Diary of a Network Geek

The trials and tribulations of a Certified Novell Engineer who's been stranded in Houston, Texas.

10/17/2014

Destroy All Robots!

Filed under: Fun,Geek Work,Red Herrings,The Dark Side — Posted by the Network Geek during the Hour of the Tiger which is terribly early in the morning or 5:56 am for you boring, normal people.
The moon is Waning Crescent

Or, at least, all robocallers.

So, lately, I’ve been digging through my files, finding links I saved ages ago to share with you, my few loyal blog readers, and I’m the first to admit that it’s been a mixed bag.  Some have been fun.  Some have been lame.  But, this one actually solves a problem for you.

Do you get automated calls?  Maybe you signed up for a catalog ages ago, or maybe you thought that timeshare in Miami was going to…
Read More

8/29/2014

Cryptolocker Rescue

Filed under: Geek Work,News and Current Events,The Dark Side — Posted by the Network Geek during the Hour of the Monkey which is mid-afternoon or 4:10 pm for you boring, normal people.
The moon is Waxing Crescent

This ought to make me look like a hero at my new gig.  Again.

On a whim, I searched for a CryptoLocker decrypter this afternoon, because the old place I worked at and the new place I currently work at were both hit by a CryptoLocker virus.  Now, at the old place, we mostly had everything backed up.  At the new place, not quite so much.  I mean, everything is backed up now, but it wasn’t before I got here and they got hit with the virus.
In any case, I had a couple of files I wanted to get into that were hit with the virus.  So, naturally, I went to search for something to help.  Because, you know, it’s been a while and maybe someone had come up with a solution, right?
Well, as it turns out, they have.  FireEye, who I’m familiar with and Fox IT have setup a free service at Decryptolocker that will let you download a decryption program and upload an encrypted file, which they will use to generate a decrypt key that they send you via email.  When you get that, you follow their super simple instructions to decrypt your file.  It’s a command-line utility, but, hey, it works.

And, yes, I’ve tried it.  It took all of ten minutes to get the email with the key and then I was able to decrypt any of the effected files that I tried it on.
This restores my faith in humanity just a little!

6/20/2014

A “New” Way to Prevent Photo Theft

Filed under: Fun,Red Herrings,The Dark Side — Posted by the Network Geek during the Hour of the Hare which is terribly early in the morning or 6:00 am for you boring, normal people.
The moon is a Third Quarter Moon

No, those quotation marks aren’t ironic.

Last year, in August, I wrote about a free service called LensTag that would help you track your camera gear if any of it went missing.  Well, they’re back in the news for another service!  This one was discovered by accident by their president’s wife who mistakenly turned on the tracking for her camera when a couple of flashes got stolen.  It turns out, she started getting notifications about where her photos taken with that…
Read More

5/27/2014

Keeping Windows XP Alive

Filed under: Advice from your Uncle Jim,Geek Work,MicroSoft,Never trust a Network Admin with a screwdriver,News and Current Events,The Dark Side — Posted by the Network Geek during the Hour of the Snake which is just before lunchtime or 11:49 am for you boring, normal people.
The moon is Waning Crescent

First, let me say that I don’t endorse this as a way to avoid upgrading.

Second, let me fully affirm that this is completely awesome!  And, as someone who maintains a Windows XP virtual machine to run some older software for my camera, I am thrilled to have this option, for as long as it lasts.
The hack is pretty simple, basically just adding a small entry to the Registry.  First published by Wayne Williams at BetaNews a day ago, it’s been all over the internet today.  I did it earlier on an old machine at work and it worked great.  Your results may vary.  The steps are simple and in that linked article, but I’ve included the 32-bit version of the registry file that you can just download and import to your machine or virtual machine.

Use at your own risk!
And upgrade as soon as possible!
(Here’s the link to the REG file.)


Advice from your Uncle Jim:
"Thousands of candles can be lighted from a single candle, and the life of the candle will not be shortened. Happiness never decreases by being shared."
   --Buddha

5/23/2014

Two Free Security Plugins

Filed under: Deep Thoughts,Geek Work,The Dark Side — Posted by the Network Geek during the Hour of the Hare which is terribly early in the morning or 6:32 am for you boring, normal people.
The moon is Waning Crescent

This week I’ve got two very serious freebies for you.

Security, as some of you may know, is near and dear to my heart.
In my day job, I’m a system administrator and constantly worried about security.  It’s a huge issue.  Lately, you all may have been hearing news stories about the “Heartbleed SSL vulnerability” which, in theory, could endanger your personal login information, as well as other account credentials or other things you’d want to keep private.  It’s not entirely clear…
Read More

3/25/2014

Keyless Entry Tools!

