September 23, 2006

Microsoft advisory published on VML zero day exploit

Microsoft Security Advisory 925568:

Vulnerability in Vector Markup Language Could Allow Remote Code Execution

Published: September 19, 2006 | Updated: September 23, 2006

Microsoft has confirmed new public reports of a vulnerability in the Microsoft Windows implementation of Vector Markup Language (VML) Microsoft is also aware of the public release of detailed exploit code that could be used to exploit this vulnerability. Based on our investigation, this exploit code could allow an attacker to execute arbitrary code on the user's system. Microsoft is aware that this vulnerability is being actively exploited.

A security update to address this vulnerability is now being finalized through testing to ensure quality and application compatibility Microsoft’s goal is to release the update on Tuesday, October 10, 2006, or sooner depending on customer needs.

• In a Web-based attack scenario, an attacker could host a Web site that contains a Web page that is used to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to persuade users to visit the Web site, typically by getting them to click a link in an e-mail message or instant messenger message that takes users to the attacker's Web site.
• An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
• In an e-mail based attack of this exploit, customers who read e-mail in plain text are at less risk from this vulnerability. Instead users would have to either click on a link that would take them to a malicious Web site or open an attachment to be at risk from this vulnerability.
• By default, Internet Explorer on Windows Server 2003 runs in a restricted mode that is known as Enhanced Security Configuration. This mode mitigates this vulnerability because Binary and Script Behaviors are disabled by default in the Internet zone.

One workaround:

Microsoft has tested the following workaround. While this workaround will not correct the underlying vulnerability, it helps block known attack vectors. When a workaround reduces functionality, it is identified in the following section.

Note The following steps require Administrative privileges. It is recommended that the system be restarted after applying this workaround. It is also possible to log out and log back in after applying the workaround however; the recommendation is to restart the system.

To un-register Vgx.dll, follow these steps:

• Click Start, click Run, type

regsvr32 -u "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll"

and then click OK.

• A dialog box appears to confirm that the un-registration process has succeeded. Click OK to close the dialog box.

Impact of Workaround: Applications that render VML will no longer do so once Vgx.dll has been unregistered.

To undo this change, re-register Vgx.dll by following the above steps. Replace the text in Step 1 with

regsvr32 "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll"

Full Microsoft advisory is here.

Another recommended workaround for VML buffer overflow vulnerability

Configure Internet Explorer 6 for Microsoft Windows XP Service Pack 2 to disable Binary and Script Behaviors in the Internet and Local Intranet security zone.

You can help protect against this vulnerability by changing your settings to disable binary and script behaviors in the Internet and Local intranet security zone. To do this, follow these steps:

1. In Internet Explorer, click Internet Options on the Tools menu.

2. Click the Security tab.

3. Click Internet, and then click Custom Level.

4. Under Settings, in the ActiveX controls and plug-ins section, under Binary and Script Behaviors, click Disable, and then click OK.

5. Click Local intranet, and then click Custom Level.

6. Under Settings, in the ActiveX controls and plug-ins section, under Binary and Script Behaviors, click Disable, and then click OK.

7. Click OK two times to return to Internet Explorer.

Impact of Workaround: Disabling binary and script behaviors in the Internet and Local intranet security zones may cause some Web sites that rely on VML to not function correctly.

Customers are encouraged to keep their anti-virus software up to date. Customers can also visit Windows Live OneCare Safety Center and are encouraged to use the Complete Scan option to check for and remove malicious software that take advantage of this vulnerability. We will continue to investigate these public reports.

If you are a Windows Live OneCare user and your current status is green, you are already protected from known malware that uses this vulnerability to attempt to attack systems.

You should also turn off the preview pane in Outlook (Express), if you use it to do email. Simply previewing an email that exploits the VML buffer overflow will cause your computer to become infected. Also, switch to reading incoming email as plain text, until this is patched by Microsoft.

Wiz's note to our readers:
You are also urged to protect your computers with up-to-date anti-virus and anti-spyware programs and to scan for malware on a daily or nightly basis. This may sound like paranoia, but in this case they really are out to get you! See the links in the right sidebar or Google ads if you need anti-malware protection. Also, install a firewall on all of your computers to prevent acquired threats from phoning home, or to block incoming attempts to exploit your computer's Internet connection.

Facebook Twitter LinkedIn Pinterest Instapaper Google+ Addthis

back to top ^

September 22, 2006

Spybot S&D Definitions Updated on September 22, 2006

World reknowned anti-spyware program - Spybot Search and Destroy - was updated with new spyware definition files. If you use this program be sure to run manual updates as soon as possible.

