Friday, June 18, 2010

Playstation Move Makes The PS3 More Like The Wii

Earlier I wrote about how Kinect was making Xbox360 work more like the Wii, well, Move is Playstation's answer to the active gaming trend.


You Can see a picture of the Move Motion controler with it's little motion capture ball on the end, and the associated Move Navigation Controller here: http://us.playstation.com/ps3/playstation-move/
It will look very familiar to Wii gamers. The two piece controller is remarkably similar to the Wiimote, but reportedly much more accurate. These controllers also rely on the use of the Playstation Eye camera.

At $50 for the motion controller, $30 for the navigation controller, and $40 for the camera it comes out a little bit cheaper than the MS Kinect system, and not all games will require all 3 parts.

This should end up being an interesting year for videogames with these new motion controllers and 3D gaming toys from both Sony and Nintedo.

Tuesday, June 15, 2010

Xbox 360 Becomes More Like Wii

The video game geeks know it already as Project Natal, but it's been re-named Kinect and it's the hottest upcoming Video game technology. You can preorder a kinect set now for about $150 for the special motion tracking camera (EBGames is taking orders), plus you will need some new Kinect games.
The cool thing about Kinect is that it has no controller, just a camera that sits on top of the TV.
PS3 is doing something similar, but will use the standard Playstation Eye camera and add a lightsabre-like controlller so that you still have buttons to push and it should improve the camera's tracking... but back to Natal um, I mean, Kinect.

Here is what it looks like:

Friday, June 11, 2010

FortiGate signature for Robint.us Mass Website Hack

This is highly technical and goes beyond the "tech tips for everyday users" that I initially intended Rod'sTech to be about, but it's important and I want to share this with the InfoSec community.

If you haven't heard of this mass SQL injection hack that happened recently read about it on one or more of these sites:

http://blog.sucuri.net/2010/06/mass-infection-of-iisasp-sites-robint-us.html
http://www.net-security.org/secworld.php?id=9395&utm_source=feedburner&utm_medium=email&utm_campaign=Feed%3A+HelpNetSecurity+%28Help+Net+Security%29

For goodness sake, do not go looking for the URL mentioned here with a JavaScript enabled browser!

For users of FortiGate brand UTM firewalls I've put together a FortiGate IPS custom signature that should help by blocking/reporting on infected sites.

It is:

F-SBID( --name "robint-us-web-ad-hack"; --protocol tcp; --flow bi_direction; --pattern "ww.robint.us/u.js}{/script}"; --service HTTP; --context body; )

Note: You will have to replace } with > and { with < in the pattern section to make the signature work. I cannot publish it in full here or it might trigger the attack accidentally if a browser parsed it as an instruction.

Open up your FortiGate system, go to Intrusion Protection|Signature and click the Custom Tab at the top. Click the "Create New" button.

Paste in the code (remember to make the modifications I mentioned) and name it robint-us-web-ad-hack. Click OK.

Now click IPS Sensor on the left hand menu, and choose your sensor (If you are not using IPS refer to the FortiGate manuals. It is way beyond the scope of this blog post to tell you how to set that up) Click the little edit button in the right-most column next to the sensor you want it in.

Click the "Add Custom Override" button.
Fill in the Signature name and check enable, select the action you want to take and select logging to get your alerts.

Thursday, June 10, 2010

Good InfoSec Ad


Note: I in no way intend this to be an endorsement of the company that made the ad, I just thought it was a neat ad.

Wednesday, June 02, 2010

Microsoft Baseline Security Analyzer

Most every IT pro has heard of and (hopefully) tried MBSA at some point, but here's a reminder for those who haven't revisted it in a while, and a step by step how to for anyone new to this tool.

This is EASY to use and everyone should check their systems against this tool from time to time.

  1. Download the tool.
  2. Install it. (Double click the exe file you just downloaded.)
  3. Go to Start|All Programs|Microsoft Baseline Security Analyzer 2.1
  4. Choose if you want to scan one computer or multiple computers.
  5. Fill in what computer(s) you want to test (you must be administrator on them)
  6. Click Start Scan
  7. Sit back and drink your coffee.