[Owasp-Malaysia] News: Infosec Threat

Muzamir Mokhtar muzamir at pahang.gov.my
Tue Nov 16 08:55:25 EST 2010


Pandangan aku pasal ni :

1) Ianya berlaku  kerana Efek dari penggalakan pelan jalur lebar  
nasional, pengguna komputer dan internet makin bertambah
2) Kesedaran penggunaan pirate software on the bad side tidak  
dikethaui kebanyakan pengguna. Yang mereka tahu jimat duit je.
3) Kedai-kedai komputer masih aktifnya menggalakkan pirate software  
sebab ada demand by user. Nak beli lesen as distributor mahal. User  
pun lagi suke mende pirate dan murah ni. Dari kedai banyak jadi  
pembiak dan penyebar virus dan malware.
4) Guna barang open source under the OSS license is ok for me. Since  
ianya berdaftar dan boleh diyakini. Cuma kalau software versi freeware  
without OSS license ni yg biasa digunakan pembiak virus untuk tanam di  
pc pengguna
5) Penggunaan Antivirus Free / Registry checker la / Kasi laju PC la  
di pasaran iklan internet ni perlu berhati-hati sebab banyak yg tipu  
pun.

As Malaysian OWASP. Leh la kerjasama dengan MDEC ke buat kempen  
kesedaran di Media Massa dari segi kaedah kawal PC dari dijangkiti  
malware...cuma eloknya tahun depan la buat...sbb tahun ni nk capai 50%  
penetration guna internet di Malaysia...kalau terus citer byk  
buruknya...mak pak takut nk beli pc ke anak2 mereka  
kang...ehehehe..bazir duit je beli pc, rosak sebab virus, hanto kedai  
baiki makan duit...

Just pandangan 0.25 sen aku.
-- 
Muzamir bin Mokhtar,
Pegawai Teknologi Maklumat (F44)
Unit Operasi
Bahagian Teknologi Maklumat
Pej SUK Pahang
TEL : 095129424/425
FAX : 095163490
http://muzzoshah.blogspot.com
http://muzzotechspot.blogspot.com


----- Message from hazrul at hazrulnz.net ---------
     Date: Mon, 15 Nov 2010 16:07:42 +0800
     From: Hazrul Hamzah <hazrul at hazrulnz.net>
Reply-To: "Open Web Application Security Project (OWASP) Malaysia  
Local Chapter" <owasp-malaysia at lists.owasp.org>
  Subject: Re: [Owasp-Malaysia] News: Infosec Threat
       To: "Open Web Application Security Project (OWASP) Malaysia  
Local Chapter" <owasp-malaysia at lists.owasp.org>


