Domain: security-forums.com
Stories and comments across the archive that link to security-forums.com.
Comments · 24
-
Thank you, & apologies for late reply
"Nice guide" - by Anonymous Coward on Wednesday April 07, @03:01PM (#31764900)
See subject-line above, & again, thank-you. I hope you take a read of its content & apply it to your own machines (and those of your friends & family too). That's what it was ALL about really, per what Ozymandias said in the film "The Watchmen" (lol, I love the flick):
"The other Watchmen resent me for prostituting their struggle? It's a fair question. Yes, it's crossed my mind some of my old colleagues might see it that way" and "It doesn't take a political scientist to see that our Cold War with the Russians (interjecting here, on my part - and the Chinese, and Koreans: I say this because while popolating my HOSTS file the past few years now, it is UNREAL how many bogus sites are from those nation. Clarke the author here? Isn't wrong, & I can attest to it with evidence to that effect in fact) isn't ideological - it's based upon fear. Fear of not having enough. But if we make resources infinite... ah... we make war obsolete. I would hope the other Watchmen (network admins/techs/security folks) understand that. Wherever they may be. Thanks for your time." - OZYMANDIAS from "The Watchmen"
Sometimes, I've been made to feel that way, that other network techs/admins (both programmer & network admin here over time) have REALLY gotten down on me for putting that guide up (example below in fact)...
Basically, he was saying what I am: Spread this kind of "know-how" around. Another quote of his I believe would be the case here, on computer security & the internet/networks? This one:
"We can do so much more. We can save this world... with the right leadership." - OZYMANDIAS from "The Watchmen"
Now, will the other "watchmen" in this arena (computer security) resent ME for it?
You bet.
E.G.-> I put that same guide up on a SECURITY SPECIFIC forums here http://security-forums.com/viewtopic.php?t=50567 & it took off the 11,000 views in a VERY SHORT TIME (like a month there)... what happened?
Well - LOL, man: They took it down!
(Yea, once they saw the kind of results it was showing (no infestations occurring for users that applied it, per the testimonials I put up in my last post to which you replied... A pal of mine said "You're going to take away the monies they're making, and on top of that? They're probably also the ones creating the damned malwares & malscripted sites too, to profit on both ends!" )\\
Honestly? I would NOT duobt it.
So another "Ozymandias quote", to that effect (& this one goes out to the antivirus/antispyware companies (not the freeware ones though)):
"The only person with whom I felt any kinship died three hundred years before the birth of Christ. Alexander of Macedonia. His vision of a United world, well... it was unprecedented. I wanted... needed to match his accomplishments, and so I resolved to apply antiquity's teachings to our world today, and so began my path to conquest. Conquest not of men, but of the evils that beset them. Fossil Fuels. Oil. Nuclear Power. Like a drug, and you, gentlemen, along with foreign interests, are the pushers." - OZYMANDIAS from "The Watchmen"
Foreign interests being lately, per my statement above? China, Korea, & Russia. The pushers?? Commercial antivirus/antispyware companies. Do I think they are "evil" (the companies)? NO. They're just doing what businesses do, which is generate profit for stockholders & employees really, but, their effectiveness?? Questionable, see this article:
----
Most Security Products Fail To Perform
http://hardware.slashdot.org/article.pl?sid=09/11/16/1336243
Posted by CmdrTaco on Mon Nov 16, 2009 09:45 AM
from the ninety-percent-of-everything-is-crap dept.An anonymous reader writes
"Nearly
-
Re:Ahh yes, ABSOLUTELY (Windows & *NIX too)
It is, & even for Windows NT-based OS of modern variety (although there is a HUGE "Pro-*NIX" slant to this website)!
See here:
----
HOW TO SECURE Windows 2000/XP/Server 2003 & even VISTA, & make it "fun to do", via CIS Tool Guidance:
http://www.security-forums.com/viewtopic.php?t=50567&sid=844e3c38a7f319ce1d05fd2ffd671294
----
It just works... & CIS Tool is NOT JUST RESTRICTED TO Windows either (though that post url/thread above goes into way, WAY more you can do for Windows (or really *NIX too in some regards also), but also has models for Sun Solaris, various Linux distro variants, & BSD variants as well!
Enjoy!
APK -
Re:Well, block them. AGREED albeit FOR FREE &
"Every machine has a hosts file in which machines can be locally defined." - by Creepy Crawler (680178) on Wednesday April 02, @01:19AM (#22937920) ----
Man, agreed, 110%... especially on the HOSTS File (possibly Tcp/Udp filtering & firewalls + more galore, all MOSTLY free too, in my p.s. below)... just techniques, with existing OR FREE TOOLS that are well noted & rated as well!
ON YOUR PART/SUGGESTIONS-WISE? The HOSTS file is a great, & FREE way to do this, & "no added layers of complexity" for the OS or browsers (or DNS caching tools etc. et al) required!
Why do I "say NO" to adbanners? MANY GOOD REASONS, not just the issue of psychological attack via constant flashing banners either, vs. poisoning by bad adbanners, & slowing me down too (I pay for my linetime is why)!
I don't like being:
Attacked PSYCHOLOGICALLY (& I do interpret it as this no less) online, via FLASHING ads etc. I personally find annoying!
AND, being attacked online, ESPECIALLY LITERALLY as can & does happen today AND FOR THE PAST 2-3 YEARS NOW, ala the "RBN" (look them up if you are not aware of they) via POISONED Javascript &/or IFrames in ADBANNERS If not just bogus site javascript code too).
Nope... I like to stay safe, so no thanks!
Hey, it may affect ad-driven sites, & too bad (adopt a better & safer business model then)...
----
HOWEVER - I like to, instead:
Go faster online by NOT LOADING POTENTIALLY DANGEROUS (or just slow) adbanners, too
I.E./E.G. -> Why the HELL should I spend my monies each month, loading someone's adbanner code that not only SLOWS ME DOWN ONLINE, but also has been known to poison others' systems also??
Think about it... & there's a LOT more you can do to stay FAR SAFER & yet OPERATE FASTER too, on most ANY OS there is... I concentrate on Windows below, some Linux though, because Windows is the MOST attacked! If you're still reading & interested?? See my P.S. below & the URL in it. It works...
APK
P.S.=> Got a Windows (OR, even LINUX rig)? Want that type of SAFE & FAST SYSTEM ONLINE (no addons required really/most likely, @ least not a lot you spend cash on)?? See here:
HOW TO SECURE Windows 2000/XP/Server 2003 & VISTA, & make it "Fun" to do, via CIS Tool guidance (+ more):
http://www.security-forums.com/viewtopic.php?t=50567&sid=7e046401a54540e28d722f26178352a2
It really works, for BOTH extra speed AND SECURITY, online, especially today/lately... apk -
Re:I don't see the problem
"their ads are not annoying and they work for the people trying to sell us stuff." - by InlawBiker (1124825) on Wednesday April 02, @01:41AM (#22938004) Let me complete that for you - "SO THEY CAN TAKE YOUR MONEY VIA CONSTANT PSYCHOLOGICAL ATTACK (almost subliminally no less)"...
So, please - SPEAK FOR YOURSELF...
(& yes my man, you ARE entitled to your feelings & thoughts on this matter - so, do as you like!)
HOWEVER, speaking here personally?
WELL - I don't like being:
Attacked PSYCHOLOGICALLY (& I do interpret it as this no less) online, via FLASHING ads etc. I personally find annoying!
AND, being attacked online, ESPECIALLY LITERALLY as can & does happen today AND FOR THE PAST 2-3 YEARS NOW, ala the "RBN" (look them up if you are not aware of they) via POISONED Javascript &/or IFrames in ADBANNERS If not just bogus site javascript code too).
Nope... I like to stay safe, so no thanks!
Hey, it may affect ad-driven sites, & too bad (adopt a better & safer business model then)...
----
Me? I like to, instead:
Go faster online by NOT LOADING POTENTIALLY DANGEROUS (or just slow) adbanners, too
I.E./E.G. -> Why the HELL should I spend my monies each month, loading someone's adbanner code that not only SLOWS ME DOWN ONLINE, but also has been known to poison others' systems also??
Think about it...
APK
P.S.=> Got a Windows (OR, even LINUX rig)? Want that type of SAFE & FAST SYSTEM ONLINE (no addons required really/most likely, @ least not a lot you spend cash on)?? See here:
HOW TO SECURE Windows 2000/XP/Server 2003 & VISTA, & make it "Fun" to do, via CIS Tool guidance (+ more):
http://www.security-forums.com/viewtopic.php?t=50567&sid=7e046401a54540e28d722f26178352a2
It really works, for BOTH extra speed AND SECURITY, online, especially today/lately... apk -
Re:Oh no!
Well, this seems to work for Windows users (once all of its tips/tricks/techniques are applied, via CIS Tool guidance, & NOT VIOLATING SOME "RULES" it sets (javascript, iframes, email attachments, & others in its content):
HOW TO SECURE Windows 2000/XP/Server 2003 & VISTA (+, make it "fun" to do):
http://www.security-forums.com/viewtopic.php?t=50567&sid=2f63dc96d17dec0292428d140267832c
It works, & in BOTH Business + Home LAN/WAN environs (as well as for "standalone" non-networked rigs online connected to the public internet) to secure folks online using modern Windows NT-based Operating Systems of today.
APK
P.S.=> I wouldn't call myself "smug" for using it, just confident & happy - as are the users' testimonies from those that tried & applied it themselves in BOTH home & business environs in fact... it just works! apk -
WOW; 13 screens of registry hacks and other tweaks
> HOW TO SECURE Windows 2000/XP/Server 2003 & even VISTA + make it "fun" to do:
> http://www.security-forums.com/viewtopic.php?t=50567&sid=c8b24a76a3974ec9bef2bed38c4b64d4 [security-forums.com] :)
> * Windows CAN be secured very well, with a bit of effort, for years of security, even online,
> for years into the distance if you try what's in that URL above!
There are linux distros with shorter install documentation than that. Wouldn't it be better to use an operating system that did *NOT*, by default, autoexecute autorun files on every Sony CD and every USB key and every external USB drive and every USB digital picture frame immediately upon connection???
And while we're at it, why is it that...
- in linux, I set up USB mass storage drivers *ONCE* in the kernel, and all USB keys and external drives just work, whereas
- in Windows, every USB key from every different manufacturer requires me to download and install a driver from the internet in order to access the USB key??? -
Re:It's only a problem if you use Windows.
"Its rare you hear of a Windows infection. Those Linux users need to get with the program if they ever want to gain the desktop." - by Anonymous Coward on Sunday January 13, @11:25AM (#22025570) True, if they did this stuff, here:
HOW TO SECURE Windows 2000/XP/Server 2003 & even VISTA + make it "fun" to do:
http://www.security-forums.com/viewtopic.php?t=50567&sid=c8b24a76a3974ec9bef2bed38c4b64d4 :)
* Windows CAN be secured very well, with a bit of effort, for years of security, even online, for years into the distance if you try what's in that URL above!
It works - & for a small investment of your time, only, & the work done by YOU, only!
(Simply by using the CIS Tool as your guide & advisor (it's been reviewed as legit & good @ what it does by places like COMPUTERWORLD for instance, & that gets cited on this site quite often)).
APK
P.S.=> A little common sense goes a long way too, but... either you have that? OR, you don't, I suppose, but... I can say it has kept this system setup on Windows Server 2003 SP#2 fully hotfix patched currently, up & running bug-free + bulletproof, online, since 2003. It just works, keeping you safe & secure online, by following a few simple rules really, PLUS, yet making you surf, FASTER, by far as well as a side effect bonus... apk -
Re:Security
Security is about educating others + learning (which can be work & time, especially if you are not "into" the subject)... well, I'll agree to that part which you stated/quoted:
http://www.security-forums.com/viewtopic.php?p=273323&sid=5665cc148e4d788ff5a1c4b0d4e38e56#273323
I totally agree & that's why I did that post - I am "giving away" some stuff that once applied?
You'll go on for WHO KNOWS how long on the same setup & safe/clean, if you follow its rules & settings? You will see what I mean. Secure, yet FASTER too.
E.G.-> I have been running this same setup since 2002... that's 5 years almost solid uptime, no virus, hacks, spyware, trojans, malware of anykind (you name it), because of that post & its techniques/suggestions.
Once the word gets around, it will be common practice. People get wise to stuff, & learn how to turn it off... I have, I hope others do too... this is how good stuff starts. I had some good tools to help me though, & mainly CIS Tool (actually makes securing yourself better, fun, almost like a game).
Security starts, with YOU (& me, + everyone else (usually from forums online imo the most) doing their best for it, once they see it's not THAT hard to implement & secure a Windows rig of modern NT-based designs (2000/XP/Server 2003 & VISTA)?
The whole place gets better for it. I deal with these things (badware etc.) everyday, & I realize how to make it a non-event, via that post above.
Worth dropping that knowledge around, just because it's how anything starts, by passing the good word. It works, & if anyone checks it out & uses it + likes it?? Well, keep passing the word.
APK -
Re:stupid
"paranoia is a great sales tool in the murky world of snake oil, cough i mean computer security" - by Anonymous Coward on Thursday November 22, @11:05AM (#21446445) This isn't "snake oil" though & everyone ought to know it, + apply it to their Windows rigs:
http://www.security-forums.com/viewtopic.php?p=273323&sid=5665cc148e4d788ff5a1c4b0d4e38e56#273323
It just works... & paranoia,especially online today??