Filed under: Fun Work,Life Goals,Never trust a Network Admin with a screwdriver,Review,The Dark Side,Things to Read — Posted by the Network Geek during the Hour of the Hare which is in the early morning or 7:21 am for you boring, normal people.
The moon is Waning Crescent

RetirementPlanningKeyless entry tools may be a bit of a misnomer, but, technically, that’s what I’m talking about in this very special Tools for Tuesday post.

Actually, since I missed posting a tool last week, I’m going to mention several tools in this week’s post.  The difference is that these tools are all related.  Of course, all these things are related to lock picking, sometimes referred to as “lock sport” or “steel-bolt hacking”.
We’ve all seen this on TV or in the movies.  The hero, or anti-hero, needs to get into a room for some reason, only to be confronted with a locked door.  A locked door that would stop the average person, but not the hero of the story we’re watching.  Instead of being stymied by this apparently insurmountable obstacle, our hero, or heroine, simply pull out a set of lock picks with which they proceed to fiddle about with, often by the light of a flashlight held in their mouth, until the formerly locked door is suddenly, almost magically, opened.  Who among us has not wanted to be able to do the same thing?  How many times have we found ourselves on the wrong side of a locked door, wishing we had a set of lock picks with which to quietly gain entry to whatever is on the other side of said door?  And, perhaps more commonly, how often have we simply forgotten our keys, to home of office, and wanted to avoid the inconvenience of going to fetch them or find someone who could let us in?

Well, I have long wanted to be able to do all those things at one time or another.
In August of 2012, while attending DEF*CON 20, I finally got my initiation into the world of lock picking.  Or, as I more often prefer to euphemistically refer to it; keyless entry.  I spent several good hours at the Lockpick Village put on by TOOOL, The Open Organization of Lockpickers.  It was there that several very patient people taught me the basics of lock picking.  There were other opportunities to learn things like bumping and impressioning, as well as learning how to bypass locks other than the standard door lock or keyed padlock.  I haven’t had the time, or opportunity to explore those non-picking tools too much yet, but several of the tools in the photo above came from TOOOL.  TOOOL sells a fine starter’s set of lock picks and tension bars, which I bought at DEF*CON and can be purchased via their Equipment page.  You can see the two picks I use most often, and a tension tool on the right, resting on top of the TOOOL leather case.
I like these picks and tension tools because they’re light, but sturdy and relatively economical.  They also have nice sized grips which feel comfortable in my meat-hook-like hands.  It’s important that I feel like the tools I’m using to open a lock aren’t constantly in danger of breaking off in said lock, further complicating my opening of it.  These tools do that quite well, and look good while doing it.

The other thing in that photo which came from TOOOL is the progressive training locks, as they call them, though they’re really just specially prepared tumblers.  They’re in the large-ish grey thing near the middle of the photo, which I refer to as a lock picking vice, perhaps incorrectly, and which I’ll describe in a minute.  Actually, to be specific, the three training locks in the vice are the first three of a complete set of ten.  They start with a single pin in the tumbler and go all the way up to six pins in a tumbler, for the first, “normal” training locks.  The last four are a special spool-shaped pin, which is harder to pick, and go from one pin up to four pins in the “security” training lock set.  To get the entire set of ten ran me $120 before tax and shipping, but they are totally worth it.  In theory, I could have gotten ten of my own locks, stripped them down to just the bare necessities and pinned them out myself, but I can guarantee that they would not look as neat as these.  And, that’s assuming that I could find a source for the spool-shaped security pins for those last four.
I just got these recently, and I think it was just in time because my skills were getting pretty rusty!  I hadn’t touched my picks in a couple of months and found myself completely unable to pick a simple padlock that used to take me a couple of quick seconds to open.  It was mortifying!  I should note, these training locks are a little looser and easier to pick than a real-world lock, but that’s intentional.  The idea being, of course, that you need to get the feel for it before graduating to a real lock.  Incidentally, a standard padlock usually has four pins.  The average American door lock, like we normally use on houses, has five pins.  And, I’m told, that normal European door locks, like would be used on most residential doors, use six pins.  So, that’s why the training locks are pinned the way they are.  They make a logical progression of difficultly with real-world application.

When I found the Tri-Pik, as I call it, I was actually looking for something else, but I was thrilled.  The “Deluxe Adjustable Tri-Pik LOCK PICKING Holding Fixture“, as it is called on the website where I found it, is pretty fantastic.  In fact, I’d just about call it essential to my reintroduction to lock picking.
The basic idea is this; a real lock would be surface mounted in, say, a door, and would leave me both hands free to manipulate the tension tool and pick, and this tool lets you simulate that.  Without this, I would be holding the training lock in one hand, keeping tension on the cylinder via the tension bar with that same hand, while manipulating the pins with the pick in the other hand.  A fine way to learn, but not very realistic.  The Tri-Pik fixes that.  It is so named because it’s designed to let me mount up to three training locks in it at once, locking them in place via a hand-tightened set screw from below.  It’s quite a good system.  Simple, but effective, and reasonably priced at $35 plus tax and shipping.  I cannot recommend the Tri-Pik enough to someone learning how to pick locks.  It’s really, really fantastic.