> Obscurity is good but then it is important to know what are the
> things/assets that we are defending for. As long as the defender can
> have the visibility as much as possible, I dun see any problem.
> Monitoring SSL channel is kinda useless unless the sensor were placed
> properly (behind ssl terminator or reverse proxy or ssl accelerator).
> Monitoring just the packet size alone is not that sufficient. Monitoring
> the system/application logs alone is kinda lil bit late and defeat the
> purpose of having early warning system emplaced..
>
> My view lah
>
> On 15/11/2010 15:42, Najmi wrote:
>> Kinda like the idea of security through obsecurity, instead of
>> security by design.. :p
>>
>> "Hazrul Hamzah" <hazrul at hazrulnz.net> wrote:
>>
>> > To add,
>>
>> > Do not use "FREE" as the main reason of using Open Source Software.
>> > Open
>> > source not only good in sense of customization etc but also it provides
>> > inside information for the attackers for executing his attacks. Try to
>> > avoid too generic installation and do have the resources of maintaining
>> > that particular apps. ;)
>>
>> > Thanks
>>
>> > On 15/11/2010 14:10, Mohd Fazli Azran wrote:
>> >> Dear members,
>> >>
>> >> You can read the Infosec Threat 2010
>> >>
>> >
>> <http://www.securelist.com/en/analysis/204792133/Information_Security_Threats_in_the_Second_Quarter_of_2010>.
>> >> What i worried is Malaysia are listed as one of the country as
>> >> Maliciois Farm. Thanks to Najmi for the info.
>> >>
>> >> *1) Distribution of attacks by country : *Malaysia on 7 place*
>> >>
>> >> 2) **Top 20 countries with servers hosting malicious code : *Malaysia
>> >> on 19 place*
>> >>
>> >> *So we know now our country was listed on this threat. I just
>> >> thingking why others country Europe or America Latin not many in the
>> >> list.**We can see many are from ASIA*. *Specially in Malaysia we have
>> >> others mechanism or a way to protect it. What we done so far are not
>> >> enough to prevent it. Now maybe cause 80% of malaysian now have
>> >> PC/laptop so the virus/malware also grow up. And for sure many of
>> >> Malaysian users use pirate software especially use Microsoft,Game &
>> >> Antivirus Software that not many people notice that pirate software
>> >> already include malware or virus ready.
>> >>
>> >> We have solution?
>> >>
>> >> 1) Use original software!! Specially (Microsoft, Antivirus & Game)
>> >> 2) Use Open Source Software
>> >> 3) We need do more awareness & education program in National level.
>> >>
>> >> That my 0.5 cent thinking. Anyone have better idea or suggestion.
>> >> Pease share it.
>> >>
>> >> Mohd Fazli Azran
>> >> OWASP Malaysia
>> >>
>> >>
>> >> _______________________________________________
>> >> Owasp-Malaysia mailing list
>> >> Owasp-Malaysia at lists.owasp.org
>> >> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>> >>
>> >> OWASP Malaysia Wiki
>> >> http://www.owasp.org/index.php/Malaysia
>> >>
>> >> OWASP Malaysia Wiki Facebook
>> >>
>> > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>> >>
>> >>
>> >> __________ Information from ESET NOD32 Antivirus, version of virus
>> > signature database 5619 (20101114) __________
>> >>
>> >> The message was checked by ESET NOD32 Antivirus.
>> >>
>> >> http://www.eset.com
>> >>
>>
>>
>>
>>
>> > __________ Information from ESET NOD32 Antivirus, version of virus
>> > signature database 5619 (20101114) __________
>>
>> > The message was checked by ESET NOD32 Antivirus.
>>
>> > http://www.eset.com
>>
>> > _______________________________________________
>> > Owasp-Malaysia mailing list
>> > Owasp-Malaysia at lists.owasp.org
>> > https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>>
>> > OWASP Malaysia Wiki
>> > http://www.owasp.org/index.php/Malaysia
>>
>> > OWASP Malaysia Wiki Facebook
>> > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>>
>
> _______________________________________________
> Owasp-Malaysia mailing list
> Owasp-Malaysia at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>
> OWASP Malaysia Wiki
> http://www.owasp.org/index.php/Malaysia
>
> OWASP Malaysia Wiki Facebook
> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>
>
>
> __________ Information from ESET NOD32 Antivirus, version of virus
> signature database 5619 (20101114) __________
>
> The message was checked by ESET NOD32 Antivirus.
>
> http://www.eset.com
>
>
>
>
>
>
> __________ Information from ESET NOD32 Antivirus, version of virus  
> signature database 5619 (20101114) __________
>
> The message was checked by ESET NOD32 Antivirus.
>
> http://www.eset.com
>
>
> _______________________________________________
> Owasp-Malaysia mailing list
> Owasp-Malaysia at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>
> OWASP Malaysia Wiki
> http://www.owasp.org/index.php/Malaysia
>
> OWASP Malaysia Wiki Facebook
> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>
> --
> This message has been scanned for viruses and dangerous content by  
> MySpamGuard State Government of Pahang, Malaysia and is believed to  
> be clean.
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
>


----- End message from hazrul at hazrulnz.net -----



----------------------------------------------------------------
DISCLAIMER:
This e-mail and the attachment is from State Government of Pahang,  
Malaysia. It is intended solely for the person to whom they are  
addressed and may be confidential and privileged. If you are not the  
intended recipient, you are notified that disclosing, distributing,  
copying or taking any action in reliance of the content of this  
information is strictly prohibited. Please notify the sender  
immediately if you have received this e-mail and delete it from your  
system. The recipient should check the e-mail and any attachment for  
the presence of viruses that could be transmitted via e-mail. Email  
transmission cannot be guaranteed to be secure or error free as  
information could be intercepted, corrupted, lost, destroyed,  
incomplete or contain viruses. State Government of Pahang, Malaysia  
accepts no liability for any errors or omissions in the contents of  
this message which arises as a result of e-mail transmission.  
Opinions, conclusions and other information in this e-mail that does  
not relate to the official business of State Government of Pahang,  
Malaysia shall be understood as neither given nor endorsed by State  
Government of Pahang, Malaysia.


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



More information about the Owasp-Malaysia mailing list