If you see a program listed in these detections by name you should assume that is is malware. Update your Spybot Search and Destroy definitions, then scan for and fix any malware that is detected.

Spybot Search and Destroy (Multi-Lingual Landing Page. Choose your language).

2006-09-22

Adware
+ Win32.LinkOptimizer (2)

Keylogger
+ SCKeylogger

Malware
+ Smitfraud-C. + Winsoftware.WinAntiVirusPro2006 + VirtuMonde + AdvancedSearchBar

Spyware
+ 180Solutions.Zango

Trojan
+ Win32.Banload.BHI + Win32.Small.doi + Win32.Agent.AGF + Haxdoor-H + Zlob.iCodecPack + Nous-Tech.UDefender + Zlob.HQCodec + Zlob.XPasswordManager + Win32.Avkiller + AccountMaker + Goldun (2) + MuKill + Win32.Small.asf + Win32.Agent.rk

Total: 321626 fingerprints in 49160 rules for 2248 products.

English Language Company Links:
Spybot Search and Destroy Home Page
Spybot Search and Destroy Download page - Program and definition updates.
Full tutorial about using and setting up Spybot Search and Destroy
Spybot Search and Destroy Update History

See all security program update notices in this catagory

Facebook Twitter LinkedIn Pinterest Instapaper Google+ Addthis

back to top ^

September 21, 2006

AOL Instant messaging worm builds menacing 'botnet'

If you use AOL Instant Messenger, or another IM client that is capable of connecting to the AIM network and downloading files, you should read this security alert.

A computer worm that spreads via instant messaging is being used to build an extensive "botnet" of remote-controlled PCs, a US security firm has warned.

Security experts at US company FaceTime identified the worm as "W32.pipeline" and warned that it spreads via AOL's instant messenger program.

The worm disguises a malicious executable program as a jpeg image, which is attached to an instant message that appears to come from someone on the recipient's AOL "buddy list".

Typically, the picture is accompanied by the message, "hey would it be ok if I upload this picture of you to my blog?" although another similar message may also be used.

Ultimate goal

If the recipient tries to open the image, the executable installs a program on their PC. This forwards the executable on to other contacts on their buddy list and also enables connections to several remote computers. It then tries to download another program that allows an
outsider control the infected machine.

FaceTime's director of malware research Chris Boyd says the goal appears to be creating a huge network of remote-controlled machines, known as a "botnet". As of Thursday, Boyd estimates W32.pipeline had amassed botnet between 1000 and 2000 machines.

Botnets may be used to send out huge quantities of junk e-mail or attack business websites with an avalanche of data, in a so-called distributed "denial-of-service" attack, which may be linked to extortion.

Click fraud

Botnets can also be used to commit "click fraud", which involves ordering the zombie machines to repeatedly click internet advertisements, to generate money for a company's that is paid per click.

"The ultimate goal of the W32.pipeline is to create a sophisticated botnet that can be used for a range of malicious purposes," FaceTime said in a security alert issued on Tuesday.

Boyd and other researchers posted details of the worm, including screenshots and "attack scenarios" to the company's blog – http://blog.spywareguide.com.

They note that the botnet created using the worm, which is controlled via Internet Relay Chat (IRC) servers, is particularly sophisticated and uses a complicated "install chain" to schedule file uploads to infected machines.

Facebook Twitter LinkedIn Pinterest Instapaper Google+ Addthis

back to top ^

September 19, 2006

Attack Code Targets New Unpatched Internet Explorer Holes

Computer code that could be used to hijack Windows PCs via a yet-to-be-patched Internet Explorer flaw has been posted on the Net, experts have warned.

"Microsoft's initial investigation reveals that this exploit code could allow an attacker to execute memory corruption," the representative said. As a workaround to protect against potential attacks, Microsoft suggests Windows users disable ActiveX and active scripting controls.

The flaw is due to an error in an ActiveX control related to multimedia features and could be exploited by viewing a rigged Web page, Symantec said in an alert sent to users of its DeepSight security intelligence service Thursday. An attacker could commandeer a Windows PC or cause IE to crash, the security company said.

IE versions 5.01 and 6 on all current versions of Windows are affected, the French Security Incident Response Team, or FrSIRT, a security-monitoring company, said in an alert Wednesday. FrSIRT deems the issue "critical," its most serious rating.



In another report, published on September 19,2006, a second unpatched vulnerability was just announced.

Miscreants are using an unpatched security bug in Internet Explorer to install malicious software from rigged Web sites, experts warned Tuesday.

The vulnerability lies in the way IE 6 handles certain graphics. Malicious software can be loaded, unbeknownst to the user, onto a vulnerable Windows PC when the user clicks on a malicious link on a Web site or an e-mail message, several security companies said.

"Fully patched Internet Explorer browsers are vulnerable," Ken Dunham, director of the rapid response team at VeriSign's iDefense, said in an e-mailed statement. "This new zero-day attack is trivial to reproduce and has great potential for widespread Web-based attacks in the near future."

Security-monitoring companies Secunia and the French Security Incident Response Team have given the issue their most serious ratings.

Shady adult Web sites are among the first to exploit the IE vulnerability, Eric Sites, vice president of research and development at spyware specialist Sunbelt Software, wrote on a corporate blog. In one case, a malicious Web site used the exploit to install "epic loads of adware," according to Sunbelt.

Microsoft plans to fix the flaw as part of its monthly patching cycle on Oct. 10, the software giant said in a security advisory. The update might be released sooner, "depending on customer needs," Microsoft said. Typically, Microsoft only breaks its patch cycle when attacks are widespread.
========================================

If there was ever a good time to switch to browsing with the Firefox browser, it is now. Also read my posts about running with limited user privileges to protect your computer against all these threats.

Facebook Twitter LinkedIn Pinterest Instapaper Google+ Addthis

back to top ^

September 16, 2006

Ad-Aware SE Definitions Updated on 09/14/2006

Ad-Aware Personal provides advanced protection from known data-mining, aggressive advertising, Trojans, dialers, malware, browser hijackers, and tracking components. This software is downloadable free of charge.

Anti Spyware/Adware program Ad-Aware, by Lavasoft has had it's definition file updated on 09/14/2006. Users of the free version should check for and install the new definitions manually.

Current Definition File:
SE1R123 14.09.2006

This is a service release that corrects the following errors:
This fixes a False Positive in Diaremover

The MD5 checksum for the defs.ref file is d300aa6634c2129aa6c4c4686dff5164
============================================
You can use Webupdate to install the new reference file, or download
it manually from: http://download.lavasoft.de.edgesuite.net/public/defs.zip

Download the current version of Ad-Aware here: http://www.download.com/3405-8022-5153545.html

Requirements for Ad-Aware SE Personal Edition are:
Processor: P166 or faster
RAM: Operating system + 24 MB
Browser: Internet Explorer 5.5 or higher
Operating system platforms: Windows 98/98se/Me/NT4
Workstation/NT4 Server/2000 Pro/2000 Server/XP
Home/XP Pro/ XP 64-Bit Edition/Terminal Services

Besides scanning for the usual suspects in the usualy places, Ad-Aware has a checkbox option to scan volume for ADS (Alternate Data Streams), which are sometimes used by advanced malware, to hide it's activities. You should use this option occasionally. The default option is to perform a "smart system scan" of the usual places where malware is found.

Facebook Twitter LinkedIn Pinterest Instapaper Google+ Addthis

back to top ^

SpywareBlaster Database Updated on September 14, 2006

SpywareBlaster 3.5.1 Database Update

SpywareBlaster Latest Definitions: 9/14/2006

6,598 total items in the database, 21 new.
Update via the application.

Be sure to enable protection for the newly added items once you update
the app.

Note: If you use IE-SPYAD, Spybot Search & Destroy, SpywareGuide
Blocklist, SpywareBlaster, a hosts file or any combination of those,
please check all protections and re-enable as needed whenever any of
the aforementioned is updated.

Download: Online Updater in the program interface * (see extended comments)

Learn more, or download the current version here: http://www.javacoolsoftware.com/spywareblaster.html

Spywareblaster is not like most anti-spyware programs, in that it does not "run" as such, as an active process in memory. It is more like a preventative shot that innoculates your computer against certain common avenues of attack, mostly ActiveX threats.

1: Prevents the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted software.
2: Blocks spyware/tracking cookies in Internet Explorer and Mozilla/Firefox.
3: Restricts the actions of potentially unwanted sites in Internet Explorer.

* SpywareBlaster is freeware for personal and educational use and offers two updating options:

1.) AutoUpdate - keep your protection up-to-date automatically!
2.) Check for Updates - manually check for and download the latest updates

The built-in (manual) Check for Updates function is completely free. To access Check for Updates, simply click on the "Updates" tab on the left side of the SpywareBlaster interface, and then press the "Check for Updates" button.

If you would like the convenience of the AutoUpdate feature, more information can be found in SpywareBlaster itself. (Click on the "Updates" tab, and then the "AutoUpdate" tab.)

A SpywareBlaster AutoUpdate subscription is $9.95 (US) per computer, per year, and is good on the computer from which it is purchased. Subscriptions do not automatically renew - you will be prompted to purchase a new subscription when your current subscription expires.

Learn more, or download the current version here: http://www.javacoolsoftware.com/spywareblaster.html

Facebook Twitter LinkedIn Pinterest Instapaper Google+ Addthis

back to top ^

Spybot S&D Definitions Updated on September 15, 2006

World reknowned anti-spyware program - Spybot Search and Destroy - was updated with new spyware definition files. If you use this program be sure to run manual updates as soon as possible.

If you see a program listed in these detections by name you should assume that is is malware. Update your Spybot Search and Destroy definitions, then scan for and fix any malware that is detected.

Spybot Search and Destroy (Multi-Lingual Landing Page. Choose your language).

2006-09-15

Malware
+ MagicControl.Agent + VirtuMonde ++ Win32.Small.BKF + Smitfraud-C. ++ Cartao ++ Haxdoor.Ki

PUPS
++ VirusBurst

Spyware
+ LinkMaker

Trojan
+ Zlob.XPasswordManager ++ IRCBot.Player ++ Fake.Winupdates.WSCSVC_kill ++ Intexp.D ++ Bifrose.LA ++ Win32.Agent.AVK + Nous-Tech.UDefender ++ Win32.HacDef + Haxdoor-H

Total: 320957 fingerprints in 48956 rules for 2233 products

English Language Company Links:
Spybot Search and Destroy Home Page
Spybot Search and Destroy Download page - Program and definition updates.
Full tutorial about using and setting up Spybot Search and Destroy
Spybot Search and Destroy Update History

See all security program update notices in this catagory

Facebook Twitter LinkedIn Pinterest Instapaper Google+ Addthis

back to top ^

September 14, 2006

Ad-Aware SE Definitions Updated on 09/13/2006

Ad-Aware Personal provides advanced protection from known data-mining, aggressive advertising, Trojans, dialers, malware, browser hijackers, and tracking components. This software is downloadable free of charge.

Anti Spyware/Adware program Ad-Aware, by Lavasoft has had it's definition file updated on 09/13/2006. Users of the free version should check for and install the new definitions manually.

Current Definition File:
SE1R123 13.09.2006

This is a service release that corrects the following errors:

This fixes a False Positive in Adware.AdMedia.
This fixes a False Positive in TrojanBackdoor.Serv-U.
This fixes a False Positive in BargainBuddy.
This fixes a False Positive in Win32.Trojan.Agent.
This fixes a False Positive in Win32.Trojan.Downloader.

The MD5 checksum for the defs.ref file is 536bea2c1749341b09b2589bf3cc0143
============================================
You can use Webupdate to install the new reference file, or download
it manually from: http://download.lavasoft.de.edgesuite.net/public/defs.zip

Download the current version of Ad-Aware here: http://www.download.com/3405-8022-5153545.html

Requirements for Ad-Aware SE Personal Edition are:
Processor: P166 or faster
RAM: Operating system + 24 MB
Browser: Internet Explorer 5.5 or higher
Operating system platforms: Windows 98/98se/Me/NT4
Workstation/NT4 Server/2000 Pro/2000 Server/XP
Home/XP Pro/ XP 64-Bit Edition/Terminal Services

Besides scanning for the usual suspects in the usualy places, Ad-Aware has a checkbox option to scan volume for ADS (Alternate Data Streams), which are sometimes used by advanced malware, to hide it's activities. You should use this option occasionally. The default option is to perform a "smart system scan" of the usual places where malware is found.

Facebook Twitter LinkedIn Pinterest Instapaper Google+ Addthis

back to top ^

September 9, 2006

Spybot S&D Definitions Updated on September 8, 2006

World reknowned anti-spyware program - Spybot Search and Destroy - was updated with new spyware definition files. If you use this program be sure to run manual updates as soon as possible.

If you see a program listed in these detections by name you should assume that is is malware. Update your Spybot Search and Destroy definitions, then scan for and fix any malware that is detected.

