Category Archives: Wild wild Web

Google to Prioritize Secure Websites

BBC News is reporting today that Google has updated their search engine algorithm to provide a higher rank to websites that use HTTPS.  The web news site Gigaom explains further that the algorithm identifies web sites that use HTTPS / TLS and uses it as a ‘light factor’ that impacts less than 1% of global queries.

Advertisements

Remote Access Tool Misuse & Familial IT Support

I read an excellent article by Nate Anderson in Ars Technica, “How the FBI found Miss Teen USA’s webcam spy” about how they broke the recent Miss USA ‘sextortion’ case.  It got me thinking about how many of my friend and colleagues become temporary IT support personnel at the end or the year trying to help their parents and loved ones through their various computer problems.  While remote access tools are a tremendous help in solving these issues without having to travel to someone’s home; they do pose a risk.  Even my wife’s favorite support tool; Teamviewer has been targeted.  By their design these tools are developed to sit and listen for an incoming connection.  If you do use these tools make sure that you are using a non trivial password or pass-phrase.  Try to make sure that the tool doesn’t load upon start up and requires that someone find and execute the program before a remote connection can be created.  If possible move the link to the utility out of the normal applications folder and into a sub folder so that it is that much harder to ‘accidentally’ launch.

The Priv3 Firefox Extension Practical Third-Party Privacy for the Social Web

http://lifehac.kr/plhVdU

 

From: http://priv3.icsi.berkeley.edu/

 

“The Priv3 Firefox extension lets you remain logged in to the social
networking sites you use and still browse the web, knowing that those
third-party sites only learn where you go on the web when you want
them to. All this happens transparently, without the need to maintain
any filters. Priv3 is free to use for anyone. “

More Mac USB to Cisco Console doings…

When I used to connect from a PC or Windows laptop to a Cisco console port my memories are that it was easier than doing the same using a Mac.  I think that goes back to the additional functionality buried in the Windows terminal programs.

I purchased a Keyspan model USA-19HS USB to DB-9 serial adapter.  It comes with a CD containing both Windows and Mac drivers.

Using this with the Mac they include the Keyspan USB port utility; a small sioftware application that installs on your Mac and after you connect the adapter the app reports how OS X named the port.  For instance the utility saw my adapter as USB adapter as USA19H3d1P1.  To connect using that adapter to a router I open Terminal and type screen /dev/USA19H3d1P1.  That connects Terminal through the serial adapter to the router so that I power up I see the console.

One of the first things I had to do once I connected to a router was password recovery.  To send a break to a serial attached device using Terminal you need to type CTRL-A and then CTRL-B.  CTRL-B is the break key.  CTRL-A directs the input to the Terminal application.

Mac USB to Cisco 1900 router using Cisco USB to mini-USB cable

OK. I’ve been a network guy since the 1980s. I thought had seen it
all. Today when I opened the box for my brand new 1900 router I found
a Cisco console cable blue USB to mini USB cable. Even more
surprising the router has a mini USB port on the back right next to
the Cisco-standard RJ-45 console port. Amazing! Looking through the
docs online I found the following procedure for connecting from a Mac
to the router via this USB to mini-USB cable.

Step 1 Use the Finder to go to Applications > Utilities > Terminal.

Step 2 Connect the Mac USB port to the router using the supplied USB
to mini-USB cable.

Step 3 Enter the following commands to find the OS X USB port number

macbook:user$ cd /dev

macbook:user$ ls -ltr /dev/*usb* [which returns something like below]

crw-rw-rw- 1 root wheel 9, 66 Apr 1 16:46 tty.usbmodem1a21

Step 4 Connect to the USB port with the following command followed by
the router USB port speed

macbook:user$ screen /dev/tty.usbmodem1a21 9600

[power on the router, wait for a few minutes and you should see
something like this…]

Installed image archive
Cisco CISCO1941/K9 (revision 1.0) with 1011712K/36864K bytes of memory.
Processor board ID FTX150900FE
2 Gigabit Ethernet interfaces
2 Serial(sync/async) interfaces
1 Virtual Private Network (VPN) Module
DRAM configuration is 64 bits wide with parity disabled.
255K bytes of non-volatile configuration memory.
1000944K bytes of ATA System CompactFlash 0 (Read/Write)

To disconnect the OS X USB console from the Terminal window

Enter Ctrl-a followed by Ctrl-

DDoS Hits WordPress

WordPress is working through what is described as a large Distributed
Denial of Service (DDoS) attack this morning. According to the status
page at Automatic (parent company) at 9:54 (UTC-6) this morning:

QUOTE
WordPress.com is currently being targeted by a extremely large
Distributed Denial of Service attack which is affecting connectivity
in some cases. The size of the attack is multiple Gigabits per second
and tens of millions of packets per second. We are working to
mitigate the attack, but because of the extreme size, it is proving
rather difficult.
UNQUOTE

By 11:40 the status page reported everything was back to normal.

http://cnet.co/ed3peH

3/4/11 Update

Spohos reports that the WordPress DDoS may have ibe p[olitically motivated and directed at a non-English blog appearing on their site.

http://nakedsecurity.sophos.com/2011/03/03/wordpress-com-targeted-by-ddos-att…