Attack Computer Wiz

I have a network setup where there are mixed operating systems. I have specialized tasks that I like to use different systems for. One of which is web surfing on Ubuntu 8.04. Occasionally I find the need to save a file or two on this machine and I want to get it onto my Windows XP computer. It is easy enough to use external drives or thumb drives but why not just share a folder so that you can retrieve the files directly from your windows XP computer? Why not indeed!? *Note: Guide built for Ubuntu 8.04 with all updates as of 6/26/2008.

Posted by Mike Wright

We all have some things that we do so very infrequently that we have to go find a guide or walk through in order to figure out how we did, what we did, so long ago. I figure this is as good as a place as any to put some of these hardly needed but oh so valuable reminders.

Inherently Ubuntu will not mount multiple physical hard disk drives, so it takes a little tweaking to get your extra hard drive space to show up, but it really is quite simple and here are the steps; *Note: Guide built for Ubuntu 8.04.

sudo mkdir /hd2

sudo cp /etc/fstab /etc/fstab-bk

sudo gedit /etc/fstab

/dev/sdb1 /hd2 ext3 defaults 0 0

sudo mount –a

sudo chown –R mike:mike /hd2

sudo chmod –R 755 /hd2

Posted by Mike Wright

The squeaky wheels got the grease from Microsoft today as they have announced that they are going to extend support for Windows XP until the year 2014. If you do the quick math that means that the supported life of Windows XP will be 13 years! Something to keep in mind though, you can no longer purchase Windows XP retail edition and after June 30 2008 you will no longer be able purchase it OEM (Pre-loaded on new computers). The only exception to this would be low end computers like ASUSTek’s eeePC (Love it!) which will end around June of 2010.

So what does this mean to you and me? We will be able to get security and other critical updates from Microsoft. Software manufactures will be able to continue the support and development of applications for XP. And we won’t have to make the switch to Vista which for some (not me) seemed like the end of the world! However if you do find yourself stuck with Vista after June 30th and/or really want Windows XP, there is a loop hole in the license agreement that will allow you to downgrade some Vista licenses to XP at no additional license cost.

Of course this may all be pre-empted by the release of Windows 7 in the first quarter of 2010 (estimate only). I guess time will tell.

Posted by Mike Wright

Well the long awaited release of BackTrack 3 is finally over. Time to upgrade my USB drive now.

The USB version is very simple to get up and running. Use your favorite CD/DVD image tool such as UltraISO and extract the contents to either a USB drive or a folder. If you extracted the contents to a folder you will need to copy both the boot and BT3 directories to either a USB drive or SD card. If you are using a windows machine open a command prompt, change the drive letter to either the USB Drive or SD card (ie D:), then change to the boot directory (cd boot), and simply type bootinst.bat and hit enter. Let the batch file do it's job. Now the USB Drive or SD card should be bootable. In my case they both worked flawless on my EEEPC. This will not allow you to save any persistent changes to BackTrack 3 while you are using it, I will save that for another post.

Both the CD and the USB versions can be downloaded at http://www.remote-exploit.org/backtrack_download.html. There is also a prebuilt vmware image available.

Posted by Jason

I just read an article on Yahoo! that, as a security professional, about made me fall out of my chair. The advice given was very misleading and only focuses on the energy saving aspects of using/not using a desktop screen saver. You can find a link to the article at the end of this post. Basically it calls for everyone to stop using their screen savers stating that they are no longer needed since LCD monitors do not suffer from ‘burn-in’ like CRT monitors. They call for this in order to save energy. While this is very important, they fail miserably to advise their readers of an obvious, practical and much more secure way to go about this energy savings.

While Yahoo’s efforts are admirable, I say that the screen saver is a critical part of securing any and every computer. Below are my recommendations to not only ensure that your computer is more secure when you are not sitting in front of it, but also keeping “green”

1. Turn ON your screen savers.
2. Set your screen saver to require a password to resume.
3. Edit the advanced power settings in the screen saver configuration.
4. Set your monitor to turn off after X number of minutes.
5. Set any other power saving features you wish to use.

This is critically important when in a corporate environment.

Following these basic steps you can “Go Green” and “Go Secure”.

Yahoo! Link

Posted by Mike Wright

Extortionware = A piece of software, most commonly in the form of a virus or self replicating code, that infects a computer system taking control of files or processes that in addition to being annoying and difficult to remove, has built in advertisements that promise removal only upon payment. (That’s my definition) Some may refer to this as “Ransomware”, however I believe they are wrong. Ransomware, in my opinion, implies that the criminal has in their position something of yours and are demanding money for its return. In fact, in the case of extorntionware, the criminal possesses only knowledge on how to remove a virus or restore a file that the victim still possesses but may have limited or no access to.

Most all of us have seen some sort of extortionware. Most the time it comes in the form of a program that advises a user that they have a virus and that this virus can only be removed using “brand-X” virus protection software that they must purchase. These programs, while extremely annoying, are most of the time nothing more than that, an annoyance. They can usually be removed by a system restore or other methods of rooting out registry entries and files.

Gpcode.ak on the other hand, is not your average extortionware. This virus attacks files by encrypting them with an extremely strong RSA-1024 bit key. In laymen’s terms, this is like taking someone’s documents, putting them in a filing cabinet, then locking that cabinet with thousands of combinations locks, each with a different combination. Then giving the cabinet to the owner of the documents along with a message telling them if they want to read their documents again it will cost them X-amount of dollars. This RSA-1024 bit encryption is all but impossible to crack. According to Kaspersky; it could take 15 million computers running an entire year to break the key (LINK).

