www.fusspils.net

  • Increase font size
  • Default font size
  • Decrease font size

WPA cracked in 60 Seconds

Friday, 28 August 2009 08:37 Fusspils
E-mail Print PDF

It was bound to happen I guess, TKIP has been known to have problems for a long time now.  Here is the story..


Two Japanese scientists, Toshihiro Ohigashi of Hiroshima University and Masakatu Morii of Kobe University, plan to reveal how they can crack WPA encryption in sixty seconds at a technical conference taking place on September 25 in Hiroshima. PC Advisor said that the two scientists have designed an attack that gives hackers a way to read the encrypted traffic passed from PCs and certain routers that use WPA.

The method isn't new: security researchers revealed a way to break WPA encryption back in November. However, according to Dragos Ruiu, organizer of the PacSec security conference where the first WPA hack took place, the scientists have taken the supposed attack "to a new level," saying that they took theoretical information and made it "much more practical."

The previous attack method, developed by researchers Martin Beck and Erik Tews, took between 12 and 15 minutes to work on a smaller range of WPA devices. The PC advisor report also stated that both attacks only work on WPA systems that use the Temporal Key Integrity Protocol (TKIP) algorithm. Fortunately, the attack does not work on WPA systems using Advanced Encryption Standard (AES) algorithm, or WPA 2 devices.

If this bit of news seems a little frightening, don't fret: many WPA routers allow users to switch from TKIP encryption to AES through the administration interface.

Source http://www.tomsguide.com/us/WPA-Cracked-Routers-Japanese-Scientists,news-4526.html

 

Moving the WSUS update files to a new drive

Wednesday, 26 August 2009 16:24 Fusspils
E-mail Print PDF

II am running WSUS on an old blade server at work with the default location for files etc.  Space has been getting rather low recently with all the new service packs, Windows 7 files etc so I decided to move the location of all updates.  I am pretty sure that in days gone by you could do this through the GUI manager, but that may have been way back when it was still known as SUS.
Anyway this is how to do it...

open up a CMD.exe and navigate to C:\Program Files\Update Services\Tools

Here you will find the wsusutil.exe which we will be using.  Type in  wsusutil.exe movecontent [path to new location] [name of log file]

For example in my case it was wsusutil.exe movecontent d:\WSUS Files WSUSmove.log

It of course takes some time to complete and when it was finished I had to manually delete the old update files from the orignal location to free up the much needed space.  Also dont panic if the Windows Update Service GUI doesn't respond in the correct way after the deletion.  It seems to take quite a while for the database to rebuild, keep an eye on task manager!

 

 

One small plus for Vista I guess

Sunday, 09 August 2009 08:01 Fusspils
E-mail Print PDF

The format command behavior has changed in Windows Vista. By default in Windows Vista, the format command writes zeros to the whole disk when a full format is performed. In Windows XP and in earlier versions of the Windows operating system, the format command does not write zeros to the whole disk when a full format is performed.

The new format behavior may cause problems for the on-demand allocation modes that a volume storage provider, such as a Storage Area Network (SAN), supports. Problems may occur because the new format behavior prematurely triggers allocation of the backing space.

In the on-demand scenario, zeros do not have to be written to the whole disk because the volume storage provider initializes the on-demand-allocated data. To avoid causing unnecessary on-demand-allocation, you must use the quick format option.

You can use four methods to format a volume in Windows Vista. You can use the quick format option for these four methods:
Command line: Use the format /q command.
Diskpart: Use the format command together with the quick parameter. For more information, visit the following Microsoft Web site:
http://technet2.microsoft.com/windowsserver2008/en/library/56863741-c5f3-4681-8667-2d566c8ddf231033.mspx?mfr=true (http://technet2.microsoft.com/windowsserver2008/en/library/56863741-c5f3-4681-8667-2d566c8ddf231033.mspx?mfr=true)
Windows Explorer: Click to select the Perform a quick format check box.
Disk Management (Diskmgmt.msc): Click to select the Perform a quick format check box.

 

Wordpress - One More Hole Plugged

Wednesday, 12 August 2009 19:04 Fusspils
E-mail Print PDF

Ah it’s Wordpress again, sometimes I wonder how many holes there are in Wordpress. I guess a dedicated attacker could find some serious ones with the complexity of the code base.  It’s suspected some of the recent high profile breaches have come from Wordpress exploits.  The latest one to become public is a simple but effective flaw, it doesn’t enable take-over but it does allow a prankster to lock an admin out of their blog by resetting the password.

Developers of the widely used WordPress blogging software have released an update that fixes a vulnerability that let attackers take over accounts by resetting the administrator password.  The bug in version 2.8.3 is trivial to exploit remotely using nothing more than a web browser and a specially manipulated link. Typically, requests to reset a password are handled using a registered email address. Using the special URL, the old password is removed and a new one generated in its place with no confirmation required, according to this alert published on the Full-Disclosure mailing list.

The flaw lurks in some of the PHP code that fails to properly scrutinize user input when the password reset feature is invoked. Exploiting it is as easy is directing a web browser to a link that looks something like:  I actually saw the alert as it was published on Full-Disclosure, obviously anything to do with Wordpress catches my attention.

The exploit can be executed by running the following code on a Wordpress 2.8.3 blog:

http://www.domain.com/wp-login.php?action=rp&key[]=

 Source - http://www.darknet.org.uk/2009/08/wordpress-2-8-3-admin-reset-exploit/

 

Last Updated on Wednesday, 12 August 2009 19:07
 

New Norton "Protection"

Monday, 20 July 2009 14:34 Fusspils
E-mail Print PDF

Is this really a good idea Norton?  Options to turn off behavioral scanning and intrusion prevention when playing games?  No threats coming from the internet when playing online games?  What about LAN parties etc, no threats there either?

Winning Protection that won’t slow you downNorton AntiVirus™ 2009 Gaming Edition is the fastest virus protection you can get. * It stops spyware, worms, bots, and other threats cold—without slowing down your PC. When you’re gaming, your protection should get out of the way. Norton AntiVirus™ 2009 Gaming Edition does exactly that.

Gamer ModeNo alerts + no notifications = no interruptions
Optional settings to temporarily suspend updates, behavioral scanning and intrusion prevention
Enabled automatically when your PC is in full screen mode
Activate manually with a quick click on the Norton system tray icon
Lightning Fast*Rapid Pulse Updates every 5 to 15 minutes
Installs in less than a minute
Adds less than 1 second to boot time
Light as a Feather*Uses less than 6MB memory even without the Gamer Mode performance boost
Runs only 2 processes at a time
Performance graphs display CPU and memory usage and how little Norton is using
Respects your needsSmart Scheduler holds resource intensive actions for when you are not using your PC
Resource usage table shows you the what, when and how long for background actions taken by Norton AntiVirus
Delivers consistently strong protection - that’s why Norton AntiVirus has won more consecutive Virus Bulletin 100 awards than any other AV software

source

 
More Articles...


Page 6 of 8