Cross site printing attacks target your network printer

In mid-2002, an unprecedented series of major security flaws were uncovered in Windows 2000, Internet Explorer 6.0, and IIS 5.0, which are some of Microsoft’s most strategically important products. The resulting media backlash resulted in a now-famous "trustworthy computing" internal memo from Bill Gates to all Microsoft employees. The gist of the memo was this: Stop programming and take a look at what you’re doing from a security perspective. For two months, production on all Microsoft products stopped, and Microsoft programmers and other employees attended a series of classes designed to highlight common programming practices that often result in security flaws. The programmers also reviewed the code for their products, including Windows Server 2003, with an eye toward removing those unsecure programming practices. The result, according to Microsoft, is that a huge number of security flaws were removed from Windows Server 2003 (and other products) before it was released to manufacturing.

Other practices changed, too. For example, Microsoft products usually go through a beta cycle and then a release candidate (RC) cycle. During the RC phase, new features aren’t supposed to be added to the product and major changes aren’t supposed to be made. The RC phase is normally designed to catch and fix bugs; any feature that has bugs that can’t be fixed is dropped from the product and rolled to the next version’s development. For Windows Server 2003, however, the door was left open for security-related changes throughout the product’s lifecycle and even into the RC phase. Normally prohibited changes, such as changes to the product’s user interface, were allowed if they had a security implication. The message was clear: Deadlines could be missed and features could change if doing so was necessary to prevent security problems in the product.

Log files track the activity on a computer so administrators can see who has used the computer, what they did, how long they stayed connected, and where they came from. Since a log file can also record the activity of an unauthorized intruder, much like a surveillance camera can record a burglar breaking into a store, hackers look for the log file as soon as they get access into the computer.

Script kiddies often delete the log files to prevent the administrator from seeing exactly what they did on the computer. Unfortunately, deleting the log file reveals the presence of an intruder as blatantly as using a stick of dynamite to get rid of a surveillance camera. The moment an administrator notices that someone has deleted the log file, he or she immediately knows that a hacker must be on the system.

Rather than announce their presence by deleting the log files, the smarter and more technically skilled hackers selectively modify the log files to hide their presence by deleting their own activities from the log files but otherwise leaving the log files intact. At a cursory glance, a system administrator would find the log files seemingly untouched, thereby giving the hacker a chance to infiltrate the computer without alerting the administrators.

OVERVIEW

TWO OF THE GREATEST THREATS TO EVERY COMPUTER ARE VIRUSES AND WORMS, WHICH ARE NOTHING MORE THAN COMPUTER PROGRAMS THAT SOMEONE EITHER WROTE FOR "FUN," OUT OF CURIOSITY, OR AS A CHALLENGE TO CREATE THE MOST DESTRUCTIVE VIRUS OR WORM POSSIBLE. Although some viruses and worms are completely harmless, the majority of viruses and worms cause a wide range of trouble, from displaying nonsensical messages on the screen, to making the keyboard work erratically, to deleting files or entire hard disks.

While a virus or a worm won’t always cause any damage, it is always unwanted on any computer. Table 1 lists some of the more infamous viruses, worms, and Trojan horses throughout history: