MyCERT Advisories


MyCERT Advisories, Alerts and Summaries for the year 2005

MA-096.102005: MyCERT Special Alert - Festive Season and Long Holiday

Original Issue Date: 27th October 2005

With the coming festive season and long holiday break, MyCERT would like to alert all System/Network Administrators, IT personnel and Internet users to properly secure/harden their systems and networks before they leave for their long holidays.

Based on our experience, we had cases/reports in previous years where servers and websites been compromised and defaced during festive seasons. We hope such incidents will not occur again.

MyCERT would like to stress that System/Network Administrators should take extra precautions against web defacement, phishing and malicious code activities for the festive and long holiday season, by implementing proper preventive measures against these threats. However, other threats such as Denial of Service, Hack threats and Destruction should not be overlooked.

Attached below are some useful guidelines and measures that you may follow to ensure that your systems and networks are properly secured, thus preventing them from being compromised:

  1. Make sure all your systems are installed with latest service packs and patches.

  2. If you're running older versions of operating systems or softwares, make sure you have upgraded them to the latest versions as older versions may have some vulnerabilities that can be manipulated by intruders.

    You may refer to your respective vendors for the latest patches, service packs and upgrades.

  3. If you're running services, make sure you close unneeded services/ports except http service and other required services should be filtered and patched accordingly.

  4. Make sure anti-virus softwares that are running on your hosts and email gateways are updated with latest signature files and are enabled to scan all files.

    You may refer to the AV sites at: http://www.mycert.org.my/en/resources/malware/av_sites/main/detail/528/index.html

  5. Please check that your systems and networks are configured properly in order to avoid any unnecessary incidents caused by misconfigurations.

  6. Make sure loggings of your systems and servers are properly enabled.

  7. Make sure you back up all your systems.

  8. Organizations are recommended to install network based or host based IDS to alert scannings and other malicious attempts to their hosts.

    List of several Intruder Detection Systems
    http://www.mycert.org.my/resource/ids.htm

    List of several types of sniffers
    http://www.mycert.org.my/resource/sniffer.htm

Home Users who are using PCs/computers at home are advised:

  1. Make sure your PCs aree installed with latest service packs and patches.

  2. Install an Anti-Virus software on your PCs which scans and blocks any worms /viruses to the PC. The Anti-virus should be regularly updated with latest signature files in order to detect new worms/viruses.

    You may refer to the following AV sites to download anti-virus software.
    http://www.mycert.org.my/en/resources/malware/av_sites/main/detail/528/index.html

  3. It is recommended for home users to install personal firewalls on their PCs. A personal firewall is capable of blocking unauthorised scannings to the PC and will alert the PC owner of any illegal scannings to their PCs.

    More information on home user PC security is available at:
    http://www.mycert.org.my/en/resources/home_user/pc_security/main/detail/520/index.html

  4. Implement safe email-practices.

    Safe-email practices document is available at:
    http://www.mycert.org.my/en/resources/email/email_practices/main/detail/512/index.html

Please take note that MyCERT will be on duty 24x7 during the festive season and users/organizations may contact us for assistance or to report incidents at:

Tel: 03-89961901
Fax: 03-89960827
Email: mycert@mycert.org.my
Web: http://www.mycert.org.my/report_incidents/online_form.html
SMS: 019-2813801

Do visit MyCERT's website regularly for current updates, latest alerts and advisories at:

http://www.mycert.org.my