Paranoia:= 'GOOD THING'; //(Delphi) {*Pascal*}
Especially in today's online world, riddled with spyware/trojans/virus (malware in general)!
(& yes, "Pro-*NIX" people here @ /. (the majority of you imo) - especially for Windows users (the most used, & thus, the most attacked, no questions asked - greater attack vector 'surface area' & all that!))
IF you use a Windows NT-based OS variant, DO take 1-3 hours of your time, try applying the points from that URL above to your system yourself, if you use Windows 2000/XP/Server 2003, or yes, even VISTA (a good 90% of its principles (or better) still apply in VISTA even).
APK
P.S.=> VISTA's got some really GOOD ideas for security (Address Space Randomization Layer for executables) that Windows Server 2003 doesn't have, but, it's got its share of hassles (@ least until SP #1 or 2 imo, just as NT/2000/XP did before it), but I know that VISTA's built off the foundation of Windows Server 2003's core code, & that makes VISTA @ least have potential imo! apk -
Re:Some food for thought for Vista haters
"The company said that Vista, Windows Server 2003 SP2, and the new Windows Server 2008 are not vulnerable." - by trifish (826353) on Thursday November 22, @11:26AM (#21446613) Hopefully, it's true (OR, @ least harder to break thru)...
In any event, when I read this a day or two back (avid FIREHOSE reader here on this site)?
Well, it makes me GLAD I use Windows Server 2003 SP#2 fully hotfix patched (along with my apps) & that I practice THIS material ontop of that:
http://www.security-forums.com/viewtopic.php?p=273323&sid=5665cc148e4d788ff5a1c4b0d4e38e56#273323
It works.
APK
P.S.=> VISTA's got some really GOOD ideas for security (Address Space Randomization Layer for executables) that Windows Server 2003 doesn't have, but, it's got its share of hassles (@ least until SP #1 or 2 imo, just as NT/2000/XP did before it), but I know that VISTA's built off the foundation of Windows Server 2003's core code, & that makes VISTA @ least have potential imo! apk -
Now we just counter with extra-strong encryption.
Cat. Mouse. Cat. Mouse.
So now we just counter this illegal wiretapping (yes, its still illegal, even though they've passed a law that makes it "legal") with extra strong encryption and Civil Disobedience.
Use TrueCrypt with the AES-Twofish-Serpent algorithm on your PC (Linux, Mac or Windows). If you want to use something simliar on BSD, look into GELI encryption for those partitions.
For phones, you could look into encryption handsets or telephone scramblers. There's this one too, or the Cryptophone GSM Phone Encryption solution. Google around, there's quite a few hundred solutions in this space... stack them together for even more security.
Disclaimer: I don't personally know how strong these algorithms are on these handsets, so use at your own risk.
With VoIP, you could easily layer whatever encryption you want on top of it. Bounce your call through a few foreign routers, run it through Privoxy, Tor and i2p and you should be good to go. Yes, it will incur some latency.. but I'd rather sacrifice speed for security or privacy, wouldn't you? Here is an article on securing VoIP. Worthwhile reading if you're using it or considering it.
Cat. Mouse. Cat. Mouse.
Now its OUR turn.
You take from us, we take back.
-
Re:Like Tatooine?
I don't think that means anything bad, actually...
More info here.
From reading that, I'm guessing the page just has a really long perl filename accessed from, perhaps, the ad script or similar. -
Re:These are important attacks..
Because of the birthday "paradox", MD5 takes on average 2^64 operations to find a collision. You often have a similar problem using 128-bit keys.
-
Re:how about dual-plaintext messages?
Does anything like this exist?
Yes. Sort of.
http://truecrypt.sourceforge.net/
http://www.security-forums.com/forum/viewtopic.php ?t=24577 -
Breaking XOR encryption
With all the heated debate about XOR I thought I'd point to one of my favorite posts about this topic. One quote in particular I like is "Xor encryption is not inherently breakable by it's nature, however it is easy to use incorrectly, leading to breaks in the encryption scheme. In fact, xor can be unbreakable if used correctly. "
given that the key is seen decrypted in the debugger one can easily say that Lexar's did NOT use it correctly. -
Re:Consequences?
For the sake of this post, I will simply define the two methods of
attack...
For the sake of this post, you will blatantly paste in great wodges of content from http://www.security-forums.com/forum/viewtopic.php ?t=8325 , without any attribution to the original author, one Justin Troutman. Shame on you. -
Hmmm, We are also in SPEWS under the same listing
Well this is strange, it's not like they've been added though, that's a bit of a mis-truth as NAC.net have been in SPEWS for a long time.
