ADTMAG.com has an interesting article talking of the convergance of spyware and more sophisticated phishing attacks. They talk about the convergance of viruses and spam engines that happened in 2003 as a real shift in the dynamic of WHERE junk mail was coming from. Today botnets account for about 90% of the spam online, and of course, the botnets are the zombie armies that can be (and are being) utilized to bully web pages off the net, or extort large amounts of $$ due to denial of service attacks.
Category: Windows Tech Support
-
Microsoft Genuine Advantage phones home daily
Microsoft says they need to do a better job about disclosing this, but the Genuine Advantage tool contacts Microsoft daily. It doesn’t do this to track your browsing or downloading habits, but to check and see if it’s ok that it’s still running. According to this article, they have some concern that it might not work properly and wanted to be able to tell it to shut down if there were widescale problems with the proof of legitimate windows copy. I did glean a few more details from the article that correct an assumption that I made a week ago.
-
New malware sightings
Incidents.org had an entry in the last couple days on a malware infestation that was interesting and showed a couple things. 1) You can’t bet on antivirus to keep you safe (the initial installer was not detected by most AV vendors – suspicious by 1.) (If you think about it, this makes perfect sense – antivirus is reactionary and needs to have seen a bug once to recognize it again.) 2) Malware, once in the system, can bring all their friends.
-
Microsoft should use a /home partition….
I saw this yesterday or day before… George Ou has said that Microsoft should move user data to it’s own volume (or partition). He is ABSOLUTELY RIGHT. I think these days the default install for any modern operating system ought to assume you care enough about your data to seperate it from the main OS. I find myself slightly annoyed at linux distributions that DON’T do this by default, although most will at least let you make changes to the partitioning in the install process. I had got to just assume this was the way things were since Mandrake always defaulted to seperate home and root partitions.
-
Remote tech support with anything – would I do it?
I’ve tried to ask myself if I’d trust someone enough to let them run a remote session on my own desktop to solve a problem. I think the answer is “it depends”. If you think about it, I do tech support for home users quite a bit and they let me come into their homes. If I were weighing someone coming into my house, or onto my computer desktop, I think I’d choose my desktop. …
-
The security of remote tech support (ultravnc sc or x11vnc with wrapper script)
Well, I’ve got a nice way of doing “easy” one click (or one cut and paste) light desktop support for windows or linux, one uses ultravnc sc, the other uses x11vnc with a special wrapper script. So, what security flaws are there in this process? Well, for starters, I see the biggest vulnerability for the computer running the listening vncviewer (because it HAS to be available to the outside world.) That means the tech support desk must keep on top of vncviewer updates and keep the service turned off when not expecting a client connection. The other question that comes to mind is encryption though….
-
A closer look at x11vnc
I’ve got to say, one of the things I really like about linux are the myriad of options for remotely administering a system. SSH is the one I use the most, but for the graphical you have x (especially on the LAN), nxserver (which is a compressed and optionally encrypted wrapper of the X protocol….), vnc can be used, although as I’ve noted in the prior articles one problem with either nxserver, X or vnc is that you can’t by default connect to a running X session. x0rfbserver CAN, but only if a user is logged in (as far as I know….) I found an interesting trick with x11vnc that let’s you run it even if the system is at the greeter. (the login screen for X).
-
x11vnc recompiled to be as widely compatible as possible…
As I said in the earlier posts, I was essentially looking for a “Single click” solution for linux VNC remote desktop support. A solution that doesn’t require the remote support client to change firewall settings, install software, etc. What I’ve settled on is closer to a single cut and paste solution, which is fairly simple. The next problem I had was compatibility of the x11vnc binary. The first problem was the xfixes library not being a part of Mandrake 10.0, then xdamage, xrender, xrandr – none of those libraries were found… so, I started looking at the compile options for x11vnc (and the optimization, because I wanted a smaller file size.)
-
Remote Tech Support with x11vnc and wrapper script
So, the idea is that I wanted something “like” the Ultranvnc Single Click download, only for linux. The main idea being is that if someone is looking for a bit of desktop tech support on linux, we don’t need to be giving instructions for 5 different package managers, or source compilation, or anything more than MAYBE something to cut and paste. In fact, something like this…. wget http://www.mysite.com/remote-support && sh remote-support could be easily pasted into a console window (which hopefully we can give instructions on finding), or a run command in kde for instance. Then the remote-support script should do the rest. *(By the way, the script doesn’t have to be chmod’ed to executable when we use sh to invoke it…)
-
Remote Tech Support using VNC (Ultravnc SC and x11vnc+wrapper script)
Ok, some time back I’d done a writeup on UltraVNC SC, which is a nice customizable (windows version) VNC server that essentially let’s someone doing remote support build their own downloadable .exe that runs and automatically tries to make a direct connection to a “listening” vnc viewer. It’s good for helpdesk environments as an easy download and run, and I’ve done some trials at using it over the internet with some of my existing computer service customers. Very soon, I’ll be adding a page and information about Remote Tech support services using this same method. I have run into some problems with it though. There are multiple advantages to this approach though (the main being NO firewall config for the user needing remote support – all firewall config is done at the “support center” end. Another advantage being that it’s “hardcoded” to connect to a specific given address and if that fails it gives up and uninstalls itself. The last advantage being that it completely uninstalls after a successful session as well. (Well, technically it never “installs” to begin with.))