Category Archives: IT Security

Any security related topics such as posts about vulnerabilities, malware, rootkits

Affordable code-signing certificates, no chance!

Posted on 2008-09-07 by Oliver

GlobalSign == relatively cheap code-signing certificates. Cool, I thought. Bullcrap! After attempting to apply for a code-signing certificate for use with Authenticode in kernel mode drivers and other Windows binaries and then calling them on the phone I learnt that … Continue reading →

Posted in EN, IT Security, Programming, Software | Tagged AuthentiCode, Code Signing | 7 Comments

Subversion over SSH using specific identity

Posted on 2008-09-01 by Oliver

Everyone knows how to allow one particular system account to be shared among multiple SVN users and who doesn’t can have a look here. However, I had a somewhat inverted situation yesterday, and although the solution turned out to be … Continue reading →

Posted in IT Security, Programming, Software | Tagged ssh, ssh options, svn | 4 Comments

“etch-and-a-half”, Debian Etch R4 released

Posted on 2008-07-29 by Oliver

If you can, use apt-get update && apt-get dist-upgrade in some kind of sandbox (“lab-conditions”). For me everything went smooth. // Oliver

Posted in EN, IT Security, Linux, Software | 1 Comment

Anti-phishing techniques – or how to defeat the purpose of IDNs

Posted on 2008-07-26 by Oliver

International Domain Names (IDNs) are attractive. They allow people to express themselves in the multitude of languages which this planet has to offer. However, they also allow scammers and phishers to trick you into believing a particular domain name is … Continue reading →

Posted in EN, IT Security, Software | Leave a comment

CreateRemoteThread, Vista and separate sessions

Posted on 2008-07-23 by Oliver

Recently I’ve hit a wall during development. I had written a nice workaround for a problem, based on code injection. In fact the code wasn’t injected by loading a DLL but instead by loading relocatable (32bit) code of less than … Continue reading →

Posted in /dev/null, IT Security, Programming, Reversing | 24 Comments

GoDaddy.com SSL cert …

Posted on 2008-07-19 by Oliver

It was a bit of trouble to get it done, even after my purchase was approved. But I have ît now 🙂 Here I just want to share the information with you, since the FAQ on the GoDaddy website wasn’t … Continue reading →

Posted in EN, IT Security, Thoughts | Leave a comment

Nice work! Found hardware keylogger in a DELL laptop.

Posted on 2008-07-10 by Oliver

Read the full story here. DHS denying request under FOIA. PS: If you read the scanned document closely, you notice the two times 8-digit “file number” which could be a date. If this was state of the art three years … Continue reading →

Posted in EN, IT Security, Thoughts | Leave a comment

Very thorough anti-fraud department ;)

Posted on 2008-07-10 by Oliver

I just ordered a five-pack of SSL certificates at GoDaddy.com a few days ago because they have the best offer in that the price is nice and the browsers they cover are virtually 100% of all browsers. The remaining close-to-zero … Continue reading →

Posted in EN, IT Security, Thoughts | 2 Comments

Saving the world?

Posted on 2008-07-10 by Oliver

Programs of a new type have been created by different companies recently. The first I am aware of was developed in 2006 and violated the GPL back then. More of them seem to be offered all the time. These programs … Continue reading →

Posted in EN, IT Security, Software, Thoughts | Leave a comment

Argh … mysqld giving me a hard time

Posted on 2008-06-30 by Oliver

First I killed one server (domU) by having log_bin turned on (and cluttering the disk drive with several GiB of logs), although I do not need replication. Then I ran out of memory with mysqld on the server on which … Continue reading →

Posted in EN, IT Security, Software | Leave a comment

Getting rid of SSH brute forcers

Posted on 2008-06-29 by Oliver

I am usually using different methods in a combination. In the sshd_config I declare AllowGroups with the group ssh-users. This group does never contain root. Furthermore I set PasswordAuthentication no and generally authenticate only by key. Root login is of … Continue reading →

Posted in EN, IT Security, Linux | Leave a comment

I am told that size doesn’t matter (anymore)!

Posted on 2008-06-25 by Oliver

Chris Wimmer, a fellow programmer, told me in a chat today, that the size of applications doesn’t matter. But I’ll let you decide. However, the program which he wrote is worthwhile regardless of its size. Even more so the library … Continue reading →

Posted in IT Security, Programming, Software | 6 Comments

Fascinating problem with SCP

Posted on 2008-06-22 by Oliver

Today I had a fascinating issue with SCP (Secure Copy). I was a bit flabbergasted when several attempts to copy a 800 MiB file failed … after a while. You could see that the transfer rate was going up. Since … Continue reading →

Posted in EN, IT Security, Software | Leave a comment

Not a flop then, it seems

Posted on 2008-06-19 by Oliver

The Firefox 3 Download Day was apparently less a flop than it seemed at first glance (i.e. within the first two hours). They got more than 8 million downloads in 24h, but for some reason the start and end times … Continue reading →

Posted in EN, IT Security, Software | Leave a comment

Searching electronic devices at the border

Posted on 2008-06-15 by Oliver

Following a court ruling, the EFF and several news sources world-wide have reported about the practice to search through the data on electronic devices at the US border. Bruce Schneier has picked up the topic in his latest cryptogram (a … Continue reading →

Posted in /dev/null, EN, IT Security | Leave a comment

Argh …

Posted on 2008-06-03 by Oliver

The patches pertaining to the Debian key rollover are only available in the security repository. I just found out the hard way, that one of my machines denied access to another one, although I had “freshly generated” private keys. Ooops … Continue reading →

Posted in EN, IT Security, Software | Leave a comment

apt-get update && apt-get dist-upgrade … aber dalli

Posted on 2008-05-16 by Oliver

Wie schon vor einigen Tagen gemeldet, gibt es bei Debian, Ubuntu, Knoppix und eben allen Debian-basierten Distros einen Fehler in der OpenSSL-Bibliothek, die das Erraten von Schlüsseln erleichtern soll. Aus diesem Grund sollte man mindestens ein apt-get update && apt-get … Continue reading →

Posted in EN, IT Security | Leave a comment

Sounds like a fairly interesting idea …

Posted on 2008-04-05 by Oliver

Have a look at RunEl and don’t miss out when Chris presents the implementation of his newest idea. An UAC implementation which works on XP and Vista but is more user-friendly. // Oliver PS: I understand it’s still April, but … Continue reading →

Posted in EN, IT Security, Programming, Software | 1 Comment

IDA 4.9 Freeware

Posted on 2007-12-17 by Oliver

… and no more excuses from those pirating IDA. Datarescue made a freeware version 4.9 of IDA available for download. In the scope of IDA Palace, I have mirrored the files on two more servers. One of the servers is … Continue reading →

Posted in EN, IT Security, Programming, Reversing, Software | Tagged IDA | 3 Comments

MD5 is dead

Posted on 2007-12-01 by Oliver

Scientists have shown that the attack method devised against MD5 in 2004 is usable and can even trick code-signing tools into “believing” that the binary is the same. We announce two different Win32 executable files with different functionality but identical … Continue reading →

Posted in EN, IT Security, Programming, Reversing, Software | Leave a comment

Meta
November 2024

M T W T F S S

1 2 3

4 5 6 7 8 9 10

11 12 13 14 15 16 17

18 19 20 21 22 23 24

25 26 27 28 29 30

« Sep
Search for:
Blogroll
IP info
- IP (text)
- IP (XHTML)
- IP (XML)
- myip.is
Programs

Category Archives: IT Security

Meta

Blogroll

IP info

Programs