Oddly enough, I found the Tri-Pik while looking for the fourth tool I’m mentioning today; the Southard Jackknife Lockpick Set.  I had seen this at DEF*CON, but I was a little hesitant to buy one, since I was flying back to Houston afterwards and didn’t want to have it mistaken for a knife and taken from me by a TSA agent.  But, now that I’m back, and it turns out the NSA has been watching all of us all along anyway, I decided to go ahead and get one of these little beauties.  Eventually, I’ll add this into my “every day carry”, so I’ll always be able to open doors, but first, I need to practice with it a bit.  Obviously, the idea is to fold it all up like a pocket knife and carry it with you, but the genius, in my opinion, is how they handle the tension tool.  It fits over the top of the folded-away picks, with one end sliding into a tight, narrow opening in the center of the main body of the tool set, using tension to keep it all together.  It works quite well and provides the amateur locksmith with a complete set of tools including; the tension tool, a long hook pick, a diamond-shaped pick, a half circle pick, a “snake rake”, an alternative rake and a diamond-shaped broken key extractor.  Add to that a really nice mechanism hold the picks in both a closed and “ready to use” position and you’ve got a great, portable toolset here for just under $40, before tax and shipping.  A fantastic deal in my opinion.

The last “tool” is really a book.  Namely, the very good lockpicking primer, The Visual Guide to Lockpicking.  I have to admit, even though I had this book long before I learned how to pick locks at DEF*CON, I found it just a little too intimidating and confusing to use before I had some hands-on experience.  Now that I do, however, I can see just how good a resource this is.  It covers the majority of mechanical locks that a self-taught locksmith might encounter and have to deal with, including tubular locks and locks with pins on both the top and bottom of the cylinder, which are both challenges I have yet to master.  While no substitute for a good teacher, this book really is a great place to start if you can’t get direct instruction and has fantastic illustrations explaining the entire process.  It’s well worth the $15 or so that Amazon.com is asking.  (And, yes, if you buy a copy from that link, I get a credit.  Thanks!)

Incidentally, if you can’t quite figure the connection between “network geek” and “lockpicking”, the answer is far simpler than you might imagine.  In the early days of computers, the best of the best were pretty much all at M.I.T.,where it is widely believed the term “hacker” originated, and, to get access to computer labs, and a place to crash while programs ran on the big, old iron that were computer systems back then, the hard-core computer geeks all became locksmiths so that they could get the tools to pick locks and never be on the wrong side of a locked door.  Or, at least, that’s what I read in Hackers: Heroes of the Computer Revolution by Stephen Levy back when I was just getting started in IT.
So, yeah, that’s a mess of tools for Tuesday this week and a peek into the crazy way my mind works.  I hope it makes up for missing last week!

2/21/2014

Weekend Plans

Filed under: Geek Work,MicroSoft,Pressgram,The Dark Side — Posted by the Network Geek during the Hour of the Monkey which is mid-afternoon or 4:23 pm for you boring, normal people.
The moon is a Third Quarter Moon

Guess who’s spending the weekend upgrading the company’s main server?

Finally after dealing with an aging server for too long, we’re upgrading.  And, not a minute too soon, either.  I have the joy of migrating Active Directory from a Windows 2003 server to a Windows 2012 server.  Not to mention, I get to migrate printing services, an iSCSI array connection, DNS and DHCP.  Wee!  What fun!

Well, I suppose that’s why I get the “big bucks”, right?  A system administrator’s work is never done!

Published via Pressgram

3/7/2012

Security and QR Codes

Filed under: Criticism, Marginalia, and Notes,Geek Work,The Dark Side — Posted by the Network Geek during the Hour of the Tiger which is terribly early in the morning or 5:53 am for you boring, normal people.
The moon is a Full Moon

Do you trust everything you see?

We’ve all seen QR codes, even if we may not have all recognized what they are.  These little, square dot patterns are everywhere these days, especially in advertising.  In fact, some people have gotten so used to scanning them with their smart phones to get more information about products and services that hackers are now exploiting them.  I recently read a very interesting article on TechRepublic by Michael Kassner titled Beware of QR Codes about an exploit found in the wild, and QR code exploits in general.  The problem is, we tend to trust them, mainly, I think, because they’re too new for us to have been burned bad by them yet, and they are popping up everywhere!  Pay attention as you go through your day and see how many of these little deals you bump into.  They’re in everything from magazine ads to product labels to posters to coupons!  Even Doonesbury has run a strip with a QR code in it!

