Wired News: U.S. Military's Elite Hacker Crew

April 18, 2005


Wired News: U.S. Military's Elite Hacker Crew: "The U.S. military has assembled the world's most formidable hacker posse: a super-secret, multimillion-dollar weapons program that may be ready to launch bloodless cyberwar against enemy networks -- from electric grids to telephone nets."
"In simple terms and sans any military jargon, the unit could best be described as the world's most formidable hacker posse. Ever."

It is interesting to read reports like this. "Cyberwar", "hacker posse", etc. What is the media's facination with this romantized vision of the great computer war? This isn't Neuromancer where "Console Cowboys" "punch deck" and mesh with the "Ice" and ride on a digital shark to "cut the AI" (or in Johnny Neumonic, but it was a digital dolphin that helped "Hack his Brain"). This isn't the final "Hack the Gibson" scene in the movie "Hackers" where you float around a "data city".

The reality of the situation boring, nothing like the images the media conjures to describe the "Cyberwar". So the Military has some guys that call themselves hackers (who doesn't). They probably sit around in some cubes, a few computer screens in front of them, typing away at some command prompt, running scans on foriegn IPs, looking for exploits, intercepting traffic. Probably very boring, nothing like what it is hyped up to be. Maybe it's just me, but I'd love to see the media portray the real, unhyped world of hackers (or just anything to do with computers), but that would be too boring for the masses.

eEye Digital Security - Free WiFi Scanning Tool

April 14, 2005


eEye Digital Security - is offering a free new utility, the Retina WiFi Scanner for Windows and for Pocket PC. eEye always produces fine security tools, I suggest you check them out.

Here is an excerpt: "The Retina WiFi Scanner is a comprehensive wireless detection tool that incorporates Retina Network Security Scanner technology to discover all active wireless devices and connections on a company network. Installed on a Windows laptop or desktop PC, Retina WiFi enables security and IT professionals to detect wireless access devices, scan for service and generate detailed reports on their wireless security. Retina WiFi Scanner for Windows can push data to eEye's REM Security Management Console to integrate into a company’s overall vulnerability management system."

Black Tuesday - 5 Critical, 8 Overall

April 12, 2005


Microsoft Security Bulletin MS05-016: Vulnerability in Windows Shell that Could Allow Remote Code Execution (893086) - Important

Microsoft Security Bulletin MS05-017: Vulnerability in Message Queuing Could Allow Code Execution (892944) - Important

Microsoft Security Bulletin MS05-018: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege and Denial of Service (890859) - Important

Microsoft Security Bulletin MS05-019: Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service (893066) - Critical

Microsoft Security Bulletin MS05-020: Cumulative Security Update for Internet Explorer (890923) - Critical

Microsoft Security Bulletin MS05-021: Vulnerability in Exchange Server Could Allow Remote Code Execution (894549) - Critical

Microsoft Security Bulletin MS05-022: Vulnerability in MSN Messenger Could Lead to Remote Code Execution (896597) - Critical

Microsoft Security Bulletin MS05-023: Vulnerabilities in Microsoft Word May Lead to Remote Code Execution (890169) - Critical

MS05-019 looks like it can be a huge pain. Have fun!

Two Tools for Friday: CPAU and Powercfg

April 08, 2005


CPAU: "Command line tool for starting process in alternate security context. Basically this is a runas replacement. Also allows you to create job files and encode the id, password, and command line in a file so it can be used by normal users."

This is an awesome little tool. Worth adding to your toolkit. Also has it's own forum for help from the user community.

Powercfg: Enables an administrator to control the power settings on a system.

This is a great command-line tool to control those bloody power options. In the past I posted about the GPO solution from EneryStar, but it turned out to just be too much trouble. This .exe is built into Windows XP SP2, so no software installation is necessary. It allows you to list the power schemes, query thier settings, create, delete, change, and more. You can configure via command line everything that you can configure via the GUI. This has really saved me a ton of headaches, since I have over 150 systems that require always on (no hibernation/standby) and the user is locked down to the point that it is impossible to change the power config without changing the GPO settings for all the machines. A little Powercfg and logon script and it's problem solved!

Beware of WinXP XP2 and group policy issue

April 06, 2005


Beware of WinXP XP2 and group policy issue: "After you install Windows XP [SP2], you may notice an issue when you configure the Windows firewall group policy settings: Group policy-based software distribution does not always occur with the first or second reboot and other group policies are not always applied."

By default, Windows XP does not wait for the network to be initialized at startup and logon, thus some GPOs and GPO settings are missed until the next reboot. This can be changed (as the article states) at 'Computer Configuration\Administrative Templates\System\Logon.'"

On another note, the Search/TechTarget site contains a wealth of great information/resources on a (large) variety of subjects. I personally subscribe to over 10 of thier many, many mailing lists and recieve great tips in my email daily. You may want to check them out.

How to Use Dumpchk.exe to Check a Memory Dump File


How to Use Dumpchk.exe to Check a Memory Dump File: "This article describes Dumpchk.exe, which is a command-line utility that you can use to verify that a memory dump file has been created correctly. Dumpchk does not require access to symbols."

Analyzing Windows 2000 Memory Dumps - From LabMice.net

Troubleshooting Windows STOP Errors (BSOD) and Freezes from the UltraTech Knowledgebase

Remote Exploit - Auditor (Live) CD

April 05, 2005


Rexploit - is a group of security folks that put together a great collection of security tools/information. Best of all, they coupled it with Knoppix (bootable Linux) and threw it all on a CD! It's a fairly slow download, but it looks like it'll be well worth the wait. This CD is even recommended by the FBI.

Another good Knoppix-based security CD I've used (and loved) in the past is Knoppix STD. "{It} is a collection of hundreds if not thousands of open source security tools. It's a Live Linux Distro, which means it runs from a bootable CD in memory without changing the native operating system of the host computer. Its sole purpose in life is to put as many security tools at your disposal with as slick an interface as it can."

Slashdot | Feds Hack Wireless Network in 3 Minutes


Slashdot | Feds Hack Wireless Network in 3 Minutes: "xs3 writes At a recent ISSA (Information Systems Security Association) meeting in Los Angeles, a team of FBI agents demonstrated current WEP-cracking techniques and broke a 128 bit WEP key in about three minutes. {...} This article will be a general overview of the procedures used by the FBI team..'"
The article is here.

It seems that they were breaking the pass phrases used to generate the keys (and not the keys themselves). Which is good as long as you don't use passphrases (I use 128-bit hex that I made up - no generation for me!).

Themes/Customizations for Windows Devices

April 02, 2005


Ok so I got tired of the look and feel of my boxen. Since the only computers that I access the GUI are of the Microsoft variety (I only use command-line on my linux servers), I've did a little research and decided to post the results:

Customize.org - massive amount of customizations, great layouts, customizations for anything that can be customized.
Get Skinned - msstyles, wallpapers, bootscreens although not very organized..
XPThemes.com - good collection for XP; cursors, boot screens, icons, logons, wallpapers, media player, etc.
Skins.org - a good number of supported programs with a decent number of skins, includes some yahoo! messenger 6 skins,
ThemeXP.org - a few categories, but a good number of files.
Toebee -fairly in-depth guide to making Yahoo Messenger 6 skins, also has a nice little collection of skins he has made.
Neowin UXTheme Multi-Patcher - needed to apply msstyles.
PocketPCThemes.com - The site I use to get all of my Pocket PC themes, has a TON of files.

If anyone has any more sites they'd like to mention (and there are a ton of them out there), please drop me a comment (or email). Please, no adult-oriented stuff.