Why Malaysia needs MyCERT?
The number of computer users in Malaysia is increasing rapidly each day and these people are exposed to the malicious or criminal activity imposed by irresponsible individuals through these machines. Computers that were once used primarily for research analysis, data collection, simulation, data storage, graphics etc have been misused to operate break-ins, theft of data and economic fraud. In response to this malicious activities, MyCERT was formed.
What is MyCert Abuse Statistics?
MyCERT Abuse Statistics are based on number of abusive reports and complaints that MyCERT received which include system administrators and concerned individuals from all over the world. It is periodically updated. These statistics can be view here.
What is MyCERT Security Advisories and Summaries?
MyCERT Security Advisories and Summaries are a compilation of security advisories around the world which MyCERT found useful for Malaysia users. You can find MyCERT Security Advisories and Summaries in here.
Do MyCERT monitor and publicise virus alerts?
No, MyCERT DO NOT monitor and publicise virus alerts (there are hundreds of viruses a month). We only provide advisories on malicous programs that have WORM-like behavior (eg. Melissa and Happy99 which replicate itself via email), and trojan program (eg. Back Orifice and Netbus).
Do I get infected by virus from just opening the mail?
Yes, there are viruses that can infect the PC without launching the application. Such viruses can penetrate through some email client applications, i.e. Microsoft Outlook. For Microsoft Outlook users they are adviced to remove the scripting tool facility. However, virus infections happen when you launch or execute file attachments without first scanning the file for any known virus.
What is secure messaging?
Since internet is a huge inter-connected network of computer, there are many irresponsible people who are happy to intercept your messaging. In order to prevent this you need to secure your message. A short write up on secure messaging can be found in here.
What is network abuse?
MyCERT considers network abuse as a serious offence. Network abuse is categorized into attempting, sniffing, spoofing, probing/scaning, intrusion and destruction of inter connected system. Discussion on network abuse can be found here.
What is email abuse?
MyCERT divides email abuse into several categories. The catagories are spamming, mailbombing, vulgar language, harrassment and chain letter. The explanation can be found here.
What is spamming?
Email "spamming and get-rich-scheme" is a situation where an email is sent to hundreds and thousands of addresses. The worse case would be when the email is sent to mailing lists, in which the email is forwarded to hundreds other users. The email can be in the form of chain letters or get -rich-scheme. Most spam is for commercial advertising. The recipients neither request nor expect the email. What makes people annoyed of spamming is because most of the costs are paid for by the recipients. Further reading on spam and unsolicited commercial email can be found here.
How can I block spamming?
For personal users, to filter the spam in netscape mail, just go to "view" --> "mail filters". There, you can set what kind of mail you wish to avoid. Most email softwares have this feature as well, try search in the help file. You also can install filter tools to filter your own mailbox, e.g. procmail(unix), spamicide(windows) and SpammerSlammer. These anti-spam software is to stop or delete any unwanted or spam email from reaching you.
For system administrator,it is recommended to run at least sendmail version 8.8 and above to stop relaying spam e-mail as well as preventing known spammers.
What is email etiquettes on spam complaint?
Email etiquettes on spam complaint is a voluntary protocol on how to place your report. The basic idea is be polite, because people are willing to pay more attention to you if you ask them nicely. More on email etiquettes on spam complaint can be found here.
What kind of sevices MyCERT offer?
MyCERT offers two kinds of services. First is security training where system administrators and computer security officers will learn the basic steps on securing one's system. The second service is MyCERT's Free Security Scannings which assist an organization at high priority, upon detection of any system or network security. Assistance includes identifying how the penetration occured, how much damage was done and how to recover. The recovery process is intended to aid the organisation in restoring the system operation and also to prevent similar incidents from reoccuring.
How to report an incident?
There are 5 ways to report an incident to MyCERT; online reporting, fax, email, sms, and phone(603 - 89926969). When you report an incident, please provide adequate information on the nature of the incident and the timestamp in which include your local timezone. This is important to avoid unnecessary delay.
What is MyCERT security training?
MyCERT security training is a 4-day program designed to introduce the basic understanding of system and network problems. The course is intended for system administrators who are new to the system and network security. It teaches on how to implement minimum security tools and basic fix to some common system vulnerabilities.
Requirement:
The system administration technical training required system administration knowledge- this is NOT a UNIX and WinNT introductory course. It is meant for system administrators to master the method in securing UNIX and WinNT platform. Details on this security training can be found in here.
