in an "open" LAN environment: an exploited machine sets up a share, emails links to others in the contact list, remote exploit ensues. But who's allowing egress (outbound) SMB, WebDAV (at least not to a whitelist of remote hosts) on their network? Putting Windows Firewall up on all the workstations to drop ingress SMB traffic (with a few host exceptions for those pushing out updates via SMB) would be a smart thing to do as there's really no reason for workstations to be sharing files in a network with file servers.
1. Could be just a Tiger thing, but TAB doesn't cycle through OK and Cancel on native pop-up modal menus.
2. Minimizing kills ALT-TAB's Window focus; you get the empty Application Bar of Shame (tm) while the application window you actually care about cowers below, requiring (yet another) mouse click to restore.
You mean, in our tidy little world of 1s and 0s, where bugs don't exist, computers work perfectly, just like how Hollywood portrays them?
Time to come to grips with reality. The World Isn't Perfect (tm), film at 11.
People will continue to get pwned on their computers, just like how convenience stores will continue to get robbed, and how funds will be embezzled, and assets seized by a coup, and on and on.
This is why I use Postini and tell it to drop any email with mail from *@mydomain.com because unless you have an off-site mail server (for your Web site or whatever) sending out mail from *@mydomain.com, you should never see an email from your domain come into your network from the outside; it would never leave your internal mail server.
Then you're pretty much hosed?.doc,.ppt,.xls, etc. Sure, this OpenLDP may have a viewer, but what about.osts?.psts?.mdb?.edb? ? In Window land, there's so many opaque file formats and databases that to a regex parser would be garbage, but in knowledgeable hands can easily be opened and viewed.
I buy my certs from rapidssl.com (because afaik, they're the only ones that are actually "rapid"), but TFA missed one thing: they require that you have a land line (cellphones, at the least the ones I tried from standard NA carriers, do not work) that's used to verify an on-screen code when the automated verification call comes through. Still, not really a big deal -- I'm sure there's plenty of methods out there to obtain access to a "fake" land line (I'm sure you could kindly ask a StarBucks employee to pass you the phone when RapidSSL calls too).
Having said that, I'm sure they can all be exploited somehow -- I know of another one that asks for your company letterhead to be faxed over, like that tells you anything.
If you can stand it (or you have a busy life anyways), try staying a year or so behind game releases:
1. hardware is cheaper: upgrade your video card for a fraction of the cost, while still getting a few years life out of it.
2. games are all patched: any/all bugs in the main story-line and/or single-player are fixed by this point; usually performance tweaks are done as well, again benefiting your "old" video card.
3. video drivers are stable: and there's usually game-specific improvements at this point as well.
4. games are cheaper now: get games at half the price (or less) through Steam or in-store.
5. Hype has worn off: reviews are everywhere at this point; get the games that matter to you and/or are worth the money.
I'm just playing Crysis now, having picked up a Core 2 Duo with a Radeon 8500HD for really cheap and it runs great and barely cost me anything. Since I'm a casual gamer and look after my machines, this will likely end up as my niece or nephew's machine if not a home server of some capacity down the road.
Had an old Nokia brick; can't remember what, but got REALLY drunk one night, passed out in my buddy's spare bed, pissed my pants at some point during the night. Rookie move: tried powering up the phone to see if it still worked. Zap. Nope.
Fast forward 5 or 6 years later: Blackberry 8700, toilet filled with fresh urine (was checking messages while taking a leak), dropped it in, hand followed, pulled off battery cover, removed battery, let sit for a few days. Bam! She works! Wife won't go near that old phone; sometimes I freak her out and throw it on the couch next to her when she's watching TV.
Right back at you, AC: what the fuck are _you_ smoking? I was referring to the authors of the Waledac's botnet, not law enforcement officials... on second thought, I'm not even sure if you're replying to the right comment, that's how fucking high you are.
if Waledac's been so successful (and is still valuable), how hard would it be for the authors to push out some DNS hijacking hacks that quietly redirect those domains to another host?
Just because you *can* do something, doesn't mean it's a good idea... or even necessary. My point is that why would they bother? The majority of malware out there is a) not proxy-aware b) doesn't use IE COM objects because... wait for it... they don't _have_ to. Again, this is because most companies have no egress filtering and/or use transparent proxies. Did I say that this method is a 100% foolproof anti-malware silver bullet? Of course not, if a skilled blackhat wants to own you, they will, and it's not going to be through some common denominator botnet/keylogger/rootkit malware, it's going to be likely through social engineering. I make no statement about malware not evolving, because it will, and some day, my methods will no longer be effective, but I stand by these methods now because they currently work.
