Diary of a Network Geek

The trials and tribulations of a Certified Novell Engineer who's been stranded in Houston, Texas.

6/20/2014

A “New” Way to Prevent Photo Theft

Filed under: Fun,Red Herrings,The Dark Side — Posted by the Network Geek during the Hour of the Hare which is terribly early in the morning or 6:00 am for you boring, normal people.
The moon is a Third Quarter Moon

No, those quotation marks aren’t ironic.

Last year, in August, I wrote about a free service called LensTag that would help you track your camera gear if any of it went missing.  Well, they’re back in the news for another service!  This one was discovered by accident by their president’s wife who mistakenly turned on the tracking for her camera when a couple of flashes got stolen.  It turns out, she started getting notifications about where her photos taken with that…
Read More

5/27/2014

Keeping Windows XP Alive

Filed under: Advice from your Uncle Jim,Geek Work,MicroSoft,Never trust a Network Admin with a screwdriver,News and Current Events,The Dark Side — Posted by the Network Geek during the Hour of the Snake which is just before lunchtime or 11:49 am for you boring, normal people.
The moon is Waning Crescent

First, let me say that I don’t endorse this as a way to avoid upgrading.

Second, let me fully affirm that this is completely awesome!  And, as someone who maintains a Windows XP virtual machine to run some older software for my camera, I am thrilled to have this option, for as long as it lasts.
The hack is pretty simple, basically just adding a small entry to the Registry.  First published by Wayne Williams at BetaNews a day ago, it’s been all over the internet today.  I did it earlier on an old machine at work and it worked great.  Your results may vary.  The steps are simple and in that linked article, but I’ve included the 32-bit version of the registry file that you can just download and import to your machine or virtual machine.

Use at your own risk!
And upgrade as soon as possible!
(Here’s the link to the REG file.)


Advice from your Uncle Jim:
"The ultimate measure of a man is not where he stands in moments of comfort and convenience, but where he stands at times of challenge and controversy."
   --Martin Luther King

5/23/2014

Two Free Security Plugins

Filed under: Deep Thoughts,Geek Work,The Dark Side — Posted by the Network Geek during the Hour of the Hare which is terribly early in the morning or 6:32 am for you boring, normal people.
The moon is Waning Crescent

This week I’ve got two very serious freebies for you.

Security, as some of you may know, is near and dear to my heart.
In my day job, I’m a system administrator and constantly worried about security.  It’s a huge issue.  Lately, you all may have been hearing news stories about the “Heartbleed SSL vulnerability” which, in theory, could endanger your personal login information, as well as other account credentials or other things you’d want to keep private.  It’s not entirely clear…
Read More

3/25/2014

Keyless Entry Tools!

Filed under: Fun Work,Life Goals,Never trust a Network Admin with a screwdriver,Review,The Dark Side,Things to Read — Posted by the Network Geek during the Hour of the Hare which is in the early morning or 7:21 am for you boring, normal people.
The moon is Waning Crescent

RetirementPlanningKeyless entry tools may be a bit of a misnomer, but, technically, that’s what I’m talking about in this very special Tools for Tuesday post.

Actually, since I missed posting a tool last week, I’m going to mention several tools in this week’s post.  The difference is that these tools are all related.  Of course, all these things are related to lock picking, sometimes referred to as “lock sport” or “steel-bolt hacking”.
We’ve all seen this on TV or in the movies.  The hero, or anti-hero, needs to get into a room for some reason, only to be confronted with a locked door.  A locked door that would stop the average person, but not the hero of the story we’re watching.  Instead of being stymied by this apparently insurmountable obstacle, our hero, or heroine, simply pull out a set of lock picks with which they proceed to fiddle about with, often by the light of a flashlight held in their mouth, until the formerly locked door is suddenly, almost magically, opened.  Who among us has not wanted to be able to do the same thing?  How many times have we found ourselves on the wrong side of a locked door, wishing we had a set of lock picks with which to quietly gain entry to whatever is on the other side of said door?  And, perhaps more commonly, how often have we simply forgotten our keys, to home of office, and wanted to avoid the inconvenience of going to fetch them or find someone who could let us in?