Spybot Search and Destroy (Multi-Lingual Landing Page. Choose your language).

2006-09-08

Adware
++ Suggestor

Dialer
+ Dialer.GlobalAccess

Hijacker
+ Naupoint + TV Media + ISearchTech.PowerScan ++ DotComToolbar

Malware
+ Megasearch + Smitfraud-C. + SurfSideKick ++ Deskbar + Command Service

PUPS
++ Spionfrei

Security
+ Windows.Security.InternetExplorer

Spyware
+ VX2.e.Favoriteman + Hyperlinker + Targetsaver

Trojan
+ Win32.VB.xj ++ Fake.Oleext + Media Tickets ++ Instafin ++ Smitfraud-C.MailBot ++ Smitfraud-C.FakeProxyUpdate + WMFExploit.NewYear2006 ++ qqHacker.IE-Bar ++ typereg32.IE-Bar + UpToFind.RelatedSearch + DialerPlatform + Zlob.XPasswordManager +
Vcodec.Intcodec + Hupigon

Total: 315796 fingerprints in 44255 rules for 2234 products.

English Language Company Links:
Spybot Search and Destroy Home Page
Spybot Search and Destroy Download page - Program and definition updates.
Full tutorial about using and setting up Spybot Search and Destroy
Spybot Search and Destroy Update History

See all security program update notices in this catagory

Facebook Twitter LinkedIn Pinterest Instapaper Google+ Addthis

back to top ^

September 4, 2006

Site Advisor Security Toolbar Test

Originally posted on May 15, 2006

I am currently testing a Firefox/IE security extension called Site Advisor. It is a Beta product from McAfee, and is freeware. It places an icon on the statusbar of the browser. That icon changes colors as you browse websites. Normally it is green, meaning that as far as they know this website is safe to view. Some sites cause it to turn yellow, indicating unsafe associations, while dangerous websites make it turn RED. Those sites are the ones that force downloads by exploiting browser vulnerabilities, or spam you if you sign up for their newsletter/mailing list.

I will try it out in both Firefox and Internet Explorer and report my findings. If you want to try it yourself go to www.siteadvisor.com/

If you like the product and wish to become a Reviewer signup for an account. Then you can post comments about safe or dangerous websites that you visit. This may help save others from having spyware or Trojans installed by driveby downloads, or from visiting spammy websites that unleash a slew of popup windows when you go to that website or try to leave it.

I will be posting comments about my experiences with the Site Advisor toolbar as extensions to this Posting.

The Site Advisor has been updated a few times since it's first release. If you are using a version more than 1 month old you should check for updates. Firefox extensions can be checked en-masse by going to Tools > Extensions > Find Updates.

Well, I am now three and a half months into evaluating the Site Advisor toolbar plugin for Firefox and I can say truthfully that is an an excellent extension for your browser, and for your computer's security. I have been looking over search results pages every day and due to their infrequence, the red marked results stand out like a sore thumb! The sites with those alerts are known to deliver viruses, adware, spyware, trojans, backdoors or rootkits, either by embedding them into the software they stock, or by using scripts to force downloads via insecure browser settings.

I strongly recommend the McAfee Site Advisor to the general browsing public, as a means of ramping up your security awareness a notch. It will not prevent you from doing something foolish, but it does alert you that you are about to venture into unsafe waters.

Better online security can be obtained by reducing the privileges assigned to your daily browsing account, that you are logged into. See this blog post for more details about user privileges.

Facebook Twitter LinkedIn Pinterest Instapaper Google+ Addthis

back to top ^

Spybot S&D Definitions Updated on September 1, 2006

World reknowned anti-spyware program - Spybot Search and Destroy - was updated with new spyware definition files. If you use this program be sure to run manual updates as soon as possible.

If you see a program listed in these detections by name you should assume that is is malware. e.g. WinAntiVirusPro 2006 is definitely malware that masquerades as a solution to the false detections it presents to people whose computers it infects. It is an infection, not a solution! Update your Spybot Search and Destroy definitions, then scan for and fix any malware that is detected.

Spybot Search and Destroy ( Multi-Lingual Landing Page, Choose your language).

