Archive for December, 2004

Dec 31 2004

At a Kiosk near you

Published by under Simple Security

(ISC)2: Security Risk and Defense for Internet Access Kiosks

I’ve rarely had to use a kiosk computer to access anything, but this article by Anthony Lai makes me loathe to ever access anything with a password from one. I wonder if I could install my own Knoppix cd in the drive of one of these kiosks and boot to a LiveCD image? Doing so would alleviate many of my concerns about a kiosk, but would probably raise many more in the mind of the owner.

The suggestion I like best in this article is a fresh image every time the system boots. I know that something similar to this is done at the local junior college, so I know it can be done. Even if the re-image happens daily instead of every reboot, it would severely limit the impact of a trojan or worm that manages to get on a kiosk.

[Slashdot] [Digg] [Reddit] [] [Facebook] [Technorati] [Google] [StumbleUpon]

Comments Off on At a Kiosk near you

Dec 30 2004

Netcraft Anti-Phishing Toolbar

Published by under Security Advisories

Netcraft: Netcraft Anti-Phishing Toolbar Available for Download

I’m not ready to install this on any of my systems yet, especially since they don’t offer a Firefox version (coming soon), but I find this an intriguing notion. I find it a little disturbing that a credible company like Netcraft is using the same tools as the phisers to fight phishing. If they weren’t offering to rebrand the toolbar for specific companies, I’d probably feel a little better.

I’ve been telling all my friends and family not to download and install any toolbar for Internet explorer, no exceptions. Now there’s an exception. Or there will be if this turns out to be a useful tool. I liked it better when the choice was black or white. And since this toolbar can be rebranded, I no longer have a single exception, but a class of exceptions. I feel like I just unblocked another port of my firewall.

I’m just afraid of more trojan toolbars, reporting themselves to be security toolbars. You know, the one that falsely reports a phishing site as safe. It will happen, if its not hapenning already.

[Slashdot] [Digg] [Reddit] [] [Facebook] [Technorati] [Google] [StumbleUpon]

Comments Off on Netcraft Anti-Phishing Toolbar

Dec 29 2004

Third minor disaster

Published by under General

I had my third minor disaster in three days, a tire blowout on the way to work. Changing a tire in the rain at 5:30 in the morning with a Semi bearing down on you is not fun. But I survived the experience. I’m just not sure if my pocket book will.

[Slashdot] [Digg] [Reddit] [] [Facebook] [Technorati] [Google] [StumbleUpon]

Comments Off on Third minor disaster

Dec 29 2004

Up on the Soapbox

Published by under Simple Security

SANS – Internet Storm Center – Cooperative Cyber Threat Monitor And Alert System – Current Infosec News and Analysis

I couldn’t agree more with the ‘Up on My Soapbox’ portion of today’s ISC Handler’s Diary. I’ve spent a lot of time lately helping friends and family with their computer’s. Most of the problems I’ve encountered would never have cropped up if they had any sort of anti-virus or firewall to begin with. This is more important this time of year, with people recieving computers as Christmas gifts. Go put AVG on Aunt Sophie’s new laptop before she hooks it up to her DSL.

[Slashdot] [Digg] [Reddit] [] [Facebook] [Technorati] [Google] [StumbleUpon]

Comments Off on Up on the Soapbox

Dec 28 2004

Some thoughts on Spam

Published by under General

I’ve had some questions and a theory about spam running around in my head, so I decided to let them out here. To start with background reading, here are some spam statistics from 2003 and a whitepaper from MessageLabs. There as been a nearly three-fold increase in the amount of email sent (31 million per day in 2003 vs approximately 80 million per day in October 2004) and spam has risen from 40% of all email to over 75%. By further extrapolating my already tenous numbers, I figure that means about 60 million spam messages a day. I know I get my share, how about you?

What started me on this line of thought has been a sharp decline in the number of spam messages I’ve received since Christmas. Is this just a coincidence or is there a real reason for the abatement in spam? I’ve been trying to find the article, but I remember reading that a large amount of all spam comes from compromised home computers with broadband. These systems get infected with various bots, worms and trojans and are used as part of a spam bot-net. Unwittingly, families across the nation are contributing to the spam they curse on a daily basis.

Now for my theory: Along comes Christmas, and those same families buy new computers as their big gift for the year. Hundreds of thousands of old, infected computers around the world are being replaced with new, clean computers. The bot-nets are at least inconvenienced by the loss of the nodes, and it will take them a little longer to find replacements. Hopefully the new computers will have XP with the firewall enabled and some sort of anti-virus installed by default, further limiting the ability of the spammers to find new victims.

On the other hand, it could just be that my personal encounters with spam are just a statistical anomoly and spam continues unabated. But some times I like to be an optimist.

