Archive for September, 2009

Larry the Sailor Explains Cloud Computing

Larry Ellison has some concerns to share about the marketing of cloud computing:

VRF is the new Black: How I Learned to Stop Worrying and Love the Complexity

Breaking up your network “is good,” we all know this, and VLANs have traditionally been used to segment a network to help with maintenance, management, and security; but, they are not the only game in town and often the wrong place to break your network into smaller and more efficient pieces. VPN Routing and Forwarding […]

Nazis burning books.

Banned Books Week Begins

Every year since 1982, the last week of September has kicked off Banned Books Week for libraries and bookstores around the nation, celebrating the freedom to read. Participating libraries and bookstores put up displays containing banned books. The week was so designated in 1982 to draw attention to the spike in challenges to books being in libraries, schools, and bookstores.

Back in January the @BarackObama account was broken into.

Breaking Twitter (authentication)

But wait you say, are you trying to tell us that brute force password attacks will move to the API when I just read on the Twitter API wiki that the API severely limits the rate of calls you are allowed to make to it (200/hour/IP for authenticated requests without whitelisting)? That should be a mitigating control. Should be, but isn’t, because it is not enforced on all of the API calls.

The phishing site's Twitter login screen.

ROFL this you on here? The latest Twitter Worm

At 2pm on Wednesday 9/24, wide scale reports started showing up on Twitter that a new Twitter worm sends you a direct message with the content “rofl this you on here? http://videos.twitter.secure-logins01.com”. The link opens a Twitter style log in page (albeit Twitter’s previous version of this page, they have a new one) which, except for being an old version and a stray angle bracket is convincing. Upon logging in the user’s credentials are stolen, and presumably direct messages are sent to each follower that user has.

2008 Server to the Core

One of my favorite websites in the days of Windows 2000 Server was a project from a group of system managers from the Department of Electrical Engineering at the Swiss Federal Institute of Technology; it was titled “Real Men Don’t Click”, and it was dedicated to accomplishing tasks solely using the command line interface (CLI). […]

Who’s Being Promiscuous in Your Active Directory?

I’m always a fan of more queries and peaks at what is going on in my AD domain, especially at what is happening on the workstations. I was working on some WMI queries to get information about network interfaces using the Win32_NetworkAdapterConfiguration class, and thought about promqry.exe. Promqry is a tool provided by Microsoft to […]

Windows Task Scheduler: Backwards Incompatibility

Scheduled tasks are plentiful in most environments. Managing them is typically a nightmare. You have some running to truncate and copy off logs someplace, or others to run a proprietary backup utility to dump a copy of your Quickbooks data; whatever the reason, over time there are more and they are everywhere. Typically, you want […]