By Larry Seltzer  |  Posted 2003-11-25 Print this article Print

One new area where security companies expect attacks to develop is in instant messaging. There have already been some minor efforts at this, but Im not as sure that this will develop into a major problem. All traffic on the major IM networks flows through central servers, an obvious point to monitor for attacks, and security products have begun to monitor these channels. Still, its a tempting target for attackers, especially for those targeting kids. There have already been several worms that attack through IRC (Internet Relay Chat), but because this is not a centralized service, its a far easier target. The good news is, as eWEEK Labs predicts, that if youre conscientious and intelligent about it, you can protect yourself against all of this, or at least a very high percentage of it. In almost every case, IT departments had a minimum of several weeks between the release of a patch and the release of the exploit. (In fact, ironically its often the patch that drives the exploit, as attackers reverse-engineer the patch as a quick and dirty path to the exploit.) Even if they dont always keep up to date because its tedious and users resist it, IT personnel know that services at all levels—especially the desktop itself—should be locked down except where necessary. Now even Microsoft is learning this lesson.
Over the past several years Microsoft has been dragged, kicking and screaming, into the lockdown paradigm, and this will develop further with Service Pack 2 of Windows XP and Service Pack 1 of Windows Server 2003, both of which were announced at the recent Microsoft Professional Developers Conference and should hit the streets in 2004. Despite a sincere effort to make Windows Server 2003 secure out of the box, it wasnt too long before the RPC buffer overflow bug and subsequent Blaster worm showed that even the 2003 version was too open. But the new service packs, if theyre everything Microsoft has indicated, could help a great deal. For the first time, new Windows computers in default configuration could be impervious to any attacks they are likely to meet.
But like most improvements built only into new versions of Windows, these will take years to have a significant impact. Consider what happened with mail clients: In the wake of Melissa and ILOVEYOU, the two pioneering mail worms, Microsoft imposed severe lockdown restrictions in its mail clients, blocking API access to the address book without explicit user permission and stripping all executable attachments. For years now, the only users subject to the most successful mail worms are those running non-Microsoft clients and old, unpatched versions of Outlook and Outlook Express. I actually expect the worm problem to abate slowly over time as a higher and higher percentage of consumers move to new computers with newer mail clients; most business users have some protection at the gateway, even if they continue to run old, vulnerable mail clients. Next page: The War Against Spam

Larry Seltzer has been writing software for and English about computers ever since—,much to his own amazement—,he graduated from the University of Pennsylvania in 1983.

He was one of the authors of NPL and NPL-R, fourth-generation languages for microcomputers by the now-defunct DeskTop Software Corporation. (Larry is sad to find absolutely no hits on any of these +products on Google.) His work at Desktop Software included programming the UCSD p-System, a virtual machine-based operating system with portable binaries that pre-dated Java by more than 10 years.

For several years, he wrote corporate software for Mathematica Policy Research (they're still in business!) and Chase Econometrics (not so lucky) before being forcibly thrown into the consulting market. He bummed around the Philadelphia consulting and contract-programming scenes for a year or two before taking a job at NSTL (National Software Testing Labs) developing product tests and managing contract testing for the computer industry, governments and publication.

In 1991 Larry moved to Massachusetts to become Technical Director of PC Week Labs (now eWeek Labs). He moved within Ziff Davis to New York in 1994 to run testing at Windows Sources. In 1995, he became Technical Director for Internet product testing at PC Magazine and stayed there till 1998.

Since then, he has been writing for numerous other publications, including Fortune Small Business, Windows 2000 Magazine (now Windows and .NET Magazine), ZDNet and Sam Whitmore's Media Survey.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel