Ironwood Tree

Sunday, October 23, 2011

Another bit of wisdom

I just have one windows vm on my Mac. It's Windows 7 and I want to run my favorite hacking tools on it. My favorite of the favorite tools is Wikto. I especially like the Googlehacking database included in it. This will rapidly search Google for vulnerable systems. You can use it to break in, or to find problems on your own web site. Anyone who works in vulnerability management, as I do, should know how to use it.

To use Wikto for Googlehacking, you have to have an api running that lets Google know you're doing it on purpose and you're not malware. There are viruses and trojans that hijack computers to do these queries and Google is a good citizen and blocks them.

Sensepost has an api called Spud that will let you run a query on a website through Wikto. Starting Spud is tricky in Windows 7. You have to open up a command prompt as administrator, change to the sensepost spud directory and run \bin\spud.exe. You can't run it from the bin directory, just the directory above it.

Saturday, October 22, 2011

Bricked Netgear WNDR3700

I am going to have to get a new tshirt. Thinkgeek has one that says "I void warranties". I need a shirt that says "I brick wireless routers".

Until a few minutes ago I had a bricked Netgear WNDR3700 wireless router. I also have a bricked Linksys router, I'll try to restore it next and post instructions if I have success restoring it too.

I have tried the tftp restore instructions on both routers with no success. The netgear was in a continuous reboot cycle and the put command just timed out. I was able to use the Netgear firmware restore utility to restore the firmware eventually. Here are the steps:

1. Get the Netgear installation CD. If you're like me and can't find it, download the Windows 7 version from the Netgear website at http://www.netgear.com/win7. Extract it on a Windows 7 machine (I used a virtual machine on my Mac in VMware Fusion). Set up a static ip address on your physical network port on the 192.168.1.0/24 network, plug a network cable into your workstation port and then in port 1 of the router. It helps to turn off your wireless on your workstation while you do this or you can have trouble only talking on the network cable.

2. Do the 30-30-30 hard restart on your router. Make sure your router is plugged in to power and connected to your workstation. Use a straightened paperclip and press and hold the reset button for 30 seconds on the router. Still pressing the reset button, pull out the power cord from the router. Hold the reset button for another 30 seconds and then plug the router back in while still holding the reset button and hold the reset button for another 30 seconds while the power is restored.

3. Now you should see 2 green lights on the router. There will be a steady green light on the port you're plugged into and a slowly blinking green light about it. This means it has corrupt firmware but it's waiting and available for upgrade. If you don't see this, run the 30-30-30 restart again. I had to do it twice.

4. Start the firmware upgrade utility. It should detect the router and reload the firmware. Follow the instructions on the screen and you should have a functional router in a few minutes!

Thursday, March 17, 2011

Protect Your Computer (And Your Bank Account)

How to Protect Your Home Computer

Ever since the internet became available to the public, computer crime has soared. Since the internet started out as a limited academic system, there are virtually no safeguards built into the basic protocols. All protections have to be added on. Here are some suggested add-ons and tips to make computing safer for you.

1. Turn on your firewall. Windows and Mac OS X computers have built in firewalls but you have to turn them on if you want them to work. In Windows, go to Start, Control Panel, Windows Firewall, click On and then click OK. In a Mac, click the apple icon, choose System Preferences, Security and choose the Firewall tab. Click On.

2. Use an antivirus program but don’t depend on it. Antivirus programs can stop some threats but far from all threats. You still have to be careful! Most ISP’s offer free antivirus for PC’s. ClamAV from Sourcefire has a free version and so does Avast. Get ClamAV from http://www.clamav.net/lang/en/ and Avast from http://www.avast.com/index

3. Use a backup antivirus program. If your computer slows down or you see popups, or you just want to make sure you’re ok, use Malwarebytes to scan your computer. It does not interfere with most other antivirus programs and the free version does not do real time scans. Just do a manual scan every week or so to double check your system. Get Malwarebytes from http://www.malwarebytes.org/

4. Speaking of backup, backup your important files. You can buy a large usb drive and copy files or if you have a good internet connection you can use a service such as Dropbox, Mozy or Carbonite to backup your files offsite.

5. Did you know that a lot of computers are infected by bogus search results? It doesn’t matter whether you use Google, Bing, or Yahoo, criminals use a technique called Search Engine Optimization or SEO to get you to click on their infected sites. Then they load piles of crap on your computer in the background.

Use Web of Trust at http://www.mywot.com to protect yourself from bad searches. Web of Trust is a crowd sourced rating system that will mark safe search results with a green circle and bad results with a red circle. It will also warn you if you click on a bad site. Sites that are not rated yet are gray. Avoid them too unless you’re really sure they’re ok. If they are ok, you can rate them! That’s how crowd sourcing works.

6. Protect your DNS. DNS is the system that translates internet addresses such as 192.168.23.2 to easily remembered names such as www.mysite.com. You probably use your internet provider’s DNS. There are very few checks on DNS and you can easily go to a malicious site with one typo. You can switch your DNS settings to use a system that will protect you from typo squatting and known malicious sites for free. For a small fee, you can get statistics on your home network’s usage and block categories of sites such as porn, hacking, or violence. Go to http://www.opendns.com for instructions on using their DNS.

7. Computer running slow? Don’t buy anything from late night TV to clean it up, use Ccleaner at http://www.piriform.com/ccleaner/download. Basic home use is free.

8. Finally, all of the previous suggestions will help you work safer and faster but there is a big threat to homes and small businesses from password stealing programs that target your banking information. The Zeus and Spyeye botnets have driven many people into bankruptcy. There is a free tool that targets these threats. It is financed by banks and you should check if your bank offers Rapport from Trusteer. Put it on every computer that could possibly access a bank account. If your bank doesn’t offer it, you can use it anyway and download it from http://www.trusteer.com/. Click on the home user tab and follow the instructions. When you install it, there will be an arrow next to your browser address bar. When you’re on your bank site, Ebay, or Paypal, click that arrow. Choose Protect this Site and the passwords will never be sent to that site unencrypted.

9. Do not use the same password on all your accounts. Even if you have a very long password, it can be stolen if you put it in on a site with security problems. Use a different password for each site. Save your passwords in an encrypted program such as Keepass so you don’t have to remember them. Keepass is available for smartphones too. Go to http://keepass.info/ to get it. You can put your password database in Dropbox and sync it to all your devices.

10. Don’t use real answers to security questions. I can find your mother’s maiden name easily on Ancestry.com. I know what school you went to thanks to Classmates.com and you told everyone that cute story about how you met your spouse on Facebook. By the way, I know your dog’s name too. Use someone else’s dog, put in Cupcakes as your favorite movie, and put in Obama as your mother’s maiden name. It’s even better if they make no sense whatsoever. My mother’s maiden name is Cupcake, my dog is oaktree and my favorite animal is Pie. Not really but I do not use the real info. Save your answers in Keepass or another password safe.

These steps will not give you 100% protection but it will make it very hard for criminals to exploit you. They will probably look for easier targets.

Saturday, October 30, 2010

Boehner likes Brown Shirts

He's campaigning for a guy who dresses like a Nazi for fun.

Tuesday, October 26, 2010

What color would Ron Paul supporters wear?

Brown? or Silver?

Saturday, October 23, 2010

Juan Williams

I am not a big fan of Juan Williams and I am delighted that he's going to Fox. Not because now I don't have to listen to him. It's because he's so much smarter than most of the idiots on that network that he may raise the collective IQ of Fox News fans a couple points. That has to be good for the country.

Thursday, October 07, 2010

Mark Kirk Lies Again

I am furious with the new Karl Rove ads for Mark Kirk on Bright Start.

I have had my daughter's college fund in Bright Start for years. I wasn't happy with it when Judy Baar Topinka was running the program. The funds were lackluster and didn't make much money. Then, after Giannoulias took over, the market dropped and the fund really lost money. Not as much as my 401k which lost 1/2 its value but enough that I was pretty mad.

Then I got a letter from Giannoulias. He was moving the funds over to Fidelity to try to get better performance. He also sued Lehman Brothers and received a settlement. My daughter got over $1000 back from the settlement. Now, after 2 years of Obama's economy and Giannoulias's management, my daughter's college fund has not only recovered the losses, it has a modest profit. By the way, after 2 years of Obama, my 401k has recovered the losses and also has a modest profit.

Kirk's ads are being funded by Karl Rove's Crossroads fund. This fund is set up so that the donors do not have to be listed. Rove is fundraising all over the world. Mark Kirk is probably being funded by China or Saudi Arabia, not the people of Illinois.

This latest series of ads are full of the usual Mark Kirk lies. It's the same as when he claimed to be a war hero, claimed to be the Intelligence Officer of the Year, and when he claimed to have secret information on Iraq's weapons of mass destruction.

If the Republicans control congress again, my daughter's college fund will be gone permanently along with my retirement savings. Please vote Democratic this November. We really can't afford more Republican misrule.