ETC Blog, The Tech Resource
So Much for Apple’s Higher Security
Digital Society » Blog Archive » Apple keyboards hacked and possessed. BSD IS more secure than windows by default but no operating system is immune to stupid implementation. Exposing root or writing applications to run as root but not tell the operator are examples...
Firewall Server Offerings Set
It is going to be either Astaro or Untangle. Depending on what the clients needs are. Ipfire feels kludgey and ipcop isn't really designed for modern hardware and is a bit too basic for my needs. Comixwall is a typical Debian distro..if you want to live in the cli...
Centos Comes off of Life Support..But is the Project Truly in Recovery?
According to the Centos homepage: The CentOS Development team had a routine meeting today with Lance Davis in attendance. During the meeting a majority of issues were resolved immediately and a working agreement was reached with deadlines for remaining unresolved...
Best and Worst Security Award Winners From the Blackhat Conference.
Pwnie Award Winners. I like this. It shows that nothing is sacred when it comes to security..:)
Anyone Can Get Compromised
When 'Big Leaguers' Get Hacked | threatpost.
Business Banking Should Not Be Done With Insecure Browsers
Security Fix - The Growing Threat to Business Banking Online. NO clients of mine that have run Firefox instead of IE and followed my best practices advice have gotten infected with malware. If you don't get infected online baking is perfectly safe from your end.
Fixing Activex by Disabling Parts of it Proven to not be the Solution
Researcher Shows Killbit is No Defense on MsVidCtl Flaw | threatpost. When you have a technology(Activex) that allows access directly to the kernel there is only one way to secure it..remove it. I have posted about this multiple times. Microsoft it is time for you...
What the BOOM post means to ECC clients
For the clients running centos I am going to be researching other alternatives. Right now no servers are in danger of being unable to update. I will keep everyone informed as to how this situation unfolds.
When an OPen Source Project Goes BOOM!!!!
Read this site: Planet CentOS. It turns out the CentOS project is under the control of one person and that person has decided to disappear..for over a year. All monies that got donated did not go to CentOS but to the founding individual. This type of thing can...
New Server Location
I have relocated this site to a new server. It is actually a virtual machine on a physical server. I have noticed a 50% increase in performance of this site. I hope you enjoy the new speeds.
Security issues with sudo in Ubuntu
Security issues with sudo « Mihai's Weblog. I have always thought Ubuntu's way of locking out direct root access was nonsensical. It now turns out it worse than that..it's Microsoft-ish.
Oracle Could be Sending Solaris to the Great Bit Bucket in the Sky.
Is Oracle getting ready to kill OpenSolaris? - Computerworld Blogs. I think it's beyond open Solaris I think it's also Solaris as well as Mysql and Virtualbox.
Another ActiveX Remote Takeover Issue
Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution. *sigh* When will ms and others learn? Head to this page for the fix. Head to the fix it for me section and click on the fix it icon under enable workaround. Download and...
MS Joins the “Cloud Club”
The Complete Guide To Microsoft’s Office 2010. All cloud computing is the re-emergence of the mainframe to terminal model using hte internet as the mainframe. However unlike the mainframe the cloud is inherently insecure(I don't care what these folks say) and if...
Another Activex Vulnerability but This one is a Zero Day Attack.
Microsoft Security Advisory (972890): Vulnerability in Microsoft Video ActiveX Control Could Allow Remote Code Execution. What does this mean? Zero day means the bad guys were exploiting it BEFORE anyone else knew about it. What this flaw menas is that if you...
A MIsguided Attempt at Reducing Security
Full Disclosure: imageshack - pwned for anti-sec.. They also hit an outfit called SSANZ. Full-Disclosure is not meant to make money. If full disclosure did not exist many security issues would never be known by anyone except the bad buys. Companies like Microsoft...
Things are Moving Quicky now
It's very hard to keep up with things moving as fast as they are. I can relay them verbally faster than typing sometimes. Watch this space for some updates.
The Partitioning Myth
Many folks have not realized that modern filesystems in Windows negate the need for partitions. Back in the 16 bit days when partitions could not exceed 2 gigs or less this was necessary. Partitioning is a throwback to DOS and in the modern file systems this is...
Carbonite isn’t worth your money if you have more than a little bit of data
I have spent the past few days working with level .5 techs(in terms of the knowledge of their own product) trying to get carbonite to restore the data it so willingly allowed me to upload. Nowhere on the site does it mention a 50 gig cap and then they slow you down...
Finally got around Carbonite’s failure AND SBS 2008’s failure
Luckily mounting the .vhd worked..but not without it's own issues. The instructions i talked about in my last post forget one thing. The weird filename that the system generates make the vhdmount program barf. I also wound up having to put the files inside the...
SBS Backup is not a good tool for disaster recovery..not sure cloud backups are either
If you read my earlier carbonite post it started because i had my server decide it would corrupt itself. I did not catch it for a copule of days which meant my backup had corrupted OS files on it. It turns out you can only restore the entire volume, disk, or...
Carbonite Restore = Fail
I was excited about carbonite. The backup side works great...the restore is a disaster. Two days after a server crash and i am waiting on carbonite to give me back my files. SBS 2008 backup sucks for DR and i was depending on carbonite to save my behind. After...
Conficker Collateral Damage for March 2009 – Sophos Blog
Conficker Collateral Damage for March 2009. This is one side effect of the conficker worm. Since it generates random doains to try to get instructions for if your site is the site of the day you are going to get hammered. On March 13 it will be southwest airline's...
The latest Worm out There for Windows Folks to Worry About
Protecting Against the Rampant Conficker Worm - PC World. It's called conficker or downandup and it's another attack against a bad design in the windows system. Conficker affects ALL versions of windows in one form or another. The primary means of infection is...
Microsoft Fixes a Long Time Bug
After CERT warning, Microsoft delivers AutoRun fix | ITworld. It's about time. I have been trying to kill U3 forever among other autorun enabled garbage. ALL ECC managed network will get this patch pushed out to them.