It’s inherited to Rootkits that they are difficult to reveal. Nevertheless, many Security Suites out there claim to can detect and remove them. The Information Week has now evaluated some specialized Rootkit Detectors, definitively worth a look.
But one should not forget that no Program in the world can guarantee that malicious Software found on your Computer has been removed completely, so you should always consider a re installation of your System.

Bookmark to:

Security | Kein Kommentar »

Tags: rootkit

Once in a while administrators are asking themselves, why the use of p2p Applications like Skype is possible in their networks with a Firewall blocking all incoming traffic.
I’ll try to explain this in a simple way. The mentioned Applications are no ‘real’ p2p Apps, because they’re using a Server to establish the connection.
So what happens when Alice (IP 10.0.0.1) wants to call Bob (IP 11.0.0.1)? She sends a request to the Server, who’s requesting Bob and informs him about Alice (her IP and Port she wants tu use, let’s say 2020). As a result, Bob sends a UDP message to Alice on that Port. While Alice’S Firewalls drops this, Bobs one is in a state where it accepts replys from Alice on this Port. Alice does the same now, and we have two Firewalls, both Accepting communication over this „Connection“, thinking they’re accepting answers to former requests.
This uses the feature of many Firewalls to treat UDP as „statefull“, thinking that packets with corresponding ports and addresses are belonging to the same connection, what can be a mistake. This is different to the TCP Protocol, where there’s a real, reliable creating of connections.
So one should think twice before allowing all outgoing traffic, because this can have strange side-effects.

Bookmark to:

Allgemein, Security | 3 Kommentare »

Tags: Firewall, eMule, Skype, p2p

This one goes out to users with a minor experience in Windows. There are many guidelines stating to turn off unneeded services, and of course they’re right. But what is unnecessary, what are all these services good for, and where can they be turned of? Here you can find answers to all these questions.

Bookmark to:

Adventskalender | Kein Kommentar »

Tags: windows, services

I’m sorry, but I have to drop some doors, because there are some jobs open that have to be finished this year. And finally, the translation of my articles takes some more time than expected. Nevertheless, today there is a door, and a little game to waste some time. Line Rider is not unknown, but nevertheless it’s worth getting mentioned, because its a great fun. The idea is very simple, just draw a line and let a little dwarfish guy ride on it with his sled. Try it, and loose some hours of your live spending time with stupid things

And be aware that you can share your work via YouTube. Or post them here

Bookmark to:

Adventskalender | Kein Kommentar »

Tags: Line Rider, funstuff

I’ve bee questioned several times how to erase a harddisk and make it impossible to restore the data. The answer is: melt it down. So lets see what we can do to make it as hard as possible to restore the data. Ihe first way is simply deleting the files, and this is a bad way, because the data stays on the disk, only the entries to the filesystem (inodes, whatever) are removed.A better way is to overwrite the entire disk, for example with dd. But even then it is possible to restore the the content, because there are minimal magnetic effects that can be used for a analysis. So it’s better to overwrite the stuff several times, a job that does not make fun executed by hand. The little utility wipe can help, and has one big advantage: it can also ’secure’ erase several files, but not the whole disk, by overwriting these files several times. But the security on a journalling filesystem remains questionalble.
So if indeed the whole disk should be erased, I prefer dban. This comes as a little Linux, running from CD (or even floppy) with the only purpose to send data on hard disks to hell. It does this by using well known industrial standards like DOD 5220.22-M or the Gutmann method. This may take some time, but it’s safe, easy, and can be used nearly without any knowledge of computers. And i reccomend to use it, everytime you sell or give away a hard disk. And at least, for me it’s a good reason to have a ‘red disk’ again

Bookmark to:

Tools, Adventskalender | 2 Kommentare »

Tags: dban, hardware, security, privacy, DOD 5220.22-M, Gutmann method

Once in a whileUsually, if you are registering at some kind of web service, you’re questioned for a email address to receive some kind of activation code. What happens with your mail address thereafter us mostly unknown. To prevent it from being abused by spammers, it might be a good idea to use temporary mail addresses.
10minutemail offers these in a very simple way. Once you enter the site, you get access to a email box and are able to receive messages for 10 minutes. But be aware, theres no form of encryption or authentication, so its possible for a 3^rd party to read these mails, too. Therefore you should avoid using this for sensitive data, but for evaluating different services without giving away your personal address this works fine.

Bookmark to:

Tools, Adventskalender | 2 Kommentare »

Tags: email, spam

Should I cry, or should I laugh? This guy ripped a credit card application in little pieces, taped them together, and applied for a card, with a different phone number, to a different address. And he got his card. No comment on this :-/

Can anyone of my American readers confirm that the credit card companies over there have such a strange behavior?

Bookmark to:

Adventskalender | 15 Kommentare »

Tags: credit card

It scares me, how often people let the default credentials of a device unchanged. And from time to time, these defaults are the only way of accessing a device, in the worst case after a complete reset. A search engine for these defaults can make one’s life much easier from time to time, if for example a documentation is not available.

Bookmark to:

Adventskalender | Kein Kommentar »

Tags: passwords, hack

Sorry for being that late, but I will fill the gaps of missing doors now. Let’s begin with a nice Article describing how to recover a expired Windows. The problem is well known, after 30 days Windows will deny the login if it is not activated. Its impossible to access internet, or even you files. But thanks to Microsoft, there’s a backdoor to the System, described here.

Bookmark to:

Adventskalender | 2 Kommentare »

Tags: Windows

Even if one or another already has a nice collection of ebooks, knows all the relating links or at least has no time for reading I will nevertheless point to another rich bookshelf out there. What’s done with saying this.

Bookmark to:

Adventskalender | 17 Kommentare »

Tags: ebooks