Have bought HP Mini 110 with Windows XP Home SP3. It seems that Disabling autoplay is not the same with Windows XP Professional and Windows Servers
Enter FTP Site Password in Web Browser
September 16, 2008
Its very often that I google the ftp client parameter that will includes username and password, also initial url path.
To logon to an FTP site that requires a password, type the the following URL format:
ftp://<user>:<password>@<ftpserver>/<url-path>
12 Days of Christmas Spam
December 15, 2007
Security, Technology 1 Comment
On this coming Christmas Season, Symantec created a song about SPAM
Autorun (Memory Stick Worms)
November 6, 2007
Article, Security, Technology, Windows 1 Comment
Have previously post Disabling Autorun on Windows. And found additional information, especially on USB Drives. Have read on Steve Riley’s blog that links to Nick Brown’s site.
From Nick Brown:
Sometimes the executable will live in a fake \RECYCLED folder, which is quite clever because hardly anyone ever opens the recycle bin on a memory stick, and because the folder doesn’t contain a real recycle bin structure, the worm will be safe, even if you empty the bin while the stick is in the drive.
From Steve Riley:
Nick also includes a little hack that effectively disables all files named “autorun.inf.” Interesting, but something in me prefers to make Windows just plain forget about all the drives it’s seen. So now I will amend my instructions. In addition to what I wrote earlier, you should also write a small script, and execute it through group policy, that deletes the following key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2
When I searched for it in my registry, I also found a few others, so maybe you’d want something that would search through the registry and delete them all, although I don’t know if such a tool exists — I’ve never had a need to look for something like that.
Webcast: Network Hacking in a day
October 1, 2007
Security, Windows Leave a comment
It was very nice to hear and view one webcast from Microsoft about network hacking. The speaker, Marcus Murray made a live demonstration on how does remote code execution are performed in an unpatched MS Windows computer. After hearing this, I am very eager to share and advise to implement and disable autorun on all organizations due to the effect that it may have on a networked environment.
Disable Autorun on Windows
September 28, 2007
Security, Windows autorun 2 Comments
This is one security problem that everyone should know. To define in short, by the word itself, it automatically launch application when CD, USB Drive or any devices inserted on the computer. Trojan drops files on a drive especially the autorun.inf which points to an executable file that will be run everytime the drive will be browse.
Spyware/Trojan Removal using SDFix
August 15, 2007
If notice unknown files [ex. zelur mae TCP, Sex Video, Gwen(ISU)Scandal] on local and network drives. PC was infected with spyware/Trojan.
Single line of HTML crashes IE 6
August 7, 2007
Restrict ssh-server access to specific network
July 18, 2007
Linux, Security, Ubuntu Leave a comment
I build an Ubuntu Linux with two network interfaces connected to LAN and WAN (Internet). I have installed ssh-server using:
sudo apt-get install ssh openssh-server
Just notice that even external users can access the server thru ssh so I decided to secure it by allowing ssh access to listen ontly LAN and not to WAN interface.
PHPMyAdmin: Wrong permission on config file…
July 10, 2007
LAMP, Linux, Security, Ubuntu 8 Comments
I have encountered a problem when I am trying to access my phpmyadmin, the following error came up:
Wrong permissions on configuration file, should not be world writable!
I am thinking of some access control list error. I have searched the web and found article pertaining this error. The link is not on english but you can see that config.inc.php control is set to 777 (means writable).