There's malware out there that *removes* your proxy settings (and sets up it's own, as well as hijacks your DNS), but why would the malware write bulky, GUI-restricted, security-warning-pop-up laden code to use IE when a tiny curl binary would be so much more effective? It's all about the lowest common denominator: most companies *dont'* block egress traffic, period, and those that do use proxies, tend to use transparent ones.
Setup a non-transparent proxy, push out proxy settings to all your users (with GP or whatever, or do it manually), drop egress Web/IRC traffic.
Now sit back and watch your firewall logs for alerts (or better yet setup syslog-ng or Kiwi Syslog Server to send you alerts) -- anything banging against the firewall is something you need to look at. Why? Because malware is rarely proxy-aware -- it assumes (rightfully so) that people either use transparent proxies or have no outbound filtering setup so when it tries to phone home, it'll make a lot of noise.
You're kidding right? I used to build giant, rec-room-carpet-covering moon bases with all sorts of spaceships (fighters, carriers, etc.), AA laser turrets, ground assault vehicles, etc. etc. to wage my pseudo-Star Wars battles: all completely from-scratch (I would build the plan on the box once and then come up with my own creations). Of course I had a "bad guy" -- they had no compelling background story, obviously, but I needed something to blow up...
explain to me what a) brought on these draconian laws/ideals b) what the opposition is doing against it? I've always (maybe naively) thought of Australia as a laid-back and liberal kind of a place. This censorship movement seems... odd.
Steam is such a huge PITA! Right-click > Exit. The nerve of them! And if I don't want it to load at startup? I have to (again) right-click, go to Settings, and uncheck that option. All this just so I can download games at almost 9Mb/s, whenever I want, at really competitive prices? BS, says I!
Slashdot Mirror
in an "open" LAN environment: an exploited machine sets up a share, emails links to others in the contact list, remote exploit ensues. But who's allowing egress (outbound) SMB, WebDAV (at least not to a whitelist of remote hosts) on their network? Putting Windows Firewall up on all the workstations to drop ingress SMB traffic (with a few host exceptions for those pushing out updates via SMB) would be a smart thing to do as there's really no reason for workstations to be sharing files in a network with file servers.
Pick a random day in a random month, choose a password like, "Expense Report due today!". All you need to remember is the month and day.
1. Could be just a Tiger thing, but TAB doesn't cycle through OK and Cancel on native pop-up modal menus.
2. Minimizing kills ALT-TAB's Window focus; you get the empty Application Bar of Shame (tm) while the application window you actually care about cowers below, requiring (yet another) mouse click to restore.
Nice! Although 1/32 time was not as cool as I thought it was going to be.
As it stands now, the TFA might've just wrote:
$(".notation").css('background-image','url(/img/screw-you-slashdot.jpg)');
You mean, in our tidy little world of 1s and 0s, where bugs don't exist, computers work perfectly, just like how Hollywood portrays them? Time to come to grips with reality. The World Isn't Perfect (tm), film at 11. People will continue to get pwned on their computers, just like how convenience stores will continue to get robbed, and how funds will be embezzled, and assets seized by a coup, and on and on.
Have a look at stunnel (stunnel.org): it's a generic SSL wrapper for TCP connections. Found this Google forum post where it's being used specifically for MFP and scan-to-email via Google's SMTP servers: http://www.google.com/support/forum/p/Google+Apps/thread?tid=1780781e814d05e6&hl=en
This is why I use Postini and tell it to drop any email with mail from *@mydomain.com because unless you have an off-site mail server (for your Web site or whatever) sending out mail from *@mydomain.com, you should never see an email from your domain come into your network from the outside; it would never leave your internal mail server.
Then you're pretty much hosed? .doc, .ppt, .xls, etc. Sure, this OpenLDP may have a viewer, but what about .osts? .psts? .mdb? .edb? ? In Window land, there's so many opaque file formats and databases that to a regex parser would be garbage, but in knowledgeable hands can easily be opened and viewed.
Nice. I'll have to check that out.
I buy my certs from rapidssl.com (because afaik, they're the only ones that are actually "rapid"), but TFA missed one thing: they require that you have a land line (cellphones, at the least the ones I tried from standard NA carriers, do not work) that's used to verify an on-screen code when the automated verification call comes through. Still, not really a big deal -- I'm sure there's plenty of methods out there to obtain access to a "fake" land line (I'm sure you could kindly ask a StarBucks employee to pass you the phone when RapidSSL calls too). Having said that, I'm sure they can all be exploited somehow -- I know of another one that asks for your company letterhead to be faxed over, like that tells you anything.
