Bios Password

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Saturday, December 8, 2012

GSD Linkfest: Updates, ForSec, and a whole lot more…

Posted on 7:53 PM by Unknown

Let’s not waste any more time here. The clock is ticking…

Updates Galore

  • TightVNC - Version 2.6 has been released at the end of October. I use this one around on our home network Windows systems and really like it. Mostly bug-fixes, screen rendering performance has been improved. Read the complete announcement.
  • Apple releases QuickTime 7.7.3 for Windows, patches critical security vulnerabilities - ZDNet . If you use the Apple Quick Time plugin, then you will want to get the update. Some more details in this post QuickTime for Windows updated to close security holes - The H Security.
  • Security updates for Flash and Air - The H Security - Well you knew Adobe plugins wouldn’t want to be left out of the patching discussion!
  • VMware Player - version 5.0.1. Building on the VMware Player 5.0 improvements, version 5.0.1 adds support for Ubuntu 12.10 as host/guest and resolves some issues from 5.0. VMware Player 5.0.1 Release Notes
  • Updates: AdExplorer v1.44, Contig v1.7, Coreinfo v3.2, Procdump v5.1 - Sysinternals Site Discussion -  AdExplorer becomes more stable, Contig adds more detailed analysis reporting, Coreinfo covers more features and Procdump adds support for Silverlight and JIT debugger support.
  • Wireshark - Wireshark 1.8.4 and 1.6.12 Released and include vulnerability and bug fixes. 1.8.4 release notes & 1.6.12 release notes. Grab your updates via the download page.
  • Nmap 6.25 holiday season release! 85 new scripts, better performance, Windows 8 enhancements, and more - Nmap Hackers mailing list archive. See the Nmap Change Log for all the juicy bits!

For

  • Encrypted Disk Detector - Forensic Methods
  • Links - Windows Incident Response blog - In this posting, Keydet89 has some Forensic Scanner tool tips, a link to the great post by Branden Williams on “Non-Observables”, and some prefetch info.
  • OSForensics Part One - video introduction by the computer forensics students at Champlain College. Full paper review in this OSForensics Part One (PDF link) paper.
  • Private Browsing Forensics: Introduction - video introduction by the computer forensics students at Champlain College. Full paper review in this Private Browsing Forensics: Introduction (PDF link) paper.
  • l2tViewer v0.0.1 - Mark Woan’s woanware - From the page: “l2tViewer is designed to improve timeline analysis for the output produced by the excellent log2timeline. Viewing, sorting CSV files via spreadsheet software does not work well due to the volumes of data involved in modern timeline analysis, which is where l2tViewer comes in. It is designed to be fast when importing with minimal overhead and dependencies.”
  • USBDeviceForensics v1.0.11 - Mark Woan’s woanware - New registry key extractions, improved output layout, OS specific output formatting removed, and fixed “Modified Date/Time” output for correct value display.
  • The Sleuth Kit (TSK) & Autopsy: Open Source Digital Investigation Tools
    • Nov 15, 2012: Autopsy 3.0.1 was released. It has a faster database ingest scales better and has some bug fixes.
    • Nov 13, 2012: Sleuth Kit 4.0.1 is now available! It has bug fixes and some new minor features.
  • Convert Endace ERF capture files to PCAP - NETRESEC Blog
  • HowTo handle PcapNG files - NETRESEC Blog
  • DEFT 7.1 Introduction and Videos (by Casey Mullis) - LoveMyTool - Wonderfully detailed write-up and review of the DEFT 7.1 forensic LiveCD. Casey goes beyond just a tool description and provides excellent and valuable feedback on this distro. He has supplemented the article with four videos on YouTube exploring how to successfully work with Deft 7.1.
    • Imaging with DEFT 7.2 series 1 of 4 - YouTube
    • Imaging with DEFT 7.2 series 2 of 4 - YouTube
    • Imaging with DEFT 7.2 series 3 of 4 - YouTube
    • Imaging with DEFT 7.2 series 4 of 4 - YouTube
  • NTOSBOOT Prefetch File - Journey Into Incident Response - Corey Harrell has a detailed post on the NTOSBOOT prefetch file and the value it has for malware infection analysis.
  • (IN)SECURE Magazine - Issue 36 released and covers some great topics, including “Computer forensic examiners are from Mars, attorneys are from Venus” written by Keith Chval.
  • A few words about the cache / history on Internet Explorer 10 - NirSoft’s coder has some interesting information regarding IE 10 cache and history files and accessing them while IE 10 is running. Thought others might find the observations helpful.