Well, I have long wanted to be able to do all those things at one time or another.
In August of 2012, while attending DEF*CON 20, I finally got my initiation into the world of lock picking.  Or, as I more often prefer to euphemistically refer to it; keyless entry.  I spent several good hours at the Lockpick Village put on by TOOOL, The Open Organization of Lockpickers.  It was there that several very patient people taught me the basics of lock picking.  There were other opportunities to learn things like bumping and impressioning, as well as learning how to bypass locks other than the standard door lock or keyed padlock.  I haven’t had the time, or opportunity to explore those non-picking tools too much yet, but several of the tools in the photo above came from TOOOL.  TOOOL sells a fine starter’s set of lock picks and tension bars, which I bought at DEF*CON and can be purchased via their Equipment page.  You can see the two picks I use most often, and a tension tool on the right, resting on top of the TOOOL leather case.
I like these picks and tension tools because they’re light, but sturdy and relatively economical.  They also have nice sized grips which feel comfortable in my meat-hook-like hands.  It’s important that I feel like the tools I’m using to open a lock aren’t constantly in danger of breaking off in said lock, further complicating my opening of it.  These tools do that quite well, and look good while doing it.

The other thing in that photo which came from TOOOL is the progressive training locks, as they call them, though they’re really just specially prepared tumblers.  They’re in the large-ish grey thing near the middle of the photo, which I refer to as a lock picking vice, perhaps incorrectly, and which I’ll describe in a minute.  Actually, to be specific, the three training locks in the vice are the first three of a complete set of ten.  They start with a single pin in the tumbler and go all the way up to six pins in a tumbler, for the first, “normal” training locks.  The last four are a special spool-shaped pin, which is harder to pick, and go from one pin up to four pins in the “security” training lock set.  To get the entire set of ten ran me $120 before tax and shipping, but they are totally worth it.  In theory, I could have gotten ten of my own locks, stripped them down to just the bare necessities and pinned them out myself, but I can guarantee that they would not look as neat as these.  And, that’s assuming that I could find a source for the spool-shaped security pins for those last four.
I just got these recently, and I think it was just in time because my skills were getting pretty rusty!  I hadn’t touched my picks in a couple of months and found myself completely unable to pick a simple padlock that used to take me a couple of quick seconds to open.  It was mortifying!  I should note, these training locks are a little looser and easier to pick than a real-world lock, but that’s intentional.  The idea being, of course, that you need to get the feel for it before graduating to a real lock.  Incidentally, a standard padlock usually has four pins.  The average American door lock, like we normally use on houses, has five pins.  And, I’m told, that normal European door locks, like would be used on most residential doors, use six pins.  So, that’s why the training locks are pinned the way they are.  They make a logical progression of difficultly with real-world application.

When I found the Tri-Pik, as I call it, I was actually looking for something else, but I was thrilled.  The “Deluxe Adjustable Tri-Pik LOCK PICKING Holding Fixture“, as it is called on the website where I found it, is pretty fantastic.  In fact, I’d just about call it essential to my reintroduction to lock picking.
The basic idea is this; a real lock would be surface mounted in, say, a door, and would leave me both hands free to manipulate the tension tool and pick, and this tool lets you simulate that.  Without this, I would be holding the training lock in one hand, keeping tension on the cylinder via the tension bar with that same hand, while manipulating the pins with the pick in the other hand.  A fine way to learn, but not very realistic.  The Tri-Pik fixes that.  It is so named because it’s designed to let me mount up to three training locks in it at once, locking them in place via a hand-tightened set screw from below.  It’s quite a good system.  Simple, but effective, and reasonably priced at $35 plus tax and shipping.  I cannot recommend the Tri-Pik enough to someone learning how to pick locks.  It’s really, really fantastic.

Oddly enough, I found the Tri-Pik while looking for the fourth tool I’m mentioning today; the Southard Jackknife Lockpick Set.  I had seen this at DEF*CON, but I was a little hesitant to buy one, since I was flying back to Houston afterwards and didn’t want to have it mistaken for a knife and taken from me by a TSA agent.  But, now that I’m back, and it turns out the NSA has been watching all of us all along anyway, I decided to go ahead and get one of these little beauties.  Eventually, I’ll add this into my “every day carry”, so I’ll always be able to open doors, but first, I need to practice with it a bit.  Obviously, the idea is to fold it all up like a pocket knife and carry it with you, but the genius, in my opinion, is how they handle the tension tool.  It fits over the top of the folded-away picks, with one end sliding into a tight, narrow opening in the center of the main body of the tool set, using tension to keep it all together.  It works quite well and provides the amateur locksmith with a complete set of tools including; the tension tool, a long hook pick, a diamond-shaped pick, a half circle pick, a “snake rake”, an alternative rake and a diamond-shaped broken key extractor.  Add to that a really nice mechanism hold the picks in both a closed and “ready to use” position and you’ve got a great, portable toolset here for just under $40, before tax and shipping.  A fantastic deal in my opinion.

