The Lazy Genius

Security News & Brain Dumps from Xavier Ashe, a Bit9 Client Partner

Archive for May, 2005

2005 Risks in Global Filmmaking Map

Posted by Xavier Ashe on May 30, 2005

Every filmmaker, from
major studios to independent producers, experiences some element of
risk while filming in foreign countries. That is why, each year,
Aon/Albert G Ruben, the largest entertainment insurance broker in the
world, comprehensively measures and maps the risks filmmakers face
across the globe.
The 2005 Risks in Global Filmmaking Map measures crime, corruption, kidnap and ransom, disease and medical care risks, and references terrorism and political risks.

My parents are traveling to Israel this fall and I wanted to
see how they ranked the holy land.  Come to find out, Aon/Albert G Ruben ranks it just as dangerous as the US.  I
thought that odd, considering the recent events.  I know things have been
quiet for a while, but I would assume an insurance company would rather work in
the US than in Israel. 
Then… I zoom in to the Middle East to find a new country: Palestine.  They do not rank Palestine, but I bet the recognition of Palestine
allow them to shift the numbers a bit to make Israel look better.  There
many rich companies in Israel
that probably depend on Aon/Albert G Ruben to rank them
fairly safe.  It could be just my paranoia slipping in, but I felt I need
to comment. 

If I have a missed something here due to my US-media-induced
washed perspective, feel free to set me straight.

Found on Boing Boing.


Posted in For Fun, Security | Leave a Comment »

GPS enabled spoof

Posted by Xavier Ashe on May 29, 2005

I reported earlier about GPS enabled panties.  Unfortunatly, I was duped.  Contagious Media Showdown
is a website contest that has three week time span.  Whoever can
pull the most traffic in three weeks wins.  And the GPS enable
panties is sitting at number 2.  Crying While Eating has a strong lead, while Ring Tone Dancer is pulling a close 3rd.

All entries go live on the evening of May 19th and the contest ends at
midnight Eastern Standard Time on June 9th. Prizes are awarded based
on the performance of each entry over this three week period. For each
winning entry, Eyebeam will award cash grants in the form of a check
made out to the designated project leader. Eyebeam staff and members
of the contagious media group will serve as judges in the event of a
dispute and they are not permitted to enter the contest.

sigh…  I was realling hoping that I was going to get a GPS tracker for $100.

Posted in For Fun | Leave a Comment »

Layout Changes

Posted by Xavier Ashe on May 29, 2005

As you see, I have made some slight layout changes.  I
have also added a few more links and link categories.  The Vendor Links on
the bottom left are security products I resell at Microtek Systems.  Email me if you have
any questions about those products or companies.  On the right, Random
Links are for everything that does not fit into the other categories. 
Next you have White Hat and Black Hat security links.  Please be
warned:  some of the Black Hat links contain material not suitable for
work.  They also tend to try to install spyware, trojans, etc on your
PC.  So DO NOT view those links with IE, and make sure you have the newest
version of FireFox
Finally I added some of my associates' blogs listed on Friends.  Hopefully
this will make this website more useful to you.

Posted in Main Page | Leave a Comment »

Ad-Aware 1.06 is out

Posted by Xavier Ashe on May 28, 2005

The best spyware scanner just got better.  Lavasoft just released
Ad-Adware SE Personal Edition 1.06.  The improvement list is
several pages long.  The freeware scanner has been hardened
against third party uninstall with encrypted preference files, the
disk-scan is approximately 30 % faster, Code Sequence Identification
scan is now more efficient using less CPU and Memory as well as having
a smaller footprint, there is a new “Scan for low risk threats” option,
and the GUI has adapted to use the new Threat Assessment Chart.

Read the full improvement list and download today.

Posted in Security | Leave a Comment »

When faced with an unbreakable lock, steal the key

Posted by Xavier Ashe on May 28, 2005

There's new IBM commercial that
touts a fingerprint
biometric scanner
.  There also a Targus
and Tensor
PC card add-ons that give similar functionality.  You are supposed to not
be able to logon to the laptop without your finger.  Sounds like the holy
grail of mobile security, right?

Well, first I would like to introduce to you how Gummi
Bears can defeat fingerprint sensors
.  But why go to all that trouble?

… in Sheboygan WI, a drunk man with next to no knowledge of
computers, has demonstrated, just how simple it is to thwart the newest

The annoying individual, a teenager who just could not leave yet, the cyber
cafe', as they were chatting, struck a sour note with the drunken individual.

The drunk, after knocking out the teen, unlocked the laptop, was said to have
changed the password, and fled the crime scene.

At present, police are still looking for the thief and due to age, are not
releasing the name of the teen.

Sigh… no matter how strong the lock, the key exists somewhere.

