my .02 on security topics
Just got back from attending BlackHat 2008 in Las Vegas.
Once again there was so much knowledge floating around it is hard to retain it all.
I got to meet several folks this year, and ran into some unexpected faces.
A good time was had by all.
Now if they could just make BlackHat slightly cheaper I could go more often ; )
So there it is, about 6 months since my last post. What can I say, I’m busy just not ver interesting : )
Where is it…, where did it go…, was it ever here…?
Local DFW user groups (or at least those related to security) seem to be in the slumps. Most are all but disbanded and and very few are attempting to gain a foot hold.
Mean while some corporate variants seem to be doing well, but have participant requirements, annual dues, costs per meeting, and are often during lunch on a given business day.
I look around and can’t help but to notice the largest concentration is in Dallas, and yet this city in the top 10 largest US cities list has almost no visible active security hobbyist groups.
So who’s up for a UT Arlington Security Club?
The gods, i hate that saying. When did a heart stop being a symbol for the word “love”. Guess what kids, it is “I Love <inseert noun here>”, not “I heart <insert noun here>”.
Anyways I digress. It’s been way to long since i posted and as a follow-up to the last post my new favoritest tool is Secunia’s PSI, Personal Software Inspector.
Download it, run it, love it. You will be surprised at the clutter it finds.
So what tools are really cool, really easy, and really useful.
1.) First and foremost everyone must run a web browser that is not Microsoft IE. You will never get completely away from IE, however use it only when absolutely required by the site or application you are attempting to visit. I personally am a FireFox zealot however FireFox has gotten fat. FireFox was originally designed as a lite browser and as they added features and effectively dropped the Mozilla browser FireFox became everything it wasn’t. Although FireFox has attracted it’s fair share of malware it is still “safer” than IE. Add on a few extensions like NoScript and FlashBlock and you radically increase your chances for clean surfing. Opera is a very good alternative however I don’t use it enough to give it it’s proper credit. Browsers are the single most used application on almost any PC and yet the security in browsers is always sacrificed for convenience.
2.) While on the subject of browsers. REMOVE ALL TOOLBARS! I loath toolbars. I have found 90% of all toolbars to be unessential garbage and half of them are littered with ad-ware and spy-ware. Those that are not can still pose various threats. My other dislike towards toolbars is that they take up screen real estate and give you a smaller viewable area.
3.) Okay, i’m a hypocrite. The only toolbar I use or find of any value is the Netcraft Anti-Phishing Toolbar. It’s small and all it does is a whois via Netcraft.
4.) Media players. As I do not do much other than play MP3s i perfer Winamp Lite. It is small and it does not have the 100 extra features to target via malicious code and scripts. Also media players like web browsers are popular tragets and must be kept well up-to-date.
5.) A new tool on my list is the Secunia Personal Software Inspector (SPI) Beta. This is a sweet little tool that will scan your system for known software and report what needs to be updated. Secunia for those that do not know tracks and rates the criticality for known vulnerabilities. I was surprised at the number of applications that were out of date the first time i ran this tool.
6.) Data Privacy. Aside from the obvious stuff like checking for HTTPS in the URL, disabling passwords and form memory in the browser, and simply being cognizant of data you share there are time you just want more. Tor is the current king of anonymous networking. However it can be tricky to setup properly. For ease of use and portability i like the xbBrowser (formerly TorPark) as it is an all in one torrified browser.
7.) Encryption. Long Live GPG. There are numerous GPG frontends for use it all depends on preference. I have found gpg4win to work rather well.
8.) Other commonly used tools include, LavaSoft AdAware, Spybot Search and Destroy, and almost anything by Sysinternals.com (now part of MS TechNet) especially ProcessExplorer, TCPView, AutoRuns, and RootKit Revealer. Oh, and of course Anti-Virus software.
It is not hard to keep your PC safe but it does require a conscious effort. It only took 100 years to make the modern seat belt mandatory and effectively a habit for American drivers. One of these days PC security practices will also be commonly used by everyone.
For a while I have wanted to put together a Security CheckList for Mac. Since that has not yet happened here is a list of some other docs and sites that have already done so.
Other UT sites
Mac OS X - http://security.utexas.edu/personal/mac/macosx.html
Mac OS X - http://www.utsa.edu/infotech/docs/Security/Mac_OSX_Checklist.pdf
Mac Server - http://www.utexas.edu/its/policies/checklists/macosx.php
Apple
http://images.apple.com/server/pdfs/Tiger_Security_Config_021507.pdf
SANS
http://www.sans.org/score/macosxchecklist.php?
Corsaire
http://research.corsaire.com/whitepapers/technical.html
Yey, I have entered the age of blogging. Though I think the term is utterly ridiculous and has been misrepresented by the media to make it something it was never intended to be. But hey “personal web page” or “web journal” doesn’t sound as catchy. Anyways, here it is. Enjoy it, ignore it, hopefully some will find it useful if not merely entertaining.