The last “tool” is really a book.  Namely, the very good lockpicking primer, The Visual Guide to Lockpicking.  I have to admit, even though I had this book long before I learned how to pick locks at DEF*CON, I found it just a little too intimidating and confusing to use before I had some hands-on experience.  Now that I do, however, I can see just how good a resource this is.  It covers the majority of mechanical locks that a self-taught locksmith might encounter and have to deal with, including tubular locks and locks with pins on both the top and bottom of the cylinder, which are both challenges I have yet to master.  While no substitute for a good teacher, this book really is a great place to start if you can’t get direct instruction and has fantastic illustrations explaining the entire process.  It’s well worth the $15 or so that Amazon.com is asking.  (And, yes, if you buy a copy from that link, I get a credit.  Thanks!)

Incidentally, if you can’t quite figure the connection between “network geek” and “lockpicking”, the answer is far simpler than you might imagine.  In the early days of computers, the best of the best were pretty much all at M.I.T.,where it is widely believed the term “hacker” originated, and, to get access to computer labs, and a place to crash while programs ran on the big, old iron that were computer systems back then, the hard-core computer geeks all became locksmiths so that they could get the tools to pick locks and never be on the wrong side of a locked door.  Or, at least, that’s what I read in Hackers: Heroes of the Computer Revolution by Stephen Levy back when I was just getting started in IT.
So, yeah, that’s a mess of tools for Tuesday this week and a peek into the crazy way my mind works.  I hope it makes up for missing last week!

2/21/2014

Weekend Plans

Filed under: Geek Work,MicroSoft,Pressgram,The Dark Side — Posted by the Network Geek during the Hour of the Monkey which is mid-afternoon or 4:23 pm for you boring, normal people.
The moon is a Third Quarter Moon

Guess who’s spending the weekend upgrading the company’s main server?

Finally after dealing with an aging server for too long, we’re upgrading.  And, not a minute too soon, either.  I have the joy of migrating Active Directory from a Windows 2003 server to a Windows 2012 server.  Not to mention, I get to migrate printing services, an iSCSI array connection, DNS and DHCP.  Wee!  What fun!

Well, I suppose that’s why I get the “big bucks”, right?  A system administrator’s work is never done!

Published via Pressgram

3/7/2012

Security and QR Codes

Filed under: Criticism, Marginalia, and Notes,Geek Work,The Dark Side — Posted by the Network Geek during the Hour of the Tiger which is terribly early in the morning or 5:53 am for you boring, normal people.
The moon is a Full Moon

Do you trust everything you see?

We’ve all seen QR codes, even if we may not have all recognized what they are.  These little, square dot patterns are everywhere these days, especially in advertising.  In fact, some people have gotten so used to scanning them with their smart phones to get more information about products and services that hackers are now exploiting them.  I recently read a very interesting article on TechRepublic by Michael Kassner titled Beware of QR Codes about an exploit found in the wild, and QR code exploits in general.  The problem is, we tend to trust them, mainly, I think, because they’re too new for us to have been burned bad by them yet, and they are popping up everywhere!  Pay attention as you go through your day and see how many of these little deals you bump into.  They’re in everything from magazine ads to product labels to posters to coupons!  Even Doonesbury has run a strip with a QR code in it!

So, as you swim out there, awash in the ocean of marketing and sales that we live in, pay attention to those who might subvert your complacency.  If it’s easy for you to use, it’s probably easy for someone to abuse, just like the QR code seems to be!

2/7/2012

DNS Attacks Are On The Rise

Filed under: Geek Work,News and Current Events,The Dark Side — Posted by the Network Geek during the Hour of the Snake which is just before lunchtime or 11:14 am for you boring, normal people.
The moon is a Full Moon

DNS has inherent weakness.

In it’s current form the Domain Name System, by it’s open nature, is pretty primed for exploitation.
Some of these attacks are more obvious than others, but there are two that I find particularly troubling.  More so that I can see them being used together to really mess with a website owner.
The first of these two attacks isn’t new.  But, the fact that it isn’t new and has been dealt with before doesn’t mean that it has suddenly stopped being effective.  The attack is called “DNS poisoning” and it works by corrupting the DNS cache on a server, which then forwards those poisoned DNS records as legitimate to other, unsuspecting servers.  The end result is that the attackers can redirect traffic from a legitimate website to their own site.  It’s hard to flat out stop right now, though, once discovered, it can be fixed with relatively little trouble.  This attack was used recently against several websites who were supporting SOPA and PIPA.  Of course, since these folks were trying to make a statement, it was pretty clear what had happened, so techs were working to fix it pretty quickly.
The second attack, which I would think include the first attack at its initial stages, is sub-domain hijacking.  In this attack, the attackers redirect the sub-domain of an existing site to another location.  This is a little more subtle and hard to detect.  In this case, the attackers are looking to profit from a well-established domain by “piggy-backing” on their reputation.  They poison the DNS records to point something like Viagra.google.com to their actual website, selling Viagra, or a site filled with spammy links that redirect a potential victim to their website selling Viagra, or whatever.   This attack takes a proactive system administrator to catch.  Since it doesn’t redirect any of the main, honest, actual site anywhere, but only uses its reputation to improve their own spammy links, it’s not always obvious that it’s going on.  Regular DNS record audits are about the only way to catch this, barring an angry end-user contacting the main site.

