, 6 Guests,


Print This Post Print This Post

Firefox addon, Firesheep, the novice way to sidejack?

I read several articles about Firesheep, the addon for Firefox, and the sidejacking that it performs on a computer network. The first think I would like to say is that most these articles basically encourage people to try it out, and make people think their information will be stolen while using the WiFi at the local coffee shop. For anyone who doesn’t know sidejacking has been around for a number of years and it isn’t even close to the only way you can have information taken from you while using a open network. It also doesn’t just apply to Facebook or any of the sites in the list, this is for all web traffic that uses HTTP. It is unsecure and is just fine for most of the traffic on the Internet. So this really isn’t anything new, and using common sense will help you avoid any real problems.

The first thing I would do to combat this is to not go to websites that has personal information on them while at internet cafes, book stores, or coffee shops. This eliminates any real problems with someone sidjacking, packet sniffing, or any other means of getting information from you on these open networks. So if you want to go get some coffee and while you are there you want to check the news, feel free to. But if you must check your email or Crackbook, you can use SSL or HTTPS to logon to these websites. Most website will switch back over to HTTP after you login so you will have to use an application such as Force-TLS. This is a Firefox extension allows your browser to change HTTP to HTTPS on sites that you indicate in the Firefox Add On “Preferences” menu, protecting your login information and ensuring a secure connection when you access social sites and email.

I still believe that most people should just think about what they are doing on the Internet and what they can live with if they are attacked. Can they survive having their email hijacked or someone posting garbage on their Facebook account. Otherwise just use your phone for Facebook updates or wait till you get home. I only use place like that if I am traveling and need to get access for something. You take a chance of getting into an accident everyday driving to work, using a public or open WiFi network is the same thing. So just use common sense and you should have no problems.

Print This Post Print This Post

Two vulnerabilities in Linux allow access to root account

Two new vulnerabilities affecting Linux were uncovered this week that could potentially be used by malicious hackers to gain root privileges. One vulnerability, which was reported on Tuesday by security firm VSR, arises from a flaw in the implementation of the Reliable Datagram Sockets protocol (RDS) in versions 2.6.30 through 2.6.36-rc8 of the Linux kernel.

Known as CVE-2010-3904, the bug could allow a local attacker to issue specially crafted socket function calls to write arbitrary values into kernel memory and thereby escalate privileges to root, giving the attacker “superuser,” administrator status.  The problem exists only in Linux installations in which the CONFIG_RDS kernel configuration option is set, and where there are no restrictions preventing unprivileged users from loading packet family modules.

GNU C Library Loader

The second vulnerability, dubbed CVE-2010-3847, derives from a flaw in the library loader of the GNU C library that can be exploited to gain root privileges under Linux and other systems. Using the hole, an attacker could reportedly gain full control of a system by escalating his or her privileges after breaking into a web server with restricted access rights.

the bug was found to exist in Red Hat Enterprise Linux (RHEL) 5 and CentOS 5, among other distributions. Patches are currently in the works, but “this is a low impact vulnerability that is only of interest to security professionals and system administrators.

One thing that is for sure  is the fact that these holes will be fixed quickly by the scores of programmers that work on these linux distributions.  It is also important to remember that security holes are found in every piece of software release, it is just a matter of how long it takes to fix it and how many machines are taken over through this vulnerability.

Print This Post Print This Post

Getting Hard Drive Serial Numbers using scripts

Recently I had been working on a way to retrieve hard drive serial numbers without having to go around and look at each drive.  We have to use them for reports and we use equipment from sites that we go to that doesn’t belong to us so a kept list is not an option.  There is software out there that will do it for you and make a nice little report, but our highers up think that is a bad idea and we can just go around a physically look at each drive.  So this has been something we have done for a while.  Well in my efforts to be a lazy admin I found a few things and wrote two scripts.

The first is a vbscript that will write the hard drive serial to a text file along with the host name of the machine.  It calls on WMI to provide the drive serial.  However it only worked with Windows 7 and server 2008.  I didn’t get it to work on XP, which is still our primary OS for user machines.  Here is the script that I planned to copy out to the workstations, execute it remotely, and have it write the information back to the server.

