People always complain about Captcha’s, especially the very obfuscated ones.
I was browsing a supplier’s website, and one of their forms had a Captcha at the end of it to verify that I was human.
Unfortunately I couldn’t pass the test.
It appears that RSA’s servers have been compromised and SecureID may be affected.
http://securosis.com/blog/rsa-breached-secureid-affected
RSA have filed an 8-k – see Here
Every day I come across various machine configurations; some are fantastic and others…well, let’s just say I wonder how in the heck they are still able to work.
People seem to forget that they need to maintain their computers. Clean up the temporary files, run a disk check, run a defragmentation program. It’s not a difficult regime, but one that many people seem to forget.
Read more…
One of the problems in IT is that there is very little to go on, in terms of ensuring things are done “The Right Way”.
For many people “The Right Way” is just the way of doing things that they are used to, and anything else is “wrong”. The problem with this viewpoint is that there are various ways of resolving issues or configuring servers, some are just more efficient than others.
To be fair, I’ve seen some pretty horrendous implementations of DHCP and DNS services on Windows Server operating systems over the years and it’s something that gives me something of a nervous twitch… I’m sure there have been servers that I’ve set up in the past that have made my colleagues do the same thing, but the main thing is that we learn, and we look at how it is/isn’t working and the error messages the Operating System gives us.
I hope to help over the next few weeks with some practical guidelines on setting up these sorts of servers on a Windows based OS and how you can avoid some of the pitfalls I see on a daily basis. Will my way be “The Right Way”?. No, but it should help resolve some commonly seen issues.
As many of you may know, Egypt went through what can only be described as an Internet Blackout.
The president ordered that all external access through the internet, cell phones calls, and sms messages be cut off. It was certainly interesting watching the bgp announcements with the dropped routes from the announced prefixes.
With internet connectivity being restored after 5 days, and text messaging also being re-enabled (despite some protests about the govt using it to send incorrectly attributed messages to subscribers…) we have to ask ourselves the question “In a modern civilization where so much relies on communication, do we place too much faith in concentrated exchanges without suitable independent redundancy of transit links?”.
Those of you following the recent tech news will no doubt have come across the tidbit about the last of the unallocated ipv4 blocks.
We are down to 5 prefixes, one of each which will go to the 5 Rirs.
Have we run out of space? No… But the unallocated pool is looking shallow these days.
The move to ipv6 will be gradual as there is still a lot of debate about the features and pitfalls. It is a major paradigm shift in the way we consider networks, routing, address allocation and the like.
More to come as I get back in to my blog.
Interesting article from Ben Strong on how Google and Microsoft “cheat” on their page load times. Please note though that neither site actually break the main RFC, they just don’t use the default settings:
http://blog.benstrong.com/2010/11/google-and-microsoft-cheat-on-slow.html
Sophos have reported on a UAC bypass. The Proof of concept requires little bit of a complex setup, but this certainly helps to explain why we’ve been seeing so many win32k.sys-based exploitations of late. See: http://nakedsecurity.sophos.com/2010/11/25/new-windows-zero-day-flaw-bypasses-uac
The TDL series of rootkits has certainly been prevalent amongst Windows machine recently, and the recent release of the TDL4 variant certainly has presented itself as a thorn in the side of many a technician. Assuming that you have removed all other threats from the machine, the newest version of MBR by GMER has successfully removed the virus from it’s current hiding place in the MBR.
I would also heartily recommend combofix by sUBs. Whilst this virus removal automatic swiss army knife does contain mbr.exe, I would recommend running MBR.exe on it’s own first before using combofix just in case your variant of the virus blocks parts of combofix and makes the machine unbootable.
Bitcoins Accepted