The internet is still a wild and wooly place sometimes, folks.  The reasons the professionals get paid what they do is because, theoretically, they have to deal with all that stuff and keep us safe!  Which reminds me, I have to go check my own company’s websites and DNS records, not to mention my own!
(The title, incidentally, was inspired by the movie that helped get me into this business, Sneakers. “Cattle mutilations are up.“)

10/31/2011

The Worst Kind of Cross-Platform Porting

Filed under: Apple,Linux,News and Current Events,Rotten Apples,The Dark Side — Posted by the Network Geek during the Hour of the Rooster which is in the early evening or 6:58 pm for you boring, normal people.
The moon is Waxing Crescent

Hackers are porting Linux viruses (virii ?) to OS X.

Last week Monday, ZDNet reported that hackers have ported code for a trojan from Linux to Apple’s OS X.  For those of my readers who don’t know what a trojan is I’m referring to a malicious program that opens the door for other, usually even worse, programs to come into the infected operating system, like the Greeks did in the classic stratagem known as the Trojan Horse.  It hasn’t been seen in the wild yet, but apparently the C source code for this has been available for quite some time.

Frankly, I’m surprised that this doesn’t happen more often than it does.  In the old days, virus writers had to really know something because they used assembly to create them.  Now, with Windows and all the other object-oriented programming languages filled with bloated libraries of programming calls, along with the availability of existing code on the internet, they hardly have to know anything to write fairly nasty malware.  And, as I’ve mentioned before, as Apple laptops become more popular, more malware will start to show up there.  I’m sure it’s only a matter of time before they figure out how to infect iPads and iPhones, too, if they haven’t already.

I hate people like this.
I spent most of my day today cleaning a malware infection off a machine.  This little bugger had not only disabled the Windows Task Manager, which is pretty common these days, but it also cleaned out the Start Menu, including all the built-in things like the link to Control Panel and My Documents and all those things on the right side of the Windows XP default Start Menu.  But, it also flagged most of the drive as Hidden and System, making it even more difficult to load the software I used to clean it.  I had to go into Safe Mode just to get the system clean enough to restart into Safe Mode with Networking so I could update Malwarebytes, which is what I eventually used to get rid of the beastie.   (I used Spybot Search and Destroy to keep the malware from loading to make the machine useable with networking support so I could update Malwarebytes, incidentally.)
So, yeah, these slimeballs keep me in a job, but, really, I’d appreciate it if they stopped helping me stay employed.  I promise I can find plenty of other things to do!

So, look lively out there people!  Be suspicious of what you download and click on!

UPDATE:  Apparently, this has been found out in the wild now.  And, according to TechWorld, it has a purpose; to use your system to generate BitCoins for it’s evil masters.  Very clever.  Nasty, but, still, very clever.

10/17/2011

Your Password Is Too Weak!

Filed under: Advice from your Uncle Jim,Geek Work,News and Current Events,The Dark Side — Posted by the Network Geek during the Hour of the Hare which is terribly early in the morning or 6:19 am for you boring, normal people.
The moon is Waning Gibbous

No, seriously, it is.

If it makes you feel any better, most people’s passwords are too weak.
I suppose you think it doesn’t matter how “strong” your Gmail (or Hotmail or whatever free email you use) password is, right?  Well, you’d be wrong.  I recently read an account about how one person’s Gmail account was hacked and used to spam and try to get her friends to send the hacker money, all posed as her.  Of course, that was after deleting more than 4 Gigabytes of stored messages and photos.  You can read that account, as told by her husband, over at the Atlantic, in an article titled “Hacked!”  It’s worth reading, especially if you’re not in the IT business.  And, frankly, even for a fellow professional computer geek, it might be eye-opening to see how hacked email accounts are being used these days.  I have to admit, I was a little surprised that the attacker in question actually used the account personally to try and con money out of the victim’s friends and family.