So, as you swim out there, awash in the ocean of marketing and sales that we live in, pay attention to those who might subvert your complacency.  If it’s easy for you to use, it’s probably easy for someone to abuse, just like the QR code seems to be!

2/7/2012

DNS Attacks Are On The Rise

Filed under: Geek Work,News and Current Events,The Dark Side — Posted by the Network Geek during the Hour of the Snake which is just before lunchtime or 11:14 am for you boring, normal people.
The moon is a Full Moon

DNS has inherent weakness.

In it’s current form the Domain Name System, by it’s open nature, is pretty primed for exploitation.
Some of these attacks are more obvious than others, but there are two that I find particularly troubling.  More so that I can see them being used together to really mess with a website owner.
The first of these two attacks isn’t new.  But, the fact that it isn’t new and has been dealt with before doesn’t mean that it has suddenly stopped being effective.  The attack is called “DNS poisoning” and it works by corrupting the DNS cache on a server, which then forwards those poisoned DNS records as legitimate to other, unsuspecting servers.  The end result is that the attackers can redirect traffic from a legitimate website to their own site.  It’s hard to flat out stop right now, though, once discovered, it can be fixed with relatively little trouble.  This attack was used recently against several websites who were supporting SOPA and PIPA.  Of course, since these folks were trying to make a statement, it was pretty clear what had happened, so techs were working to fix it pretty quickly.
The second attack, which I would think include the first attack at its initial stages, is sub-domain hijacking.  In this attack, the attackers redirect the sub-domain of an existing site to another location.  This is a little more subtle and hard to detect.  In this case, the attackers are looking to profit from a well-established domain by “piggy-backing” on their reputation.  They poison the DNS records to point something like Viagra.google.com to their actual website, selling Viagra, or a site filled with spammy links that redirect a potential victim to their website selling Viagra, or whatever.   This attack takes a proactive system administrator to catch.  Since it doesn’t redirect any of the main, honest, actual site anywhere, but only uses its reputation to improve their own spammy links, it’s not always obvious that it’s going on.  Regular DNS record audits are about the only way to catch this, barring an angry end-user contacting the main site.

The internet is still a wild and wooly place sometimes, folks.  The reasons the professionals get paid what they do is because, theoretically, they have to deal with all that stuff and keep us safe!  Which reminds me, I have to go check my own company’s websites and DNS records, not to mention my own!
(The title, incidentally, was inspired by the movie that helped get me into this business, Sneakers. “Cattle mutilations are up.“)

10/31/2011

The Worst Kind of Cross-Platform Porting

Filed under: Apple,Linux,News and Current Events,Rotten Apples,The Dark Side — Posted by the Network Geek during the Hour of the Rooster which is in the early evening or 6:58 pm for you boring, normal people.
The moon is Waxing Crescent

Hackers are porting Linux viruses (virii ?) to OS X.

Last week Monday, ZDNet reported that hackers have ported code for a trojan from Linux to Apple’s OS X.  For those of my readers who don’t know what a trojan is I’m referring to a malicious program that opens the door for other, usually even worse, programs to come into the infected operating system, like the Greeks did in the classic stratagem known as the Trojan Horse.  It hasn’t been seen in the wild yet, but apparently the C source code for this has been available for quite some time.

Frankly, I’m surprised that this doesn’t happen more often than it does.  In the old days, virus writers had to really know something because they used assembly to create them.  Now, with Windows and all the other object-oriented programming languages filled with bloated libraries of programming calls, along with the availability of existing code on the internet, they hardly have to know anything to write fairly nasty malware.  And, as I’ve mentioned before, as Apple laptops become more popular, more malware will start to show up there.  I’m sure it’s only a matter of time before they figure out how to infect iPads and iPhones, too, if they haven’t already.

I hate people like this.
I spent most of my day today cleaning a malware infection off a machine.  This little bugger had not only disabled the Windows Task Manager, which is pretty common these days, but it also cleaned out the Start Menu, including all the built-in things like the link to Control Panel and My Documents and all those things on the right side of the Windows XP default Start Menu.  But, it also flagged most of the drive as Hidden and System, making it even more difficult to load the software I used to clean it.  I had to go into Safe Mode just to get the system clean enough to restart into Safe Mode with Networking so I could update Malwarebytes, which is what I eventually used to get rid of the beastie.   (I used Spybot Search and Destroy to keep the malware from loading to make the machine useable with networking support so I could update Malwarebytes, incidentally.)
So, yeah, these slimeballs keep me in a job, but, really, I’d appreciate it if they stopped helping me stay employed.  I promise I can find plenty of other things to do!

So, look lively out there people!  Be suspicious of what you download and click on!

UPDATE:  Apparently, this has been found out in the wild now.  And, according to TechWorld, it has a purpose; to use your system to generate BitCoins for it’s evil masters.  Very clever.  Nasty, but, still, very clever.

Next Page »

Powered by WordPress