-
The case of the missing blog post
After seeing the post on rootkit.com about Atsiv I planned to take a look at it because the official announcement (which is by the way now changed to a reply to Microsofts actions) didn’t give any details. Fortunately people smarter than me did that (proving the old saying that if you can do something today,…
-
Setting up a PPTP VPN (client) with Ubuntu
This applies to the latest release (7.04), because from what I understand older versions had more (complicated) steps to follow. My solution is based on this blog posting combined with some advice from here. The steps are: Install the network-manager-pptp package (either by doing sudo apt-get install network-manager-pptp, by using Synaptic or any other way…
-
Unofficial VirusTotal uploader
Update: this script has been update and renamed to OVScan. Please use the new version. VirusTotal is a free service offered by Hispasec systems which scans the submitted files with a large number of AV engines (currently more than 30) and shows you the result. Disclaimer: I have no affiliation with them or any other…
-
Getting ahead of the curve
I was listening to episode 103 of SecurityNow, and all in all it was a good episode. However one thing that baffled me (ok, maybe not so much because I didn’t have high expectations), is the fact that nowhere in the process did they ask about man-in-the-middle type attacks (although they mentioned it briefly when…
-
Hack the Gibson #92
Read the reason for these posts. Read Steve Gibson’s response. The podcast kicks off again with a SpinRite story with no mention about the importance of backups and changing the failing drives, but I digress. Steve says: Now, you could be running through multiple layers onion routing, or any other kind of proxy server. So…
-
Hack the Gibson #91
Read the reason for these posts. Read Steve Gibson’s response. This was an interview episode, so there is not much I can comment on. SpinRite appears again to save the day, again without the notification that backups are important and that a hard-drive which had a physical failure is very probable to fail completely in…
-
As one podcast goes away an other one starts
I’m Cd-MaN and I’m a podcast addict 🙂 I listen to many podcasts, most of them related to technology, but the Linux podcasts have always had a special part on my mp3 player, because I’m a beginner with Linux and I want to learn as much as possible about it. So here are the Linux…
-
Hack the Gibson #90
Read the reason for these posts. Read Steve Gibson’s response. Towards the start of the show Leo mentions that SSL certificates used by the sites to authenticate themselves to the users are single-factor. And this is true, however one has to add that there is nothing wrong with single-factor authentication as long as good security…
-
Hack the Gibson #89
Read the reason for these posts. Read Steve Gibson’s response. Related to the SpinRite story (which are present in every episode): again, I don’t know WTF (pardon my language) people are doing with their computers, but in my 15 years of computer usage I never (knock on wood) had a hard-drive fail on me or…
-
Vulnerabilities and hype
Take some vulnerabilities, don’t investigate the conditions which are needed to exploit them, and you got a good old fashioned security hype. The gist of it: there are some flaws in the ActiveX controls VMWare installs. The possible attack scenario for these vulnerabilities looks like this: The user has VMWare (or VMWare Disk Mounter for…