Posted in Security | Leave a Comment »

Master Cisco firewall logging

Posted by Xavier Ashe on May 28, 2005

Cisco firewalls and security appliances can be configured to generate an audit trail of messages describing their activities. Firewall logs
can be collected and analyzed to determine what types of traffic have
been permitted or denied, what users have accessed various resources,
and so on. This sample chapter, taken from Cisco Press' Cisco ASA and PIX Firewall Handbook, explains the tasks that are necessary to generate and collect logging messages.The chapter contains the following sections:

  • Managing the Firewall Clock: Discusses ways to set and maintain the firewall's internal clock so that events and messages can have accurate time stamps.
  • Generating Logging Messages: Explains how firewalls generate logging messages and how you can configure them to do that.
  • Fine-Tuning Logging Message Generation:
    Covers the configuration steps that can be used to enable or disable
    specific logging messages or change their severity levels. This section
    also discusses how to configure access list activity logging.
  • Analyzing Firewall Logs: Provides an overview of how you can approach collecting and analyzing the logging messages that firewalls produce.

Get the free download at TechRepublic.  Aslo, take a look at “Cisco PIX Firewall: Lock it down in 10 steps“. 
Or you can email me and I can sell you a Juniper Netscreen
Firewall.  Then you won't need to read a dozen books to become a
Firewall expert.

Posted in Security | Leave a Comment »

The ZombieMeter

Posted by Xavier Ashe on May 28, 2005

CipherTrust's ZombieMeterSM tracks worldwide zombie activity
in real-time. With more than 1,500 enterprise customers, CipherTrust
has a very broad, unique view of the Internet and potential threats as
they happen across the globe. By monitoring global messaging activity
and identifying behavioral patterns, CipherTrust can continue to
provide predictive protection against threats before they emerge.

Through data received from the Company’s global network of IronMail®
appliances, which protect more than 10 million enterprise e-mail
inboxes, the ZombieMeterSM tracks the number of new, completely unique
zombies per hour, every hour. Visitors can view real-time updates
regarding new zombie activity across the world, including the
origination of messages and the number of machines affected by zombie

Go and see the ZombieMeter!

Posted in Security | Leave a Comment »

Rubik's Cube Art

Posted by Xavier Ashe on May 28, 2005

See the whole collection.

Posted in For Fun | Leave a Comment »

Epidsode III Easter Egg Hunt

Posted by Xavier Ashe on May 28, 2005

Fans know well what audiences around the world are discovering: you simply cannot take in all the detail of a Star Wars
movie in one sitting. So intricate and meticulous is each shot that
every image tells a rich story. In some cases, that story is kind of
funny — a cleverly placed nod to audience members who know where to
look. For eagle eyed viewers, they're called Easter Eggs. Sometimes
they're inside jokes. Other times, they're just interesting details
that are very easy to overlook.

Here's a list of some of those
little must-see moments that you may have missed. Consult this list the
next time you go see Episode III and count how many you can spot.

Read more on  Found on Boing Boing.

Posted in For Fun | Leave a Comment »

Activist Aims to Scare Officials Into Protecting Personal Data

Posted by Xavier Ashe on May 27, 2005

Betty (but call her BJ) Ostergren, a
feisty 56-year-old from just north of Richmond, is driven to make
important people angry. She puts their Social Security numbers on her
Web site, or links to where they can be found.

Today, she is eager to guide reporters to her favorite example: the
Social Security number of House Majority Leader Tom DeLay (R-Tex.),
which is viewable via the Internet on a tax lien filed against him in

“Don't you think if I can get Tom DeLay's Social Security number . . .
that some guy in an Internet cafe in Pakistan can, too?” she asks, her
voice rising with indignation. “It's just ridiculous what we're doing
in this country.”

Read more at The Washington Post
I have a few “security conscience” friends that think that are paranoid
enough to protect thier private information.  They go to great
lengths and will not participate in various activities because they
“want too much information”.  Then the government publishes for
everyone.  How nice of them.

Posted in Security | Leave a Comment »

GPS enabled Panties

Posted by Xavier Ashe on May 26, 2005

Geeks + Technology = GPS enabled panties.

protect her privates

Ever worry about your wife cheating?

Want to know where your daughter is late at night?

Need to know when your girlfriend's temperature is rising?

This amazing device will answer all of your questions! These panties
can give you her location, and even her temperature and heart rate, and
she will never even know it's there! Unlike the cumbersome and
uncomfortable chastity belts of the past, these panties are 100%
cotton, and use cutting-edge technology to help you protect what
matters most.

make sure you will never be forgotten

forget-me-not panties™ have built-in GPS and unique sensor technology giving you the forget-me-not advantage.

Found on UNEASYsilence.

