Wednesday, February 16, 2005


Dulcet Tones of Screaming

Gates' keynote address at the security conference actually showed some promise. The lesser of the two items was that IE 7 is in the works, hopefully with enough features and lockdown capability to eliminate some the junk caused by its predecessors (me personally, I'll stay with SpoofStick until proven otherwise). Since IE 7 is vaporware at this point there's absolutely no reason to get excited over the prospect until the beta stage, and I doubt that'll be anytime soon. The better part of the address was the announcement that MS AntiSpyware will be free (at least for registered users, so if you got your XP from ahem, non-traditional channels, you're SOL; then again, if you got your XP disc that way, be a mensch and pay for a license. The average PEBKAC isn't going to want to know about Postscript and lpr, so it's undoubtedly a good bang for the buck when trying to connect up their $200 HP all-in-one, and the OS does have its good points). So far, I've been fairly happy with MS AntiSpyware Beta 1, but I have a couple of lingering fears, mostly in terms of response to new threats (as my fears would be with any MSFT anti-virus solution), but the real concern is that some threats might be deliberately ignored in the light of business expediency. Even AdAware is now suspect, as Lavasoft has apparently inked some form of alliance with known crapware provider WhenU, a consequence of which is that AdAware no longer detects WhenU. (Yahoo of course has its quote unquote anti-spyware toolbar that also ignores WhenU and even worse, Claria f/k/a Gator).

Played around with a couple of Knoppix setups yesterday that are loaded with various security tools. The distros are Knoppix-STD and Auditor Toolbox. Knoppix-STD is pretty much bare bones, but works fine in VMWare Workstation. Mostly command line tools, which are fine with me, plus a recent version of nessus and a couple of other GUI-based tools. Auditor Toolbox unfortunately wouldn't completely boot under VMWare, plenty of segmentation faults and init was going wild. I suspect that it might be due to it being VMWare 4.0 and not 4.5, but as I haven't gotten around to upgrading yet, it'll have to wait until then for a final test. Knoppix-STD has pretty much the entire canon of tools one needs for a vulnerability assessment, and it's nice to have an ISO that I can boot under VMWare instead of dedicating a VM or for that matter a bootable partition.

I may actually give some of the tools on Knoppix-STD a try. It seems that a friend of mine had someone configure a broadband router (a Microsoft router, no less) in front of their cable modem, and the dunce who did the installation set an adminstrative password and a WEP key, but didn't tell my friend what they are. Said friend wants to use the wireless connection on a brand new laptop just purchased. Needless to say the "technician" also didn't record the MAC address on the WAN interface, so it's either put a hub between the cable modem and the router and sniff with Ethereal, or get into the router somehow. Since no one knows the WEP key, the only wireless frames coming out are the unencrypted beacon frames, no way to just have my laptop "war drive" and try to get in. I'm going to try Hydra or Brutus against the router's login page to see if we can get in, otherwise it's sniff the MAC address and get them a Linksys or an SMC.

From Voxtalks, an observation for the ages:
The Beatles 7 Grammys (3 in 1996) with 167 million albums sold
Led Zeppelin - Grammy with 106 million albums sold
Rolling Stones - 2 Grammys in 1994 with 64 million albums sold
Pink Floyd - one Grammy in 1994 with 74 million albums sold
That's 11 Grammys with 411 million albums sold.

Then there is this example:
Beyonce - 8 Grammys with 6 million albums sold

'Nuff said.


<< Home

This page is powered by Blogger. Isn't yours?

Technorati search