Winternals Software announced today that they have been bought by Microsoft. They were bought so that Microsoft could hire the two founders of the company, Mark Russinovich and Bryce Cogswell. These two guys are talented Windows programmers who should add a lot to the Windows development team. They are well known for Sysinternals, the system tools that are extremely helpful in troubleshooting windows. Microsoft is also aquiring all these tools in the deal. I think that this is an excellent move by Microsoft. They get two excellent developers, and all the great support tools. I know Microsoft likes to use the Sysinternals tools, because every time I am on a support call with them they have me download and use one of the tools. It would be great if Microsoft could bundle these tools into Windows, or the windows support tools pack. This would make it much easier to use these tools.
However part of the reason that the Sysinternals tools were so great were because they were third party tools. Now that they are owned by Microsoft, more people will be more distrustful of the tools. But I think that it is a good move overall. Perhaps some other developers in Microsoft will be able to add helpful features to the tools. I definitly do not think that Microsoft will charge for these tools, since there support department uses them so much.
The first new item I saw on slashdot this morning was this post from the Debian dev mailing list. It describes how the dev box gluck.debian.org has been compromised. It mainly caught my eye, because I had just made the decision to try out Debian on a new Linux server I am building. I had planned to install it tonight. I wanted to try out apt-get and the distro, since I have never used Debian before. But now I have read that this isn’t the first time they have been compromised. This sure makes me think twice about putting Debian on my new server.
I recently came across SharpMail, a UK based company that offers a fake email service similar to the service I host here. They offer a lot of cool features like reply back, file attachments, SMS for text messages (doesn’t work in US), rich text messages, and premade prank emails. However they have several features that I don’t like and that make my service better. First you have to register an account with them to do anything. Second they put a very noticeable link in the email. So the recipient knows very quickly that the email is fake. They also have a huge x-header that alerts to the fact that it is a prank. For $35 a year, you can remove these. So if you want to send a more truely anonymous (and free) email try out this. It is my goal to add a few more features to the script, like an optional reply feature, and maybe a new form with a rich text editor. I am also working on a C# program that will do the same stuff.
I have written a small program that will generate random passwords of any size. I am constantly making up new passwords for different things, and found several other password generators online. But I thought I’d write my own for the fun of it. I wrote it in C# using the new Visual C# Express Edition. So it requires the .Net 2.0 framework to run. Next I’d like to convert it to javascript and put it online. You can download the program here and the source here. Feel free to do with it as you like. Continue reading ‘C# Password Generator’
I have mentioned how I use Microsoft’s Virtual Server to create hosts for different projects. So I thought I would write a howto showing how to get Virtual Server up and running. I took screenshots of the whole process and describe some useful features that I use. There are several different virtualization products, but I think the Virtual Server is one of the better ones. It is also free too.
First download Virtual Server from Microsoft’s web site. Continue reading ‘Setup a host with virtual server’
A honeypot is a computer system that is designed with the intent to catch hackers. It is positioned in a network in a spot where it is a good target for hackers. Honeypots can be used to detect malicious activity on a network or to prevent hackers from hacking a network by being a decoy. Honeypots are also frequently used for research to detect and analyze new worms and attacks. There are two basic catagories of honeypots, high-interaction and low-interaction. A high-interaction honeypot is a system that is designed to be completely compromised. A low-interaction honeypot is a system that simulates different parts of a network system. In this article we are going to build a low-interaction honeypot with the Windows program HoneyBot.
Honeybot which can be downloaded here is a Windows program that opens over 1200 TCP and UDP ports and simulates common services on them. It then captures all packet traffic to these ports and logs the packets and IP address. It is able to simulate some basic services by replying on certain ports. It is also able to capture worms and trojans by saving them to a folder. It is an easy to use program that is a good choice for getting your feet wet with honeypots.
Continue reading ‘Run a Low-Interaction Honeypot with HoneyBot’
Google just released the limited beta version of their new online Spreadsheet application. I signed up as soon as it was available and received my invitation a few hours later. After working on a few spreadsheets with it, I found it to be a nice, easy to use spreadsheet application. I think it has a lot of potential. However, I am not planning to switch from Excel to Google Spreadsheets anytime soon. This got me thinking about the pros and cons of online office apps, and I hace concluded that most office apps have a long way to go before they are widely used. So here is a list of some of the cons of online applications, and my thoughts about them.
Continue reading ‘Will Online Office Apps take over the desktop?’
I am a big fan of the Rubik’s Cube. I got one for Christmas a few years ago, and I love solving it. I like solving it when I am stressed at school, cause it is a good way to take your mind off of what you are doing. Then I came across a 4 dimensional Rubik’s cube computer program. It was pretty tricky, but after doing it a while I got the hang of it. Today on slashdot I got a link to a 5 dimensional cube. This is going way too far. Kind of like the 20×20x20 cube too. Continue reading ‘5 Dimensional Rubik’s Cube’
I have been using the Office 2007 Beta for the past few weeks, and I have a few problems with it. My biggest problem is with the new interface. While I think the new interface looks slick, my problem with it is that it is new. Word, Excel, Powerpoint, and Publisher, have all had virtually the same interface since they first came to Windows in 1992: Continue reading ‘Microsoft Office 2007 Review’
I’ve always known how to do basic IP sniffing, but with all the recent news focus on the Data Mining of the NSA and AT&T I decided to do a little research and dig into IP sniffing. Obviously the NSA uses some pretty sophisticated software and hardware to handle all the IP data that they collect, but there are plenty of open source tools that will do pretty much the same stuff for a smaller network.
The best program for packet capture and analysis is Ethereal. It captures packets and displays them in a nice GUI. It can also save the packets to a file and open and process captured packets files. It has the ability to process the packets by applying filters. For example, you could filter out all arp traffic, or only capture http. Ethereal also allows you to filter by TCP stream. It can display all the data portions of a packet in the stream that they came in. In this way, you could reconstruct an html page, or smtp email. However the purpose of this article is not to be a guide on Ethereal, but to show you how to arrange your network to sniff your internet connection and capture all packets coming and going across your internet pipe.
There are many reasons that you might have to want to sniff your internet connection, or even to capture and record all packets that are passing through. One reason is that it is a fascinating and great way to learn about networks and how packets flow through the network. Another reason could be to find and defeat a hacking attack or malware. You could also monitor your network to determine what users are doing and watch them. (like the nsa) Continue reading ‘Network Layouts for IP Sniffing’