Monthly Archives: May 2008

Debian/Ubuntu OpenSSL Vulneribility

Well if you use Debian or Ubuntu is would suggest looking into that conf, apparently PRNG (Pseudo Random Number Generator) is predictable and installing a patch isn’t good enough to fix this problem. After installing the patch you will need to regenerate your keys.

All OpenSSH and X.509 keys generated on such systems must be considered untrustworthy, regardless of the system on which they are used, even after the update has been applied.

USN-612-1: OpenSSL vulnerability
DSA-1571-1 OpenSSL – Predictable Random Number Generator

NoCleanFeed.com

Electronic Frontiers Australia (EFA) has started a website called NoCleanFeed.com, the aim of the site is to oppose ISP content filtering that is being proposed by the Australian Federal government.

No Clean Feed

Google Adwords Phishing

Someone is now targeting Google Adwords users in an attempt to gain access to their accounts. I Received the following email today:

Dear Google AdWords Customer,

We were unable to process your payment.
Your ads will be suspended soon unless we can process your payment.
To prevent your ads from being suspended, please update your payment information.

Please sign in
to your account at http://adwords.google.com/select/login,
and update your payment information.

This message was sent from a notification-only email address that does
not accept incoming email. Please do not reply to this message.

Just a word to the wise it’s old fashioned phishing using a subdomain when you click on the URL in the message. When you lick the link it takes you to:
http://www.adwords.google.com.aoplk.cn/select/Login

The above URL presents a page that looks like the Google Adwords login. So watch out for it webmasters cause they are just trying to own your account.

Wireless Auditing Live-CD

This is a Live CD for Wireless Auditing, it is apparently one that the FBI uses for various purposes. It doesn’t work with Intel B/G wireless cards (IPW2200). Basically all you need do is burn this to a CD and boot your system with wireless card using this CD. Then follow the software to get a WEP key from a network using WEP.

Now most sites would provide you with a link to downloads from rapid share, however I’m not for one reason, this was a pain in the ass to download off rapid share. So instead here is a ED2k link for eMule.

ED2K Wireless Auditing Live-CD (Supposide FBI Edition)

I got this from a link on RapidFind, the RapidShare links can be found there if you want those. If you do download it from RapidShare you wont be able to extract it with a RAR utilitie until you rejoin the files together using hjsplit. I don’;t know who the tool was that made the RAR archive but if he was going to upload it to RapidShare he should have just used a RAR program to split the file it would have been easier. Oh yes the ED2K Link above is actually the joined version so you can just extract that.

RAR Utilities at RARLabs

Anti-Piracy Advert's Wasteing My life

Movie industry, I think it might be time for me to sue you for the seconds of my life you waste buy not letting me skip your stupid anti-piracy ads. I wonder what the liability is on that?

As the movie says, If I got a pirated copy of the movie I would have to watch your stupid advert.

Real Alternative 1.80 MSI Installer

There is now a new version of Real Alternative, version 1.80. Yes I was a little slow in seeing that this had been updated but I had other things to do. An extra note, this version has been bulit on a Windows XP Service Pack 3 install.

Downloads

Details on the build process can be found here at my first Real Alternative 1.75 MSI Install.