I was not, however, all that shocked to see how many accounts are compromised on a regular basis.  Think the thousands.  Daily.
Right, so thousands of email accounts on which people depend are hijacked, used and abused on a daily basis.  If it hasn’t happened to you, it’s probably only a matter of time.  So, how do they do it?  Shared, easily guessable passwords.
Yes, it’s that easy.
Stop for a minute and think about how many passwords you use on a regular basis.  How many are the same?  How many accounts do you have for things like bank accounts and credit cards and medical records that use the same password as your email?  And how many of those accounts use that same email address as the username?
Getting the picture?

So, what do you do?
First, stop reusing passwords.
Second, make more secure passwords.  And, don’t think that the old way of replacing “L” with the numeral one or the letter “O” with the numeral zero and that kind of thing will work, either.  The hackers are on to that.  It’s better to use words that are not in the dictionary.  So, yes, made up words.  Or, even better, phrases, which is what I’ve recommended for some time.  Having a hard time coming up with one?  Try using one generated randomly for you at passphra.se, a random passphrase generator which was inspired by an XKCD comic.  The comic explains the reasoning behind the passphrase idea and the generator.  Also, XKCD is pretty funny and if you’re geeky like me at all, it’s well worth checking out.

In today’s world, we’re way too interconnected and digital and reliant on those systems to have relaxed security.  It doesn’t matter if you’re a geek or not.  Please, think about your passwords and how easily they might be compromised.  Then think about what that might mean to your life, digital and otherwise.
Now, if you’ll excuse me, I have to go change some passwords…


Advice from your Uncle Jim:
"Contrary to popular belief, UNIX is user friendly. It just happens to be selective about who it makes friends with."
   --Dave Parnas

8/9/2011

Cyber Pearl Harbor?

Filed under: Geek Work,News and Current Events,The Dark Side,Things to Read — Posted by the Network Geek during the Hour of the Pig which is in the late evening or 10:41 pm for you boring, normal people.
The moon is Waxing Gibbous

Really?  Are they bringing this one out again?

I’ve heard about the dangers of “cyber war” almost since I got started in this business twenty years ago.  Essentially, since the internet existed, people have been claiming that dangerous hackers are going to take over our infrastructure from within.  Sound familiar?  Like, oh, say, the Red Threat of the Cold War?
It’s pretty easy to get IT guys like me whipped into a frenzy about this.  Back in the day, Winn Schwartau wrote THE go-to book on the subject, Information Warfare, and in that book he talked about a so-called “Cyber Pearl Harbor” that ushered in a new era of digital warfare.  Well, now, it seems, ZDNet is reporting that we may have already had our so-called Cyber Pearl Harbor.  According to security researchers at McAfee, and elsewhere, several targets, including the United States, have been under a five year sustained cyber attack and they went on to speculate that a “state actor” was likely behind the attacks.  A security consultant at Sophos pointed out that fingers are usually pointed in China’s direction when government-funded and supported cyber attacks are discussed.  And, I have to admit, based on the other forms of espionage, especially industrial espionage, that we’ve seen from them over the years, it wouldn’t surprise me if they were using the Internet to attack various sites remotely in an attempt to get restricted information of various kinds.

But, is this a “Pearl Harbor”-like event?  I mean, really?
Do you see people rallying around this issue?  Are hackers joining the U.S. Military to defend our cyber borders?  If they are, it’s one of the best kept secrets in the world right now.  Seriously.
Pearl Harbor was a galvanizing event in our history.  That one event is what got us off the fence and into World War II, as a nation.  Honestly, I don’t see that happening here, or anywhere that high-level computer tech is the focal point of the debate.  We may rely on that tech to get our jobs done or to entertain us, but, really, most people don’t have any idea of the security work that goes on behind the scenes.  This is an invisible war, if it even can be called that.
Again, I think it’s a new form of Cold War.  It’s a battle waged in the shadows against an all but invisible enemy.  It won’t be fought like a conventional war of any kind, much less like World War II.  And, if the cyber war is an apt metaphor at all, then it’s a war we’re already fighting.

Oh, and as for the Chinese, well, they’ve already used their influence as a global market to get a partial retraction from those fine folks at McAfee, who are now claiming that there is no definitive link to any “state actor” of any kind, much less China.  Of course, I’ve only seen the back-peddling on a single, English-language, but Chinese supported, news site.  Still, that, my friends, is the view of the new global economy and the real war.  Big governments will start to throw their weight around and corporations will “adjust” their position on the truth to tap the market and access their bottom line.  Of course, that’s nothing new, either.  China’s been doing that for years.  Only now, they may be the biggest market still available in the entire world.
Looks like we all better start learning Mandarin!

Next Page »

Powered by WordPress