This virus, just like any other virus (malware, spyware, adware, and so on) has a human factor. It has been said that the weakest part of any system is located directly between the chair that the keyboard. Unless you don’t know, that is you (and me). The human factor removed, for the most part, this virus cannot infect a system. If a user does not click pop-ups, does not visit fraudulent websites, does not install the “free screen savers”, does not open infected email or email attachments, does not use administrator accounts, and keeps system passwords strong and private (to name a few) then it would be nearly impossible for a system to be infected with this or any other virus.

Crackers (aka hackers) can use technological methods to infiltrate a system. But, generally speaking they won’t. Why should they spend hours of work trying to hack a system, when they can just sit back and let you do the work for them by mass mailing spam, relying on users to forward chain letters, put up fraudulent websites, and other practices that are used to entice you, their victims, into installing the virus’s for them.

Posted by Mike Wright

I was at my local bank the other day waiting in line to make a deposit. The line was not very long and I didn’t expect much of a wait. There were two tellers working with customers and a third teller was at her window working with some paperwork. She waived me over to her window and stated that she would help me. I handed over my deposit and informed her that I would like to purchase a roll of the latest presidential dollar coins. She said sure, and told me that she needed to go to the vault to get the coins.

She left me at her window and walked away. As I was standing there alone I could not help but look down at the stacks of papers in front of me, three different stacks to be exact. I could clearly see the top sheet of paper on each. The heading was something like Social Security Direct Deposit Request Form. Each form was completely filled out with a customer’s name, address, phone number, social security number, bank account number, routing number, and a dollar amount. There was some other information there also, but I don’t recall what it was.

As a security professional I am always on the lookout for possible risks, legal violations, or policy violations. What could I, if I were an identity thief do? Steal the paperwork? Try to memorize the information? What about my camera phone, how about snap a picture of the documents? Any of which I could have easily done and I highly doubt anyone in the bank would be the wiser. Until of course they reviewed security camera footage if they even would think too.

This is not the first time, nor will it be the last time this opportunity would come up. Just days earlier I was checking into a hotel and the previous customers information was lying on the desk in front of me and the rest of the world to see, including credit card numbers.

In today’s world why are banks and hotels, people that deal with so many customers personally identifiable information, so lazy about protecting it. They are bound by many laws and regulations. Employees should be trained to be more cautious about what they leave just laying around.

Posted by Mike Wright

If you have kids then you need to check out this web browser. The ZAC Browser which is short for Zone for Autistic Children, is a program designed specifically for children with autism. But it really is much more than that and I think any parent with children ages 2 through their pre-school years should really take advantage of this free piece of software.

The “browser” is not a browser in your classic sense. You will not find URL’s or classic navigation that comes with your normal web browsers. And with that, you won’t find any inappropriate content either. Your children will experience vibrant colors, moving images, and animated cursers and icons. The program has available hundreds of internet based games, music, stories and videos. In just a few clicks your children will be entertained with content that is suited for all ages. My hope is that the company that is producing this; keeps it free, has rapid updates to keep the content current and useful, and does not start advertising on it.

Where else could this application be useful? How about pre-schools, schools, churches, public libraries? Don’t be surprised if you see this program in the news in the next few weeks!

http://www.zacbrowser.com/

*While I have spent a good amount of time testing this application and its abilities, we at Attack Computer Wiz imply no guarantees.

**This program takes control of a lot of windows features and locks down the system. Be sure that you test this in either VM or on a machine that you don't mind formatting when you are done!

Posted by Mike Wright

As you sip your double non fat venti whatever-achino you now have the ability to whip out your mobile device and blog away at your local Starbucks. According to the Starbucks website (LINK), AT&T and Starbucks have teamed up to provide their customers with almost free Wi-Fi access.

In order to use the Starbucks Wi-Fi you must purchase a Starbucks Card and you must use that card at least once per 30 days. You must also agree to receive up to four spams, er emails, from AT&T and register a new account with AT&T when you logon. As long as you use your card and get the mails you can use the ‘complimentary’ Wi-Fi for up to 2 hours per day. You are limited to only one session per day, so you can’t login at one Starbucks and move to another. Not bad.

Posted by Mike Wright

According to the Associated Press, RIM (Research In Motion) has gained a whopping 9.4% market share between the 4th quarter of 2007 and the 1st quarter of 2008. This raises RIM to 44.5% of all smart phones in use today. The iPhone is holding 19.2% market share down from 26.7%. And Palm devices have 13.4% from 7.9%, this all according to the research firm IDC.

RIM: RIM's market share increase could be attributed to the introduction of new devices, new options, new features, upgraded software, multiple carriers, and the availability to easily and cheaply install third party applications. RIM has been targeting business and large organizations and many of these organizations have held a hard line on limiting functionality on their devices. Things like cameras, voice recorders, and the ability to configure third party applications and services like rss, email, and GPS. However, good for RIM, they put the pieces in place with the most recent release of BlackBerry Enterprise Server. This allows administrators to lock down these features while still providing full functionality that meets the business needs.

iPhone: The iPhone likely lost most of its numbers because of lack of availability in the first quarter. The first generation iPhone has been very limited in numbers due to the second generation iPhone is due to be released anytime. As of today you still cannot purchase an iPhone from the Apple Store. The decline could also be attributed to; no new options, no new features, not available from multiple carriers, and the inability to install third party applications. The iPhone also is a consumer device first and foremost which hurts it greatly when competing with a business first device like the BlackBerry.

Palm: Wow, they still make those?

Posted by Mike Wright