LUN

Blog entries categorized under Digital Blogs

My Digital Resolution 2009

Posted by Lun
Lun
Lun
User is currently offline
on Monday, 01 December 2008
in Digital Blogs
This is rather tough one but intriguing:
  1. Uninstall all programs downloaded for testing in 2008
  2. Uninstall all games installed by my son and his friend
  3. Clean registry after above operation
  4. Sort out MP3 Download folder ( Dido, Amy Winehouse etc. ) into appropriate folders
  5. Sort out DivX download folder ( delete half/downloaded movies etc... )
  6. Finish converting cartoons and action movies for iPod Video
  7. Try to find USB-iPod cable ( white one and black one ) in my sons room ???
  8. Find all USB Memory Sticks and group them in one place
  9. Format all Mem Sticks
  10. Find spare SD card for SONY cybershot (same as point 7.)
  11. Reinstate Firewall between various computers in the house
  12. Make BACKUP of all drives and give them to friends for safe keeping ( or take them to the office ??
  13. Various digital cleaning jobs

DIGITAL SPRING CLEANING
  1.  




Tags: Untagged

WPA Encryption Hacked

Posted by Lun
Lun
Lun
User is currently offline
on Monday, 10 November 2008
in Digital Blogs

Two researchers from the Technical University of Darmstadt, Germany, have discovered a method of bypassing the Wi-Fi Protected Access (WPA) encryption used by many wireless routers.

The exploit takes advantage of a weakness on networks that use WPA with TKIP (Temporal Key Integrity Protocol, a security algorithm based on key switching that is used to strengthen the WPA encryption) by circumventing the algorithm that encrypts the Wi-Fi data packets. Researchers Erik Tews and Martin Beck, who are members of the ethical hacking group known as Aircrack-ng, have not only discovered how to bypass WPA, they've also created a tool to do so. They plan to release the tool at the PacSec conference next week in Tokyo, Japan, Aircrack-ng member Rick Farina confirmed to PC Magazine on Friday.

With the exploit tool in hand, hackers will be able break into networks that have WPA with TKIP encryption. TKIP is a predecessor of AES and was developed to overcome the flaw with WEP [Wired Equivalent Private] security. WPA is essentially WEP with a couple of fixes. The TKIP algorithm rotates keys between clients and access points after enough packets pass between them. By default, most routers on the market change the keys every couple of hours. The exploit takes advantage of this data flowing to and from access points and masquerades its packets by inserting its own and passing them to clients. The packet insertion bypasses the countermeasures used by routers can catch the malicious activity. >From a computer's point of view, the data packets appear to belong to a legitimate access point. According to Farina, just seven packets are needed to gain access to a computer.

Researchers found it even easier to gain access to wireless networks that are using QoS [Quality of Service]. Networks that mix data and voice packets often rely on QoS to prioritize the voice data. However, data packets with QoS are rearranged in sequential order so that they travel faster and are received efficiently. The protection algorithm used by TKIP was relaxed to allow for QoS.

As the exploit tool gains access to a computer, hackers can easily inject new packets and install and execute tools such as Metasploit that can give them permanent access. Metasploit is a large toolkit for testing exploits and it uses well known exploits in its arsenal. Rick said, "With 2 or 3 packets you can fit most tools in the Metasploit toolkit," Farina said.

Because the exploit is specific, users simply need to change the WPA encryption to work with AES or change it to the much more hardened WPA2. If your router doesn't support WPA2, the best course of action is to shorten the timing of the TKIP in the routers, so that keys are refreshed every two minutes or less. The fast refresh makes it harder but not impossible for hackers to gain access. The best course of action, however, is to buy a new router that supports WPA2.
Tags: Untagged

Giving 100% at work !!!

Posted by Lun
Lun
Lun
User is currently offline
on Wednesday, 05 November 2008
in Digital Blogs

Tags: Untagged

CISCO PIX 506E for Sale

Posted by Lun
Lun
Lun
User is currently offline
on Wednesday, 01 October 2008
in Digital Blogs
We are trying to sell 3 off CISCO Pix 506E Firewall/Proxy ...

