I’ve already gotten them, but this will just be a placeholder position for links to this years defcon 14 and black hat 2006 papers.

This link goes to a Microsoft doc about Windows XP Countermeasures and Threats. Of particular interest, Chapter 7 makes an excellent reference on the services that Windows XP has, and whether they are necessary or not. Disable them if they are not necessary.

It really sucks when users think they’re being cute by utilizing remote control services to connect from home to work or work to home PCs. These just are not cool, especially when used without permission. I always forget the sites, though, so this will start my list of sites to blacklist on firewalls/web filters whenever I set any up. These are not wanted in the corporate sphere.

GoToMyPC
LogMeIn (and secure.logmein.com)
Hamachi – p2p?

Hamachi is a particularly scary thing, but like Skype, it should require a common mediation server to get the two endpoints together, and therein lies a single point of denial on firewalls. Either way, novel idea, and something I’d like to check out on my own. If even the mediation is peer-to-peer, we should be marking the app as a highly bad app, kinda like an irc client…

Foxy Proxy has some excellent tutorials as well as the proxy stuff.

This paper purports not only to help cracking wep, but to be the final nail in actually outright breaking wep. I’ve not read this yet, but plan to as this sounds like a very swift, albeit technical, way to break wep.

Not sure what to make of this yet, but sounds like an awesome little tool. Lurhq pimps this as a “sandnet” where you can run malware and it will even get its own little “internet” to play with if it chooses to connect out. Sweet action!

This is an analysis of Mocbot from LURHQ. Especially interesting is the follow-up on the Spammer that this new variant downloads, as well as the graphic showing which antivirus companies properly detected the malware. I wonder if the only ones detecting are the heuristic scanners and not the signature-based scanners…?

Just a quick listing of some secure USB drives that use hardware encryption and are recommended:

mtrust mdrive 500
kingston data traveler elite – privacy ediction
verbatim store’n go corporate – secure

This link has a number of good pages and pieces of information on cracking WEP and other wireless fun.

Every now and then the SANS Handler Diary offers up some nice information. They just threw out this list of switch features that many people never know to use, and I thought it was a nice rundown to use at a later date, especially if my two switches include all of this stuff.

If one must absolutely use passwords with Windows (not sure why anymore) and not pass phrases, and the password needs to be highly secure, you don’t get much better than using non-printable characters. Both of these posts go into detail on using non-printable characters to thwart most password cracking tools.

Microsoft, of course, even weighs in on their password suggestions.

Quite an ingenious simple little method to hide files on an ntfs disk: alternate data streams. This article on Security Focus makes it look a little more difficult than it is, due to the author going through the effort of describing breaking into a machine to set an ADS on a few hidden files. LNS and LADS are two tools to scan a disk for ADS…although they are certainly not swift in their scans.

Update: An ADS tutorial from STC