2006-09-1

Adware
+ LinkMaker + SurfAccuracy + Win32.LinkOptimizer + Boran.g

Dialer
+ Carima Enterprises + Dialer_XX

Hijacker
+ DailyToolbar

Malware
+ Vcodec.eMedia + SurfSideKick + DHCP.Hotfix + DittoSideBar + Deskbar + Smitfraud-C. + SpywareSheriff.FakeAlert + CashDeluxe + Hippy Notify

PUPS
+ MySpaceBar

Security
+ Windows.FileExe + Windows.RedirectedHosts + Windows.Security.FirewallOpenPorts

Spyware
+ PurityScan + UCmore + Targetsaver

Trojan
+ CN.wAQdN + Dmcast.Toolbar + Troj.RPCS + Win32.Agent.I + Win32.Feebs + Win32.AdvertMen + Elitum.EliteBar + Win32.Hupigon.C + Win32.Small.act + Banker.R + FakeEbayBill + Zlob.ZCodec + Win32.Agent.h + AdMoke.a

Total: 315,911 fingerprints in 44,279 rules for 2,241 products.

English Language Company Links:
Spybot Search and Destroy Home Page
Spybot Search and Destroy Download page - Program and definition updates.
Full tutorial about using and setting up Spybot Search and Destroy
Spybot Search and Destroy Update History

See all security program update notices in this catagory

More in extended comments -->

Note: If you use IE-SPYAD, Spybot Search & Destroy, SpywareGuide Blocklist, SpywareBlaster, a hosts file or any combination of those, please check all protections and re-enable as needed whenever any of the aforementioned is updated.

Note:
If Spybot S&D reports "Microsoft.WindowsSecurityCenter_disabled" you should be aware that this is an informational alert that requires some thinking on your part. The reason is that if you have installed a software firewall that program may (usually does) disable the Windows XP firewall to prevent conflicts. When the built-in firewall is disabled, whether by your own actions or by another security program, a flag is set in the Windows Registry. Spybot is simply reporting that it found the flag set for a portion of the Windows Security Center, of which the Windows Firewall is a part.

If you have not installed a software firewall this could also be caused by an anti-spyware, or anti-virus program/security suite, which contains a firewall component. It could also be caused by spyware, adware, Trojans, backdoors, or other malware that needs to establish two way communications via your hijacked computer and it's Internet connection. So, if you cannot come up with any reasonable explanation as to why the Windows Security Center alerts are disabled, you should suspect foul play and scan your entire computer for viruses and spyware, with everything you have on hand, or can get online - as a free scan.

See this forum thread about Spybot S&D reporting the Security Center is disabled, and what the responders and experts have to say about it.

Facebook Twitter LinkedIn Pinterest Instapaper Google+ Addthis

back to top ^

Blog Links

Sponsored Message

I recommend Malwarebytes to protect your computers and Android devices from malicious code attacks. Malwarebytes detects and blocks spyware, viruses and ransomware, as well as rootkits. It removes malware from an already infected device. Get an 18 month subscription to Malwarebytes here.

If you're a fan of Robert Jordan's novels, you can buy boxed sets of The Wheel Of Time, here.

As an Amazon and Google Associate, I earn commissions from qualifying purchases.


CIDR to IPv4 Address Range Utility Tool | IPAddressGuide
CIDR to IPv4 Conversion



About the author
Wiz FeinbergWiz's Blog is written by Bob "Wiz" Feinberg, an experienced freelance computer consultant, troubleshooter and webmaster. Wiz's specialty is in computer and website security. Wizcrafts Computer Services was established in 1996.

I produce this blog and website at my own expense. If you find this information valuable please consider making a donation via PayPal.

Follow @Wizcrafts on Twitter, where I post short updates on security issues, spam trends and things that just eat at my craw.

Follow Wizcrafts on Twitter


Malwarebytes' Anti-Malware is the most frequently recommended malware removal tool in malware removal forums, like Bleeping Computers. It is extremely effective for removing fake/rogue security alerts, Bots, Spyware and the most prevalent and current malware threats in the wild. Learn about Malwarebytes Anti-Malware.


MailWasher Pro is an effective spam filter that protects your desktop email client. Using a combination of blacklists and built-in and user configurable filters, MailWasher Pro recognizes and deletes spam before you download it. MailWasher Pro reveals the actual URL of any links in a message, which protects you from most Phishing scams. Try it free for 30 days.





Creative Commons License This weblog is licensed under a Creative Commons License.
The content on this blog may be reprinted provided you do not modify the content and that you give credit to Wizcrafts and provide a link back to the blog home page, or individual blog articles you wish to reprint. Commercial use, or derivative work requires written permission from the author.
Powered by Movable Type

back to top ^