Powered by ScribeFire.

to get rid of that, you want to click the << on the left of the application near the Bold button on the toolbar then uncheck it in the settings.

BackTrack is very powerful you can find out about it and how to put it on a harddisk here

I have started a clean up project, you will now notice on the left (currently) there is a larger list of filtering options for all the posts I have, this way you can look at specific areas that I post about. More important the “nerd” section no longer has 400 posts causing my web server to choke on server side processing.

make sure when adding a vista machine to 2000 that the following GPO is set this way

Domain Member: Digitally Encrypt or sign secure channel data (always) - change to disabled  -this isnt in the default 2000 GPO

Network Security: LAN Manager authentication level - change to "Send LM and NTLM - use NTLMv2 session security if negotiated"

I wanted to post a quick blurb about corporate cell phone’s and security. There are a lot of choices out there today, iphone, blackjack, windowsPDA’s, trio, nokia and finally blackberrys. in regards to all the cell phones except the blackberry the security sucks. I do know that trios have some remote erase, but if your seriously considering setting your company up with anything for cell enterprise look no further then blackberry. the amount of security that you can implement from encryption to PGP to passwords to bluetooth and camera and mass storage use is insane. yes this is a plug for Blackberry and no im not paid for it.

The hacks that people are not using today are cell hacks, hacks on iphone etc are just too juicy to not take advantage of, be aware of the threats that your ceo’s and management are purchasing on the company.

Best practice documents and full overview of IT policy is located at following blackberry kb site

Super GRUB, a boot CD to repair your MBR with grub, the current version will also repair the windows boot sector however new versions will be GPL and not include the windows bootloader. so download now for that specific feature.

another Defcon toy that is fun is what a security firm is calling sidejacking, basically your just recording a tcp stream and replaying it later, specifically what its looking for is the transmission of a cookie to the server with your password and data in it. Think pass-the-hash. The program is called hamster and is a remake of ferret and should be available now but its not from erratasecurity it will eventually be out there so just keep clicking.

Well at defcon the Medeco M3 was finally hacked to crap, with easy skriptkiddy how-to. I need to update my bumpkey presentation. Medico clip trick

From the looks of this a bump key could be used, but appears the pins would not cooperate 100% which is why they use a blank cut of the key, but the copy cut is hard to obtain thus makes the probability of the threat from co-workers gone bad a little less likely. Also since the blanks for the keyway are still "not easy to get" you will need to wait for a online retailer to sell medico bumpkeys before this is true skript kiddy, I do wonder how hard it would be to file a 9 cut key with a existing and make that work right? I am about to bust out my medico lock, this evening I will be attempting to make a bump key blank, see the problem is that I still have no way to get a blank that fits the lock 1:1 so this threat however clever, today its not a “easy hack” so if you have no defense in depth and you have a good bounty of treasure, watch out. If you have proper security this isn't really a kick in the pants today.

I saw the most horrific article in the WSJ today about how to defeat IT security “Ten Things Your IT Department Wont Tell You”. This is so wrong and so insecure I almost wrote the paper, but I dont care to argue with the columnist, instead I will just blog my unforgiving with them.

I wrote a response with 10 things a IT guy will tell you about why this is a Joke. note that I am 1:1 listing my items with the article so i say read that first to see my response. In the initial set-up for the story, Vauhini Vara talks about the specific reasons that IT staff block content or restrictions, she then implies in a national newspaper “not so fast…” basically this article is giving horrible ways for people to hack organization they work for. In fact she states that specifically for “hacking advice” not hacking as in modify hardware to make NES ROMS work, but hack as in bypass policy and procedure to undermine IT. unbelievable.

1. Send Giant Files

This is crazy dumb, the next time you want to transfer large files to customers of your company, ask your IT department for a FTP or file portal. anything else is defiance of policy and illegal transfer of data. For IT staff to prevent this just block all major sites and use content filtering such as Secure Computing Web-Washer / Sidewinder Firewalls, or Cisco Security Agent. To rip on Vauhini she states that you can look for a “secure padlock” haha yea i think that will solve all the worlds problems.

2. How to use software that is banned

Good old local admin rights or no local admin rights, if your company restricts local admin rights the software you run isnt going to mess anything up. To prevent this for IT just GPO disable the USB storage device. as for using web based applications – if it will go thru a content filter I dont care much if you use it. Anyone ever hear of Cisco Security Agent?

3. How to visit porn sites at work

if you cant figure out how to use google image cache to your advantage then your skills arnt 1337. If your a shop with a good firewall and HTTP proxy then this issue isnt valid.

4. How to clear your tracks on your work laptop

again this is a waste of a point to make a list of ten, this will not forensically remove data for the sites you have visited. dont forget that if someone is in question, they are loging your traffic off your box anyway. IT admins its called mirror port and wireshark, or a webproxy.

5. search work for documents from home

this here is a dangerous and insane idea, this is where I got mad with the paper for publishing this. All you just did Vauhini is make me decide to block google applications on the whole to prevent morons from running google desktop at work, if you need further information on this google “google desktop security threats” to stop this Cisco CSA

6. how to store work files online

this is just like #5 if your company has no corporate policy to banish users like this, make one and banish away. see my hacks on google calendar to see the fun that happens when people publish corporate data.

7. keep privacy while using web email

yes, the tips here are true, so if i have reason to suspect or policy to stop i just block the use of any chat or personal email. good job Vauhini looks like your disabling not enabling anything here. (i explain that last sentence in my closing remarks)

8. how to steal email for your blackberry

email is corporate property, if your against policy this tip wont land you anything but a monster.com account. see comments on tip 7

9. access personal email on blackberry

there is little risk here, so unless a company just isnt a fan of corporate use for personal gain – not having personal email on a corporate asset is the least of your concerns and this tip is basically null. except for the use of copy paste to release information. so BES can disable that function  and BES has the ability to block all this. Also your corporate firewall if implemented correctly can block access to sites on a BB

10 how to look like your working

Vara looked like she was working when she alt tabed away from myspace long enough to write this column.

In the end, this list isnt anything bad, its just bad for employees that start to think they are smart by using them. If your company isn't blocking them today by technology or policy. Then your “smart” use of them will start to gain attention and they will be blocked. The tools that i linked to here will 100% block any crazy activity that the WSJ can come up with and misinform and ruin peoples day.

normally companies have guest wireless access, my recommendation bring in your own laptop and use that to do crap. Then your using a secure network for such activity and its not a company asset that your being a idiot with.

</rant>