Saturday, May 19, 2012
Linux, Security, Rants and Raves

Categories


 

May 2012
S M T W T F S
« May    
 12345
6789101112
13141516171819
20212223242526
2728293031  

Archives


Detecting Conficker with Linux Tools

April 1st, 2009 by Baldy

 

As Linux sysadmins, many of us still need to deal with Windows worms and how they affect our networks. Today is April 1st, and the Conficker worm will be activating on vulnerable computers everywhere. Here’s a quick HOW-TO showing how you can detect compromised and/or vulnerable computers on your network:read more

You might learn something here folks, Baldy

Detecting Conficker with Linux Tools

Posted in Security | No Comments »

Hackers steer clear of Google Chrome, say too challenging

March 26th, 2009 by Baldy

At the CanSecWest security conference in Vancouver BC, hackers were invited to find and exploit holes in modern browsers. A popular target for hackers at this year’s conference was Safari on a Mac — definitely the lowest hanging fruit.

Charlie Miller explains that it’s not whether a product has holes (all of them do), its how easy it is to exploit those holes — and on a Mac, it’s very simple:

It’s clear that all three browsers (Safari, IE and Firefox) have bugs. Code execution holes everywhere. But that’s only half the equation. The other half is exploiting it. There’s almost no hurdle to jump through on Mac OS X.

Hummm now that is the first time I heard that statement, Baldy

Posted in Security, Software | No Comments »

Worm targets Linux home routers

March 25th, 2009 by Baldy

A worm has been used to build a botnet consisting of DSL routers running Linux, which may be still evolving, according to security training organisation the Sans Institute.

After becoming infected, the network of routers was used to launch a denial-of-service attack earlier in March against DroneBL, an organisation that maintains a DNS blacklist. Sans Institute handler GN White reported the issue in a blog post on Tuesday, noting that there was a chance the bot was “still evolving”.

Readthe Rest of the Article

Posted in Linux, Security | No Comments »

Pwn2Own 2009: Safari/MacBook falls in seconds

March 24th, 2009 by Baldy

VANCOUVER, BC — Charlie Miller has done it again. For the second consecutive year, the security researcher hacked into a fully patched MacBook computer by exploiting a security vulnerability in Apple’s Safari browser.

“It took a couple of seconds. They clicked on the link and I took control of the machine,” Miller said moments after his accomplishment.

The contest kicked off at exactly 3:15 PM and, within seconds, Miller launched his drive-by attack and claimed the $10,000 top prize. He also got to keep the MacBook machine.

Read the Rest of the Article

Posted in Security | No Comments »

Seven Must-Have Firefox Security Add-Ons

February 28th, 2009 by Baldy

 

Mobile workers are especially vulnerable because they operate outside corporate security systems, and often return home to unload nasties into the company network. Paul Rubens finds seven excellent Firefox plugins to help protect the mobile worker.

Personally I use all but two of these little rascals and I might have to check into the others even if I do run Linux I would really hate to pick up a bug that can spread to my more uninformed Windows Users friends, Baldy

Seven Must-Have Firefox Security Add-Ons

Posted in Networking, Security | No Comments »

The oldest trick in the book, literally, defeats UAC in Windows 7

January 30th, 2009 by Baldy

Though the fellows sounding the warning today are the best in the business, it didn’t take a lot of know-how to develop a proof-of-concept that the new User Access Control panel can be disabled by VBScript.

Windows 7 is still in the public beta process, and will be for some months to come. The purpose of true beta testing is to isolate and identify serious problems (we should know). So it’s to any researcher’s credit that a potentially threatening problem be brought into the open prior to Microsoft finalizing the code for everyday use.

Read the Rest of the Article

Posted in Security, Windows | No Comments »

Downadup worm now infects 1 in every 16 PCs, says Panda Security

January 22nd, 2009 by Baldy

The computer worm responsible for the biggest attack in years has infected at least one out of every 16 PCs worldwide, a security company said today, and it may have managed to compromise as many as nearly one in three.

According to Panda Security, almost 6% of the Windows systems scanned with its antivirus technology were found to be infected with “Downadup,” a worm that began aggressive attacks just over a week ago. Panda was one of the first security firms to sound an alarm over Downadup when it raised its security threat level on Jan. 12 as reports of attacks mounted.

Read the Rest of the Article

Posted in Security | No Comments »

A rare peek at Homeland Security’s files on travelers

January 7th, 2009 by Baldy

Now as a traveler to Canada on many trips this article has me thinking and also requestiing my personal information after reading this, Baldy.

The oversize white envelope bore the blue logo of the Department of Homeland Security. Inside, I found 20 photocopies of the government’s records on my international travels. Every overseas trip I’ve taken since 2001 was noted.

I had requested the files after I had heard that the government tracks “passenger activity.” Starting in the mid-1990s, many airlines handed over passenger records. Since 2002, the government has mandated that the commercial airlines deliver this information routinely and electronically.

Read the Rest of the Article Here

Posted in Personal, Security | No Comments »

Top 10 Linux Security Tools

December 28th, 2008 by Baldy

 

You can never be too safe these days. Viruses, spyware, rootkits, remote exploits, you just never know what security issue is going to be your downfall. That’s why it is important as a Linux administrator to have an understanding of some of the best Linux security tools available to you. In this article, you will learn about Top Ten Linux security tools, and resources on how to use them to your advantage.

A few on this list are really in the must have class as I use them almost daily in everyday work, Baldy

Top 10 Linux Security Tools

Posted in Security | No Comments »

US-CERT: Beware of airline ticket e-mail scam

December 16th, 2008 by Baldy

The United States Computer Emergency Readiness Team (US-CERT) has issued an alert for an e-mail scam targeting holiday travelers, warning that malware authors are using clever social engineering tactics to hijack Windows computers.

In the e-mail scam, users get a .zip file attached to a message about an airline ticket and an ominous mention of a credit card balance. It appears to come from legitimate major airlines including Delta, JetBlue, Continental, American Airlines and Virgin America.

And this pops up right before a planned road trip for me, thank goodness I don’t use windows computers but for those who do you might want to check out the rest of this article, Baldy

Read the Rest of the Article

Posted in Personal, Security | No Comments »

« Previous Entries Next Entries »