‘ HardDriveSerialNumbers.vbs
‘ Version 0.5 – Oct 2010
Option Explicit
Dim objFSO, objFolder, objShell, objFile, objTextFile, objWMIService, objItem, oshell
Dim strDirectory, strFile, strText, strComputer, colItems, k, serial, strSerial, strSpace, strLine, host
strComputer = “.”
strDirectory = “\\\c$\users\administrator\desktop\testvbs”
strFile = “\HDSerialNumbers.txt”
strSpace = “”
strLine = “=======================================================”
‘ Places Hostname into a variable
Set oShell = CreateObject( “WScript.Shell” )
host=oShell.ExpandEnvironmentStrings(“%ComputerName%” )
‘ Create the File System Object
Set objFSO = CreateObject(“Scripting.FileSystemObject” )
‘ Check that the strDirectory folder exists
If objFSO.FolderExists(strDirectory) Then
Set objFolder = objFSO.GetFolder(strDirectory)
Set objFolder = objFSO.CreateFolder(strDirectory)
End If
If objFSO.FileExists(strDirectory & strFile) Then
Set objFolder = objFSO.GetFolder(strDirectory)
Set objFile = objFSO.CreateTextFile(strDirectory & strFile)
End If
set objFolder = nothing
set objFile = nothing
‘ OpenTextFile Method needs a Const value
‘ ForAppending = 8 ForReading = 1, ForWriting = 2
Const ForAppending = 8
‘ Sets text file to open and modify
Set objTextFile = objFSO.OpenTextFile _
(strDirectory & strFile, ForAppending, True)
‘ WMI for drive serial numbers will return all drives to include CD drive currently errors on cd drive
On Error Resume Next
Set objWMIService = GetObject(“winmgmts:” & “{impersonationLevel=impersonate}!\\” & strComputer & “\root\cimv2” )
Set colItems = objWMIService.ExecQuery(“SELECT * FROM Win32_PhysicalMedia” )
k = 0
serial = “”
For Each objItem in colItems
‘ Writes strText every time you run this VBScript
If err.number = vbEmpty then
Set objShell = CreateObject(“WScript.Shell” ) (“Explorer” & ” ” & strDirectory & “\”  )
Else WScript.echo “VBScript Error: ” & err.number
End If
‘ End of VBScript to create file on DC with Workstation Hard Drive Serial Numbers

Now I am not the best when it comes to vbscript so my structure may be bad but I only care if it works and the making it pretty later.  But once again I could only get this to work in Windows 7 and Server 2008 R2.  For the other operating systems I kept looking and found a little freeware application that will retrieve the hard drive information.  It writes more than what I need but it gets the job done.  The executable is called diskid32.exe, I found it at  It also has a DLL file that is suppose to make the executable work with Windows 2000 and earlier.

Anyhow I work this into a batch file that asks you for the IP of the machine you want to write the information to, then copies the executable and a batch file to each machine, and executes to retrieve the info and write it back to the IP that was inputted at the beginning.  The batch file also uses psexec.exe from  Sysinternals to login to the remote machines to execute the files copied to each machine.  We also use a text file that has the names of all of the machines on the network that we call a nodelist.txt.  So here is what the batch file looks like.

REM     ———————————–
Rem Written by ogwatermelon 8Oct10
REM     ———————————–
@echo off
echo =========================================================
echo                                                                       HDInfo
echo =========================================================
echo Enter the IP Address for the server to write info to.
set /p _host=Enter IP address:
for /f %%D IN (nodelist.txt) DO echo %%D & copy diskid32.exe \\%%D\c$\windows
for /f %%C IN (nodelist.txt) DO echo ==================================================================== >> \\%_host%\c$\hdserials.txt & echo %%C—–%%C—–%%C—–%%C >> \\%_host%\c$\hdserials.txt & echo ===================================================================== >> \\%_host%\c$\hdserials.txt & psexec.exe \\%%C C:\windows\diskid32.exe >> \\%_host%\c$\hdserials.txt
echo finished

The lines of equal signs is to make a recognizable line to look for the hostname and to divide the information in the file that it writes.  The diskid32 executable writes the drive serials, product ids, version numbers, and even the MAC address of the computer.  So the file it writes back it pretty large, but the serials are easy to find.  This will run on XP, Svr 2003, Vista, 7, and Svr 2008.  One of the other admins and I are working on a program to strip out the information that we need from the file and create a report that will be presentable.  It works, gets the correct information, and is free.  So if you need hard drive serial numbers and don’t have other software that can retrieve it for you, feel free to use and modify these scripts to fit your need.  I hope this can help someone.

Page 22 of 49« First...10...2021222324...3040...Last »