security

Expect your HP printer to get 0wnz0r3d shortly

Dave Farquhar security , , ,

Courtesy of Dan Bowman: You may have seen the brief writeup on Slashdot about how to set printers on fire by messing with the fuser, but in Germany next month there’s going to be a security engineer’s nightmare unleashed, courtesy of the HP printer that’s probably sitting a few feet outside your cubicle and mine.

And there’s a whole lot more to it than just messing with the fuser in hopes of killing a printer or (perhaps) starting a fire. There’s a lot more to a printer than toner and a fuser. As the link above says, a printer contains an embedded Linux or Vxworks system that’s trivially easy to install a rootkit on and that nobody’s paying attention to. Seriously, who watches traffic coming from the printer?

The possibilities are endless.
Read more

How to make a DMZ with two routers

Dave Farquhar security , , , , , , , ,

I’ve alluded in the past to why it’s a good idea to make a DMZ with two routers, but I’ve never gone into depth about how and necessarily why to do it.

If your ISP gave you a combination modem/switch/access point/router and it only supports 100 megabit wired and 54-megabit (802.11g) wireless and you want to upgrade to gigabit wired/150-meg (802.11n) wireless, here’s a great way to make the two devices work together and improve your security.

Read more

How I secured my new wireless router

Dave Farquhar security , , , ,

For the first time ever, I actually have a wireless router that can cover my whole house. I’ve been interested in wireless security for a long time, but haven’t actually had to do much with it because I wasn’t running any wireless networks at home.

I spent a few minutes securing my network after I got it up and running. I talked at rather long length about that in the past, but on a really practical level, here’s what I did in a mere 10 minutes that will make a big difference.

Read more

Disable USB mass storage to solve the USB drive-in-the-parking-lot problem

Dave Farquhar security , ,

If you’re not concerned yet about the danger of people finding random USB devices in parking lots and plugging them into work PCs, eventually you will be. The answer to the problem is to disable USB mass storage on business PCs. Of course, then there’s the question of how you connect hard drives for legitimate company use.
Read more

Appremover can remove stubborn antivirus software

Dave Farquhar security , ,

Antivirus software can be among the hardest software to uninstall, because its hooks dig so deeply into the operating system. I’ve seen it fail to uninstall for a variety of reasons. Sometimes it requires a password, which was entered by someone other than you and never written down. Or sometimes something gets corrupted, and the program’s uninstaller fails. If you need to remove stubborn antivirus software, there’s a solution.

Enter Appremover.

Read more

A source of great inspiration evaporates

Dave Farquhar security , ,

Google announced this week that it’s defaulting to https (secure) searches, and not passing search queries on to the sites its user clicks anymore. It’s the end of an era, I guess, and I’ll miss it.

Yeah, I looked at the search queries that come into this site. I’ve been doing it for years.

Read more

Yesterday was Patch Tuesday again

Dave Farquhar security , ,

I’m way too tired to do the kind of Patch Tuesday writeup I did last month, so I’ll just remind you, and hope that suffices. This month we have vulnerabilities in Windows, Internet Explorer, Silverlight, and .NET, some of which can cause remote code execution, which is a holy grail for spreading malware. So apply those updates. The Silverlight update applies to Macintoshes as well.

Don’t use software firewalls: Good advice or bad?

Dave Farquhar security , , , , , , , , , , ,

A common piece of good-meaning advice you’ll hear is that you should never use software firewalls. But is that good advice, or bad?

On the surface, it’s good advice. It’s much better to use the firewall built into a cable/DSL router. But the software firewall built into Windows XP, Vista, 7, and (presumably) 8 makes for a good second line of defense, so I don’t recommend disabling it.

I’ll explain further.

Read more

Stop social networking sites from tracking you

Dave Farquhar security , ,

I found some tips to help stop social networking sites from tracking you outside of them at a surprising place: Infoworld.

And yes, to one degree or another, social networking sites can track what you’re doing on the rest of the web. If that doesn’t bother you, move along. If it bothers you, read on.

Read more

Beware the Mebromi, my son: BIOS infections

Dave Farquhar security, Viruses , , , ,

Symantec has identified Mebromi. a piece of malware that not only infects the MBR, but also infects the Award BIOS. BIOS infections are very difficult to detect and eradicate.

By hooking into the BIOS, Mebromi can easily re-infect a system the next time you reboot. Which is exactly what it does. Read more