Symantec confirmed that hackers have obtained source code to two enterprise security products, but third-party experts said the impact on users will be minimal to none.

Symantec has confirmed that a group of hackers has stolen source code to two Symantec products, but downplayed the possible impact on users as a result of the theft.

The attackers stole source code for two older Symantec products for enterprise customers, and not on the consumer-focused Norton product line as had been previously reported, according to Cris Paden, senior manager of corporate communications at Symantec.

The code segments are from Symantec Endpoint Protection 11 and Symantec Antivirus 10.2. SAV 10.2 has already been discontinued, and SEP 11 came out four to five years ago. Symantec currently offers SEP 12 and 12.1 to enterprises.

A group of hackers, named Lords of Dharmaraja, claimed to have breached an Indian military server and stolen several documents and files, according to a Jan. 5 post on Pastebin. The post is no longer available on the text-sharing site, but a copy can be accessed via Google Cache.

“Presently, we have no indication that the code disclosure impacts the functionality or security of Symantec’s solutions. Furthermore, there are no indications that customer information has been impacted or exposed at this time,” according to Paden.

Several security experts have told eWEEK they didn’t think criminals would examine the leaked code to find vulnerabilities that could be used to exploit the security products directly. While it “clearly is undesirable” for any antivirus vendor or software vendor to have their source code made public, attackers are not likely to gain “any miracle insights” needed to defeat the product, Chester Wisniewski, security adviser at Sophos, told eWEEK.

Malware writers don’t need to learn from the source code, since they don’t need to know how the engine works in order to defeat it, Rob Rachwald, director of security strategy at Imperva, told eWEEK. Antivirus software relies on signatures, and developers have been effectively creating malware that can evade detection for quite some time, Rachwald said. Antivirus software tend to have a poor rate of detection, as low as 20 percent to 30 percent, because criminals are testing their code against security products and using encryption and other methods to ensure they slip through, he said.

While they could theoretically find a vulnerability that would allow them to disable the software, it seems unnecessary when they are already creating malware that can’t be detected, according to Rachwald.

Nor do criminals trying to create a fake antivirus need access to the source code to create a convincing looking scareware, David Harley, senior research fellow at ESET, told eWEEK. “Fake AV doesn’t have to have the core functionality of the real thing. It just has to look genuine to a potential victim,” Harley said.

Symantec distributed 10 million updates to its products in 2010 alone, according to a Symantec spokesperson. Extrapolating to four and five years shows how much the code has evolved over that period of time. “It doesn’t minimize the situation, but it helps as far as a perspective on how old this code is,” the spokesperson said.

While it’s possible Symantec competitors would be able to look at how the company built its antivirus engine, that seems unlikely, considering the age of the stolen code. The information is likely to be of interest only to “software historians” such as computer science students looking at legacy code, Aryeh Goretsky, a researcher for ESET, told eWEEK. It takes roughly two years to create a new antivirus engine, and although certain elements may still stay the same, there will be enough changes to make the software outdated, he said.

“AV scanning software and modules tend to change fairly rapidly compared to some other security products,” Harley said.

While an actual source code leak could turn out to be embarrassing for Symantec, it won’t impact Symantec that much in the market, according to Goretsky. “It happened to both Kaspersky a year ago and Microsoft in 2004, and neither seemed to suffer any ill effects, economically,” Goretsky said.

Symantec confirmed that the breach occurred on a third-party network and not on Symantec servers. The Pastebin post claimed to have compromised servers belonging to Indian intelligence agencies.

The fact that the group managed to breach military servers should be of bigger concern than the possibility of leaked source code, Stephen Cobb, a security evangelist for ESET, told eWEEK. A breach on sensitive servers could “prove harmful to cooperation between public and private sectors,” Cobb said.

This incident highlights that corporations that follow best practices to secure their infrastructure and data can still be impacted because someone else did not, Mike Lloyd, CTO of RedSeal Networks, told eWEEK. As enterprises lose control over their own assets, regulatory requirements and compliance standards become more important in order to create a baseline that allows organizations to verify their partners are taking necessary steps to be secure, according to Lloyd.

“Business partners and strategic customers may be friendly, but they are not going to expose specifics to you about how well they protect themselves,” Lloyd said.

The group Lords of Dharmaraja has not yet posted the code, claiming it needs time to set up some mirror sites. “We are working out mirrors as of now since we experience extreme pressure and censorship from U.S. and India government agencies,” the group wrote.

Reference article

UP-shot: Don’t put all your eggs in one basket. Especially one crafted as badly as Norton’s AV/Security!

