headers
Antti.Laatikainen | 2 Jan 2012 08:20
Picon

RE: USB Flash Drives

Hi!

One important thing to keep in mind is that many of these
solutions require admin rights to the computer to work-
Or if not that, they require some additional software to
be installed on the computer prior to work.

There are good, strong solutions like Kingston Vault sticks that
don't need any users right or programs to be installed. They handle
the encryption using built-in hardware on the stick.

One solution (in AD environment) would be to use the Bitlocker to go.
It's cheap, gets the job done and you have nice set of features that you
can configure using GPO's, like  "Deny Write Access to Removable Drives Not 
Protected By BitLocker"

Check out more info:

http://www.windowsnetworking.com/articles_tutorials/using-bitlocker-encrypt-removable-media-part1.html

Antti Laatikainen

-----Original Message-----
From: listbounce <at> securityfocus.com [mailto:listbounce <at> securityfocus.com] On 
Behalf Of fecub
Sent: 23. joulukuuta 2011 23:27
To: security-basics <at> lists.securityfocus.com
Subject: Re: USB Flash Drives

TrueCrypt is a perfect tool for things like this. you can crypt your files and
(Continue reading)

Permalink | Reply | 4 comments |
headers
Shreyas Zare | 2 Jan 2012 17:18
Favicon

[TOOL RELEASE] Technitium MAC Address Changer v6 (FREEWARE)

Hi,

Technitium MAC Address Changer allows you to change Media Access
Control (MAC) Address of your Network Interface Card (NIC)
irrespective to your NIC manufacturer or its driver. It has a very
simple user interface and provides ample information regarding each
NIC in the machine. Every NIC has a MAC address hard coded in its
circuit by the manufacturer. This hard coded MAC address is used by
windows drivers to access Ethernet Network (LAN). This tool can set a
new MAC address to your NIC, bypassing the original hard coded MAC
address. Technitium MAC Address Changer is a must tool in every
security professionals tool box.

Visit http://tmac.technitium.com for more information and to download
the software.

NEW FEATURES
============

+= Internet Protocol v6 (IPv6) support added.

+= Works on Windows 7 and Windows 8 (Developer Preview) for both
32-bit and 64-bit.

+= Automatic Update feature added to update software to latest
available version.

+= Update network card vendors list feature allows you to download
latest vendor data (OUI) from IEEE.org.
(Continue reading)

Permalink | Reply | 0 comments |
headers
Jan van Niekerk | 2 Jan 2012 16:56
Picon

Re: [Full-disclosure] captcha

On Sun, Jan 1, 2012 at 3:43 PM, ebhakt <ebhakt <at> gmail.com> wrote:
> Hii guys,
Hii Ebhakt

> I want to know the logic behind creating a captcha imagey
> I know how the servers are designed and what the captcha security does!!
> but how the captcha imagae is generated
> that's my main question !!
The code that generates captcha imagey is top secret proprietary
software.  Only the top software engineers of the global captcha
security firms have access to the source code, and then only when each
one of them provides half of the security key to decode the system.
The code is never actually loaded in memory.  If this code ever got
into the wrong hands then the entire captcha security system would be
broken.
>
> Any ideas , guesses !!
Maybe do a dictionary attack.
> Just mail around !!
>
> Thanks
your welcome hopes this helps

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL
works, how it benefits your company and how your customers can tell if a site is secure. You will find out how
to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout,
best practices for set-up are highlighted to help you ensure efficient ongoing management of your
encryption keys and digital certificates.
(Continue reading)

Permalink | Reply | 1 comment |
headers
Shreyas Zare | 2 Jan 2012 16:54
Favicon

[TOOL RELEASE] Technitium MAC Address Changer v6 (FREEWARE)

Hi,

Technitium MAC Address Changer allows you to change Media Access
Control (MAC) Address of your Network Interface Card (NIC)
irrespective to your NIC manufacturer or its driver. It has a very
simple user interface and provides ample information regarding each
NIC in the machine. Every NIC has a MAC address hard coded in its
circuit by the manufacturer. This hard coded MAC address is used by
windows drivers to access Ethernet Network (LAN). This tool can set a
new MAC address to your NIC, bypassing the original hard coded MAC
address. Technitium MAC Address Changer is a must tool in every
security professionals tool box.

Visit http://tmac.technitium.com for more information and download links.

NEW FEATURES
=============

+= Internet Protocol v6 (IPv6) support added.

+= Works on Windows 7 and Windows 8 (Developer Preview) for both
32-bit and 64-bit.

+= Automatic Update feature added to update software to latest
available version.

+= Update network card vendors list feature allows you to download
latest vendor data (OUI) from IEEE.org.

+= Enhanced network configuration presets with IPv6 support allow you
(Continue reading)

Permalink | Reply | 0 comments |
headers
Landon Hurley | 2 Jan 2012 19:57
Picon

Re: wps and wifi security


US-CERT recommended white-listing mac addresses to compensate for losing wps.

 http://www.theregister.co.uk/2011/12/29/wi_fi_not_protected/

(The us-cert link is in the article)

Landon

-------- Original Message --------
From: Globalart4u Enquiries <enquiries <at> globalart4u.com>
Sent: Wed Dec 28 17:58:51 EST 2011
To: security-basics <at> securityfocus.com
Subject: wps and wifi security

Dear All

Since reading the article that wps is vulnerable and the experts advising
that this be 'unticked' so it is disabled but surely if wps is disabled then
it is more of a security risk as this means there is no password so anyone
can hack into the wifi as it is exposed? Or does it not work like that?

