Steve Gibson (Zone Alarm) News

[n/a]

Hello Bear,



_________________________________________________________________



New freeware utility developed and released:



"PATCHWORK"

_________________________________________________________________





As you may recall, the last eMail from me was the early December announcement of the new "LeakTest" personal firewall leakage tester. Thanks to your support, 775,778 copies have been downloaded ... and all major firewall vendors have updated their products to plug their leaks. In the future, a next generation of LeakTest will highlight additional problem areas in personal computing firewalls.



So what is PATCHWORK ??



Last Thursday (March 8th) the United States Federal Bureau of Investigation -- the FBI -- announced that the Windows NT and Windows 2000 Internet web servers belonging to at least 40 prominent eCommerce companies have been systematically broken into by Eastern European hackers. After having their private customer credit card data stolen, the companies were financially extorted under the threat of public disclosure of their customers' data. More than one million credit card purchasing records have been stolen. You can read the full FBI press release here:



<http://grc.com/pw/FBIannouncement.htm>



Shortly before the FBI's public announcement, I was contacted by people in Washington and asked if I could produce a utility to instantly determine whether a Windows NT or 2000 Internet server was vulnerable to these attacks, and to search the server for any evidence of previous penetration. The FBI provided all of the specific details required, so I quickly created my latest freeware: "PatchWork" (just 30k bytes).



PatchWork is ONLY useful for users running Windows NT or 2000

-- so I know that it will not be of interest to everyone -- but I wanted you to know that it exists. If you, or anyone you know, ARE using any version of Windows NT or 2000, you really should check out PatchWork! It is opening MANY people's eyes ...



<http://grc.com/pw/patchwork.htm>



_________________________________________________________________



Other News:



1. The GRC NetFilter:



I am VERY excited about the next product I will soon start creating: It's called the "GRC NetFilter". It is like a privacy and security enhancing firewall that deals with the growing number of Internet privacy problems and annoyances; things like 3rd-party cookies, personal information leakage, browser "pop-up" windows, home-phoning spyware, web tracking and profiling, and even unsolicited (SPAM) eMail. For an overview of the project, check out this page:



<http://grc.com/nf/netfilter.htm>





2. The birth of FREE Firewall Log Analyzers!



If you use a personal firewall you may know that their logs can sometimes be difficult to decipher. Some entries in the logs may be friendly or innocent, while others could be truly nefarious. Some new and really cool utilities are answering the need to make sense of these confusing logs.

More are on the way, but you may want to check out these first, completely free, solutions:



Right now for all users of ZoneAlarm:



<http://www.zonelog.co.uk/>



For users of BlackICE Defender: A feature-rich freeware log analyzer, similar to the ZoneLog Analyzer, is in development by the people at the popular DSL Reports web site. I'll be sure to let you know when it's available for your testing!

In the meantime you might want to check out the completely FREE "ICEWatch v2.19":



<http://keir.net/icewatch.html> (just 63k bytes)



(See the ICEWatch v2.19 link at the TOP of the page.)





3. What programs contain Spyware??



During the year that my OptOut tool was closely focused upon Spyware, the question we heard over and over was "Does the such-and-such product contain spyware?" People wanted to know which products were suspicious. So I was very pleased when I discovered a web site that is actively maintaining a database of spyware carrying applications. If you have ever wondered about any of your own software, or before purchasing a new program, you might want to check it out!



<http://www.spychecker.com>



_________________________________________________________________



Thank you for your time. I hope this has been useful to you.



Steve Gibson. GRC





http://www2.mmind.net/bskarky/bb1cc.jpg" border=0>

     --Bear