Windows Key + R : start run prompt (XP)
Windows Key + E : start file explorer (XP)
Windows Key + M : minimize all windows (XP)
Windows Key + Shift + M : restore all windows (XP)
Ctrl + Shift + Esc : start task manager (XP)
Alt+Space : show current application’s window controls (XP)
F2 : in explorer and office applications : change the text of an object
F4 : within Office Applications – Repeat last formatting option
F5 : refresh or reload page (explorer, browsers, etc.. )
F9 : Office applications : refresh selected text links (for TOC)
Tab : Advance to next field or clickable object
Shift+Tab : Advance to previous field or clickable object
Ctrl+Enter : In Excel : insert whitespace in this cell
In Email : send email
F7 : Spellcheck (MS Office, Email clients)
Ctrl+N : start new instance of program, MS Office: new document
Ctrl+S : Save
Ctrl+O : Open
Alt+(underlined character) : enable drop down menu with this character
Alt+F4 : close application in focus
ALt+PrintScrn : Take a screenshot of active application only and put into clipboard ( alt+printscr , win+r , mspaint , ctrl+v, ctrl+s saves your screenshot — start to finish )
Menu button : brings up a menu on the current object you’ve selected — your keyboard doesn’t have it, lots do ( http://en.wikipedia.org/wiki/Menu_key )
Ctrl+Alt+Del : bring up login screen, can be configured to bring up taskmgr

ctrl+z : Undo Read More…

A denial of service (DoS) attack is an incident in which a user or organization is deprived of the services of a resource they would normally expect to have. In a distributed denial-of-service, large numbers of compromised systems (sometimes called a botnet) attack a single target.

Although a DoS attack does not usually result in the theft of information or other security loss, it can cost the target person or company a great deal of time and money. Typically, the loss of service is the inability of a particular network service, such as e-mail, to be available or the temporary loss of all network connectivity and services. A denial of service attack can also destroy programming and files in affected computer systems. In some cases, DoS attacks have forced Web sites accessed by millions of people to temporarily cease operation.

Common forms of denial of service attacks are: Read More…

These extensions at the end of a file name refer to the type of file it is. This information is used by your operating system to launch an appropriate program when you click on the file name. Example: file.txt is a text file and can be opened by a text editor program. Read More…

Introduction

Millions of wireless access points are spread across the US and the world. About 70% percent of these access points are unprotected—wide open to access by anyone who happens to drive by. The other 30% are protected by WEP (Wired Equivalent Privacy) and a small handful are protected by the new WPA (Wi-Fi Protected Access) standard.

At a recent ISSA (Information Systems Security Association) meeting in Los Angeles, a team of FBI agents demonstrated current WEP-cracking techniques and broke a 128 bit WEP key in about three minutes. Special Agent Geoff Bickers ran the Powerpoint presentation and explained the attack, while the other agents (who did not want to be named or photographed) did the dirty work of sniffing wireless traffic and breaking the WEP keys.

This article will be a general overview of the procedures used by the FBI team. A future article will give step-by-step instructions on how to replicate the attack. Read More…

Connector Types / Images

Male and Female connectors, do you really know the difference?

Connectors on your computer Motherboard: PC
Have a question? We’ve got answers! Email support
for technical support, product specifications,questions, etc.
Home Contact – Computer Products
Please be patient… images may take some time to load.
for SCSI connectors, see here.

Monitor Connectors

Other PC/Mac connectors

• Hard Drives – Bigger is Better
• But Size (GBs) Does Matter and So Does Speed (RPM)
• When 2 Drives Are Better than One

Purchasing a hard drive (HDD) is an important buying decision. That’s because all your data is saved on it. If you buy a low quality hard drive it may crash on you and you’ll lose all your games and all your digital data. In the end, though, hard drives are all about capacity. And, far more often than not, your biggest hard drives are the costliest. However, once the new models hit the market you will be able to purchase the earlier generation models for less cash. Additionally, the higher-performance (7200-rpm) drives are usually pricier than the more pedestrian (5400-rpm) drives at the same capacity.

Choosing a Top-Notch Hard Drive

• Capacity – We recommend at least 160 to 500GB; but the more the merrier!
• RPMs – Go for 7200RPM – it gives you faster read and write speed.
• Interface Speed – To get the max from your HDD the interface speed must match the interface speed of your PC.
• Seek Speed – Not a huge deal. It’s how fast drives can pick a particular piece of data. 8ms or lower is an exceptional seek speed, but 8ms to 9ms is just fine.
• Buffer Size – Go for at least 2MB

