Computer Tips -Tech Info

Tag: time

  • More testing on the second WMF exploit

    After my Windows 98 tests which failed to exploit the system with either the first or the second vulnerability, I started wondering how well the antivirus companies were doing in detecting this second exploit variation. I had setup and updated metasploit so I could test my Windows 98 SE install against the latest version of the exploit and with each connection to the locally hosted page I got a new random file. After I collected five of these I ran them through virustotal.com to see how well detection has come in just 24 hours.

    (more…)

  • WMF exploit situation summary…

    Since there’s been quite a bit of flux the last couple of days I thought I’d try to “reset” the situation and give a general overview of where we stand now with regards to the recent WMF zero-day exploit.

    1st there is a vulnerability in the way Windows renders WMF (Windows MetaFile) image files that makes possible an exploitable buffer overflow allowing remote execution. There are at least two exploits for this vulnerability and it is not necessary for the wmf to have a name ending in .wmf (it could masquerade as jpg for instance.) The specially crafted WMF could be in a web page, email (html email), or other document. There are many possible vectors of entry for this.

    (more…)

  • On Demand book publishing – iUniverse

    The last entry in this series I looked at lulu.com which offers on-demand book publishing for those looking to publish their own book. The level of entry at lulu.com is nothing, no setup fee and they take fixed cost plus 20% of your profit which all told is not a bad deal.

    This time around I’m looking at iUniverse.com which is backed by Barnes & Noble. They do charge to get started. The cheapest of their packages is $299 for those that aren’t interested in distribution of their work. (Just making it available through the iUniverse.com store.)

    (more…)

  • Happy New Year

    I hope that you all enjoy a very Happy New Year. I probably should have had this post go out at 00:00 GMT, but… I thought I’d post it using the server local time….

  • New IM worm using WMF vulnerability

    There is news this morning of a new twist in the WMF vulnerability (it was only a matter of time.) There are reports of an instant messenger worm using the vulnerability to spread. Currently incidents.org is reporting that the worm is spreading through the MSN messenger IM network and contains a malformed WMF file called “xmas-2006 FUNNY.jpg” The original source of the warning is Kaspersky Labs viruslist.com

    (more…)

  • OpenVPN series

    After the Hamachi article I wanted to do a series on OpenVPN. I’ve used it before, but not since the 1.x days…. it’s now at version 2.0.5 and has quite a bit more flexibility. When I first used it, it was pretty much a point-to-point vpn solution. You could set up routing to see the rest of the network and for the network to see the vpn client, but only one client could connect to one server. What this meant is that multiple tap or tun devices were needed on the server, one for each remote vpn client. Also, multiple openvpn processes and multiple openvpn ports.

    From my understanding this setup wasn’t necessary under the 2.x series.

    (more…)

  • Flightgear scenery objects

    So, I’ve spent a bit of time talking about flightgear. Here are a couple extra resources that I want to “bookmark” here. There is a Good unofficial how-to here. (Mostly linux flightgear oriented. Also, the flightgear scenery is available here. The link is to a grid covered world map. Clicking on a grid quadrant downloads scenery for that quadrant.

    (more…)

  • Scheduling tasks in linux kcron

    I don’t know if kcron deserves a seperate entry for scheduling tasks under linux. Cron is what I typed on last time and it’s the daemon that controls scheduled tasks. The method for scheduling tasks that I went through last time is for the command line. Like many things in linux, there are other ways to get the job done. In this case, one way through the graphical interface is kcron…

    (more…)

  • Mythtv remote frontend

    So, when I did the laptop upgrade I formated the root partition which means that working mythtv frontend was erased and it had to be set up from scratch. I had been running version 0.16 of mythtv on all the systems, but finding rpms for that older version looked challenging, so…. I went ahead with the upgrade to 0.18.1 on the desktop first. All went fairly smoothly using Thac’s rpms of mythtv.

    (more…)

  • Linux Livecd Download

    This should probably go in the Windows tech support category too… but, as I’ve talked about before I’ve spent a good amount of time using different linux livecd’s. I’ve even made a few livecd’s of my own with Mandrake (now mandriva) linux, using the mklivecd scripts. One of the nice things about a livecd is that it’s self contained, portable and relatively secure (any compromise should be able ot be undone by rebooting.) There are linux livecds customized for just about every conceivable use. The ones I did varied from booting to an image slideshow to a full cooker based desktop.

    (more…)