Security Forums are also hosted in NAC.net so we are also 'SPEWed' which is a pain as it means anyone using an Outblaze related service doesn't get their sign up e-mail and their account will stay inactive. There is nothing you can do to get out of SPEWS, you can just moan about it :) (Plus the whole damn Data Centre is in there)
We got around the problem by relaying all of our mail through another SMTP server run by a friend at an unamed ISP.
We didn't report this though as we didn't really think it was slashdot worthy news. -
More reviews for this book
Some more reviews for these books by a professional IDS analyst:
Snort 2.0 Intrusion Detection
Intrusion Detection with Snort
More reviews here -
More reviews for this book
Some more reviews for these books by a professional IDS analyst:
Snort 2.0 Intrusion Detection
Intrusion Detection with Snort
More reviews here -
More reviews for this book
Some more reviews for these books by a professional IDS analyst:
Snort 2.0 Intrusion Detection
Intrusion Detection with Snort
More reviews here -
More reviews for this book
There are another couple of fairly decent reviews for this book here:
Security Forums Review
All in all not a bad book, perhaps a little disorganised, trying to fit too much in at once. -
Virus Alert Notification
I've posted all the relevent information about this virus since 4pm on Tuesday, which beat out most of the major news outlets, except cnet. I've keep the info upto date with the list of virus vendors and latest virus news in the online media, and manual removal and automatic removal tools.
I would like to thank messagelabs, as they are always the first to notify about major virus outbreaks. Sophos is a close second and is good about notifying about everyday viruses. Mcafee's alerts are good, but usually alittle late, they only notify once it hits the news media. Symantec wants you to pay an outragous price for their virus alerts, and I doubt they give you only earlier warning than messagelabs or sophos which provide the service for FREE. Symantec is becoming the Microsoft of Virus vendors, they're trying to spread out everywhere now in the security field, buying up companies left and right. Their quality of product is going down because they don't use a google.com like motto "do one thing and do it well" which they use todo. But their automated virus removal tools are still pretty good. IMHO
If you would like to sign up to messagelabs's great early warning notification service go here.
If you want Sophos excellent everyday notification about all virus's go here.
If you would like to get McAfee's avertlabs notifications, go here.
or you can just checkout my virus posts on the security-forum.com, but I only post the major outbreaks because there are TOO MANY viruses out there to post every single one. ;) -
Virus Alert Notification
I've posted all the relevent information about this virus since 4pm on Tuesday, which beat out most of the major news outlets, except cnet. I've keep the info upto date with the list of virus vendors and latest virus news in the online media, and manual removal and automatic removal tools.
I would like to thank messagelabs, as they are always the first to notify about major virus outbreaks. Sophos is a close second and is good about notifying about everyday viruses. Mcafee's alerts are good, but usually alittle late, they only notify once it hits the news media. Symantec wants you to pay an outragous price for their virus alerts, and I doubt they give you only earlier warning than messagelabs or sophos which provide the service for FREE. Symantec is becoming the Microsoft of Virus vendors, they're trying to spread out everywhere now in the security field, buying up companies left and right. Their quality of product is going down because they don't use a google.com like motto "do one thing and do it well" which they use todo. But their automated virus removal tools are still pretty good. IMHO
If you would like to sign up to messagelabs's great early warning notification service go here.
If you want Sophos excellent everyday notification about all virus's go here.
If you would like to get McAfee's avertlabs notifications, go here.
or you can just checkout my virus posts on the security-forum.com, but I only post the major outbreaks because there are TOO MANY viruses out there to post every single one. ;) -
There is enough info on the web
Taking a network security class, could help, but which classes are really worth the money and might there be enough information on the web to make such a choice, unnecessary?
I believe there is enough information on the web, that is why I started the project Information Security Bible for beginners coming into the field that want to read the necessary documentation to get the basic grasp on all the wide varitity subjects under information security, and for the pros to keep on the the latest info. All the documentation is online and free, not everyone has the money to pay for those expensive books and fancy classes but alot of people have the thirst to learn about it and want to have more indepth knowledge of certain subject matters in the infosec area.
I'm also a moderator over at security-forums and we get alot of newbies trying to learn everything overnight! They don't want to take the time and effort to read, read, and read some more, they don't realize that it has taken most of us 10+ years to know everything we know, and still have to learn new things everyday.
I do also believe you should have a test lab enviroment to test and hone your skills. Most security professionals have test labs to test new exploits or try new security prevention technqiues, because in infosec its always cutting edge area which you have to make an everyday effort to keep up with or you'll fall behind quickly.
Read before you do, so when you do, you know what you are doing.