Monday, June 25, 2007

Security start-up Untangle goes open-source

Making the software open-source will help elevate the company's profile among new customers, improve quality through better debugging, help translate the software into new languages, and attract new software modules, said Chief Executive Bob Walters.

"We feel we'll get further, faster," he said. "We are betting this company on open source."

Untangle was founded in 2003, and Walters took over in 2006. The San Mateo, Calif.-based company has 25 employees and gears its products chiefly for smaller companies with 250 or fewer employees. The company's software will be released Tuesday under version 2 of the General Public License (GPL).

Security start-up Untangle goes open-source | CNET News.com



Wednesday, June 20, 2007

DUAL BOOTING WINDOWS XP AND BT2

Cool little tutorial I found surfing around the net:

DUAL BOOTING WINDOWS XP AND BT2

This method of dual booting will not require you to format the windows part of your hard drive and should not corrupt your current installation in anway. It also presumes that you have one partiton with Windows installed.

Insert the backtrack CD, boot up, log on as normal and 'startx'

Once you are at the desktop open up a terminal window and 'word for word' complete the following (it should take around 30 minutes to complete)

**This will repartition the empty space on your hard drive, so backup your Windows data if you are worried about losing it**

Anything in between the '&' signs are explanations of what you are doing and obviously should not be entered into the command.

If you have SATA hard drives then you will have ‘sda’ in place of ‘hda’ so edit the commands accordingly.





the rest can be found here:


How to dual boot Windows XP and backtrack2

Tuesday, June 19, 2007

AT&T launches $10 DSL it hopes no one signs up for

This is cool...everyone sign up fast ...


AT&T launches $10 DSL it hopes no one signs up for


AT&T has quietly begun offering DSL service for $10 per month for new customers. Offered as part of the concessions the telecom made to the Federal Communications Commission in order to gain approval for its merger with BellSouth, the speed is nothing to get excited about: 768Kbps down and 128Kbps up.

AT&T launches $10 DSL it hopes no one signs up for

Monday, June 18, 2007

I got whacked by Wikipedia twice

I got whacked by Wikipedia twice

I HAVE NOW had the rare distinction of being nominated for deletion from Wikipedia twice which probably isn't that rare, nor a record but is definitely a laugh.

It's all to the good and you know it makes snese. Don't go anyone try and save me this time, OK? I can take the pain because I don't exist.


I got whacked by Wikipedia twice

Sunday, June 17, 2007

After the surge, US controls just 40 per cent of Baghdad

After the surge, US controls just 40 per cent of Baghdad


Security forces in Baghdad have full control in only 40 per cent of the city five months into the Bush administration's surge to pacify the capital, a top US general said yesterday as troops began an offensive against two al-Qa'ida strongholds on the city's southern outskirts.

With the surge of tens of thousands of additional US troops into Iraq complete, Lieutenant General Raymond Odierno said American troops had launched the offensive in Baghdad's Arab Jabour and Salman Pac neighbourhoods at the weekend. It was the first time in three years that US soldiers had entered those areas, where al-Qa'ida militants build car bombs and launch Katyusha rockets at American bases and Shia Muslim neighbourhoods.

US commander in Iraq General David Petraeus said at a news conference with visiting US Defence Secretary Robert Gates that the operation would put troops into key al-Qa'ida-held areas around Baghdad.


After the surge, US controls just 40 per cent of Baghdad | Defence | The Australian


Saturday, June 9, 2007

Beware of emails that claim to be Microsoft Security Bulletins

The SANS Institute is warning of a Fake Microsoft Security Bulletin that leads to the installation of a malicious browser add-on.

Microsoft issues patches on a regular monthly schedule and information is always available from the Microsoft Security site at http://www.microsoft.com/security/. This provides links to the latest security bulletins and to Windows Update.


Beware of emails that claim to be Microsoft Security Bulletins from Ask Jack

Friday, June 8, 2007

U.S. to temporarily relax new passport rules

U.S. to temporarily relax new passport rules


The Bush administration on Friday suspended some of its new, post-Sept. 11 requirements for traveling abroad, hoping to placate Congress and irate summer travelers whose vacations have been thwarted by delays in processing their passports.

The proposal would temporarily lift a requirement that U.S. passports be used for citizens flying to and from Canada, Mexico, the Caribbean and Bermuda.

U.S. halts new passport rules - U.S. Security - MSNBC.com

Wednesday, June 6, 2007

NASA contractors raise concerns about looming security checks on workers

NASA contractors raise concerns about looming security checks on workers

Dennis Byrnes, a veteran engineer at NASA's Jet Propulsion Laboratory, fired off a 1,300-word letter to his congressman in April complaining of "unwarranted intrusion" into his life.

Byrnes was disturbed by a new government requirement that workers at JPL and other NASA centres undergo background checks to get access to buildings and computers.

