Well, the upgrade to Mac OS X Leopard went smoothly, as Wooley predicted in his comment on my previous post.

The whole upgrade took about an hour and 15 minutes (which included verifying the install DVD) on my MacBook. I now am running the latest and greatest version of Apple’s OS, a certified flavor of UNIX, and am, so far, extremely impressed. The dock is beautiful, Stacks look extremely useful and efficient, there are a lot of desktop customizable features, Spaces (which I am looking forward to setting up soon), and more.

I look forward to getting a bit more intimate better acquainted with Leopard in the upcoming days and months. Anyway, the upgrade went smoothly. If you’re scared, don’t be. Mine was a breeze! I just wish I had upgraded the day this package arrived on my doorstep…

uname Output:

% uname -a
Darwin xbook 9.0.0 Darwin Kernel Version 9.0.0: Tue Oct 9 21:35:55 PDT 2007; root:xnu-1228~1/RELEASE_I386 i386

Until next time…

I have had Apple’s latest release of Mac OS X, Leopard, since it launched a couple of weeks ago. I used my in-store credit from my iPhone purchase reimbursement from when I purchased my iPhone 45 days too early for the price drop… or something… Anyway, I got Leopard and tonight I’m gonna install it!

Backups are running as we speak… I’m jonesing as we speak… I’m ready to install this new OS!!!! I’ll let you know how it goes…

Until next time…

You can post comments once again. I mean, actually you. Not just the SPAM bots any more…

The site will be themed again real soon, probably over the weekend. Until then, enjoy the default WP theme. After I make sure everything is working as expected I will start pushing some plugins back into the mix.

So, if any of my contributors are still out there, please feel free to hate on me for the downtime and get to positing!

Until next time…

If you had an @averageadmins.com email address before and would like to have it still, please leave a comment and I will get it back on there for you.

Some things may not work like they did before. I took down the original AA blog so some links to the old blog may be broken.

Until next time…

average admins has been what seems to be a great resource since November’ish 2005. We have had some great topics on here as well as some interesting questions and responses. Maybe the tides will change for the bandwidth bandits and they will start sucking down some other site with “suck worthy” content (no pun intended). So, if this month is anything like last month, enjoy the average admins site until around the 9th or 10th of the month… Then, it will more than likely be offline again due to bandwidth limit exceeded… I wish I could theme that error message so that it would at least have our look and feel…

Until next time…

Rob, from confessions of a freeware junkie, posted about how he has his setup. I have to say, his looks a lot more useful that the one I created.

http://maximillianx.blogspot.com/…-extending-power-of-your-management.html

One thing I do differently than Rob is that I launch the entire MMC with my domain admin credentials. This is what the Target: field of my shortcut looks like:

C:\WINDOWS\system32\runas.exe /user:domain\my-admin-acct “mmc C:\Chris\Microsoft Management Consoles\Domain Management.msc”

Note: If you want to save your password so you don’t have to type it in every time you launch the MMC add /savecred right after /user:domain\my-admin-acct.

Also, in order to add Active Directory Users and Computers, you’ll need the Windows Server 2003 Administration Tools Pack available here:
http://www.microsoft.com/downloads/…

While you’re at his site, take a look around. I monitor his RSS feed on Bloglines and he’s always posting cool stuff.

With that in mind, I’ve recently ran across some new stuff which I want to share with you.

(more…)

http://www.pcmag.com/article2/0,1895,2135092,00.asp

There are a couple of things that don’t sit well with me:

ClamAV scored very poorly. ClamAV is probably the most widely used AV scanner for Linux mail gateways out there. I use it and F-Prot in all of mine.

F-Prot scored pretty badly, too. Well, I seem to be 0 for 2 now.

Ewido bombed as well. Who is Ewido, you ask? Ewido was bought by AVG so while AVG did well, how will this affect their future performance?

AVG is my personal favorite. It’s free (for personal use) and works very well. I tried Avast! for a while and it didn’t pick up half the malicious files I tinker with that AVG usually catches. I also don’t like the Avast!’s interface AT ALL!

I could go on about what I like about AVG, but that’s not what the point of this thread is about.

One thing I did notice recently is that AVG has a Linux version. A FREE Linux version. A FREE Linux version packages as a .deb file! It sucks that they don’t have a source package available, or a binary file that will work on other distros, but I can’t complain that they offer a version for Debian, which is my OS of choice. I haven’t tested their version with Amavis, yet, but it’s on my todo list. It also appears that Avast! has a free Linux version (and they offer a .tgz file, too). I’m not crazy about needing to keep up with a key that will expire, but you really can’t complain about free.

http://www.novell.com/coolsolutions/feature/18850.html

Original site can be found here:
http://www.doubleviking.com/…/5215-p.html

You absolutely must visit the doubleviking site to read the comments. The first three are hilarious.

(more…)

Red Hat is also deeply involved in the One Laptop Per Child (OLPC) project which I think is absolutely great. If you want to see the laptop in action there are two short videos posted on RH’s site: http://www.redhatmagazine.com/.

Now, on to my rant.

(more…)

http://dmiessler.com/archives/1315
http://dmiessler.com/archives/176

Maybe I’m alone here, but I had no clue about Firefox’s quicksearch ability. Apparently, just by typing ‘g keyword’ in the URL bar, you’ll automatically search Google.

Back in 2005 Daniel Miessler expanded this feature by configuring FF to also search MSN and Technorati, which are also both very cool.

Well, now Google has added the ability to use command-line switches to their search feature such as /img to search images, /maps to search Google’s maps, /groups to search Google newgroups database, and so on.

You can find a great explanation for all the search functions here: http://projects.felipc.com/gcl/

To quote Daniel’s 2005 post, this is how you configure FF to also search MSN and Technorati:

1. Create a new bookmark in Firefox.
2. For the URL, add the text below for MSN:
“http://search.msn.com/results.aspx?q=%s&FORM=QBRE”
3. For the prefix, add “m” (or whatever you want to use).
4. Create another bookmark.
5. Add this for the URL:
“http://www.technorati.com/cosmos/search.html?rank=&url=%s”
6. Use “t” for the prefix (or whatever you want to use).

Thanks, Daniel, for bringing this to my attention. I can see myself using this ALL the time.

thebroken is an underground technology show with a hacker mentality that caters to the elite (or wannabe 1337) computer user using a mixture of seriousness and irreverent comedy … If it’s shady or underground, it’s thebroken.

I thought Ramzi’s tips were especially useful. Very funny … and educational. Some of the videos in the other sections of the site are worth a look too, so check those out.

For the original article by Jeff, click here: http://www.averageadmins.com/blogentry.php?id=61

For now, I’m going to keep it simple and just add the two commands that, if you want, can be easily changed to match your situation.

netsh interface ip set address local static 192.168.1.254 255.255.255.0 192.168.1.1 1
netsh interface ip set dns local static 192.168.1.1

For a DHCP-enabled interface:

netsh interface ip set address local dhcp

Other resources include:
http://support.microsoft.com/?kbid=242468
http://www.microsoft.com/resources/…

Here are two sites by people that have personally dealt with the maliciousness of Google AdWords.

http://www.dynamoo.com/blog/2007/04/malware-via-adwords.html
http://explabs.blogspot.com/2007/04/google-sponsored-links-not-safe.html

I found a piece of software called BookSmart, made by the folks from Blurb. It looks like it might do what I want, but it has a limited number of templates and options. It does however have support for “Slurping”…basically if your blog is hosted at Wordpress.com, or a few other blogsites, it will go out and pull down all the posts/comments and automatically (if you choose) populate the book for you. However in practice, this didn’t work quite so well. I temporarily made a copy of our blog at Wordpress.com just for this feature. It ended up only getting the first couple months of posts, and no comments.

I have been looking for other options to do what I want, and the only other thing I have found is some Mac software (iLife I believe)…but alas, I don’t have a Mac.

Has anybody else done this, or heard of it being done? I wouldn’t be opposed to manually copying all the posts/comments myself if I HAVE to, but that would be a lot of work…and there may be a better option.

You can read more about geocaching here: http://www.geocaching.com/.

From the site:

What is usually in a cache?

A cache can come in many forms but the first item should always be the logbook. In its simplest form a cache can be just a logbook and nothing else. The logbook contains information from the founder of the cache and notes from the cache’s visitors. The logbook can contain much valuable, rewarding, and entertaining information. A logbook might contain information about nearby attractions, coordinates to other unpublished caches, and even jokes written by visitors. If you get some information from a logbook you should give some back. At the very least you can leave the date and time you visited the cache.

Larger caches may consist of a waterproof plastic bucket placed tastefully within the local terrain. The bucket will contain the logbook and any number of more or less valuable items. These items turn the cache into a true treasure hunt. You never know what the founder or other visitors of the cache may have left there for you to enjoy. Remember, if you take something, its only fair for you to leave something in return. Items in a bucket cache could be: Maps, books, software, hardware, CD’s, videos, pictures, money, jewelry, tickets, antiques, tools, games, etc. It is recommended that items in a bucket cache be individually packaged in a clear zipped plastic bag to protect them.

Currently, there are 80 hidden caches in Texarkana.

(more…)

This software works both in Windows and Linux.

(more…)

I spent the better part of today addressing the issue.

(more…)

If someone knows of a better suite of tools please let me know.

So how did I get infected in the first place?
http://www.castlecops.com/postlite7736-.html

(more…)

I have been looking for a Mac OS X alternative to TechSmith’s Camtasia Studio ever since I started using my MacBook last year. Camtasia Studio allows you to capture videos of your computer’s desktop as you work in applications and then edit and arrange those captured videos to make a movie viewable in a number of different formats. You can even make interactive videos for training and educational purposes with Camtasia Software. Needless to say, the software is very impressive but it has only one drawback that keeps me from buying it… It is only available for Microsoft Windows machines and is not currently available for the Macintosh platform (and may never be available on a Mac unless we can do some CrossOver trickery).

Today, I was thinking about how I needed to redo a demo for some software I developed for my personal business, Fruitful Solutions, and I needed to see what was available for doing this on the Mac. My 30-day free trial of Camtasia Studio expired a while ago and I didn’t really want to pay the $299.00 for Camtasia Studio plus have to use my Windows machine to do the demo. I did some searching and came upon a great alternative for a really great price. Enter Snapz Pro X from Ambrosia Software.

Snapz Pro X, version 2.0.3, is a very powerful application allowing a number of screen capture features for still images and video. There are a number of different compression and output options available for both types of captures as well as the ability to record anything that is playing internally on the Mac’s audio system and from a microphone input. Basically, I get all the functionality I had with Camtasia Studio, minus some editing features that I can do within additional free software if necessary, for the very welcome and very low price of $69!

I used the software this evening to see how well it worked and after easily creating a video capture of my desktop and me messing around in some applications, I was sold. The output at 30 FPS was phenomenal and the file size was manageable. I believe this software has every feature that I am looking for to recreate my presentation and demo for my application, even at a price almost anyone with the need can afford.

If you’re in the market for some screen capture software for your Mac, I highly recommend looking into Snapz Pro X. There is a trial version available so you can try before you buy. Give it a shot. I don’t believe you’ll be disappointed.

Until next time…

This post is the reason I posted my previous blog entry on installing the Metasploit framework on my Apple MacBook. Chris sent me a link to this movie showing someone exploiting a vulnerability in Microsoft’s Windows. The .ANI Header Stack Overflow vulnerability allows a remote attacker to send a malicious e-mail to an unsuspecting user with an unpatched Windows machine and gaining remote shell access.

After Metasploit was installed on my MacBook, I followed the steps in the movie as they were shown and it worked like a champ. The recipient of the e-mail has to be viewing the e-mail in HTML. I was only able to exploit this vulnerability when using Microsoft Outlook or Microsoft’s Outlook Express e-mail client’s when the client was setup to view messages in HTML. Either way, I gained access to one of my own machines using this exploit and it showed me just how easy it would be for someone with malicious intent to really wreak havoc on a novice or unsuspecting user.

I am impressed at the whole concept behind the Metasploit framework for exploiting known vulnerabilities and delivering payloads with basically the push of a button. The interface and command logic is easy to understand, for this exploit anyway, and I look forward to learning more about the framework, the exploits, and the payloads in the near future.

Until next time…

I have known about the Metasploit framework for quite some time but have never really known how to use it or taken the time to learn. Recently, Chris inspired me to try it by showing me a movie explaining how to exploit a vulnerability in Microsoft Windows related to the .ANI Header Stack Overflow Vulnerability (more on this in my next post).

Before I could begin working with this nifty little exploit in Metaspolit I had to get the framework installed on my MacBook. Metasploit is a suite of Ruby scripts and will run on virtually any Unix based operating system and Windows (with some minor tweaking). I checked the MacPorts for Metasploit and it was available as a port install but the latest version in the ports tree was 2.7. I needed at least version 3.0, and later determined I needed a development version, version 3.1, from the trunk to get the exploit I was after.

The first thing I did was upgrade my Subversion client on Mac OS X. I got the universal binary from here and installing and upgrading my Subversion was pretty painless. It installed like most other Mac applications from a package.

(more…)

http://www.anova.org/software/index01.htm

Like most techs, I am given a lot of stuff that I just can’t use, and I would prefer to see it go to a good home. For example, I have a perfectly good Dell P3 sitting at the house that I will never use. I also have an extra keyboard, server, and a few other goodies too. What I’m proposing is that AA establish a new category called AA Trading Post. Any extra gear you have can be posted here for others to take advantage of. If you need gear (say, a hard drive for a dying machine at home), you can post a wanted ad as well. Here are the only two limitations:

• Gear must be free. This ain’t eBay, folks; remember, the goal is to see your hardware go to a good home. If it is nice enough that you could make some decent cash off of it, then you probably shouldn’t post it here anyway.
• Items listed must be technology related. No 4 wheelers or baby outfits. Beyond that, I think anything from a CPU to a soldering iron would be just fine.

I see two good things coming out of this: First, we get to clean out our garages (or make them worse!); Second, we could advertise this around on different sites, which would drive traffic up to AA. Texarkana needs a tech trading post, and this would be the perfect place.

What do you think? Let me know!

Josh

Security-Database.com team is happy to announce its new Firefox Framework Map collection of the most useful security oriented extensions. We called the framework FireCAT. It stands for FireFox Catalog of Auditing Toolbox.

FireCAT is based upon a paper we wrote some weeks before (Turning firefox to an ethical hacking platform) and downloaded more than 25 000 times. We also thank all folks that encouraged us and sent their suggestions and ideas to make this project a reality.

This initial release is presented as a mindmap and we are open to all your suggestions to make it a really good framework for all the community of security auditors and ethical hackers.

This is for those of you that haven’t seen this yet. The blurb from their site basically says it all.