Security

Cookie Monster (Firefox advanced cookie management ext)

The default Firefox cookie management is not very sophisticated. I guess it's OK for users who don't know any better, but people with some knowledge about online security & tracking & enough paranoia to care might want to have a tighter control over which site is allowed to track them and their activities. Cookie Monster is the right tool for the task. Smiling It sits in your addon bar and shows you what cookies are set for what domain/site and exactly how the permission for a specific site came to be (from which rules). It gives you easy understanding and access to cookie control.

How to completely disable quarantine of downloaded files in Mac OS X

To turn off file quarantine default behaviour (reboot required):
defaults write com.apple.LaunchServices LSQuarantine -bool NO
To disable quarantine for already downloaded files:
find $HOME/Downloads -type df -exec xattr -d com.apple.quarantine '{}' \;
It's a great hint btw. Smiling Although I suggest if you disable file quarantine, you should also force Finder to always show file extensions (Finder Preferences / Advanced / Show all filename extensions). Otherwise you could launch a malicious app that disguises itself as a PDF (without the extension it's hard to tell what you're trying to launch).

MySecureShell

"MySecureShell is an SFTP server that is based on OpenSSH and allows for very flexible configurations, e.g. it has support for chrooting users into their home directories and limiting upload-/download bandwidths. MySecureShell makes maintenance of an SFTP server easy."

A few thoughts on "Hackers Wanted"

I think the makers of the movie did a fair job in giving a chance to both the hackers and their "victims" to explain their POVs. I liked the historical aspects/flashbacks too.

ophcrack

"Ophcrack is a free Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a Graphical User Interface and runs on multiple platforms."

There's also a LiveCD ISO available that you can write to an USB drive too.

Fail2ban - proctect a server from brute-force attacks

"Fail2ban scans log files like /var/log/pwdfail or /var/log/apache/error_log and bans IP that makes too many password failures. It updates firewall rules to reject the IP address."
There's a nice Debian howto here for a basic setup of Fail2ban to protect the SSH daemon from brute-force login attempts.

Resetting EFI firmware password on Intel-based Macs

According to the Apple document "Mac OS X Security Configuration For Version 10.4 or Later" you can reset the password if you've physical access to the machine.

Windows Update through a SOCKS proxy

Windows Update is a tricky thing. Smiling It can use a proxy server (see one of my previous posts on this), but it won't use the same proxy as you've set in "Control Panel" / "Internet Options" (aka. IE's proxy settings). Windows XP has a "hidden" HTTP service (it's actually a driver visible in "Device Manager" under "Non-Plug and Play Drivers") and Windows Update uses this service to access Microsoft's servers. To set a proxy for this service, you've to use the proxycfg command line program. However setting a SOCKS proxy won't take any effect (at least it did not for me, neither for airwin). But there're ways to get around this. Smiling

A serious flaw in TCP, but what are the real risks?

For the last few days IT news is all about the discovery of two programmers (Robert E. Lee and Jack C. Louis): a new kind of DoS attack against all sorts of TCP stacks. Some say that the threat might not be that huge after all since probably the attacker has to have a real and public IP address which gets revealed during the attack. Hmm. Did these people hear about virii, worms, botnets, etc.? I doubt that the revealing of the attacker's IP would mean any concern to guys who are fixed on destroying things (services, value, companies, etc.). You could just go to a cafe (that has a free WiFi hotspot) and you've got your valid IP without any chance of being traced back to you. So I bet that (if the rumors turn out to be true) the flaw will be a serious issue.

Syndicate content