unix

Find PHP malware in Linux

Dave Farquhar security , , ,
Find PHP malware in Linux

A lot of people seem to be looking for help cleaning up hacked or infected web sites lately, so here’s a trick I used in the past to find PHP malware in Linux and clean up the infected files.

Read more

Advantages and disadvantages of Windows 3.0

Dave Farquhar Retro Computing , , , , , , , , ,
Advantages and disadvantages of Windows 3.0

I hear the question from time to time what the advantages and disadvantages of Windows 3.0 were. Windows 3.0, released in May 1990, is generally considered the first usable version of Microsoft Windows. The oft-repeated advice to always wait for Microsoft’s version 3 is a direct reference to Windows 3.0 that still gets repeated today, frequently.

Although Windows 3.0 is clumsy by today’s standards, in 1990 it had the right combination of everything to take the world by storm.

Read more

Happy 20th birthday to Windows 95

Dave Farquhar Retro Computing, Windows , , , , ,

It was on August 24, 1995 that Windows 95 was released, amidst much anticipation. It was the most widely anticipated Windows release of all time, and the runner up really isn’t close. The idea of people lining up for blocks for a Microsoft product sounds like a bit of a joke today, but in 1995 it happened.

I received a free copy of it because I worked at Best Buy in the summer of 1995 and I aced Microsoft’s test that demonstrated sufficient aptitude to sell it. A few weeks later I landed my first desktop support gig, ending my career in a blue shirt, which means I probably never actually talked anyone into buying a copy of it.

I got plenty of Win95 experience over the next couple of years though.

Read more

Tricks for giving presentations at work

Dave Farquhar Uncategorized , ,

One of my peers–he does exactly what I do at work, but for Unix machines while I cover Windows–asked me for some tips for giving presentations after he gave a presentation last week. I’ve presented a couple of times myself, and from the feedback I received, I didn’t make too much of a fool of myself, so he asked for my feedback.

I gave him a few tips that have served me well over the years.

Read more

Lenovo’s preinstalled Superfish spyware: A post-mortem

Dave Farquhar security , , , , ,

So, if you haven’t heard by now, last year Lenovo experimented with preloading its cheapest laptops with spyware that subverts HTTPS, allowing a third party to inject ads on any web page, and providing a convenient place for an attacker to hide behind while messing with your secure transactions.

By the end of the day yesterday, Lenovo had apologized, sort of, and after several sites had provided removal instructions, Lenovo provided its own. After spending much of the day downplaying the security concerns, by the end of the day they were at least reluctantly acknowledging them.

This was really bad, and I’ll explain why in a second, and I’ll also try to explain why Lenovo did it.

Read more

Yes, we need to run vulnerability scans inside the firewall

Dave Farquhar security , , , , , , ,

I got an innocent question last week. We’d been scanning an AIX server with Nexpose, a vulnerability scanner made by Rapid7, and ran into some issues. The system owner then asked a question: The server is behind a firewall and has no direct connection to the Internet and no data itself, it’s just a front-end to two other servers. Is there any reason to scan a server like that?

In my sysadmin days, I asked a similar question. Nobody could give me an answer that was any better than “because reasons.” So I’ll answer the question and give the reasons.

Read more

How to become an Info Assurance Analyst

Dave Farquhar security , , , , , , , , , , , ,

So, CNN/Money ran a story on the best 100 jobs in the United States, based on pay, projected job growth over the next 10 years, and quality of life ratings. And there was my job title, at #9. I think you should want to become one, so here’s how to become an Info Assurance Analyst.

The field desperately needs more of us, so I’m happy to share with you how to become someone like me. Read more

Why every breach is different

Dave Farquhar security , , , , , ,

I’ve grown used to being asked what unpatched vulnerability was used in the most recent breach, in an effort to make sure some other company is protected.

I appreciate the desire to learn from other companies’ mistakes and not repeat them. But there are several reasons why the answer to that question is complicated, and not necessarily helpful.

Read more

Why we can’t have nice things: The reaction to IBM’s big black and blue quarter

Dave Farquhar Uncategorized , , , , , , , , , ,

IBM announced yesterday that it had a terrible quarter. They missed earnings, the stock plunged, and Warren Buffett lost a billion dollars.

Everyone assumes Warren Buffett is worried, or livid, and selling off the stock like it’s on fire. Read more

CMD.EXE and its shellshock-like qualities

Dave Farquhar security , , , , ,

“So did you know there’s a Windows version of Shellshock?” a coworker asked the other day.

“What, Cygwin’s bash?” I asked.

“No, in CMD.EXE.”

I thought for a second, back to some really nasty batch files I’ve seen that do goofy stuff with variables and parenthesis and other reserved characters. Suddenly it made sense. Those cryptic batch files are exploiting the command interpreter to do things that shouldn’t be done. Then I smiled.

Read more