Computer Tips -Tech Info

Tag: links

  • Suspicious Emails inderectly leading to virus infection

    According to The August 4th entry of the isc.sans.org handlers diary, there are some peculiar emails going around. They claim to be for an article claiming an explosion kills 140 in Iraq. It contains a link to a news article that has been altered from it’s original (140 instead of 14 for instance.) It also contains some nasty surprises for the visitor. There is an exploit that requires no user intervention, A cross-site scripting vulnerability (MS05-001) is exploited which runs ppp.hta from your hard drive, which creates a file called netlog.exe, which is launched by Media Player (??), which then retrieves a copy of win32sba.exe, which is the robobot backdoor.
    (more…)

  • Bad week for Cisco, security headaches

    For starters, there was this advisory last week in response to a planned talk at a hacker convention on the possibility of a cisco router ipv6 exploit. The advisory detailed a LOCAL exploit and not the remote exploit that the talk was centered around. There was legal action against the speaker and materials detailing it were destroyed (literally ripped out of notebooks) at the convention by Cisco. Apparently this is the kind of vulnerability that could “shut down the internet”. Of course, much of the internet’s backbone runs on Cisco equipment. Next….

    (more…)

  • Assess security using a linux livecd

    Another in the line of great linux articles from IBM. This article details using a linux livecd to assess computer system (and network) security. It’s a good overview with some relevant links.

  • Custom Error Pages with .htaccess

    Ok, we’ve looked at controlling access to directories with .htaccess, but there are other neat tricks we can do that can add a bit of polish to your site. (more…)

  • Protecting access to web directories with htaccess

    Okay, in an earlier article I was looking at uses of Google that might reveal things you don’t want revealed about your website. Maybe a test directory that you don’t want to be spidered. I want to say that it’s not possible to keep it hidden just by NOT linking to it. That’s what some will suggest, the argument goes along these lines “spiders just follow links, so don’t link to a directory or document you don’t want the web spiders to see.” Spidering bots seem to be a bit more resourceful though, I’ve seen files and folders that I can’t imagine were linked to being picked up in a web search, so how do we prevent that? (more…)

  • Anti phishing information (phighting phishing ?)

    Well, after the early week experience with getting a Bank of the West site taken down, I’ve taken on two more which have come in today. One of these was an ebay spoof, the other paypal. In both cases I’ve emailed the appropriate abuse address on the owners network (this time one is in China, I think the second was as well.) I did find out something neat about paypal and ebays ways of reporting. (more…)

  • Creating a redirect page

    This is one that comes in handy a lot. Like many things in computing there are a number of ways to accomplish this. My favorite though is one fo the simplest. (more…)

  • Google as a tool for crackers

    Google is a search tool which I use literally every day. Sometimes it’s multiple times per day. Sometimes I can’t imagine how I would function without being able to do a quick google search. There are some features that I don’t often use and in some ways have promised myself to use more in an attempt to hone in on just that piece of information I’m looking for, but those features can also be turned against a site owner. (more…)