Wednesday, August 25, 2010

*nix System Hardening - Step 1

If you run a Linux, FreeBSD, or MacOS system with ANY server services open to the world (Apache, SSH, FTP, etc.) take a look at fail2ban.

The idea of this little program is that it watches your log files for failed attempts to log in and bans the IP that repeatedly fails to log in (usually that means they are password guessing, and not a legitimate user)

DenyHosts does something similar for just SSH, but if you have other services open fail2ban is better.

Monday, August 16, 2010

Small Businesses Hammered By Cybercrime

There is a good article over on Infosec Island by Ashesh Mamidi contributed by fellow blogger Theresa Peyton:

The jist of it, as I've been trying to tell people: Viruses and Malware are NOT just an annoyance anymore. They are a real threat to your financial well being.

Everyone should be running at least a good firewall and an antivirus program. Better yet, I'd recommend trying a software whitelisting program like Faronics Anti-Executable ... if it's not on the approved list it doesn't get run.

Friday, August 13, 2010

How To Still Get Auto-updates In XP SP2

As you might already know, Windows XP SP2 has been retired, and cannot download automatic updates anymore (except to update to SP3).

If for some strange reason you cannot upgrade to SP3 (some incompatibility with a business critical app that is no longer supported by it's vendor) there is a way to fool SP2 into thinking it is SP3 and therefore allowing automatic updates to still occur. This is foolish if there is not a VERY good reason to avoid SP3, but here it is:

Go into the registry and edit this key: 'HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Windows,'  edit the DWORD value 'CSDVersion' from 200 to 300, then reboot.

I strongly recommend just updating to SP3, or better yet, buy Windows 7. ...but, if you have to stay on SP2, now you can, and not miss out on all of the patches.

There is no guarantee that this will not eventually run into a patch that will just break something, as Microsoft does not test the patches for SP2 compatibility any more, so if your computer tells the update server it's SP3 it will send you patches meant for SP3. Likely those patches will work, but there is some risk that they will not beacause they expect certain components that were updated in SP3 to be there.

Friday, August 06, 2010


This only really relates to people living in Oshawa, Ontario...but, Oshawa PUC is lending out Watt meters through the Oshawa Public Library.
You can borrow one of these meters: just presenting your Oshawa Library card and asking for one at the front counter of the library. You get it for 1 month, no fee.

I decided that even though I've done a lot (changed all my light bulbs, started using more efficient appliances, etc. over the years, there's more i could be doing. I borrowed one of these to see what I could identify as an energy hog and reduce my energy consumption even further.

I was pleasantly surprised that my laptop charger, which always has a glowing LED on it only seems to consume any appreciable power when the laptop is plugged in. I always unplug it anyway, but I was happy to see that when it is not charging the laptop it uses less than 1 watt. (the minimum that can be measured on this device). The same goes for the PSP charger and cell phone chargers. :)

I was very unhappy to see that my Playstation 3 (the old 60GB FAT version) uses a whole 25W when it is OFF!

I turned it on for a minute and it quickly went up to 180W. I imagine when I watch a movie or play a game for a while it will consume even more as the fans start to kick in.

It should be interesting to see what readings I get from some of the other electronic gadgets in the house

[Update Aug 8, 2010:
It turns out that the PS3 uses about 175W on average when it is on, regardless of how long it runs or what I do with it.

I tested my VCR/DVD recorder. It eats about 3-5W when turned off and 29W when playing a DVD. I guess I should use that to watch movies instead of the PS3. ]

[Update Aug 30, 2010:
My new favorite is our Daenyx DVD player. Not just cheap to buy, cheap to run.
It uses no power when turned off (you have to get up and push the on/off button, it's a real switch) and, surprisingly, it only consumes 5W when playing !  That's as much as the DVD/VCR combo unit (that we've now gotten rid of} used just waiting for an on signal from the remote.

The Dlink DIR-615 home wireless router (which I also like because I've installed DD-WRT on it) uses just 3-4W.]

Firefox 4.0 Beta Download Scam

People will fall for anything. There is a scam going around twitter and other social networking sites telling users that if they follow a certain shortened URL (see here for more on the dangers of shrotened URLS), they can then download a cracked version of Firefox 4.0 or a key generator for Mozilla Firefox 4.0.

This of course only leads you to a place to download all kinds of malware onto your computer.

This is ridiculous, as Mozilla Firefox is Open Source (as in free, always!)
You can download the REAL Firefox 4.0 beta from the Firefox site FREE! Keep in mind it IS a beta, there WILL be bugs.