Security Appliance delivers enterprise-class security for remote office, branch office, and small-to-medium business (SMB) networks, in a high-performance, easy-to-deploy purpose-built appliance. Its unique desktop design supports two 10/100 Fast Ethernet interfaces and two 802.1q-based virtual interfaces, making it an exceptional choice for businesses requiring a cost-effective security solution with DMZ support. Part of the market-leading Cisco PIX Security Appliance Series, the Cisco PIX 506E Security Appliance provides a wide range of rich, integrated security services, advanced networking services, and powerful remote management capabilities in a compact, all-in-one security solution.
Tags: Untagged

Trevor is Back

Posted by Lun
Lun
Lun
User is currently offline
on Thursday, 25 September 2008
in Digital Blogs
Here is the list of the new South African Cabinet. Trevor Manuel is back ... It is all about money, isn't it ?

1. The Deputy President
Ms B Mbete

2. The Minister of Foreign Affairs
Dr NC Dlamini-Zuma

3. The Minister of Defence
Mr C Nqakula

4. The Minister of Finance
Mr TA Manuel


5. The Minister of Provincial and Local Government
Mr S Shiceka

6. The Minister of Transport
Mr JT Radebe

7. The Minister of Social Development
Dr ZST Skweyiya

8. The Minister of Public Enterprises
Mrs BS Mabandla

9. The Minister of Communications
Dr IF Matsepe-Casaburri

10. The Minister of Public Service and Administration
Mr R Baloyi

11. The Minister of Labour
Mr MMS Mdladlana

12. The Minister of Public Works
Mr GQM Doidge

13. The Minister of Intelligence
Mr S Cwele

14. The Minister of Health
Ms B Hogan

15. The Minister in The Presidency
Dr ME Tshabalala-Msimang

16. The Minister of Correctional Services
Dr BMN Balfour

17. The Minister of Housing
Dr LN Sisulu

18. The Minister of Safety and Security
Mr EN Mthethwa

19. The Minister of Justice and Constitutional Development
Mr ME Surty

20. The Minister of Education
Mrs GNM Pandor

21. The Minister of Arts and Culture
Dr ZP Jordan

22. The Minister of Sport and Recreation
Rev MA Stofile

23. The Minister of Environmental Affairs and Tourism
Mr MCJ van Schalkwyk

24. The Minister of Trade and Industry
Mr MB Mpahlwa

25. The Minister of Science and Technology
Mr MA Mangena

26. The Minister of Mineral and Energy
Ms BP Sonjica

27. The Minister of Home Affairs
Ms NN Mapisa-Nqakula

28. The Minister of Water Affairs and Forestry
Ms LB Hendricks

29. The Minister of Agriculture and Land Affairs
Ms LM Xingwana

Tags: Untagged

Google AdWords Phishing - WARNING

Posted by Lun
Lun
Lun
User is currently offline
on Wednesday, 02 July 2008
in Digital Blogs

I've received today email from Google Advertising Portal ( AdWords ) notifying me that our payments are not working and that we should verify our credit cards. Since we are using services extensively I've clicked on the link immediately just to find that email is actually scam and link is taking you to some .CN ( China ) web site.

Google AdWords users beware before you proceed with clicking and updating your info. ( SEE ORIGINAL EMAIL and URL BELOW )

PHISHING 'Google' URL http://www.adwords.google.com.fsjuh.cn/select/Login





Tags: Untagged

XMLRPC Request - Ping Your Blogs

Posted by Lun
Lun
Lun
User is currently offline
on Thursday, 05 June 2008
in Digital Blogs
How to find a difference between PING YOUR BLOG requests ( XML-RPC is used by lots of blog aggregators as well as some writing tools e.g. MS Live Writer ) and ones generated by legitimate browser (  IE, FF, O, S, K )?
Tags: Untagged

Suspicious activity using XMLRPC backdoor

Posted by Lun
Lun
Lun
User is currently offline
on Wednesday, 04 June 2008
in Digital Blogs

Overview

...
Tags: Untagged

CEO waives his bonus - True story

Posted by Lun
Lun
Lun
User is currently offline
on Friday, 16 May 2008
in Digital Blogs
Airline chief executive Willie Walsh said he would forgo his bonus because of the shambles in the opening days of moving to BA's new terminal at Heathrow Airport.

Maybe we can send email to ESKOM executives with this story. Good governance, indeed.
Tags: Untagged

DigitalLife Expo - Miss South Africa Tansey Coetzee

Posted by Lun
Lun
Lun
User is currently offline
on Wednesday, 09 April 2008
in Digital Blogs
Tags: Untagged