Think you can outsmart phishing scams?
Take Mailfrontier’s Phishing Quiz and see if you can outsmart them. I only got 80% on the first test.
Think you can outsmart phishing scams? Read More »
Take Mailfrontier’s Phishing Quiz and see if you can outsmart them. I only got 80% on the first test.
Think you can outsmart phishing scams? Read More »
Quoting from Dan Gillmor’s Journal this morning:
“According to Pete Seeger, in this account (widely acknowledged in the folk world to be true) from the Museum of Musical Instruments, when Guthrie was singing on the radio in Los Angeles during the Depression, he’d mail mimeographed songs to listeners, and wrote on one:
“This song is Copyrighted in U.S., under Seal of Copyright # 154085, for a period of 28 years, and anybody caught singin
Off-topic: Music copyrights Read More »
Will this saga never end? Continuing with this entry from May 21, I’ve been playing with and trying various ways to tunnel Remote Desktop over SSH. There are lots of useless entries out there on the web, mostly discussing ways to force your Windows XP machine to accept Remote Desktop connections requests to localhost or 127.0.0.1 when, in fact, all you have to do is connect to 127.0.0.2 … or .3 … or .4. That’s right, folks, 127.x.y.z are ALL local connections. And let’s not debate whether that’s a correct implementation or not, that’s just the way it is. We can take advantage of this IF we can get our local SSH client to listen on one of those IP addresses. The stock, standard OpenSSH implementation of the SSH client won’t do it so you’ve gotta pick something else. PuTTY will do it as will plink from that same free distribution. So, what you need to do is set up a PuTTY configuration to forward 127.0.0.2:3389 to 127.0.0.1:3389 (remember, the remote IP address is relative to the machine that’s your SSH target).
That’s the 2 machine case (SSH directly to the machine whose desktop you want to control). There’s also a 3 machine case where you SSH into a landing pad that has access to the machine whose desktop you want to control. I’ll deal with that later.
So, in summary, you need to run an SSH client that will allow you to listen on an IP address that’s not 127.0.0.1. PuTTY and plink are two clients that will work — the OpenSSH implementation of SSH will not work. You need to forward port 3389 (3390 if your local machine is running the Remote Desktop server) to port 3389 of the remote machine. Once you’ve established your SSH connection, bring up the Remote Desktop client and connect to 127.0.0.2 (or 127.0.0.2:3390 if your local machine is running the Remote Desktop server) and you are up and running!
More on tunneling Remote Desktop over SSH Read More »
Google bought Picasa a little while ago. Now you cna download Picasa V1.6 for free from them here.
Picasa V1.6 is free from Google Read More »
eWeek reports in this article of a security exposure in Mozilla’s Mozilla, Firefox, and Thunderbird clients wherein a malicious user can cause arbitrary code execution by using the shell: protocol. You can download Mozilla 1.7.1, Firefox 0.9.2, and Thunderbird 0.7.2.
Mozilla/Firebird/Thunderbird Security exposure Read More »
X11 forwarding is a powerful and helpful feature of SSH but, as pointed out in this article from Hacking Linux Exposed, it can be dangerous if you’re not careful. It’s no great secret — pay attention to your file and directory permissions!
The Hazards of X11 Forwarding Read More »
Microsoft has some additional information available about the most recent security exposure here. It tells you how to determine if you’ve been infected.
Download.Ject : Are you infected? Read More »
I’m a little behind on this as it’s dated June 8 but better late than never. Here’s a link to PC Magazine’s 2004 Utility Guide. Backup programs, defraggers, anti-virus, file managers, etc.
PC Mag’s 2004 Utility Guide Read More »
As it was explained to me, this latest threat/penetration was helped along by BHOs (Browser Helper Objects). BHOs (see this Lavasoft forum article for a good description) are useful additions to IE but, sometimes, they can turn nasty. That’s why I’ve been running a BHO watcher for a couple of years, now. My favorite has been BHODemon (free from DefinitiveSolutions. It’s been stuck at V1.0 for, I dunno, a couple of years? They’ve just released 2.0 and it’s free!
BHOs: the latest threat? Read More »