AITD Blogs and Blatherings

Conversations About The Internet #5: Anonymous Facebook Employee – The Rumpus.net

AITD — Mon, 15 Feb 2010 18:00:11 +0000

Conversations About The Internet #5: Anonymous Facebook Employee – The Rumpus.net.

It cannot be stated that this article is based on an actual conversation, but the scenario is certainly plausible. Most computer security, system admins, and network engineers, have indicated many times that such activity is a must have option. Not only is it needed for [...]

Using Knockd to increase Linux security

AITD — Sat, 26 Dec 2009 04:58:47 +0000

A number of Linux servers require remote ssh access but not all need allow anyone to access or attempt to access them. One of my larger pet peeves is dealing with the shear amount of bandwidth that is lost by unauthorized access attempts to the Linux servers I admin. Simply setting a server to face the Internet and keeping it running is work enough. Within hours, and sometimes minutes, the host is port scanned, nmapped, and subjected to dictionary [...]

How can a password be remembered easier

AITD — Sat, 21 Nov 2009 18:09:16 +0000

Again, we are faced with the original problem of writing down complex or hard to remember passwords. Combinations that must include upper and lowercase letters, numbers and possibly one or more special characters such as $, @, (, or !, add to the difficulty of remembering the password. Often, a passwords complexity can be increased by substituting special characters for the word's vowels, but again, if a word exits in the dictionary in the first place, a simple script can automatically subsitute the special characters for the vowels. It can also do it on the fly. Thus the attack need only the dictionary list to manipulate through a series of programmed [...]

Schneier on Security: Balancing Security and Usability in Authentication

AITD — Mon, 16 Nov 2009 16:42:43 +0000

Users forgetting their passwords can be expensive—sysadmins or customer service reps have to field phone calls and reset passwords—so some systems include a backup authentication system: a secret question. The idea is that if you forget your password, you can authenticate yourself with some personal information that only you know. Your mother's maiden name was [...]

That p0rn aint mine: convicted anyway

AITD — Mon, 16 Nov 2009 15:44:57 +0000

I have stumbled upon a number of articles that show the potential danger of not paying attention to your own computer's condition. Apparently, some legal cases have resulted in the destruction of the lives of people accused of having child porn on their hard drives, yet they were unaware of the problem. The machine had been taken over by malware or some virus/worm that allowed remote porn users to access the machine much like a proxy. These remote users would then use the machine to not just surf and collect pictures but also store them on the same machine for future [...]

Detecting Botnets

AITD — Mon, 09 Nov 2009 15:25:50 +0000

Detecting Botnets.

Great article (with pictures!) demonstrating the whole concept of IDS.

AV-Comparatives – Independent Tests of Anti-Virus Software – Main-Tests

AITD — Fri, 06 Nov 2009 20:24:33 +0000

AV-Comparatives – Independent Tests of Anti-Virus Software – Main-Tests.

New test results are out. Of those tested, four I use on a regular basis in a Windows environment. Symantec on corporate machines. Avast, AVG, on personal machines. Bitdefender for the really pesky problems that none of the others catch on the fly. Bitdefender’s Live Linux CD [...]

Schneier on Security: The Techniques for Distributing Child Porn

AITD — Mon, 02 Nov 2009 19:29:03 +0000

Schneier on Security: The Techniques for Distributing Child Porn.

Interesting information about how such information continues to flow in the Internet. As you will see, the process and methods are complex but profitable for these people.

Warning!! While the link above contains sanitized information, the link it contains will send you to another wiki site and a [...]

Cybereffect.net | HowTos / RemoteBackupsUsingRsync

AITD — Mon, 02 Nov 2009 18:21:39 +0000

Cybereffect.net | HowTos / RemoteBackupsUsingRsync.

Remote backups are very useful but some Linux users do not make use of the option. Even home LAN Linux users can take advantage of the power of rsync.

Requirements are an Internet accessible Linux OS box, a little time to step through the process of creating the keys, and something to [...]

CyberCrime & Doing Time: Facebook Safety & Million Member Facebook Groups

AITD — Mon, 02 Nov 2009 15:41:07 +0000

Good information from this blog site. Many users are really not aware, or pay no attention to the sort of permissions they are granting when using Facebook apps. How much info about yourself are you willing to share?

In my lectures I warn of things like having your privacy settings set too broadly – sharing your [...]

Same Story, New Twist

AITD — Mon, 02 Nov 2009 06:39:55 +0000

CYBERBOFH’s Blog.

As you will see from the link above, NOT using Window IE should be your first step. Adding the security plugins to Firefox and using it instead should be your second step.

Oh, maybe just using Linux and Firefox would be your best choice!!

Enjoy the read.

Wikileaks cracks NATO’s Master Narrative for Afghanistan – Wikileaks

AITD — Sun, 01 Nov 2009 20:03:31 +0000

Wikileaks cracks NATO’s Master Narrative for Afghanistan – Wikileaks.

