A couple weeks back, there was a pretty important security update for the Intel Proset Wireless driver. The big problem is that the update was a memory hog and caused porblems. Sans has info on the update to the update, also George Ou is encouraging everyone to make sure they’ve got things updated. It’s possible to JUST download and install the driver without getting the full proset management software. So…. CENTRINO users – this means you… update your wireless driver.
Blog
-
Intel(R) PRO/Wireless 3945ABG Network Connection 10.5.0.1
Memory utilization update. Previous update was security update. Release notes.
-
Using screen to connect multiple users to a shell session
I NEVER knew you could use screen for this…. Let multiple users connect to the same Console (command shell/bash shell) session simultaneously. I’ve looked at screen before. It’s a great *nix utility that’s available for most linux distributions. The primary use I’ve seen for it is to be able to have a shell open, and use screen to be able to disconnect and reconnect to a session. Let’s say you have software compiling, you can use screen to get it started from one location and then re-connect to your screen session from another machine. Think…. VNC for the command line. Well, much like VNC it’s possible for multiple users to view and use the session.
-
Apple next with 1.8 million laptop battery recall
A bit over a week ago Dell had a massive recall announced for potentially hazardous laptop computer battery issues. (Flaming laptops.) Now, it’s Apple’s turn. It seems as though Sony is the common supplier for both issues. The BBC has an overview here. Here’s a link at Apple’s site giving more information on getting a replacement and identifying if your battery is affected.
-
Wireshark 0.99.3
Various vulnerabilities (details)
-
Wireshark, various vulnerabilities disclosed
There used to be a tool called ethereal and then it changed it’s name to wireshark. Today a number of security vulnerabilities were disclosed. A new version is available and workarounds. Please upgrade if at all possible.
-
IE7 will have many css fixes
They’re doing what they can at Microsoft to put to rest the notion that IE7 won’t make drastic strides in CSS compliance. One of the fronts they’re pushing is this detailed listing of CSS fixes that will be found in Internet Explorer 7 when it is released.
-
Good sarc monitoring tip
Sarc is still in their month of security tips per day and todays is another good one. Todays tip is about monitoring machines, particularly those that “defend” your network. (Mail antivirus scanners/ proxy fitlers/scanners/etc.) The core of the advice is to not just ping – that only tells you if the system exists and is online – it doesn’t tell if things are working. They suggest scripting tests (antivirus scanner can be tested via the EICAR test signature for instance.) They note that doesn’t tell if the av scanner is updated (I prefer a crontab output of the days updates – looks like there were around 9 clamav signature updates yesterday.
-
Hiding malware may evade antivirus
Sans had an interesting malware analysis this morning about a blob that appeared to be ascii text (gibberish) that was retrieved by a piece of malware. It turns out that the ascii text was a cleverly encoded exe file (windows executable or program file.) It took several iterations of their analysis to uncover the actual file. A followup referred to a study of “hiding” malware in various Microsoft Word supported formats and how successful (or unfortunately UNsuccessful) several antivirus programs tested were able to identify it. This was performed by running the files through virus total and the virus was the EICAR test pattern.
-
But it’s brand new, how could it have so many updates?
This morning I was doing a fresh install of Windows XP SP2 into a Virtual Machine. So far, things are fine I went through windowsupdate and found 3 updates the first time, then rebooted and hit windowsupdate again to see 55 updates available. A lot of times when I set up a new pc for somebody they wonder why I want to check windows update multiple times. They’ll usually say something along the lines “but it’s brand new there shouldn’t be any updates.” Well, this install was from a SP2 disk and there have been a large number of updates since that was released. Many manufacturers use fairly sophisticated techniques to roll out the default install images they use, but it’s still very possible that your machine will have several updates waiting for it when you get it.