Thursday, December 28

How to Obscure Any URL

Well, maybe not. I found this article off of Digg and stored to view at a later time. Initially, I was very excited as you will encounter url obfuscation when working with malware and phishing.

Unfortunately, the specific techniques no longer work on Firefox 2.X or IE 6. The concept is something worth investing some time into.

I need to research if any, more recent, documents are available.

Wednesday, December 27

The new migration from D.C.

The Washington Post has a story about a new migration taking place on the east coast. It seems some of our federal agencies see it fit to move just a bit west, out of D.C. -- just enough to be outside of a blast zone (a 50 mile radius). Sounds like data center move time!

Link the the complete article here.

Blast zone or not, I welcome the move. I am pretty shocked this hasn't started sooner ... unless this is just an article to hype the local real estate markets. Hmm.

Anyone want to invest in some local data carriers in the Winchester, VA area?

Tuesday, December 26

Online Nmap Scanner

Matousec also provides an online Nmap scanner. Fun stuff.

Play with it here.
Get the old school edition here.

Personal Firewall Analysis (Windows)

Matousec has posted a very interesting leak-test report on Windows firewall software. Most all the big names made the party, but few faired very well.

In short, Comodo and Jetico own, while Windows Firewall is horrible.
Read the complete report here.

Note: they later go and slam Comodo here -- however, they slam everyone.

Bootable security distro on your USB stick

Ever use BackTrack? Here is a very nice article on how you can boot the OS from your USB stick. They even have a bit about using it with Windows and the ever-handy VMware Server.
Get the article here.
Find other fun tutorials here.

... sort of like making BackTrack something you would find on portableapps.com

Saturday, December 23

Republican Aide Tries to Hire Hackers

Yesterday, /. posted news about a Republican Aide that wanted hire hackers to change his grades. Let me lead off by saying I do not care about political affiliation or even the fact this is a government employee. So what? Not my blog.

I will assume this guy had a bad G.P.A and was looking to get into a good grad program at Foo U. I do think it is interesting he went to Texas Christian University, whose mission is evidently not shared by at least one of their former students.
Our Mission
To educate individuals to think and act as ethical leaders and responsible citizens in the global community.
Anyway, enough of that stuff. Let's get on with the humor!

Take a moment and read the entire email thread from the fine people at Attrition.org. Trust me, it is worth it. Here is also the link to the Network World news article.

I loved the humor factor - rot 26 is some pretty serious stuff! I remember a rot 13 question in the text "Puzzles for Hackers", and who asks for photos of pigeons or squirrels? Classic. Who doesn't love a squirrel? Thanks to this email thread a new form of squirrel authentication has been born! Thank you squirrels!

A bit more on my above reference to rot 13 / 26.
Check out rot13.org here.
They also have a calculator of sorts here.
With rot 13 the letter "a" would equal "n", "b" is "o", and so on. If you think about it, rot 26 would start you right back at the beginning. "a" to "n" and back to "a" -- thus the humor.

In short, rot 13 is a prepackaged Caesar-cypher with a known jump of 13 places.

I seriously wish they would have asked for a photo of a horned frog.

Monday, December 18

Gartner Highlights Key Predictions for IT Organizations in 2007 and Beyond

While reading the IT-Observer, I found a link to the 2007 Gartner Key Predictions for 2007. I was very thankful for the lead on the article, however I wanted the other predictions.

Egovernment.com wasn't afraid to fill me in ... link to article.

And the eye opener
By the end of 2007, 75 percent of enterprises will be infected with undetected, financially motivated, targeted malware that evaded their traditional perimeter and host defenses. The threat environment is changing -- financially motivated, targeted attacks are increasing, and automated malware-generation kits allow simple creation of thousands of variants quickly -- but our security processes and technologies haven't kept up.
I break it down on the following points
  1. Financially Motivated Malware? An example would be nice. If we locked down our web browsing and quit running our browsers with administrative privilege, this wouldn't be as big of an issue. No, myspace is not work appropriate -- even if you work in skip tracing.
  2. 75% will be infected -- what about the other 25%? Are they "clean" from habit or luck?
  3. Financially Motivated -- this is important. If we have monetary value associated with a risk, then follow the money. Gone are the days of nerds just playing, where attacks were loud and obvious (think Nimda, Code Red). Now we have state sponsored hacking and even mafia supported attacks -- not to mention your own employees.
Some thoughts
  1. Lock down internet access - proxy, white list -- whatever, just clean it up.
  2. Monitor your email. You would cry if you saw what was being sent outbound each day.
  3. Use psexec to limit browser rights or use another OS all together. Link here -- Thanks Allen.
  4. Start thinking from the inside out. Do you have low paid, high turnover employees, with access to valuable information? -- stuff like that.

Sunday, December 17

Legal Aspects of Computer Security and Information Privacy

Last week I registered for my last class at Capitol College. My thirty fourth, fifth, and sixth credits will come from IAE-671, Legal Aspects of Computer Security and Information Privacy.

Two of the texts are: No Place to Hide and Darknet : Hollywood's War Against the Digital Generation (possible yawnsville). The good news is most of our reading is provided via links to PDFs and other online information, hopefully it won't be too dated.

Our professor, David Ward, is an attorney for the Federal Communications Commission and worked on the Communications Assistance for Law Enforcement Act (CALEA).

I have high hopes for this course. It begins the first Wednesday of the new year.

Thursday, December 14

IndySec 3

IndySec 3 is December 20th.

Ain't no party like a laptop party.