Sec

  • Redline 1.7 Now Available! - MANDIANT Forums. Redline - download and info.
  • One of the very first malware-busting tools I used was SpyBot S&D. Couple that with AdAwareFree and HiJackThis and I could usually clean a Windows 98 system with confidence of malware/spyware.  Well, I don’t use those tools any longer and my cleaning and incident response has matured into a much more nuanced and low-level process with a variety of tools and techniques. That said I was overjoyed to find that SpyBot has now released a major update to version 2.0. Congratulations team!  Maybe HiJackThis 3.0 isn’t far behind? ;-)
    • Spybot - Search & Destroy - Product level comparison chart.
    • Spybot - Search & Destroy gets a major update on Monday - BetaNews
    • First look: Spybot - Search & Destroy 2.0 - Betanews
    • Spybot - Search & Destroy Portable - PortableApps.com
  • Malwarebytes Anti-Rootkit Is Powerful Rootkit Scanner And Remover - AddictiveTips blog
  • The shortcomings of anti-virus software - ISC Diary
  • Police Ransomware: Evolving At a Tremendous Pace - Security Intelligence Blog | Trend Micro
  • The Ins and Outs of Spear-Phishing - Security Intelligence Blog | Trend Micro
  • Microsoft Security Essentials flunked AV-Test - Borns IT & Windows Blog (GTranslated) and Microsoft Security Essentials fall at AV-Test - The H (GTranslated)

Apps and Stuff of Note

  • XBOOT - Nice utility to assist in creating a multi-boot USB drive from bootable ISO files.
  • Birthdays - free app from Skwire Empire to help you just track birthday data on all your favorite peeps. Super simple and easy to use! spotted in this MakeUseOf blog post: 4 Homemade Applications To Help You Around The House [Windows]
  • Nest Thermostat Review 2nd Generation - Every consumer electronic device should be this polished - Scott Hanselman ComputerZen. Everyone should probably have a Nest Learning Thermostat. Not only is it cool but with the WiFi support and a smartphone app, you can get tons of data on your heating & cooling usage. Our electric company provider offers a Nest unit as part of a special contract package. Scott does his usual above-standard review and details its installation and usage wonderfully.
  • ToolTip: System Sherlock Lite - Anything about IT. System snapshot change differ. Handy tool for base lining systems before and after updates and installations. May be good for malware analysis as well. One of many tools in this class.

Good to Know

  • Microsoft Outlook Configuration Analyzer Tool 2.0 - bink.nu notice on update to OCAT.
  • The spy in your inbox - Ars Technica - I’m not sure who exactly this Outlook add-in would appeal to, but it is a bit creepy to me.

For the SysAdmins

  • The Case of the Unexplained FTP Connections - Mark's Blog. The Sysinternals Guru strikes terror in the heart of unexplained Windows problems and clears another case.
  • Case of the Panasonic TOUGH Book Barcode Settings Failure - chentiangemalc - Great troubleshooting exercise and track down.
  • Case of the ADODB.Connection Provider Not Found Error - chentiangemalc - Another episode in troubleshooting.
  • Chrome insists that the browser's Java plug-in is out-of-date but it is current. - Google Groups - I had this problem on my system two weeks or so ago after running a scan with Qualys BrowserCheck. My version said it was updated by Qualys said not. Ended up fixing it by manually re-downloading/installing the latest Java version manually as well as the JavaFX nonsense. Go figure.
  • Defrag Tools | Channel 9 - This advanced video-cast series profiling the Sysinternals toolset is running strong with consistent releases.
    • Defrag Tools: Live - //Build/2012 - Defrag Tools | Channel 9
    • Defrag Tools: #15 - WinDbg - Bugchecks (BSOD) - Defrag Tools | Channel 9
    • Defrag Tools: #16 - WinDbg - Driver Verifier - Defrag Tools | Channel 9
    • Defrag Tools: #17 - WinDbg - Driver Verifier - Part 2 - Defrag Tools | Channel 9
  • Enable printing or Windows Installer in Safe Mode - Sweet tip from TinyApps bloggist!
  • How to use Group Policy to change the Default Lock Screen image in Windows 8 - Group Policy Central
  • Creating and using VM Groups in VirtualBox - The Fat Bloke Sings

Map-Tastic!