[Slashdot] [Digg] [Reddit] [] [Facebook] [Technorati] [Google] [StumbleUpon]

Comments Off on Some thoughts on Spam

Dec 27 2004

One big disaster and lots of little ones

Published by under General

I thought the last couple of days sucked for me personally, but after getting to work this morning and finding out about the earthquake and tsunami in the Indian Ocean, my problems suddenly seem very, very small in comparison.

Yesterday, I locked myself out of the house, and with the rest of my family still on vacation, I had no easy way of getting back in the house. A broken window in the front door allowed me to get back in, but also taught me a valuable lesson in home security: locks and doors are only aimed at keeping the casual lawbreaker out of your house. A determined intruder will break in, no matter what. I guess the same goes for all the computer security we practice on a daily basis; a truly determined intruder is going to find that one host that’s improperly configured. Human error is still our biggest security threat.

Then, this morning, a truck kicked up a rock that almost shattered the windshield on my wife’s car. I hadn’t realized how bad the damage was until I got to work. Let’s just say that I was very lucky, because if the rock had hit a foot higher, I’m pretty sure I wouldn’t be here to post this. I’m hoping insurance will cover the majority of the costs for this.

But this was topped by one of my co-workers, who discovered on X-mas eve a short in his house wiring that was bad enough to blacken the wiring all the way out to the transformer on the street. His electrician is saying problem will cost over $5000 to fix. Luckily, home owner’s insurance should nearly cover all of it.

On the other hand, I’m alive, in good health, as are my family, and my house wasn’t hit by a tsunami or earthquake this weekend. I think I’ll take all of my minor problems and just be thankful.

[Slashdot] [Digg] [Reddit] [] [Facebook] [Technorati] [Google] [StumbleUpon]

Comments Off on One big disaster and lots of little ones

Dec 26 2004

Hope you had a merry X-mas

Published by under General

I just got home after a seven and a half hour drive. This was a holiday well spent, Christmas with family. Here’s wishing you a happy and safe holiday season. Remember to help secure the new computers you, your family and your friends recieved as Christmas gifts.

[Slashdot] [Digg] [Reddit] [] [Facebook] [Technorati] [Google] [StumbleUpon]

Comments Off on Hope you had a merry X-mas

Dec 22 2004

KYE Trend Analysis

Published by under Hacking

Know Your Enemy — Trend Analysis

Boiled down, this whitepaper states that Linux systems are being compromised in months, whereas Win32 systems are being compromised in hours or minutes. The suprising statistic is that Linux systems are staying safer longer then they did a year ago. The paper suggests a couple of reasons, mainly that the installation of most Linux distro’s are coming out better secured by default.

I think the main reason is because a hacker is going to get more bang for their buck off a compromised Win32 system than off a Linux system. A Win32 user, on average is going to be less likely to even notice the comprimise and once they do notice, they’re going to be less likely to know what to do about it. Plus, the sheer number of Win32 systems almost guarantees that any vulnerability, no matter how small, will find unpatched hosts out there.

Which leads us back to layered security: Security is like an onion, it has layers. I was going somewhere with an obscure Shrek referrence, but I think I’ll sign off now instead.

[Slashdot] [Digg] [Reddit] [] [Facebook] [Technorati] [Google] [StumbleUpon]

One response so far

Dec 21 2004

Lowe’s Hackers Sentenced

Published by under Hacking

SecurityFocus HOME News: Long prison term for Lowe’s wi-fi hacker

Continuing the thread of ‘Whatever happened to that case?’. These two gentlemen sat in the parking lot of a Lowe’s store, capturing credit card numbers on an unprotected wireless network.

I’ve done plenty of war driving myself, but I’ve never felt the need to hack any of the open networks I’ve found. I’ve been afraid more and more that even my passive scanning might become illegal because of cases like this. I can imagine it now, “You, with the GPS and laptop, out of the car now!”

[Slashdot] [Digg] [Reddit] [] [Facebook] [Technorati] [Google] [StumbleUpon]

Comments Off on Lowe’s Hackers Sentenced

Dec 20 2004

Protection from Comment Spamming

Published by under Site Configuration

Learning Movable Type: Concerning Spam

Here are a list of ways to protect yourself from comment spam. I’ve tried a number of them in the past to mixed results. For some reason, the MT-Blacklist plugin causes my mt-rebuild to go awry. Renaming the mt-comments.cgi file has met with limited success because it can be overcome. I use IP blocking when I have the time, but it’s not always feasable given the time constraints. I have some alone time after Christmas, so maybe I’ll give some of the other suggestions a try.

If the site’s down between Christmas and New Years, that probably means I’ve broken something. Don’t worry, I’ll fix it eventually

[Slashdot] [Digg] [Reddit] [] [Facebook] [Technorati] [Google] [StumbleUpon]

Comments Off on Protection from Comment Spamming

Next »