Be warned more problems April 1^st.

PC security forces face April 1 showdown with Conficker worm

Story Here

You May be a Conficker Zombie if Your XP Hasn't Been Updated Since October 2008

People using Windows XP and Vista who haven't upgraded their operating systems since October 2008 have a PC probably sent into a zombie botnet army.  The reason: Conficker worms can block downloaded antivirus software and access to security Web sites.

The highly sophisticated variants sent by Conficker worm creators are able to geo-locate computers to improve their attraction for computer criminals.  They invade the system by the autorun.inf function on external hard drives in Windows or by weak passwords.

The Conficker worms can also be spread by Linux or Mac.

http://www.internetevolution.com/author.asp?section_id=717&doc_id=172406&

Please make sure you have the Microsoft Update for this vulnerability patched

Microsoft Security Bulletin MS08-067 – Critical

Vulnerability in Server Service Could Allow Remote Code Execution (958644)

Click Here for manual download

More information:

Conficker Worm: Help Protect Windows from Conficker.A and Conficker.B

Microsoft Info Here

Watch out for friends sending a message with a video link that asks you to update your Adobe Flash Player to view a spoofed youtube video.

From PCMag Source

New Koobface Variant Preys On Facebook Users

 

A new variant of the Koobface worm is making the rounds.  Facebook users need to be aware of this and other attempts to use clever social engineering related to Facebook to trick them into installing malware.

 

Like the earlier versions of Koobface, this one starts out as a Facebook message from a friend.  The message includes a link to a web site with something enticing like "a video of you".  Like the old ones, in order to view the video you have to apply what purports to be an update to your Adobe Flash player, but which is in fact the malware.

 

The difference in this case is that the page with the video is professional-looking YouTube spoof, complete with the impression that the video has been posted by your Facebook friend.  This is a clever next step in the scam.

 

Install the malware and it will steal your logon credential from Facebook and other sites and send the message on to your friends on them.  Trend Micro's description of the malware has all the gory details.

With a rash of Adware, Spyware, Malware and Viruses running a muck in the PC world, I strongly urge you to download Malwarebytes' Anti-Malware software http://www.malwarebytes.org/mbam.php. 

It is a free for personal use and does an excellent job of removing those hard rootkits, Malware and Spyware.

When you install it, just take the defaults and allow it to check for updates, download and install.

Do a full scan, which may take a few hours if you have a lot of programs installed or a large amounts of files stored on your hard drive.

If you find the product worthy, I do recommend you purchase it as the purchased version adds a real-time scanner, which is proactive instead of reactive.

I also recommend you run Microsoft’s Windows Malicious Software Removal Tool (MRT).  Just go to the run command and type in mrt.  Click okay or hit return.  Do a full scan.

To download Malwarebytes' Anti-Malware software You can download it here

As with anything, run at your own risk.

While reading other blogs and having a few people comment to me about how IP works, I thought I should explain a plain English version and clear up a few mistakes.

First, if you have high-speed Internet and a wireless router, make sure to turn off broadcast, you should enable WPA if you can (use at least 128bit WEP if you cannot use WPA), change your default password, and default SSID name.  Don’t let people know you use a Linksys or a NetGear or any manufacturer as they can look for know weaknesses for that type.  Make them work harder to try and steal your bandwidth or compromise your computer and files.  Limit the DHCP IP’s given out to just the amount of your devices.  Enable MAC Filtering for your know device as well.

Second, many places around Cudahy have free Wi-Fi which allows you free access to the Internet from these hot spots.  One is City Lounge right by the library and another is McDonald’s on Packard.  The Cudahy library itself may have a Wi-Fi connection.  Someone living around there could have it easy finding a stray connection from the free Wi-Fi or a neighbor not knowing.  You can sip a coffee or drink a beer and be on someone else’s network just browsing or mischief.

One can hop on the Library computers and surf.  I do think some sites may be blocked.

With using those and other hot spots, it is very hard to know who a user is.  The MAC address that is unique to all network cards and devices.  But wait, there are programs out there that allow you to change it.  Some router/modem configurations require you to clone the MAC address of the PC’s network card to the router.  So even that can be spoofed or faked.  There are programs to block or mask your IP, even to fake a known one.  Toolkits are out there if you look for them.

I will try not to be too technical on it so I am sorry if I make it too simple for some.  Most of the info will come from Microsoft’s IP certification book on IPv4.  A teacher and a friend of mine helped write the IPv6 book for Microsoft, so I will also draw off of him and notes from class.

What is TCP/IP? TCP/IP (Transmission Control Protocol/Internet Protocol) is the basic communication language or protocol of the Internet.  It can also be used as a communications protocol in a private network (either an intranet or an extranet).  When you are set up with direct access to the Internet, your computer is provided with a copy of the TCP/IP program just as every other computer that you may send messages to or get information from also has a copy of TCP/IP.

