A security professional fights back against tech support scammers

Dave Farquhar scams , , , , , ,

I guess Matt Weeks is as sick as I am of tech support scammers, because he developed a way to fight back, in the form of a Metasploit module that exploits a software defect in the AMMYY remote access tool that these scammers sometimes use. Metasploit is a tool that penetration testers use to demonstrate–with permission–how hackable a computer network is. In this case, the would-be victim is penetration testing someone without permission. Run the module when the scammer connects to the would-be victim, and he or she gets a command prompt on the criminal’s PC. At that point, the would-be victim can break their computer, perhaps by deleting critical files, corrupting the Windows registry, or something else. Anything you can do from a command prompt would be possible at that point.

I’m anything but heartbroken that this threat exists, although I’m not going to do this myself. Let me explain. Read more

Scratchbuilding, Marx-style: Finishing the roof

Dave Farquhar Toy trains , , , ,

This is a continuation of something I wrote well over a year ago detailing how I build Marx-style boxcars out of simple materials. Train season is starting up again soon, so it’s about time I finished this story.

Once the box that will become your Marx-style boxcar is dry, it’s time to tend to the roof.

This method won’t produce a contest-quality roof by any stretch, but it will produce something that will blend in well with Marx cars. The idea here is to produce something that most hobbyists can accomplish in an evening and that won’t overwhelm the other cars in the train. Read more

How to clean up a Windows server

Dave Farquhar security, Windows , , , , , ,

From time to time, Windows patches will fail to install because a server doesn’t have enough space to install them. Finding the ginormous files are that are hogging all the space on the C drive is really tedious if you do it by clicking around in Windows Explorer, but there’s a better way.

Download the free Sysinternals Du.exe utility and you can find the behemoths in minutes, if not seconds. Read more

Solving the Windows 0x13d error, aka the 317 error, and watch for the scams

Dave Farquhar scams, Windows , ,

Yesterday when performing a routine server inventory, I received a Windows 317 error, aka a Windows 0x13d error, when I tried to view some directories remotely from a batch file.

The exact text of the error message: The system cannot find message text for message number 0x13d in the message file for System.

If you’ve received a 0x13d error and you’re wondering what it means, it seems to be an unhealthy system’s way of saying “file not found.” In my case that’s what it appeared to be. If the lack of a human-readable error message bothers you, I found two possible culprits: One is system hardening–perhaps you’ve applied the recommendations from CIS, USGCB/NIST, or the DISA STIGs to the system–or the more likely culprit, services not running that need to be. Start with some very routine maintenance. Check the remote machine to make sure all the services that are set to start automatically are indeed running, and you might want to think about rebooting.

In case you need legitimate details, pay http://msdn.microsoft.com/en-us/library/windows/desktop/ms681382%28v=vs.85%29.aspx a visit.

When researching the error code, I found an interesting scam—tons of sketchy web sites, some that did a decent job of impersonating Microsoft, offer programs to fix the issue. Microsoft doesn’t offer downloadable fix-its for error messages like this because these are the kinds of problems that require some human intelligence to resolve.

Read more

And… Home Depot confirms it’s been breached

Dave Farquhar security ,

In news that will surprise no one, Home Depot confirmed it’s had credit card data stolen.

I also learned that in an effort to defeat my usual security measures, people increasingly will buy cards local to them, so they can shop in the same zip code, or a very nearby zip code to the victim. They then buy expensive merchandise and/or gift cards. This tactic limits the market but increases the effectiveness if you happen to own the unlucky card that your malicious neighbor buys.

About the only way to defeat this behavior is to keep a close eye on your account statements, which means cutting down on credit card use probably would make it easier for you to notice fraud. And, of course, when your credit card company sends a new card, activate it as quickly as possible.

As for what happened, there’s lots of speculation but no confirmation as of yet. Now the start date has been revised back to perhaps sometime in April, and while the number of stores hasn’t been confirmed, the numbers I’m seeing range from 1,700 to all 2,200 of them.

As far as what’s going on, I think we’re in a situation much like the era of The Cuckoo’s Egg, where the world is changing faster than the security world and the corporations who employ it can keep up. In a few years I’ll look back on it in awe of what I learned, but for now, I have to admit feeling scared more than anything. I think we’ll get through it, but at this point in the battle, I still don’t know how.

IT jobs shortage? Slide over to security

Dave Farquhar security , , , , , , , , ,

IT jobs are getting scarce again, and I believe it. I don’t have a cure but I have a suggestion: Specialize. Specifically, specialize in security.

Why? Turnover. Turnover in my department is rampant, because other companies offer my coworkers more money, a promotion, or something tangible to come work for them. I asked our CISO point blank if he’s worried. He said unemployment in security is 0.6 percent, so this is normal. What we have to do is develop security people, because there aren’t enough of them.

I made that transition, largely by accident, so I’ll offer some advice. Read more

What to do when you have more open slots than drive bays

Dave Farquhar Hardware

Every once in a while you find something you weren’t looking for, then you wonder why you never thought of it before. That’s what I thought when I saw the Kingwin 2-Bay PCI adapter. It’s a bracket that slides into a couple of empty slots and gives you space to mount a pair of 2.5″ hard drives or SSDs.

It’s brilliant because almost any computer these days has empty slots because all of the essential stuff that used to be on plug-in boards comes integrated onto the motherboard these days. And if you put a micro ATX motherboard into a full ATX case like I often do, you have at least two empty slots that you couldn’t use even if you wanted to.

This is a brilliant way to get a couple of additional drive bays in a desktop computer, so I highly recommend it.

I’m pretty sure my card’s been breached again, so here’s what I’m doing

Dave Farquhar security ,

So it’s starting to look like Home Depot got breached. Nobody knows yet how bad it is. I decided to be proactive and call my credit card company because I shop at Home Depot a lot, and they just read me a canned script. OK, they don’t want to know if I think my card was among those breached.

Here’s what I’m doing in the meantime. Read more

Upgrading an HP Mini 110 to Linux Mint 17

Dave Farquhar Linux , , , , , , , ,
Upgrading an HP Mini 110 to Linux Mint 17

Over the Labor Day weekend I decided to upgrade my HP Mini 110 netbook to Linux Mint 17. The Mini 110 can handle Windows 7, but Linux Mint doesn’t cost any money and I figure a Linux box is more useful to me than yet another Windows box. There are some things I do that are easier to accomplish in Linux than in Windows. Plus, I’m curious how my two young sons will react to Linux.

Linux Mint, if you’re not familiar with it, is a Ubuntu derivative that includes a lot of consumer-friendly features, like including drivers and codecs and other common software that aren’t completely open source. It’s not a Linux distribution for the Free Software purist, but having options is one of the nice things about Linux in 2014.

Linux Mint includes a lot of useful software, so once you get it installed, you’re up and running with a useful computer with minimal effort.

Read more