In these days I'm working with my personal Firewall active and I'm really surprised to see that a lot of people have fun with playing with Port Scanning...
Is really so funny? What do you want to see? They really hurt me... Having a Port Scanning is really so noise. The first reaction after checking that I'm under a port scan is to react with an other port scan to my "attacker" but you agree with me that it's not the best thing to do, so many times I stop myself to do this.
Port scanning is really annoying... why have fun with Port Scanning? There are a lot of videogames online... play with the and stop this activity!!
Just read on US-CERT.gov:
There is a cross-domain scripting vulnerability in the way ITS protocol handlers determine the security domain of an HTML component stored in a Compiled HTML Help (CHM) file. The HTML Help system "...uses the underlying components of Microsoft Internet Explorer to display help content. It supports HTML, ActiveX, Java, [and] scripting languages (JScript, and Microsoft Visual Basic Scripting Edition)." CHM files use the InfoTech Storage (ITS) format to store components such as HTML files, graphic files, and ActiveX objects. IE provides several protocol handlers that can access ITS files and individual CHM components: its:, ms-its:, ms-itss:, and mk:@MSITStore:. IE also has the ability to access parts of MIME Encapsulation of Aggregate HTML Documents (MHTML) using the mhtml: protocol handler.
When IE references an inaccessible or non-existent MHTML file using the ITS and mhtml: protocols, the ITS protocol handlers can access a CHM file from an alternate source. IE incorrectly treats the CHM file as if it were in the same domain as the unavailable MHTML file. Using a specially crafted URL, an attacker can cause arbitrary script in a CHM file to be executed in a different domain, violating the cross-domain security model.
Again??
Microsoft has released new Northwind and pubs Sample Databases script for use with SQL Server 2000 and MSDE 2000. These scripts have been updated to remove the guest account to improve security. The pubs installation script has been updated to include all of the data for the database, eliminating the requirement to run separate jobs to add data after creating pubs.
If you are interested...