Posted in For Fun | Leave a Comment »

VoIP Sniffing Demonstration

Posted by Xavier Ashe on May 26, 2005

I have always touted Cain & Abel
as being a great security tool to demonstrate the ease of hackers in this day
and age.  Iron Geek has flash tutorial video
on Cain's new function: Sniffing Voice over IP traffic.  In the demo you
see how easy it is to listen in on a VoIP call and have it saved in .WAV
format.  Nice.  Time to start demanding VoIP encryption from Vonage
and other carriers.  The technology is available; they just choose not to
use it.  Remember cable modem fans, you're on a hub…

Posted in Security, Tools | Leave a Comment »

Stopping Automated Attack Tools

Posted by Xavier Ashe on May 26, 2005


An almost infinite array of automated tools exist to spider and
mirror application content, extract confidential material, brute force
guess authentication credentials, discover code-injection flaws, fuzz
application variables for exploitable overflows, scan for common files
or vulnerable CGI's, and generally attack or exploit web-based
application flaws. While of great value to security professionals, the
use of these tools by attackers represents a clear and present danger
to all organizations.

These automated tools have become increasingly popular for attackers
seeking to compromise the integrity of online applications, and are
used during most phases of an attack. Whilst there are a number of
defense techniques which, when incorporated into a web-based
application, are capable of stopping even the latest generation of
tools, unfortunately most organizations have failed to adopt them.

This whitepaper examines techniques which are capable of defending
applications against these tools; providing advice on their particular
strengths and weaknesses and proposing solutions capable of stopping
the next generation of automated attack tools.

By Gunter Ollmann.  Get the PDF at
This is a good read and has some suggestions I had not though of
before.  I strongly suggest looking at intrusion prevention if you
have public web servers.  Here's a peek inside the pdf:

The most 10 most frequently utilised defences are:

  • Renaming
    the server hosting software
  • Blocking
    HEAD requests for content information,
  • Use of
    the REFERER field to evaluate previous link information,
  • Manipulation
    of Content-Type to “break” file downloads,
  • Client-side
    redirects to the real content location,
  • HTTP
    status codes to hide informational errors,
  • Triggering
    thresholds and timeouts to prevent repetitive content requests,
  • Single-use
    links to ensure users stick to a single navigation path,
  • Honeypot
    links to identify non-human requests,
  • Turing
    tests to block non-human content requests.

Posted in Security | Leave a Comment »

Vendor Neutral DNS Vulnerablility

Posted by Xavier Ashe on May 25, 2005

Recently there have been
several vulnerabilities found that affect a massive variety of servers,
routers, etc.  I recently covered the IPSec
security hole
and the HyperThreading
security hole
.  Today a vulnerability
has been made regarding DNS.  DNS is implemented on every
server, router, firewall and computer out there. 

What is affected?
– —————–
The vulnerability described in this advisory affect the Domain Name System
(DNS) protocol. Many vendors include support for this protocol in their
products and may be impacted to varying degrees, if at all. 

Please note that the information contained within this advisory is subject to
changes. All subscribers are therefore advised to regularly check the NISCC
website for updates to this notice.

– ——
If exploited, this vulnerability could allow an attacker to create a
Denial-of-Service condition.

The sky isn't falling completely thought.  This
outlines the vendor responses including Microsoft, Sun, Apple, and
Juniper, all of who say that they are not affected.  Cisco has not
responded, but there are quite a few responses from other vendors that do have
patches available.


It appears that some Cisco products are vulnerable.  Read the full Cisco Security Notice.

  • Cisco IP Phones 7902/7905/7912
  • Cisco ATA (Analog Telephone Adaptor) 186/188
  • Cisco Unity Express
  • Cisco ACNS (Application and Content Networking System) devices,

    • Cisco 500 Series Content Engines
    • Cisco 7300 Series Content Engines
    • Cisco Content Routers 4400 series
    • Cisco Content Distribution Manager 4600 series
    • Cisco Content Engine Module for Cisco 2600, 2800, 3600, 3700, and
      3800 series Integrated Service

Posted in Security | Leave a Comment »

BBS: The Documentary

Posted by Xavier Ashe on May 25, 2005

This is dear to my heart.  The first modem I ever had
was a 300
baud phone coupler
.  I had a CompuServe and Prodigy account, but the
fun times were dialing into friend's computers and logging onto BBSes or
Bulletin Board Systems.  I have a TI/99-4a (yes, I still have it, and it
still works) and remember dialing into Ralph Folwer's TIBBS.  His was the
first BBS on a TI in August
of 1983.  In fact, a friend and I ran a BBS (once I graduated to PCs)
called Hallucinations of Insanity in the 404 area code in the late 80's. 
So when I stumbled upon BBS: The
, my geeky heart skipped a beat.  The 5.5 hour documentary
is finished and ready to be shipped.  The web site is full of good
memories including Barren Realms
, a BBS Timeline from
1974 to 2002, and a List of BBS
including WWIV, the software that ran Hallucinations of
Insanity.  I now feel like the old man of technology, “We had a 1200
baud single duplex modem, only ASCII for graphics, 32k of memory, only 86 keys
on our keyboard, AND WE LIKED IT!”