I’m a sucker for maps. Paper and digital kinds both. They are an art-form to themselves.

  • WunderMap - Interactive Weather Map and Radar - Weather Underground. This layered mashup of fantastic weather and radar data is tops! A new bar has been set. The radar images (as of now) seem to be almost true “real-time” images. Overlay on Google Maps with a wealth of other image data layers for your geekiness. Truly awesome!  More info in this Lifehacker post: The New Weather Underground Wundermap Offers Current Conditions, Plans Trips, Even Helps Buy a Home.  Now if they would release an iOS app version, I’d buy it! Until then it looks almost OK in my Chrome app for iOS.
  • m2i (Map to Image) - amazing and fun way to render map images as artistic images. Pick a place on the map, choose a map to image style, set your image size, and render away. Spotted on and with more details: Create Awesome Map-Based Wallpapers for Your Desktop with ‘Map –> Image’ via How-To Geek .

I’m particularly partial to the “watercolor” filter…

zeu5garn.te3

Ubuntu Talk

  • Updating Ubuntu OS & Applications: The Essentials Any Ubuntu User Should Know
  • What Is The Easiest Version Of Linux To Learn?
  • Journey Into Incident Response: Finding An Infection Vector After IT Cleaned the System
  • 8 bits: How to install Paterva CaseFile on Ubuntu Linux
  • Is Linux Confusing? Here Are The Key Terms You Need To Know
  • Review: Ubuntu 12.10 Quantal Quetzal a mix of promise, pain | Ars Technica

Congrats to Navy for their win in the Army Navy game. I was rooting for the Army Black Knights and their QB Trent Steelman and the sudden unfortunate turn of events during what was to be an amazing 2-minute drill conclusion and upset over Navy was heartbreaking. That said, I was warmed by the open emotion the QB displayed. There was much to be proud of all the way around in this game and it was as an exciting treat to watch.

Likewise congrats to the A&M Heisman Memorial Trophy Award winner from A&M Jonny Manziel. A lot of folks I know are cheering proudly at the moment. Congrats.

Cheers.

--Claus V.

Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Posted in boot-cd's, forensics, Link Fest, Linux, malware tools, NFAT, security, troubleshooting, utilities | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • Finally! Time to Post! New material list
    After a recent text from my bro reminding me it has been since March since I’ve done a blog post, I was finally able to clear the schedule a...
  • Oscar watch Linkpost
    Alvis and Lavie are watching the Oscars tonight and I’m along for the ride. I wasn’t able to come even close to getting out some of the pos...
  • New Year’s Day - First Post 2011
    Same day I came out with my first post after a long drought, I fell upon this article Blogging Seems To Have Peaked, Says Pew Report over a...
  • Utility Gumbo
    There’s a lot in this pot.  Probably something everyone can find to enjoy. I’m serving it up tonight out of the back of the truck on the s...
  • iodd : Multi-boot madness!
    Like many computer technicians and responders, I seem to always have at hand a collection of bootable media; CD’s, DVD’s, USB-HDD’s, flash m...
  • Ubuntu 13.10 Upgrade - Lessons Learned & VIDMA utility found
    A few weeks ago a new release of Ubuntu came out. Naturally that meant it was update time! I have been getting pretty good at this now so ...
  • Interesting Malware in Email Attempt - URL Scanner Links
    Last weekend I spent some time with extended family helping confirm for them that their on-line email account got hacked and had been used t...
  • Windows 8 Linkage: A Bit Behind the Ball
    CC attribution: behind the eight ball by Ed Schipul on flickr . OK. Confession time. I’m more than a bit exhausted this weekend. Besides a...
  • Lego MiniFig Extravaganza
    picture clipped from Wired’s clip from Gizmodo clip… Thanks in no small part to the Windows 7 RC release, XPM mode research, and a big “l...
  • This Week in Security and Forensics: Beware the cake!
    Cube Party! image used with permission from John Walker at "rockpapershotgun.com" Yeah, the cake is a Portal thing.  Let’s d...

Categories

  • Active Directory
  • anti-virus software
  • Apple
  • architecture
  • art
  • AVG
  • Blogger
  • blogging
  • books
  • boot-cd's
  • browsers
  • cars
  • cell-phones
  • cheat sheets
  • Chrome/Chromium
  • command-line interface
  • cooking
  • crafts
  • crazy
  • curmudgeon
  • DHC
  • Dr. Who
  • E-P1
  • Education
  • family
  • Firefox
  • firewalls
  • For the Gentleman
  • forensics
  • Gmail
  • Google
  • graphics
  • hacks
  • hardware
  • humor
  • hurricanes
  • imagex
  • Internet Explorer
  • iOS
  • iPhone
  • iPod
  • iTunes
  • Kindle
  • Learning
  • Link Fest
  • Linux
  • malware tools
  • Microsoft
  • movies
  • music
  • networking
  • NewsFox
  • NFAT
  • Nook
  • Opera
  • organization
  • PDF's
  • photography
  • politics
  • PowerShell
  • recipes
  • Remote Support
  • RSS
  • science
  • Scripting
  • search engines
  • security
  • Shuttle SFF
  • software
  • Texana
  • Thunderbird
  • troubleshooting
  • TrueCrypt
  • tutorials
  • utilities
  • VBscript
  • video
  • Virtual PC
  • virtualization
  • viruses
  • Vista
  • Vista mods
  • wallpapers
  • Win FE
  • Win PE
  • Win RE
  • Windows 7
  • Windows 8
  • Windows Home Server
  • Windows Live Writer
  • Windows Phone
  • writing
  • XP
  • XP mods
  • Xplico

Blog Archive

  • ►  2013 (83)
    • ►  November (8)
    • ►  October (8)
    • ►  September (14)
    • ►  August (6)
    • ►  July (10)
    • ►  June (10)
    • ►  April (11)
    • ►  March (6)
    • ►  February (7)
    • ►  January (3)
  • ▼  2012 (96)
    • ▼  December (8)
      • Claus’s iPhone App List
      • iSurrender: iPhone Linkfest
      • Windows 8 Phone: Minor Linkage
      • Windows 8 Linkage: A final 2012 Huzzah.
      • GSD Linkfest: Updates, ForSec, and a whole lot more…
      • iPhone mini-linkfest
      • Brief list of port monitoring tools
      • More iPhone apps
    • ►  November (4)
    • ►  October (9)
    • ►  September (8)
    • ►  August (12)
    • ►  July (4)
    • ►  June (3)
    • ►  May (7)
    • ►  April (13)
    • ►  March (3)
    • ►  February (5)
    • ►  January (20)
  • ►  2011 (41)
    • ►  December (8)
    • ►  November (7)
    • ►  September (4)
    • ►  August (4)
    • ►  July (2)
    • ►  June (6)
    • ►  March (5)
    • ►  February (1)
    • ►  January (4)
  • ►  2010 (69)
    • ►  December (1)
    • ►  October (3)
    • ►  September (2)
    • ►  August (13)
    • ►  July (17)
    • ►  June (3)
    • ►  May (3)
    • ►  April (3)
    • ►  March (11)
    • ►  February (1)
    • ►  January (12)
  • ►  2009 (177)
    • ►  December (20)
    • ►  November (11)
    • ►  October (7)
    • ►  September (7)
    • ►  August (21)
    • ►  July (17)
    • ►  June (7)
    • ►  May (18)
    • ►  April (9)
    • ►  March (17)
    • ►  February (23)
    • ►  January (20)
  • ►  2008 (35)
    • ►  December (23)
    • ►  November (12)
Powered by Blogger.

About Me

Unknown
View my complete profile