Jun
23

Notes from the Virtual Study Conference 2010

posted by terje in Security, Tools
comments (0)


Last Saturday I spent at home attending the Security Track the the Virtual Study Conference 2010.

The conference was the first edition of this virtual, worldwide conference and consisted of tracks in both Polish and English.   
After reviewing the different tracks I decided to go for the securitytrack that sounded very promising, and belive me it really went above and beyond my expectations..

The first Session Thomas Shinder heldt on DirectAccess and Microsoft Forefront Unified Access Gateway 2010 was a good walkthrough of the technologies and possibilities Microsoft provides for remote access.

The second was a great and detailed explanation by Tomek Onyszko on how Kerberos authentication works.

The next session was called Cybercrime: The Gathering Storm! By Andy Malone, and I must admit that this was the session I was most looking forward to.
A description of the latest trends regarding cybercriminal sophistication, the impact of the credit crunch and Chinese ”hacking schools” and their latest targets.
Packed with demos of the tools available for information gathering, Phishing site “generators”, and other malicious tools a cybercriminal has in his toolbox.
This session was truly amazing and I am happy to be able to link to the same presentation held at TechEd earlier this year.

Andy Malone: Cybercrime, the Gathering Storm

Don’t try these tools at home, kids…

Christopher Davis held a session on how botnets work and what YOU can do to contribute to getting them of line. A little effort by sysadmins regards to reading their logs and notifying the ISP of the offending IP-address can go a long way. 

I was also looking forward to Paula Januszkiewicz presentation on Passwords, but I had no idea on what I was in for.
Paula showed techniques for revealing  passwords on servers ( including computer account passwords) and what you can extract from the network with a little sniffing.
These were all done on Windows Server 2008 R2 and independent of any zero-day exploits.
Very scary stuff.
She also gave us the answers on how to secure ourselves from this kind of security nightmare.
I’m not sure if I would have linked to the presentation even if it was online – really mindboggling stuff. 

This was a free conference with very high quality sessions,  Not a bad way to spend a Saturday night at all (just don’t overdo it :)

Check out Andy Malones session and/ or come to Oslo in September where he will be doing several sessions during the Cybercrime Security Forum Conference.

Apr
6

Moving my passwords from my wallet to the cloud

posted by terje in Misc, Security, Tools
comments (0)

Stopping passwordreuse with Roboform Online and GoodSync

A lot of people have a handful of passwords that they keep re-using for more than one personal online account.
This is a habit that is as understandable as it is dangerous, since we are constantly creating more and more  online accounts and remembering unique passwords and where they should be used is not an easy task.
Even though most of us have been fine reusing the same half-dozen-or-so passwords over and over again for years, I think the days of innocence are coming to an end, as recent studies by  Kaspersky Lab shows that “Password reuse opens door to ID theft” .

Passwordmanagers are well and good but they have one big problem  – you are helpless when you do not have access to it.
More

Jun
26

PowerShell Scripts for finding Services and Scheduled Tasks that are using a specific account

posted by terje in PowerShell
comments (0)

ps1s1 A while ago I created some scripts that others might find useful.
The scripts where made for checking whether or not it was safe to disable a specific account, by looking for services and scheduled tasks that might be needing this account to run.
The scripts where originally made for checking win-2003 servers.

I have written them so that they now look for the use of the local administrator account on the servers, the scripts can therefore be helpful if you are going to disable this account in your environment (which you should..)
I made three scripts to accomplish this task, one “ping-script” to get a list of servers to check, one to check for services and one to check for scheduled tasks.

More

Jun
10

18 critical bugs fixed in MS June 09 Security Updates

posted by terje in Patch Management
comments (0)

cc700840secmod196figure1-0en-ustechnet101
Today Microsoft issued 10 security updates that patched a record 31 vulnerabilities
in Windows, Internet Explorer (IE), Excel, Word, Windows Search and other programs, including 18 bugs marked “critical.”
More

Recent Posts
Recent Comments
About Us
Notes from the Virtual Study Conference 2010
23 June 2010
Getting ready for the second season of IT-classes for Immigrant Women
13 April 2010
Moving my passwords from my wallet to the cloud
6 April 2010
So long, and Thanks for all the Sid’s
23 November 2009
Deployment CD second edition out now
2 November 2009

Free WordPress Themes by Pro Wordpress Themes. You can change the content of this section by editing the about.php file within this theme's folder.