IP is an address number much like the street address or phone number.  Now when you type in your browser www.yahoo.com a DNS server (Domain Name System or Domain Name Server) checks its database and translates it from the name to an IP address in the case of the example 69.147.76.15

It is much easier to remember the word yahoo.com instead of the number, but you can place the number in your browser and get yahoo.com.  Large companies have a web farm, which has multiple servers working together as one normally with a single heartbeat.  Transaction servers for eCommerce depend heavily on web farms.  You may notice you are on one if doing a search and the site comes up www1.the company.xxx  The 1 denotes the transaction/database server you are on.

Public IP are addresses that are routable out on the Internet.  Now you could setup your home network with 69.147.76.15.  Now you will have problems routing info and you will get a call that you are using a number that is registered and owned and you must stop.  You would never want your internal network setup with public IP’s unless you do mean to have it exposed to the world.  Public IP’s are static.  One side of your cable or dsl modem has a public side and many that have a router have a private side.

Private IP’s are not routable to the Internet without being encapsulated.  Most people have a Class C setup for which allows for 254 computers that can use the one public IP you get from your ISP.  So that means everyone at your office has the same public IP.  Without looking at internal router tables to look at private IP and MAC addresses you cannot know which computer is the one at a site.  At my office, twelve computers share the one public IP.  What makes this more complicated is my office also has two different ISP’s and a dual turbo router that can load balance or fall over for fault tolerance between the two types, cable and DSL.  You don’t get to choose which one you mainly go out on as it works off of an “OSPF” open shortest path first technology.  Not unlike the dual shotgun modems that came out just before broadband became popular.

IP’s are setup in three standard classes.

Class A Supports 16 million hosts/computers

10.0.0.0 through 10.255.255.255

Class B Supports 65,000 hosts/computers

172.16.0.0 through 172.31.255.255

Class C Supports 254 hosts/computers

192.168.0.0 through 192.168.255.255

These classes are reserved.

Class D

224.0.0.0 to 239.255.255.255 Reserved for multicast groups.

Class E

240.0.0.0 to 254.255.255.254 Reserved.

In explaining it, I dropped the hosts to network info.  You can do subnetting and supernetting to change the number of hosts and networks, but I will not get into that as it can get in depth.  You can also use a Class A IP scheme and a Class C subnet mask.

Last year a man in Cedar Springs, Mich., was fined $400 for mooching off somebody else's wi-fi--a police officer spotted him laptop-surfing in a parked car.  Apparently, that violates Title 18, Part 1, Chapter 47 of the United States Code, which covers anybody who "intentionally accesses a computer without authorization or exceeds authorized access.”  Whatever that means--the law was passed in 1986,

Illegal or not, it was definitely unethical

I wanted their bandwidth!  If it was so precious to them, they should have put a password on it!  Don't look at me like that--according to the Wi-Fi Alliance, 53% of people surveyed said they'd done the same thing.

Source

Quick check of the Cudahy Library Website

WE'RE WIRELESS!!

Day 5 – Still No response from the Mayor

Amazing, the leader (in name only) votes something down, is silent, and will probably gets away with it.  Hey, only in Cudahy!

It was requested that I do a monthly review of the most looked at topics I wrote.  I will run down the top 10 and give a small overview of each. 

Some of these have an unfair advantage because they are older and have had the chance to be looked at longer.  By far, the shorter time Wal-Mart articles have more people view them quicker.  Many people still want to hear about Wal-Mart from both sides of the issue.

People keep emailing me offline in private and that is good.  I would like people to start making comments.  The South Shore viewers don’t seem to want to publicly comment, by how many private emails I get vs. the comments feature used.

1. Turf War – What to Build? –Yes it is a Wal-Mart post and I talked about TIFs and how the Mayor doesn’t want the Wal-Mart and how this chance may not come again. I also included a letter from a reader that they sent to the Mayor and my responses to what the Mayor replied.

2. Real Voter Intimidation – I talked about how during the 2006 election my neighbor was intimidated and took down his sign in fear of retribution from his union steward.

3. ** Adults Only **  – The title maybe misleading to a few, but the subject matter was how adult content is on the web and we must watch what our children do on the web.

4. One Must Look Back To See The Future  – Here I wrote about that sometimes one must look back to see the future and how Mayor McCue had some foreshadowing in his campaign pledge about Wal-Mart.  Cudahy, as is the nation, is in a recession and how in a downturn we should not pass up the opportunity of this Wal-Mart.

5. History Repeating Page Two  –I wrote about the info a reader emailed me about a Cudahy School closing and Wal-Mart spin.

6. Plan Commission   – I wrote about what happen at the last Plan Commission meeting about Cudahy Station.  How some members didn’t even understand what they were to be voting on that night.