Bigger is Better
It’s generally a smart move to purchase the biggest hard drive capacity your budget will bear, even if you won’t need all that drive space right away. Of course, larger hard drives cost more than smaller ones, but the cost per GB doesn’t work out byte for byte. For example, the difference in cost between a 60GB and an 80GB HDD isn’t much, but a huge HDD could cost quite a bit more. Hard drives are able to handle larger amounts of data all the time. And it’s a good thing, because programs are getting more complex, graphics-intensive. You can now hold an amazing 400GB of data on a single drive. For those of you who hoard vast amounts of digital media or edit videos this ever-burgeoning hard drive capacity is a gift from cyber heaven. The proliferation of extra-large hard drives takes away some of the mystery out of HDD shopping. However, determining what size hard drive you need is a subjective matter. It really depends on how much data you need to store. Some folks can get by with 60GB on a desktop; others prefer the huge hard drives ranging from 250Gb all the way to 2.0TB or more. Size requirements, of course, differ for notebook computers. Before you get too involved in the GB numbers, though, you will need to check your motherboard’s manual or with your computer manufacturer to see how big a hard drive your PC can support. We recommend that you start off with at least an 80GB hard drive.

The Need for Speed
The speed of a hard drive is expressed in revolutions per minute (RPM) and it refers to how fast the computer can read data from the hard drive. We recommend that your hard drive moves at a clip of at least 7200 RPM. At less than 7200RPM your data-intensive applications, such as games, might slow down because it takes too long access the data.
You need at least 5400 RPM for fast data read and write speed. High RPM is especially critical if you use your computer for multimedia or video applications. Faster RPM doesn’t make much difference for word processing or surfing the Net.

Secondary Considerations: Interface and Seek Speeds, as well as Buffer Size
Secondary considerations that taken together should have an impact on your buying decisions include Interface Speed, Seek Speed and Buffer Size.

Interface Speed
Interface speed is measured in ATA/100 or ATA/133. There isn’t much noticeable difference between the two values. To get the maximum performance from your hard drive, its interface speed must match the interface speed of your PC. If not, you must install an interface card that matches the speed of the new drive.

Seek Speed
Average seek speed is how fast your drive can find a particular piece of data. This should not be a huge factor in your hard drive buying decision unless you need to copy large folders full of many small files, which makes it necessary for your PC to assemble small, scattered bits of data.

Buffer Size
The buffer is a memory cache on the drive. This cache is a repository for the temporary storage of data awaiting the next likely request of your computer’s CPU. Because random-access-memory (RAM) is much faster than mechanical rotating storage, the buffer can speed up performance. Most new desktop hard drives have buffers of at least 2MB, which is perfectly acceptable for most uses.

Other Considerations:

• RAID
• SATA
• Moving Data to Another Drive

RAID!! What is it? Do You Need it?
In case you are interested, RAID stands for Redundant Array of Independent Disks. Simply stated, RAID allows you to use more than one hard drive to ratchet up your disk speed or retain a backup of your data in case a drive fails. In either circumstance, you will need more than one identical drives, and it’s not particularly easy to configure them. More and more systems use RAID 0, which can markedly increase system speeds for reading and writing data. If you want to go for RAID you will need to choose a couple of drives that match the storage capacity you’re looking for. Now that you can purchase 1.0TB hard drives for less than $100, you can easily go for the RAID advantage. Making this decision easier is the fact that most new motherboards support Redundant Array of Independent Disks.

Take Serial ATA Seriously?
Serial ATA, known as SATA is definitely the way to go if you are building your own PC from the ground up. Even the most inexpensive mobos support SATA, and if you go with a SATA drive your PC system will be easier to set up. Plus, you’ll have a much easier time moving your drive to a future PC. Now if you want to boost the storage capacity of an older PC, choosing SATA is not such a simple proposition. In order to use a SATA drive you’re going to have to add a SATA controller card, which can be costly. However, many of the new SATA controller cards have built-in options to add RAID support to your system. If you’re a video editor or the kind of person who stores tons of digital data, it just might be worth your while. In the alternative, it’s a wise choice to simply add a second parallel ATA drive. Some manufacturers are adding new wrinkles to SATA technology to enhance hard drive performance. For example, Seagate’s Native Command Queuing (NCQ), which requires a native Serial ATA drive, accompanies one of its 160GB hard drives, improves performance by packing good aerial density, meaning it has more data than ordinary into a small space. NCQ allows the drive to master multiple outstanding commands simultaneously and utilizes an internal queue that can store up to 32 commands at once to allow the drive to quickly reorganize the commands so they can be written and read more efficiently. This particular Seagate drive with NCQ also uses 8MB of cache to help overall performance by caching sequential data hits.

Moving Your Data to Another Drive
When it comes time to add a new hard drive to your older PC, the new addition will almost always be faster than your existing drive. However, if all you do is install the new drive on your PC, you’re going to maroon your operating system on the slower drive. In committing such an act of abandonment, you will forfeit some of the benefits of upgrading. So, make sure you use the newer, speedier hard drive as your boot drive. Hard-drive upgrade kits generally include software that will clone your existing drive to the new one, thus turning your faster drive into your boot drive.