As seen in the document the password used to “encrypt” the file was easily cracked because it is a dictionary word; “progress”. There is no complexity even though by some standards eight characters should be the minimum.

I suppose we could question if the document was really a [...]

The Untold Story of the World’s Biggest Diamond Heist

AITD — Sun, 01 Nov 2009 19:43:15 +0000

The Untold Story of the World’s Biggest Diamond Heist.

Prime-time crime-time reality “show”. OK, its a read not a show, but regardless, the story behind the heist is intriging to say the least. Written by a master journalist, revealing the dark murky world of high-tech crime. The loot? Low-tech ageless and valuable rocks. Diamonds.

If you like [...]

CyberCrime & Doing Time: Zipped Malware Attachments in Spam: Here comes Conflicker!

AITD — Sun, 01 Nov 2009 06:28:32 +0000

CyberCrime & Doing Time: Zipped Malware Attachments in Spam: Here comes Conflicker!.

More good malware info. I have been getting nailed the past couple of weeks with phishing attacks. Most are faily easy to spot, some are not. I have been saving the headers and going through them for fun when I have nothing better to [...]

CyberCrime & Doing Time: Facebook Safety & Million Member Facebook Groups

AITD — Sun, 01 Nov 2009 06:23:22 +0000

CyberCrime & Doing Time: Facebook Safety & Million Member Facebook Groups.

So, remember that the next time you join a “million member group”, what you are really doing is helping these advertisers make it easier to spam you with their ads. While it may seem a great “social cause”, its not. Nobody cares if 1 million [...]

Eowyn at ShoutLife.com

AITD — Fri, 30 Oct 2009 15:21:15 +0000

Eowyn at ShoutLife.com.

I do not usually plug music artists but here is one that I came across while streaming Industrial Rock in on Amarok. The artist and group has developed a sound that just grabbed me in the same way as P.O.D., Disciple, and others.

Its worth a listen.

The future of Linux? 54th Response – Toolbox for IT Groups

AITD — Fri, 30 Oct 2009 15:08:38 +0000

The future of Linux? 54th Response – Toolbox for IT Groups.

Brian Masinick speaks to those who have, of late, been making claims that Linux is dying off. Others have been making claims that there is no future in Linux and that it will never replace Windows in the desktop environment. Brian reminds us of the [...]

HowTo: Automate your Tweets

AITD — Sun, 25 Oct 2009 17:43:30 +0000

Cybereffect on how to automate the sending of multiple messages to your followers and the world using the Linux command line. [...]

Compiz Restoring to Defaults

AITD — Sun, 25 Oct 2009 07:46:57 +0000

Screwing up your Linux box running Compiz is just not fun at all. I did just that late in the night. Here, is the solution I found to restore my Compiz settings on Linux Mint. [...]

SSH Remote Login Warning Banners

AITD — Sat, 24 Oct 2009 17:26:19 +0000

Initiating a remote ssh session is simple enough and there are a couple of ways to display your usage policy when the user logs in. I noted however, that when a session is started using the standard # ssh -l login command that only the request to enter the password is displayed. What I needed was a banner display that would show a basic usage policy and warning before any login occurred at [...]

SSH: Using TCP KeepAlive to Prevent Remote Connection Drops

AITD — Fri, 23 Oct 2009 16:31:02 +0000

Stopping remote login connection drops on a Ubuntu server. It is not as hard as it might [...]

Apple: ‘Windows 7 is antiquated technology’ – Telegraph

AITD — Thu, 22 Oct 2009 15:10:07 +0000

Win 7 has even caught a few people by surprise. In the past 7 days the number of people who have walked in to the IT office has doubled. The question is basically the same. "I heard something about a new Windows operating system; Windows 7(?) I think its called. Have you heard anything about [...]

Windows 7: Is Windows fixed now?

AITD — Wed, 21 Oct 2009 15:10:06 +0000

Bruce Schneier comments on some of the problems of the OS and how MS addressed them.

What made XP and Vista more secure? Eliminating (or reducing) buffer overflow errors helped. But what really made a difference is shutting off services by default. Many of the vulnerabilities exploited in Windows 98, NT and 2000 were actually a [...]

Microsoft, Google in Talks With Twitter to Integrate Tweet Feeds | Kara Swisher | BoomTown | AllThingsD

AITD — Mon, 19 Oct 2009 05:45:10 +0000

This should be interesting to watch. Frankly, I am somewhat undecided about how valuable the results will be for the average user. Much of what I see on Twitter feeds is people mentioning articles or sites; Work done by others. (Much the same as many blogs, even this one, do).

Many bloggers will add their own [...]

Only 4% of corporate IT users stick to password rules :: Hack In The Box :: Keeping Knowledge Free

AITD — Sun, 18 Oct 2009 05:13:29 +0000

Only 4% of corporate IT users stick to password rules :: Hack In The Box :: Keeping Knowledge Free.

Coming from an IT perspective, there is “good reason” why this sort of thing happens. We have to, on a daily basis, log into sometimes dozens of hosts, to perform maintenance, upgrades, and fixing various problems. It [...]