7. Proposal On The Table  – I wrote about what is the Wal-Mart proposal, TIF, and the Plan Commission.

8. Teen’s Common Sense Sometimes Lacking  – I wrote about a report I came across on how Florida legislators are encouraging a review of their "abstinence only" sex education programs after a recent survey completed by Florida teens returned some curious results of not understanding things like drinking bleach prevents HIV.  By now way am I attacking "abstinence only", just bring to light what they found.

9. Flamethrower  –I wrote about what a person said to me about how I deal with the Mayor and if I hate him.  I may be ruffling feathers and again once you write it, and sign it, you can’t hide from it something I wish the city would do.

10. Keeping Us In The “Noir”  – Keeping Us In The "Noir" is about how we are in the dark (Noir) on may things in government and how with open records laws, the information should be public and easily obtainable.  I wrote about how many of these very things should be on the web at a mouse click away from you and I to read and know.

I hope everyone enjoys reading my posts.  You may not agree with me, but maybe what I have to say will shed some new light on matters and make you pause.  I am not a reporter, but a commentator.  I do not get paid, work for the city, or have a secret agenda.  I gain nothing personally from doing this blog other than the satisfaction of being able to put “The Way I See It” out for others to read.  I do it because I think it needs to be said.  I try to be fair and when I see something I don’t agree with, I let it be known.

Many people have said I am hard on the Mayor in his first year and I write blogs that don’t show his job performance in a good light.  When I see something that he does great, I will blog on it.

Hey, I am not the only one blogging on the Cudahy Now website, Greg Janisch was McCue’s campaign Treasurer and he can blog.  Just because I am critical of the Mayor’s job performance, does not make me a person who is attacking Ryan McCue personally nor am I character assassinating him!  This is about his job performance period!  We all have freedom of speech and a voice; I just choose to use mine.

Here is what a reader, Dave Taylor, said in a comment:

“Randy, there's a lot of people in Cudahy who back you up, even if they are too scared to admit it.  We should all be thankful that someone is willing to take a stand for what is right for our city; like you said, "...just want Cudahy to be better", too bad there are egos that get in the way of the good the city could do.  There isn't any reason to be shameful of an opinion, that's what makes us human (not robots) and why our country is a great one!

Sometimes you may feel your comments fall of deaf ears, but the truth is that people ARE reading and they ARE listening.  We rally behind you and hopefully, you are stronger in your plight for a better Cudahy because of it.  You are a voice that matters!  You are looking out for the betterment of Cudahy!  You are taking a stand, unafraid of whose feathers you ruffle!  Those of us who stand behind will continue to support you, even if the “powers that be” wish we weren’t listening!

Keep up the good work…your supporters need your voice!”

Someone has talked to my superiors at mycommunitynow.com to have my work censored or shutdown.  The claim was I lie, spread rumors, and have false and inaccurate information.  I try to source my work and some comes from people in government that do not like the direction we are headed or people close to a situation that feel some injudicious is being done.  I have always believed in correct information and not disinformation.  If something is truly wrong let me know and I will correct it, but don’t be all that upset and try and shut me down because you don’t LIKE what I am saying!  People if what I am hearing from those inside is true, some scary things are coming or happening.  Hypothetically, it might even be something like a change of salary ordinances for health insurances that is not fair and done evenly.  Should it not be changed for all and not leave out anyone?  Fair is fair.  That is a hypothetical, but watch it might just come true.

I will not stop until the misinformation, disinformation and no information are brought to light.  More and more people are emailing me with things.  These are very reliable people and trustworthy people.  Together we can all make a difference.  I will NEVER sell you out and I have been asked who is telling me things.  The wheel of information doesn’t need to stop spinning just because it might ruffle some feathers.

Okay, maybe it isn’t!

I bet that did not deter children from looking.  In fact, it made them more curious, that any of them seeing the headline/tag peeked.

I was at my paying job the other day at a customer’s site and one of the employees (I like that instead of being “PC” – associates) made the comment to another employee on “How is it that adult content is allowed to be on his Internet?”

The other employee said “Because the Internet police haven’t found that person yet.”

First off – WWW stands for “WORLD Wide Web” 

Catch that first word?

Since it is world wide, just because our laws stipulate one thing doesn’t mean where the site originates from does.

Second – It is not his Internet!  One single person doesn’t control it and truly there is no Internet police (MPAA and RIAA think they are).

I truly understand that the web is not a playground for kids, but there are many resources on the web.  Some classes require Internet based projects.

We all have to do our share of protecting the underage from seeing content not suitable, but we cannot be everywhere.  Some will argue that the adult content has just as much rights as on adult stuff.

I, for one, was hoping they would have passed the .xxx extension to make it easier to manage, but a debate of what is adult only can be made on so many levels.

Yes, I know you can setup IE or most browsers to manage content and there are many addons/plugins software packages out there to block and manage the content.

Ultimately, we have to be the ones responsible as parents to watch what our children do, while respecting others needs/wants/desires that may not be consistence with our values.