01.31.07
Posted in Personal at 9:05 am by Tyler Reguly
So I found a link to the Business Opportunities Weblog today and the "How Much is Your Blog Worth" calculator. It's an amusing page which returned the following results:
I'd have to say that while I'm really attached to my blog... if anyone wants to buy it for 15 grand... I'd be willing to sell.
SpamMailBag.com returned a much lower value:
What does this mean??? Not a whole heck of a lot, but it's interesting to play with...
That being said... the nCircle blog (Which recently underwent major reformatting) is valued at 34K:
Just something amusing to play with.
Permalink
Digg this post
Posted in Daily Link List, Uncategorized at 7:56 am by Tyler Reguly
One of the websites in my RSS feed that I really enjoy is LinuxSecurity.com. The site compiles outside links from various news sources and presents some of the more interesting ones on a single page... however it's not without issues... From the RSS feed, you are constantly getting "Page Not Found" errors... and you have to return to the main page to click the link for the article.
Anyways I was over there looking today and I found some rather interesting articles available:
Stompy Session ID Analyzer -- This is a great concept... I haven't tested it yet so I can't quite say great tool. People quite often create their own Session IDs... this will let you see if they're based off anything.. or if there's a pattern available... Download Link (tgz)
AJAX Fingerprinting Web 2.0 -- Another great concept... As people move to this new world of Web 2.0 applications are being built on frameworks... GWT, PyJamas, ASP.NET AJAX, etc... More often than not when these frameworks are flawed... the applications based off them will also be flawed. The concept of AJAX fingerprinting gives us:
Ajax fingerprinting can help in deriving the following benefits:
- Vulnerability detection – Knowledge of the framework on which a web application is running, allows the mapping of publicly known vulnerabilities found for that particular framework. Example – DWR client side vulnerability.
- Architecture enumeration – On the basis of derived information from fingerprinting it is possible to guess application architecture and inner working of a system. Example – Atlas (.NET application framework), DWR (Servelet/JavaScript combo).
- Assessment methodology – Derived information from the fingerprinting phase can help in defining future assessment path and vulnerability detection methods. Example – Deciding on JavaScript-scanning.
Download Link (pdf)
These last two are just news articles...
2006: The Year Hacking Became a Business
Vulns Spiked 39% in 2006 according to an IBM ISS report.
Permalink
Digg this post
01.30.07
Posted in Daily Link List at 11:31 pm by Tyler Reguly
I've got some things to do before bed... but I wanted to make sure I shared these.
Digital Bond has released a SCADA Honeynet... It emulates a fairly popular PLC and it sounds like a fairly interesting idea... First thing tomorrow I'm going to give it a look and let everyone know what I think.
Other than that I just wanted to point out Jeremiah Grossman's blog for those that don't read it... or rather two great posts that he published today.
The first post was Input Validating or Output Filtering, which is better. Not only does the article give a clear explanation of the two preventative measures, but it also gives examples.
The second post is The Difference Between Security Assessments and Penetration Tests. It's focused towards Web Application Security, since that's his field of expertise, however it can be applied to any aspect of security.
That's all for today... short and sweet.
Permalink
Digg this post
Posted in IT at 1:13 am by Tyler Reguly
As I was making my final read through bloglines before calling it a night, I noticed a new post on StillSecureAfterAllTheseYears.com. The post is, surprise!, yet another on NAC... but that's cool everyone seems to be talking about it these days... It's on a new feature in Extreme XOS. The "new" feature isn't that new... Cisco users may recognize it as DHCP Snooping with IP Source Guard or even NetReg wth a few custom scripts to query DHCP leases and enable/disable switch ports (which would be entirely free btw). So Alan's post is describing how if you don't want to the infrastructure change to support 802.1x and are stuck with DHCP NAC then Extreme offers this amazing new feature.
The problem is that none of this is new... While I was still working at the college we were discussing implementing NetReg with some custom scripts.. I even had a test implementation up and running... and Cisco's DHCP Snooping with IP Source Guard has been around for a little bit now... So where does that leave us... From a pure technology standpoint we have nothing that would be considered "new technology"... From a product standpoint we have a product that has finally implemented features that the competition has.
One thing I've done lately is attack people for their bias... Agnitum, WebRoot and now Alan Shimel... At least Alan can come out and say that he's biased... which makes this read even more like a press release or advertising than a blog post that's informing readers. This "new" feature has only one target audience to whom it's an advantage.... existing Extreme customers because they previously lacked this feature... and at least it is somewhat presented that way..."Here's a new "nice to have", should you already have the equipment"...