Benevolent dictatorship is probably the most fitting pseudo-political label.
Slight correction: it's a Radeon 4850HD
Yup, and this is why I still have (and use) an old Dell Inspiron 2500 with a serial port (running Debian Etch with FluxBox).
If you can stand it (or you have a busy life anyways), try staying a year or so behind game releases:
1. hardware is cheaper: upgrade your video card for a fraction of the cost, while still getting a few years life out of it.
2. games are all patched: any/all bugs in the main story-line and/or single-player are fixed by this point; usually performance tweaks are done as well, again benefiting your "old" video card.
3. video drivers are stable: and there's usually game-specific improvements at this point as well.
4. games are cheaper now: get games at half the price (or less) through Steam or in-store.
5. Hype has worn off: reviews are everywhere at this point; get the games that matter to you and/or are worth the money.
I'm just playing Crysis now, having picked up a Core 2 Duo with a Radeon 8500HD for really cheap and it runs great and barely cost me anything. Since I'm a casual gamer and look after my machines, this will likely end up as my niece or nephew's machine if not a home server of some capacity down the road.
Had an old Nokia brick; can't remember what, but got REALLY drunk one night, passed out in my buddy's spare bed, pissed my pants at some point during the night. Rookie move: tried powering up the phone to see if it still worked. Zap. Nope. Fast forward 5 or 6 years later: Blackberry 8700, toilet filled with fresh urine (was checking messages while taking a leak), dropped it in, hand followed, pulled off battery cover, removed battery, let sit for a few days. Bam! She works! Wife won't go near that old phone; sometimes I freak her out and throw it on the couch next to her when she's watching TV.
Right back at you, AC: what the fuck are _you_ smoking? I was referring to the authors of the Waledac's botnet, not law enforcement officials... on second thought, I'm not even sure if you're replying to the right comment, that's how fucking high you are.
if Waledac's been so successful (and is still valuable), how hard would it be for the authors to push out some DNS hijacking hacks that quietly redirect those domains to another host?
Just because you *can* do something, doesn't mean it's a good idea... or even necessary. My point is that why would they bother? The majority of malware out there is a) not proxy-aware b) doesn't use IE COM objects because... wait for it... they don't _have_ to. Again, this is because most companies have no egress filtering and/or use transparent proxies. Did I say that this method is a 100% foolproof anti-malware silver bullet? Of course not, if a skilled blackhat wants to own you, they will, and it's not going to be through some common denominator botnet/keylogger/rootkit malware, it's going to be likely through social engineering. I make no statement about malware not evolving, because it will, and some day, my methods will no longer be effective, but I stand by these methods now because they currently work.
There's malware out there that *removes* your proxy settings (and sets up it's own, as well as hijacks your DNS), but why would the malware write bulky, GUI-restricted, security-warning-pop-up laden code to use IE when a tiny curl binary would be so much more effective? It's all about the lowest common denominator: most companies *dont'* block egress traffic, period, and those that do use proxies, tend to use transparent ones.
Setup a non-transparent proxy, push out proxy settings to all your users (with GP or whatever, or do it manually), drop egress Web/IRC traffic. Now sit back and watch your firewall logs for alerts (or better yet setup syslog-ng or Kiwi Syslog Server to send you alerts) -- anything banging against the firewall is something you need to look at. Why? Because malware is rarely proxy-aware -- it assumes (rightfully so) that people either use transparent proxies or have no outbound filtering setup so when it tries to phone home, it'll make a lot of noise.
You're kidding right? I used to build giant, rec-room-carpet-covering moon bases with all sorts of spaceships (fighters, carriers, etc.), AA laser turrets, ground assault vehicles, etc. etc. to wage my pseudo-Star Wars battles: all completely from-scratch (I would build the plan on the box once and then come up with my own creations). Of course I had a "bad guy" -- they had no compelling background story, obviously, but I needed something to blow up...
explain to me what a) brought on these draconian laws/ideals b) what the opposition is doing against it? I've always (maybe naively) thought of Australia as a laid-back and liberal kind of a place. This censorship movement seems... odd.
Steam is such a huge PITA! Right-click > Exit. The nerve of them! And if I don't want it to load at startup? I have to (again) right-click, go to Settings, and uncheck that option. All this just so I can download games at almost 9Mb/s, whenever I want, at really competitive prices? BS, says I!
Mine's down and I've had the most productive day that I can remember. Thank you, RIM!