Posted in Other Technology | Leave a Comment »

Bank Of America Hack done by insiders

Posted by Xavier Ashe on May 25, 2005

am constant telling my customers that their major security exposure comes from
their employees.  Some listen, other need to read the writing on the
wall.  675,000
Bank of America customers have had their account hacked into
.  By whom?

  • Orlando Rivera, 42, of New Milford, N.J.,
    a former manager at the New Jersey Department of Labor.
  • Kelvin Diaz, 27, of Hackensack, a former Bank of America
  • Zoran Levajac, 35, of Totowa, N.J.,
    a former Commerce Bank manager and former PNC Bank manager.
  • Myron Frierson, 29, of Teaneck, N.J.,
    a former financial specialist for Wachovia Bank.
  • Maurice Williams II, 28, of Hackensack,
    a former financial specialist for First Union Bank, which later became
    Wachovia Bank.
  • Kathleen Lovelace, 35, of Kearny, N.J.,
    a former assistant manager at Commerce Bank and former employee of PNC
  • James DiGangi, 27, of Elmwood Park., N.J.,
    a former employee of Commerce Bank and PNC Bank.
  • Anthony Diamanti, 29, of Clifton, N.J.,
    a former employee of Commerce Bank and of PNC Bank.

As Bruce
Schneier points out
, the amazing thing about the story is how manual the
process was.

The suspects pulled up the account
data while working inside their banks, then printed out screen captures of the
information or wrote it out by hand, Lomia said. The data was then provided to
a company called DRL Associates Inc., which had been set up as a front for the
operation. DRL advertised itself as a deadbeat-locator service and as a
collection agency, but was not properly licensed for those activities by the
state, police said.

you see a pattern yet??  Your employees have the ability to make or break
your company.  Give them the tools to help the company succeed, but limit
their access to only what they need to do their job.  And for heaven's
sake, get yourself a good security
, a 3rd party that you can trust.  You if you need some
suggestions, email me at xavier -AT- ashe -DOT- com.  We can get computer
security under control, it just take the will to do so.

Posted in Security | Leave a Comment »

Hyper-Threading Security Flaw Realized

Posted by Xavier Ashe on May 25, 2005

I posted a few days ago
a flaw regarding a Hyper-Threading security flaw.  The security
industry has been debating the impact of the flaw and even Intel said
that the flaw was not “Critical”.  Colin Percival was the first to point out the flaw and has now released a research paper detailing how a malicious user can use a timing attack to exploit the shared
memory cache and retrieve sensitive data from a thread belonging to
another user. 

“This is a particular concern for web hosting companies,” Percival
says. “If users on a shared server are allowed to login over SSH, then
they can steal the SSH host key, and if they are allowed to execute any
code (e.g., cgi scripts) then they can steal the SSL certificates used
by other sites on the same server.”

According to this Netcraft article, Percival is a member of the security team at FreeBSD. In 1998, at
age 17, he gained notice by writing a program that used distributed
computing to calculate pi to the five trillionth digit. He is also known for his Depenguinator, a program to remotely remove Linux from a system and install FreeBSD in its place.

Percival identifies advisories
on the hyperthreading issue announced by several operating system
vendors, and says Microsoft has been informed of the issue but has not
responded as yet. An advisory from FreeBSD noted that “future work in
cryptographic libraries and operating system schedulers may remedy this
problem for many or most users, without necessitating the disabling of
Hyper-Threading Technology.”

Posted in Security | Leave a Comment »

Supermodels in 2600 clothing

Posted by Xavier Ashe on May 23, 2005

Supermodel Jodie Kidd with her Lamborghini at the start of the Gumball Rally, London, 14th May 2005, wearing a 2600 hooded sweatshirt.

Posted in For Fun, Security | Leave a Comment »


Posted by Xavier Ashe on May 23, 2005

Posted in Random Pics | Leave a Comment »

Chimps Get High-Tech Dream House

Posted by Xavier Ashe on May 23, 2005

A lucky group of bonobo chimpanzees are getting an $10 million, 18-room high-tech dream dormitory
outside of Des Moines, Iowa. The crib has touch screens for the
occupants to “chat” with human researchers, a “web cam” to see who is
outside their front door, flushing lavatories, an indoor waterfall and
climbing walls. The experiment aims to see if this kind of stimulation
will help them develop skills in language, art and music — and pass
those skills on to future generations of chimps. I would like to see
this experiment performed on American public school children.

Found on Mike's List.

Posted in For Fun | Leave a Comment »

%d bloggers like this: