The New NAT-Friendly Microsoft

March 8, 2008 – 2:14 PM

VPN just got easier. Windows 2000 and XP clients can do IPSec out of the box, but when you attempt to VPN to an external resource from behind a NAT router/firewall, challenges ensue. To date, Microsoft has not gotten along well with NAT, but in a brand new update made available for Win2K and XP clients via Windows Update, Microsoft has added NAT-T functionality, which allows the creation of IPSec tunnels when banished to a NAT environment. The description bothers me a bit, as it only notes that the tunnels can be created between Win2K/XP clients and Windows Server 2003 servers. I haven’t yet had the opportunity to setup a test of the new toy, but you can count on hearing more about how it works once I hook up with my buddy Warren for some play time.

There are IPSec management features packed into the update as well, bringing much needed administrative ability down to the client level, and now Windows XP clients are able to take advantage of all of the new IPSec functionality built into Windows Server 2003. Windows 2000 is left out in the cold in many respects, but at least the main NAT-T stuff is available at the very least. One additional note here regarding compatibility. ISA Server environments are warned not to expect compatibility with the latest client updates at this point. My guess is that a patch or service pack will address those issues in time.

MS Article

Code diagrams enable ‘point-and-click’ programming

March 8, 2008 – 2:13 PM

Non-programmers could play a major part in developing complex computer programs, thanks to a new language developed by Sun Microsystems.Ace is based on Sun’s successful Java language and provides software development tools that give a graphical representation of computer code.

Manipulating the diagram on-screen automatically alters the underlying code. For example, moving a line connecting two boxes could change the point at which a piece of input data is entered into a program.

“Non-programmers can use Ace to build a skeleton of their application,” says Ali Sayed, a member of the Ace project team. “But to make it completely working they [or a colleague] will have to write some minimal amount of code.” Ace should also let non-experts modify a program after its core components have been written.

Minimal code
Andy Rutter, a Java programming consultant with UK company GBDirect, says there have been attempts to provide user-friendly graphical programming aids for other languages.

He says these often make development easier, but reduce the flexibility of the programs that can be written. “If non-technical people are putting together a system, then they have to have a small number of technical choices,” Rutter told New Scientist.

However, Rutter believes Ace could be useful for Java developers: “A common criticism has been that Java is very hard to use. Ace will bring the tools and facilities of Java to more people.”

Sun hopes that Ace’s ease of use could cut the cost and complexity of developing internet and wireless programs. It also aims to reduce the work needed to make individual programs work on different platforms, by automatically adapting the code for different components such as databases or web servers.

Sayed told New Scientist that some of the source code behind the Ace language may be freely released at the JavaONE conference in June 2003. This would let other programmers expand the range of applications the language can be used to write.

New computer worm disguises itself as an e-mail from Microsoft

March 8, 2008 – 2:13 PM

Antivirus vendors have warned about new computer worm which pretends to have been sent by Microsoft technical support.

The e-mail containing the worm, dubbed Palyh (pronounced Pale-H) or Mankx, appears to come from [email protected], but is not from the software company. It contains a file which, upon execution, copies itself to the Windows folder, scoops up e-mail addresses from the hard disk and starts sending itself out. Palyh also spreads to other Windows machines on a local area network (LAN).

Though the file appears to have a .pi or .pif extension, it is an .exe file which is automatically run by Windows as soon as the recipient double-clicks on it.

The malicious program has the ability automatically to update itself from a remote web server, and install spyware on infected machines.

Spyware is any software used to obtain personal information about a user or his or her computer without informing the user or asking permission. Spyware uses an Internet connection to receive the data about Web browsing habits or even passwords and credits card details.

Palyh is also time locked to expire automatically after 31 May. Most likely this trigger was built into the program because the server from which it downloads its updates will be closed in the near future.

The worm appears to originate from the Netherlands, but more than 60 percent of e-mails containing it were originating from the United Kingdom. It began spreading on Saturday and has apparently infected computers in 75 countries.

A Microsoft spokesman said the company never sends out unsolicited mass e-mails with attachments.

Build your own RSS feeds!

March 8, 2008 – 2:12 PM

myRSS enables anyone to build custom RSS channels for virtually any news site they desire. myRSS requires no programming experience, is completely automated and all channels are available for free.

myRSS website

If you do not know what RSS feeds are but would like to learn more about them, read this article first.

You may also check out the My Headlines section in your control panel by clicking on Your Account (registered members only)

March 8, 2008 – 2:09 PM

The site is promoting security awareness by offering free an online security audit, firewall test, and research center. You can audit your firewall, do a port scan, or do a privacy test to get immediate results, with information about how to act upon problem areas. The site also offers a PDA / WAP security scan. It features full scans of all 65,535 ports and user input scans that allow a visitor to test only the ports he/she needs. There have been countless browser vulnerabilities in both code and browser misconfiguration. Rather than test for every possible vulnerability, the Privacy Section attempts to test for top-level vulnerabilities. The site has been designed to do speedy scans, which could lead to false readings, especially those on a slower connection. Reduce the errors by performing multiple scans and comparing results. The reading room offers more information and after performing a test, the results provide links to where you can read more about certain vulnerabilities. It’s set up to be easy to use and has features for advanced users.

Test your PC!

Page 348 of 351« First...102030...346347348349350...Last »