Computer Tips -Tech Info

To show you where the threat with bot networks is going there’s a story today on Nugache (Symantec summary) which is a bot that takes advantage of a number of clever tricks to avoid having the whole bot net shut down, allow command and control on an encrypted channel and essentially have no “human readable strings” in any of it’s communications. The encryption of it’s connections makes it harder for IDS to catch it (as they rely on signatures of traffic.

Read the rest of this entry »

There’s quite a bit more discussion on a DOS bug in Firefox 1.5.0.3, the link goes to a site where they’ve confirmed the issue and there is a link there to a POC, so be cautious. It turns out that using javascript, image tags can be made to have a mailto: link which can automatically launch tons of instances of whatever default mailhandler a system has (essentially one for each image tag.) Right now, this sounds more like a Denial of Service risk, as I don’t see at this point any evidence that anything WORSE could be done than really freezing up the system with too many copies of the mail program open.

Read the rest of this entry »

But perhaps you are not as powerful as the emporer has foreseen…. I just skimmed the stats and saw an abornmal spike in traffic over the last hour, so being curious…. I checked the server logs and saw trackback post after trackback post, all different Internet Explorer versions. It doesn’t seem to be the same ip address repeating, but several. (Could it be a bot net?) Anyway, not much time here to investigate on that. Fortunately though, the trackback spam defending jedi akismet has been holding it’s own quite well with the onslaught. This is frankly the biggest trackback spam storm I’ve seen EVER which makes me curious as to why I came up on the radar…

Read the rest of this entry »

There is a company (well, unfortunately, WAS a company) called Blue Security. They had an innovative approach to stopping spam. A small download essentially sent opt-out return emails that were junk back to the REAL spam sender (clever concept huh? bouncing to the person that REALLY sent the message… Of course what was clever here was that they were coordinating the responses of all their users – herding a “white hat” network of sorts.) Anyway, it was a successful concept at getting several of the top 10 to clean their mailing lists.It looks as though 6 of the top 10 agreed to clean up their mailing lists. Unfortunately, they were the subject of a Massive DDOS. They managed to recover and come back, but the dDos took out other sites as well and there were threats of more it seems.

Read the rest of this entry »

I’m in the process of uploading an update to the mozilla firefox 1.5 rpms for Mandriva 2006 that I have posted previously on the site. They should be browsable at http://www.averyjparker.com/wp-content/downloads/firefox/. In that directory you’ll see the source rpm I built from, then a subdirectory for firefox-1.5.0.3 with the main rpms and a subdirectory of THAT with the devel rpms.

Read the rest of this entry »

I ran into an install of Quickboos Pro 2005 that was having a peculiar problem. When any company file was opened I was seeing an Internet Explorer Script Error message (quickbooks uses Internet Explorer to parse the company page ( Usually C:\Program Files\Intuit\Quickbooks\Components\Pages\Comppage.qpg ) The error basically said “An error has occurred in the script on this page” it gave a line and char number and there were three different Error: messages. One was Object Required and another was Class not registered. This is a Windows XP Pro system with all current updates for windows AND quickbooks.

Read the rest of this entry »

This is one that’s not as obvious as it should be. Every keyboard has a “print screen” button – usually it’s in the group over above the insert/home/pageup/delete/end/pagedown block. Sometimes (especially on laptops) it’s shared with something else. But…. most people will notice if they press “print screen” on a windows pc… not much seems to happen. (On my KDE/Linux desktop it pops up a program called ksnapshot…) If the print screen key is shared with another function (say on a laptop) you may need to press the function button at the same time as the print screen button to get the following to work.

Read the rest of this entry »

Scansafe is launching a new free product called scandoo which aims to tag search results with Green yellow and blow widgets so you know which sites are safe (green), dangerous (red) or uncertain (Yellow). ZDnet had news of the scandoo service which is not the first attempt at making the web safe… Siteadvisor from McAfee attempts to do the same (with installed software) and Symantec is working on a competitor as well. Further there are toolbars that attempt to protect users from phishing scams, but I’m not sure that this service will be as successful as hoped.

Read the rest of this entry »

As they say on their site “Experience Linux without the hassles of installation and adminstration.” Inqub has a new product out called Netcubicle which basically is this…. for $4.50 a month, you can have a Gigabyte of storage and a linux desktop accessible from most any computer in the world. (Or command line SSH access too.) Apparently it’s based on Ubuntu/Kubuntu (They say gnome/kde are both available). The KDE Dot calls it a KDE Desktop Hosting Service.

Read the rest of this entry »

So, I finally got down to about 5 tabs left in my firefox window and decided I could kill it off and restart it without really losing my place so I could get a good look at the Google Notebook plugin. First impression is that it’s fairly unobtrusive and is in the notification bar with the rest of my plugins (google mail notifier, google calendar notifier, noscript, adsense notifier and adblock…) Clicking on it gives the chance to create a new notebook and then loads a little Web 2.0 looking box complete with resize/close widgets and an Add note button and Actions menu.

Read the rest of this entry »