I'd previously heard good things about Extreme... some friends had tested and deployed the software and had spoken highly of it... especially of the NAC features... Having never used it personally, I can only reiterate the description I was given... the description of a device that allowed all the benefits of 802.1x without requiring an OS that supported 802.1x because it relied on a webpage for authentication, making it function seemlessly cross-platform.
I also enjoyed reading StillSecureAfterAllTheseYears... It's a regular on my daily list of blogs to read and generally one of the first ones I'll read if I see it updated in bloglines. But I go to blogs for information and entertainment... not to read ads.
Perhaps a better way to approach this would have been to do what most vendors do... involve a third party... There are plenty of sites that provide reviews of hardware and software that has been provided to them... Hell.. Extreme can send me a switch and not only will I review Trusted DHCP Server but I'll review all the features of XOS... I'd be more than happy too... but I'm not associated with it... so I can provide an unbiased opinion...
Peace,
HT
Permalink
Digg this post
01.29.07
Posted in IT, Tools at 4:32 pm by Tyler Reguly
Just a quick post to let everyone know that WinPcap 4.0 has been released...
From the announce email:
As of today, WinPcap 4.0 is available in the download section of the
WinPcap website, http://www.winpcap.org/install/ .
This software release contains major improvements to the kernel
driver, which has been thoroughly reviewed (and partially rewritten).
As a result, WinPcap 4.0 is extremely more reliable and stable than
previous versions!
The 4.0 version also adds the long awaited stable support for x64
platforms, including Windows XP and the upcoming Vista.
Finally, this release includes support for the CACE Technologies
Wireless AirPcap Adapters, the first open and affordable solution for
Wi-Fi capture on the Windows platform.
Full details of the changes can be found in the change log attached at
the end of this message.
As always, we profoundly thank all the users that tested the
development versions of WinPcap 4.0, it would not have been possible
without your help and precious suggestions. Thanks!
Gianluca Varenni
WinPcap Team
Permalink
Digg this post
Posted in IT, Security at 2:26 am by Tyler Reguly
According to MOAB's advisory the Windows version of Quicktime (7.1.3) is vulnerable to CVE-2007-015. Secunia futher narrows this down by telling us that 7.1.3.100 is the vulnerable Windows version and says to apply Security Update 2007-001 to fix the problem.
In my last round of Bloglines reading before bed, I stumbled across a new post on the SBS Diva Blog, claiming that there wasn't a Windows patch for CVE-2007-015. I did some searching -- Downloaded the newest Quicktime from the Quicktime Site, Checked the Apple Support Downloads page, and ran Check for New updates inside Quicktime. None of these yielded an update and I'm still at version 7.1.3.100 (I updated my Mac since it popped up with a nice update message... but didn't think to look previously on Windows).
I'm sort of curious about this so I've fired off email to both Apple PR and Quicktime Support. Should I get a response... or anyone know another (more "out-of-the-way") method of updating the Windows Quicktime, I'd love for you to share it.
Permalink
Digg this post
Posted in IT, Tools at 2:18 am by Tyler Reguly
This is just a quick post to let all my readers know that IIS.net has launched a new Download Center. You can consider it your one-stop-shop for IIS Tools and Add-Ons.
Permalink
Digg this post
Posted in IT at 1:38 am by Tyler Reguly
I was just glancing at my bloglines feed before heading to bed and I noticed a couple of new posts by Robert Scoble. One of these, Breaking News: Adobe to release PDF to ISO, caught my eye. The fact that Scoble is so on top of things explains why he's ranked #9 on Forbes.com Top 25 Web Celebs (I found out about this listing via a post on Amber MacArthur's Blog).
Anyways... Adobe has released a press release stating that they will be passing the PDF 1.7 Specification to AIIM (Enterprise Content Management Association) so it can be passed to the ISO for publication.
The most I can do is share this because ultimately I don't know the benefits of being a standard... I'd love some insight on the subject...
From reading the ISO Website I've come up with the following list of benefits:
- Internationally agreed upon features such as terminology, compatibility and interoperability.
- Provides the requirements a product must meet and a method of measuring that those requirements are met
I suppose this is also a smart business move since ODF is already a published standard... It also makes sense to move towards standardization from a business sense... Standards can be complied to... and with current compliance pushes in various markets... this could include the use of PDF as the standard method of trading information...
So my question is... Will PDF be a Freely Available Standard (A short list, considering the more than 16,000 (according to the ISO in Brief publication) Standards the ISO has published, but surprisingly (to me) it includes C#)?
Permalink
Digg this post
01.28.07
Posted in IT, Tools at 9:45 pm by Tyler Reguly
I'm a big fan of VMWare Server... I have VMWare Workstation on my Desktop but on my laptop I use VMWare Server... It's handy and the ability to allow others to remotely connect to it is great. It's also free.. which means not having to buy an additional license.