Link to the article here -
http://www.zdnet.com/blog/networking/wi-fi-protected-setup-is-busted/1808

Thanks

Tallat

www.promomat.biz
(Continue reading)

Permalink | Reply | 0 comments |
headers
Edward | 2 Jan 2012 20:08
Picon

Re: USB Flash Drives

Hi,

I would also like to note that there is a portable versions available
for many popular encryption software, such as TrueCrypt. As long as
you are using Windows PCs, you can access your data anywhere, without
any additional software. That said, buying thehardware-encryption
USB's mentioned before may be a better way to go, just thought I'd add
to the options.

Edd

On 2 January 2012 07:20,  <Antti.Laatikainen <at> santen.fi> wrote:
> Hi!
>
> One important thing to keep in mind is that many of these
> solutions require admin rights to the computer to work-
> Or if not that, they require some additional software to
> be installed on the computer prior to work.
>
> There are good, strong solutions like Kingston Vault sticks that
> don't need any users right or programs to be installed. They handle
> the encryption using built-in hardware on the stick.
>
> One solution (in AD environment) would be to use the Bitlocker to go.
> It's cheap, gets the job done and you have nice set of features that you
> can configure using GPO's, like  "Deny Write Access to Removable Drives Not
> Protected By BitLocker"
>
> Check out more info:
>
(Continue reading)

Permalink | Reply | 3 comments |
headers
synja | 2 Jan 2012 20:11

Re: wps and wifi security

WPS is separate from WPA/WPA2 encryption.

It provides a method of automatically configuring the client.

Rob

Sent on the Sprint® Now Network from my BlackBerry®

-----Original Message-----
From: "Globalart4u Enquiries" <enquiries <at> globalart4u.com>
Sender: listbounce <at> securityfocus.com
Date: Wed, 28 Dec 2011 22:58:51 
To: <security-basics <at> securityfocus.com>
Subject: wps and wifi security

Dear All

Since reading the article that wps is vulnerable and the experts advising
that this be 'unticked' so it is disabled but surely if wps is disabled then
it is more of a security risk as this means there is no password so anyone
can hack into the wifi as it is exposed? Or does it not work like that?

Link to the article here -
http://www.zdnet.com/blog/networking/wi-fi-protected-setup-is-busted/1808


Thanks

Tallat

www.promomat.biz
(Continue reading)

Permalink | Reply | 1 comment |
headers
Landon Hurley | 2 Jan 2012 20:19
Picon

Re: wps and wifi security


Us-cert recommended white list mac addresses to compensate.

Landon

-------- Original Message --------
From: synja <at> synfulvisions.com
Sent: Mon Jan 02 14:11:37 EST 2012
To: Globalart4u Enquiries <enquiries <at> globalart4u.com>, listbounce <at> securityfocus.com, security-basics <at> securityfocus.com
Subject: Re: wps and wifi security

WPS is separate from WPA/WPA2 encryption.

It provides a method of automatically configuring the client.

Rob

Sent on the Sprint® Now Network from my BlackBerry®

-----Original Message-----
From: "Globalart4u Enquiries" <enquiries <at> globalart4u.com>
Sender: listbounce <at> securityfocus.com
Date: Wed, 28 Dec 2011 22:58:51
To: <security-basics <at> securityfocus.com>
Subject: wps and wifi security

Dear All

Since reading the article that wps is vulnerable and the experts advising
that this be 'unticked' so it is disabled but surely if wps is disabled then
(Continue reading)

Permalink | Reply | 0 comments |
headers
bodsda | 2 Jan 2012 20:28

Re: wps and wifi security

Are you confusing wps with wpa - wps is the push-button/pin connection method whereas wpa is wifi
encryption. Disabling wps doesn't mean you no longer have a wpa password, it means you can't use
push-button/pin to make connections.

Bodsda 
Sent from my BlackBerry® wireless device

-----Original Message-----
From: "Globalart4u Enquiries" <enquiries <at> globalart4u.com>
Sender: listbounce <at> securityfocus.com
Date: Wed, 28 Dec 2011 22:58:51 
To: <security-basics <at> securityfocus.com>
Subject: wps and wifi security

Dear All

Since reading the article that wps is vulnerable and the experts advising
that this be 'unticked' so it is disabled but surely if wps is disabled then
it is more of a security risk as this means there is no password so anyone
can hack into the wifi as it is exposed? Or does it not work like that?

Link to the article here -
http://www.zdnet.com/blog/networking/wi-fi-protected-setup-is-busted/1808


Thanks

Tallat

www.promomat.biz

www.promostamper.co.uk
(Continue reading)

Permalink | Reply | 0 comments |
headers
khushal201301 | 3 Jan 2012 09:22
Picon

SIP with scapy

Hi All,

How we can test SIP network with scapy. I googled a lot, but unable to find the correct document and steps to
perform the same.  If anyone have a experience with same. Please share
khushal Srivastava

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL
works, how it benefits your company and how your customers can tell if a site is secure. You will find out how
to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout,
best practices for set-up are highlighted to help you ensure efficient ongoing management of your
encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
Permalink | Reply | 0 comments |

Gmane