So Im sitting on the airoplane to mormon-state utah and as im relaxing in a MD-90 I have a few things to think about as I bump along.

1. MD90’s are bendy and bouncy im sitting in a plane with 40 people and I can watch the sides of the plane bend and shake.

2. MD-90 for tall people I remember flying on MD90’s before but they were always full this one I got to move around and just FYI that row 27A and 27E are where you want to be with a follow up of 26B …this is on delta but I assume any carrier with no buisness class on board is the same. row 27 has no seat in front of it for extra exta leg room 26 is just one seat all alone.

bounce b o unce bo u nce…

3. Delta is always late why…

4.OMG WTF Delta no longer offers Ginger Ale I can speak for myself my brother and Mike Estes when I say what the hell delta. This isnt funny or even cool. BYOGA (bring your own ginger ale) I went with fresca which was ok but not my normal in flight G.A.

5.TV Sucks they didnt turn on the audio for the TV till about 30 min into turning on the movie, but then I realised its TBS pushing some lame television show on us, went back to some ipod

6. Delta’s home is in SaltLake Utah

however I just got great news that its SNOWING in utah and 7 degrees YAHOO, I love shitty weather (I really do that isnt sarcastic) and I get a rental car there. Could life be any better? Yes, I could be at home playing Animal Crossing and catching fish and tending to my fruit.

First I want to say, I love snow. Seriously I love it.

Second, You know it’s hot…

third, video game related who cant wait for GTA-IV / Lost and Damned?

check out this site it makes me LOL

http://thedowis.com/

Kate put up a blog post, since I am more razor sharp and loud, on my opinions I thought I would also blog and comment on her post.

I want to create a new presentation called Security for Soccer Moms. I was talking to someone at work who went to a PTA event and there was a “CISSP” there who knew a lot about security and children (uhh…) So I wanted to jot this idea down, so someone can steal it or I can just have some free hits for keywords of people looking for porn.

Mind you this blog is nerdy so this is the technical idea’s for a class that I would like to teach with more of a “soccer mom approach” so if you think this is interesting contact me or my company. If you dont get what I publish here give it to a nerd to debug for you It will give them ideas on how to deal with your case.

There are a LOT of resources on this topic and I will choose to look at the free ones. Sure there are the net-nanny products that stop you from looking at porn on the internet but they are all easy to stop when your kid gets smart, and lets face it who likes to pay for something that takes up memory on likely your home vista computer to make it run even worse.

So I present My list, I will add to it over time. I make this list in dedication to all the crazy people who have kids from high school allready… yikes.

The # 1 rule I have, untill you trust your kid -never allow a computer in a private area. (that has internet) I wouldnt reccomend it anyway keep your kids in view untill they are old and you trust them. or kick them out.

• PREVENT SOCIAL ENGINERING
• This is the most effective tool to keep your children safe from scarry assholes
• Talk to your children about NOT using real facts of life, avoid putting what your dad really works for,
• dont take a picture of your house address or link to it on google maps.
• Dont publish your birth year, use a fake year.
• Dont publish your own work history or keep it vague or mess up addresses for locations (I work at boeing in spokane)
• Dont publish your last name, or put a inital only (harder to stop kids dooin this)
• If you have rules about phones, publish only cell numbers that cant be traced by normals and watch your kids bills for strange 212 numbers.
• Dont publish details on your school where possible
• set up a email for your kids to use “on social networks” only (and monitor it)
• Dont give dates when you will leave for vacation talk about it when you get home! (or I will just come steal your crap)
• I think you get the idea – just mess things up a little change on your end causes a bad guy to keep moving to someone easy. In the end it all comes down to your parent skills, a parent that says “I dont want to look at my kids site to see what they are up to” haha then why are you reading this?? There is no privacy of a 7 year old on the internet, I dont care about your hippy views. Talk to your children why you monitor the activity and when they get older put a level of trust in them and dont monitor. If they screw up then kick some ass.
• Want to scare yourself? Google your Children’s Names see what data is out there on your home, family, child…
• Also remember LOOK at your kids social pages look at history etc to see if they use myspace etc (this also applies to you and linkedin)
• Prevent MalWare
• This is just a crappy fact of life now, its very hard to stop this with out tehncical controls.
• Use a “safe browser” in a virtual machine, it works great and there are pleanty of bootable browsers (just download ubuntu) and have the kid boot up ubuntu live and use the internet. then whatever they mess up you just reboot to fix. But they still can use flash etc etc etc.
• Use a host file redirector, most kids wouldnt figure this out untill they get real smart and if they are that smart they are beyond you trying to control them with just software. Blocks Ads-Mal-X or Porn
• Use free services like openDNs which are a bit more easy to deploy
• set your firewall to use that DNS then dont allow 53 out of your network (53=DNS) and then people CANT use internet with out some more serious hacking. meaning. Block 53 outbound from the workstations on your network. but allow your special DNS server (in most cases your firewall relay) as the only IP alolowed to do DNS lookup. that way the kids (workstations) cant even use the internet with out going thru your proxy device (dsl router with DNS protection on words or sites etc, pfsence is a good example)
• most all opesource firewalls include some ability to do the same things for blocking sites, some will even replicate what netgear etc will do and put a “block list” of words into your layer7 traffic. So if you go to a site that contains the word “boobs” it will disallow the request. (see your hardware for how to do that, as this is about free things) Just learn to leverage what you likely allready have
• these methods can all be used to block social network sites if wanted
• Tip: remember to remove the hosts file from the recent open files list, and use notepad to edit it so that you dont leave tracks of what you did.
• Time restrictions of internet use
• Kids hate homework they like myspace
• Most all opensource firewall will allow a time browsing option, the pfsence firewall will allow you to require a login like at starbucks and only allow you for a ammount of time in a time block. or you could charge your kids
• a lot of consumer routers (things you buy at bestbuy) also have this feature use what you got!
• Proxy, Ideally Proxy is awesome for a lot of reasons but its out of scope for the average home. But if your a nerd or nerd home check out a Squid Web Proxy and you can lock it down as the only outbound host. then you can browse for porn but your kids cant etc.

So Remember– The security of your children is also your security. The tips here are also tips for you. The more you talk about it and let them use the tools and sites they want the less they will fight you and hide things. A opensource relationship is one where everyone learns.

And no I have no children, this is all assumptions.

This document is a work in progress right now, give feedback if you think of other major issues that you have with kids or know of with kids using the internet. I will make a new section and blather on about it.

I just found a new tool on OWASP site webslayer, this tool is only w32 right now, which bites but the tool is AWESOME!

the payload generator is awesome, as well as the complex rules you can quickly define to test a site. 31337

I just make a facebook account. sigh… I jsut taught a class about how bad facebook is. However to teach the class better I had to know how bad it was, not just use my “big ego” and assume.

yes its bad.

By default most major antivirus manufacture (I tested with symantec) will only scan viruses when they read or write to disk.

Meaning that they will not read viruses in memory by default with real time scan.

So, if you load up a binary with a virus on a UNC or map drive in your environment that you will then be able to load code into memory and AV cant see. (because you didn't read from your disk)

Apply the idea to this, take a virus that can stop AV (sality.ae) and run it via windows UNC on a system with default install. BAM infected, and you have AV installed with new def’s.

To prevent this you need to scan network drives for viruses, obviously this causes issues with network performance. However could save you until you get rid of a parasite/trojan virus in your network (or worse) most major vendors have a check-box for this.

ever have the problem where you have a location on google maps but you need the lat long?

simply click on the url (typically maps.google.com in your address bar)

replace with the following to get the lat long in a popup

javascript:alert(window.gApplication.getMap().getCenter());