I hadn't used VMWare on my laptop in a little while and I went to run it this evening... Imagine my surprise when I couldn't run it... I got an error message that I'd never seen before.
/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libpng12.so.0/libpng12.so.0: no version information available (required by /usr/lib/libcairo.so.2)
I did some googling and came across this forum thread. I tried a couple of the options provided and most of them proved fairly useless... Then one of the suggestions saved the day.
Uninstall libdbus-1-2. There were no dependencies to it... (a small python package and that was it)... and as soon as I removed it and reinstalled VMWare Server it was up and running like a dream.
Permalink
Digg this post
Posted in Daily Link List at 8:02 pm by Tyler Reguly
Just a few things that caught my attention today..
We'll start with a post over at ha.ckers.org by RSnake on the ability to have an emergency sequence linked to your account for emergencies... It comes out of a (potential) myth that entering your PIN in reverse at an ATM will summon the police. It's an interesting idea. There are benefits to this everywhere... Passwords, PINs, Alarm Codes... Perhaps a push should be made to make it the new standard...
- Your Bank Card is associated with two PINs... One that allows you to withdraw money and one that gives an insufficient funds message, locks the account and summons police to the ATM in question.
- Your Alarm could have two codes.. One that disables/enables the system and one that sends a silent alarm to the alarm company signaling that you entered the code under duress.
- Online banking could have two passwords for each account. The first password logs you in, the second locks the account and notifies the bank of possible fraudulent transactions.
- Two passwords for your operating system, email, or anything else. One password logs you in, the other locks the account... recording the Terminal in use, the IP the connection came from or other information depending on the service in question. As RSnake mentions, you could write the "safe password" on a post-it... This could be your warning sign that someone has been casing your office looking for passwords.
Next up is an interesting little side note... Nokia's Website was defaced...
Up next we have Ubuntu install.exe. I was directed to this "feature" by an article on freesoftwaremagazine.com. The article has a lot of valid points... However I think the biggest point is made by the install.exe wiki entry... Reading through the write-up it feels like it's been written by kids... The members of the Linux community that give that very community a bad name. Comments, like the ones I'm going to list, keep me from ever using this in a production environment and stop me from even wanting to experiment with it on a test system.
Some of the Comments:
- "The elimination of the need for partitioning, and thus the chance of data loss, will help ubuntu gain acceptance in the corporate world." -- It isn't the need for partitioning that keeps Ubuntu out of the corporate world... and anyone who would think such a thing has very little knowledge of the corporate world. Also, with todays tools... partitioning, or modifying existing partitions (which is what they are talking about), seldom leads to data loss
- "The elimination of the need for an installation CD will allow users without CD burners or spare CDs to try ubuntu, ease burdens on ShipIt, and allow installation on ultra-portable laptops with no CD drives." -- Didn't we already do this with Linux that boots of a USB Thumbdrive.
- From one of their use cases: "inexperienced Windows user who is tired of viruses and crashes" -- The viruses and crashes don't come from being a Windows user... they come from being inexperienced... This reads like the writing of a Linux Zealot.
- From the same use case: "he downloads it, runs it, clicks "OK" through the installer" -- Should we really be recommending that people "Click OK through the installer"?
- From another use case: "Peter is an amateur video editor who is interested in trying out ubuntu." -- Wouldn't a live CD be better than a prototype installer... After all a video editor is going to have a CD drive.
There are additional issues with the write-up that push me away from ever trying this software (at least until the Authors become more mature in their actions and write-ups)... but I think you get the idea.
Another short comment... Robert Scoble posted an interesting question on his blog... "Do A-list Bloggers have a responsibility to link to others?"... I'm definitely not an A-List blogger but I think all bloggers have a responsibility to link to others.... and I think linking to only the big blogs is a mistake... I'd like to think that the smaller, less popular blogs (like this one) have just as much to offer and sometimes interesting little tidbits of information are missed by avoiding these smaller blogs.
So today's write-up is short and sweet... I'm just going to take you back over to ha.ckers.org and another post that RSnake made today... For this one, I'll just say that I think it's a cool idea and I look forward to seeing the finished product. Now I'll quote part of RSnake's post:
Several months ago Syngress Publishing asked a few people to help contribute to a book on XSS. The contributing authors are Jeremiah Grossman, Anton Rager, Seth Fogie and yours truly. We are still several months away from completing the book, but we are well on our way. Sorry I didn’t tell you all earlier, but I was just finally allowed to start talking about it.
Permalink
Digg this post
« Previous entries
