Ever hear of Flat Stanley? Well if you have a school age kid you will or already have. Help out my son by printing out and posing with his Flat Stanely Take a picture and send it back to me at holden.tech at gmail.com or twit pic it to me on twitter @jeffh Just let us know where the picture was taken.
for some reason to get sshd to work with cygwin I had to do this
editrights -a SeTcbPrivilege -u cyg_server
editrights -a SeAssignPrimaryTokenPrivilege -u cyg_server
editrights -a SeCreateTokenPrivilege -u cyg_server
editrights -a SeDenyInteractiveLogonRight -u cyg_server
editrights -a SeDenyNetworkLogonRight -u cyg_server
editrights -a SeDenyRemoteInteractiveLogonRight -u cyg_server
editrights -a SeIncreaseQuotaPrivilege -u cyg_server
editrights -a SeServiceLogonRight -u cyg_server
I am playing around with konboot after first hearing about it on the Hak5 podcast. If you haven’t heard about it, it is a boot disk you can create on a floppy, CD or USB drive (see Irongeek’s site for USB instructions). The disk changes the windows or Linux kernel on the fly while booting to allow you to bypass the login password. In windows you just use any valid user name and a blank or garbage password, you will then be logged in as that user and can access all their files. So naturally you will probably want to try the local administrator user which will allow you to access all files on the computer. In Linux you will use the user name kon-usr and no password. This will give you full root access on the Linux machine.
I have found it works well if the system is not muti-boot. On my systems which are all multi-boot it would only work on one system and only on one OS which happen to be EEEbuntu. My other laptop gave me error about the cylinder number being too high like the old school days of LILO where the boot image had to be below cylinder 1024. I am assuming this is the same issue as the days of old. Also a caveat don’t use Konboot to login to a domain account on a computer that is connected to the network. This will disable the account on the domain and won’t allow you to login. In most environments user credentials are cached in case the network goes down. So air gap the computer before using a domain account.
Remediation steps are fairly simple. Lock the bios with a password and only allow the system to boot from the hard drive. This should already be in the check list of task to perform when deploying a new PC. Since this type of threat isn’t new kon-boot just make it a little simpler to access the PC than loading up a live linux distro like knopix. If there is any sensitive information on the hard drive encryption should be used of course since if someone steals the computer or hard drive its game over. With the breach notification laws in most states that is not a fun proposition.
I was setting up a test VM with 4 one TB SAN LUNS. After successfully creating and testing the VMware image I blew it away without touching the LVM. After greating the production image I tried to add the LUNS back to the LVM and I of course got errors when adding the LUNS to the LVM. The meta data for the old volume group was still there and the OS refused to add the LUNS to the existing volume group. I then tried to remove the volume group with the vgremove but since the devices with the UUIDs themselfs were long gone I could not do it.
I finally found a very simple solution just DD the damn things with zeros. That will blow out all the metadata. So for each lun I ran
if=/dev/zero of=/dev/XXX bs=512 count=5
Probably only needed a count=1 but what the hell I don’t care I didn’t have anydata on the LUNS anyways. After that running lvscan came back clean with no orphaned UUID’s and I was able to initialize the LUNS again and add them to the new volume group.
This series by Keith Loutit really make me want a shift tilt lens. I have seen plans online to make one since I will never be able to afford one.
Bathtub II from Keith Loutit on Vimeo.
There is an article on Reuters about flaws in Adobes flash video on demand services such as Amazon and Hulu. The author writes
“The problem exposes online video content to the rampant piracy that plagued the music industry during the Napster era and is undermining efforts by retailers, movie studios and television networks to cash in on a huge Web audience.”
What? This is an opinion did you ever take a journalism class Mr. Wakabayashi you are supposed to be objective. You report the facts you don’t regurgitate the lines from the MPAA. This is no big deal the people who would have pirated movies already were anyone can download Handbreak for free and rip 99% of the DVDs on the market today. So who is going to pay for software to pirate DVD’s that I can get with a Netflix subscription for $19 a month? I would guess not very many. Just so you know Mr. Wakabayashi music piracy today is probably more rampant than it ever was in Napster’s day despite all the RIAA lawsuits.
DRM is fundamentally flawed as it is. If a movie is encrypted it has to be decrypted to be displayed on the screen at some point. You are giving the consumer the crypto key to decrypt the file. The key is just cleverly hidden and or obfuscated. Given time all DRM is broken. Adobe will come out with a work around and then it will be game on again for the small companies who are selling the software to record flash movies. The dance will go on and on as it has for every other DRM technology. Oh and Mr. Wakabayashi this is my opinion you see this is a blog not a news article.
Note to self use IE History View to view index.dat files for IE7. Index.dat spy no longer works.
On second thought just use encase.
I hear this argument all the time that Mac OS X is better than windows becuase it is more secure. The proof alot of people stat is there are very few virus and spyware on OS X. Yes that is true there are also very few on OS/2 warp, minux, BeOS, windows 3.11, NT 3.51, Irix, linux, solaris, BSD, and pretty much every other operating system know to man compared to windows. That doesn’t make them more secure. That makes them a small target compared to windows, it doesn’t make OS X more secure. There is a reason why tons of bugs were found in safari when Apple ported it to windows. Was the code so different from the OS X code base? I doupt it, there are many more automated security tools build for use on windows which also makes it that much easier to find the flaws in XP and Vista than in OS X. Any one who thinks apple cares that much about security let me remind you it took apple three weeks to patch the DNS vulnurability!! Weeks after there were working exploits. The larger the market share grows for Apple the more virus and malware you will see released targeting OS X.
Apple fan boys please don’t bug me. I personally use a mac as my main lap top now. I personally like OS X better than Vista and XP because I am a unix fan boy. But that is a personal choice. Also Linux fan boys I love linux and am a RHCE but I need an OS for my day to day work where I don’t have to wory about breaking everything because I upgraded lib c compat, or installed a new kernel. I run Cent OS on all my servers when I can and I also have another Ubuntu laptop that I use for certain security tools. Windows fan boys, securing mainly windows boxs is my bread and butter. Windows with AD in an enterprise is the way to go.
Best damn fark comment ever.
“I like to eat a bowl of Kraft Dinner (a.k.a. “KD”) while watching some opera or ballet. There’s nothing better than a little arts & Kraft.”
In response to winy poor Canadians not wanting to eat free kraft mac and cheese.
The University of Washington has released a free and open source system for tracking computers called Adeona. I have installed it on my work laptop and it gets the job done. This is a great solution for home users as it works on Linux, Mac, and PC and doesn’t require anything else from the user as far as a server or service fee to use it. There are some defiant short comings though.
For my purposes I think it would be better just to write a program that posts the computer name and IP address to web server that stores the information in a MySQL database.
|