"I have now been at JPL for nearly 30 years, have never been accused of a crime, nor have I committed any," wrote the 64-year-old chief engineer of flight dynamics.

Byrnes is among some three dozen JPL workers who contacted Capitol Hill in recent months protesting the new security checks. Congress is taking notice, with several legislators complaining to U.S. administration officials that the checks could violate people's privacy and drive away talented employees.

Three years after the 2001 terrorist attacks, President George W. Bush signed an executive order requiring government agencies to beef up security through a new badge system for millions of civil servants and contractors. The program includes the issuing of "smart cards," ID badges with a photograph and fingerprints digitally embedded.


myTELUS - News

Tuesday, June 5, 2007

Hackers Blamed For Data Breach That Compromised 300,000

The FBI's investigation into a data breach that compromised sensitive information on 300,000 people in Illinois is pointing to an outside hacker.

A hacker broke into the computer network at the Illinois Department of Financial and Professional Regulation this past January and accessed a server that held information on about 1,200,000 people who have licenses or applied for licenses with the department. Susan Hofer, spokeswoman for the department, said in an interview that about a quarter of the stored information was compromised.

The server, according to Hofer, held sensitive information -- names, addresses, Social Security numbers -- on people who hold or have applied for loan origination licenses or for real estate broker and agent licenses. The server also was being used to test new software.

The FBI and the Illinois State Police are investigating.

"The investigation seems to be pointing away from it being an inside job," said Hofer. "The investigation is ongoing, though."


Hackers Blamed For Data Breach That Compromised 300,000 -- Data Theft -- InformationWeek

Monday, June 4, 2007

Crack WEP with aircrack + inject packets (WINDOWS)

Came across this tutorial the other day written by .Transmit...for a first tutorial the guy has some really good lay-out skills...I realize there's a lot of WEP cracking tutorials out there but very few of them are as well laid out as this one.

You can check it out here:

Crack WEP with aircrack + inject packets (WINDOWS)

Browsers spawn malware nightmare

This brings us to the current state of malware. Google recently released a paper entitled " The Ghost in the Browser: Analysis of Web-based Malware." Researched for more than 12 months through May 2007 by a crack team of malware analysts, including Niels Provos of Honeyd fame, this is one of the best malware reporting papers I've ever read. It's a quick read and should be studied by anyone who has to protect computers.

In a nutshell, Google used all the Web page data collected by the Google search engine in indexing Web sites to look for malicious code. They searched more than 7 billion URLs and found 450,000 of them infected with malware designed to infect visitors' browsers (about 0.06 percent). When a suspicious Web page was found, it was then loaded using a virtual machined honey client (such as a honeypot mimicking an end-user's browsing actions). They then recorded the changes the suspicious Web site made to the visiting honey client. If the Web site installed software without the explicit permission of the mimicked end-user, the site was marked as malicious. Some Web sites installed up to 50 malicious programs from a single visit.

Techworld.com - Browsers spawn malware nightmare

Sunday, June 3, 2007

Google revamps Summer of Code for 2007

Google's Summer of Code (SOC) will be back again this year, and this time, Google plans to take advantage of lessons learned to improve the program for everyone involved.

Now in its third year, SOC is a program that pays students to code for free and open source software (FOSS) projects. Since the program started in 2005, more than 1,000 students have participated in more than 100 projects, and perhaps 10 times that many have applied to participate. About 80% of participants completed their projects in the previous two years, earning themselves $4,500 and the projects that mentor them $500.

Read more...

Security pros work to undo teacher's conviction

Researchers led by the head of a Florida anti-spyware firm aim to recreate what caused a Connecticut school's classroom computer to start displaying pornographic pop-ups in October 2004, an incident that recently led to four felony convictions for the substitute teacher involved.
On January 5, a six-person jury found former Kelly Middle School substitute teacher Julie Amero guilty of four counts of risk of injury to a minor. The charges stem from an October 19, 2004 incident when the computer in the classroom in which Amero was teaching started displaying pornographic pop-up advertisements. Prosecutors argued that Amero surfed porn sites while in class, causing the pop-up advertisements, while the former teacher's defense attorney argued that spyware installed from a hairstyling Web site caused the deluge of digital smut.
more....

Hardware Versus Software Firewalls

According to estimates, an unprotected Windows computer system connected to the Internet could be compromised within twelve minutes. In light of this, the need for computer security has expanded in the last few years. Today, it is just as necessary for home users to secure personal computers as it is for businesses to secure office computers. In order to gain security benefits like those many businesses possess, home network security often utilizes the same models. The difference, however, has been that most home users do not have the financial resources for top of the line security equipment. This has led many home users to begin using security tools such as freeware firewalls and over-the-counter hardware firewall solutions.



Read more...