Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

(Fwd) Steve Gibson releases 'Patchwork'

From: Erik Moeller <moeller () SCIREVIEW DE>
Date: Thu, 15 Mar 2001 14:19:35 +0100
------- Forwarded message follows -------
To:                     Erik <moeller () okay net>
From:                   Steve Gibson's MailBot <mailbot-gb0f4icn () grc com>
Send reply to:          Steve Gibson's MailBot <mailbot-gb0f4icn () grc com>
Date sent:              Wed, 14 Mar 2001 22:29:39 -0800
Subject:                Steve Gibson's March/2001 News from GRC.COM ...

Hello Erik,

_________________________________________________________________

           New freeware utility developed and released:

                          "PATCHWORK"
_________________________________________________________________


As you may recall, the last eMail from me was the early December
announcement of the new "LeakTest" personal firewall leakage
tester.  Thanks to your support, 775,778 copies have been
downloaded ... and all major firewall vendors have updated their
products to plug their leaks.  In the future, a next generation
of LeakTest will highlight additional problem areas in personal
computing firewalls.

So what is PATCHWORK ??

Last Thursday (March 8th) the United States Federal Bureau of
Investigation -- the FBI -- announced that the Windows NT and
Windows 2000 Internet web servers belonging to at least 40
prominent eCommerce companies have been systematically broken
into by Eastern European hackers. After having their private
customer credit card data stolen, the companies were financially
extorted under the threat of public disclosure of their customers'
data. More than one million credit card purchasing records have been
stolen. You can read the full FBI press release here:

             <http://grc.com/pw/FBIannouncement.htm>

Shortly before the FBI's public announcement, I was contacted by
people in Washington and asked if I could produce a utility to
instantly determine whether a Windows NT or 2000 Internet server
was vulnerable to these attacks, and to search the server for any
evidence of previous penetration.  The FBI provided all of the
specific details required, so I quickly created my latest freeware:
"PatchWork" (just 30k bytes).

PatchWork is ONLY useful for users running Windows NT or 2000
-- so I know that it will not be of interest to everyone -- but I
wanted you to know that it exists.  If you, or anyone you know, ARE
using any version of Windows NT or 2000, you really should check out
PatchWork!  It is opening MANY people's eyes ...

                <http://grc.com/pw/patchwork.htm>

_________________________________________________________________

Other News:

  1. The GRC NetFilter:

     I am VERY excited about the next product I will soon start
     creating: It's called the "GRC NetFilter".  It is like a
     privacy and security enhancing firewall that deals with the
     growing number of Internet privacy problems and annoyances;
     things like 3rd-party cookies, personal information leakage,
     browser "pop-up" windows, home-phoning spyware, web tracking and
     profiling, and even unsolicited (SPAM) eMail.  For an overview of
     the project, check out this page:

     <http://grc.com/nf/netfilter.htm>


  2. The birth of FREE Firewall Log Analyzers!

     If you use a personal firewall you may know that their logs
     can sometimes be difficult to decipher. Some entries in the
     logs may be friendly or innocent, while others could be
     truly nefarious. Some new and really cool utilities are
     answering the need to make sense of these confusing logs.
     More are on the way, but you may want to check out these
     first, completely free, solutions:

     Right now for all users of ZoneAlarm:

     <http://www.zonelog.co.uk/>

     For users of BlackICE Defender: A feature-rich freeware log
     analyzer, similar to the ZoneLog Analyzer, is in development by
     the people at the popular DSL Reports web site.  I'll be sure to
     let you know when it's available for your testing! In the
     meantime you might want to check out the completely FREE
     "ICEWatch v2.19":

     <http://keir.net/icewatch.html>   (just 63k bytes)

     (See the ICEWatch v2.19 link at the TOP of the page.)


  3. What programs contain Spyware??

     During the year that my OptOut tool was closely focused
     upon Spyware, the question we heard over and over was "Does
     the such-and-such product contain spyware?" People wanted to know
     which products were suspicious. So I was very pleased when I
     discovered a web site that is actively maintaining a database of
     spyware carrying applications. If you have ever wondered about
     any of your own software, or before purchasing a new program, you
     might want to check it out!

     <http://www.spychecker.com>

_________________________________________________________________

Thank you for your time. I hope this has been useful to you.

Steve Gibson.         <a href= "http://grc.com/"; >GRC Website</a>

________________________________________________________________
You may change your eMail address or remove yourself from this
eMail system entirely, by visiting your personal page anytime:
<a href= "http://grc.com/x/ne.dll?6gb0f4icn6"; >Update Info</a>

------- End of forwarded message -------

--
Scientific Reviewer, Freelancer, Humanist -- Berlin/Germany
Phone: +49-30-45491008 - Web: <http://www.humanist.de/erik>
The Origins of Peace and Violence: <http://www.violence.de>

"The right way to do things is not to try to persuade people you're
right but to challenge them to think it through for themselves."
(Noam Chomsky)

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".
Previous By Date Next
Previous By Thread Next

Current thread: