system is behind it).
f) Apply any service pack & update, so on, which can be found local or on private network.
g) Plug the network connection & connect to the Internet then update the system online.
Thursday, December 15, 2005
IP Routing Protocols AD
... I'm writing some tips after that for network administrators to be a quick reference instead of searching the Cisco or so on.By the way, you may know or remember IP routing protocols AD (Administrative Distance) but don't remember some of them or are unknown for you.Ask me the ones.Meanwhile I'll tell the quick command related to changing ADs.
Connected interface = 0
Static route = 1
Enhanced Interior Gateway Routing Protocol (EIGRP) summary route = 5
External Border Gateway Protocol (BGP) = 20
Internal EIGRP = 90
IGRP = 100
OSPF = 110
Intermediate System-to-Intermediate System (IS-IS) = 115
Routing Information Protocol (RIP) = 120
Exterior Gateway Protocol (EGP) = 140
On Demand Routing (ODR) = 160
External EIGRP = 170
Internal BGP = 200
Unknown = 255
Tip-1:
To change the AD :
-For EIGRP:
Router(config)#distance eigrp [internal-distance] [external-distance]
-For other protocols:
Router(config-router)#distance [weight] ...
Connected interface = 0
Static route = 1
Enhanced Interior Gateway Routing Protocol (EIGRP) summary route = 5
External Border Gateway Protocol (BGP) = 20
Internal EIGRP = 90
IGRP = 100
OSPF = 110
Intermediate System-to-Intermediate System (IS-IS) = 115
Routing Information Protocol (RIP) = 120
Exterior Gateway Protocol (EGP) = 140
On Demand Routing (ODR) = 160
External EIGRP = 170
Internal BGP = 200
Unknown = 255
Tip-1:
To change the AD :
-For EIGRP:
Router(config)#distance eigrp [internal-distance] [external-distance]
-For other protocols:
Router(config-router)#distance [weight] ...
Monday, November 07, 2005
Pass CCNA 640-801
Yesterday I passed CCNA 640-801 with score 974 (for the first time & 2 months study).
I'm going to take CCNP about two months later I think (means if I ready)...
I'm going to take CCNP about two months later I think (means if I ready)...
Subscribe to:
Posts (Atom)
