If your not upto scratch with all things Botnet related, you may want to pick up a copy of PC Plus this month (issue 299). It has a great feature article on Botnets by Jon Thompson, and includes a few quotes from myself.
Happy reading.
As posted earlier, today was the release of Ubuntu 9.10 (Karmic Koala), you really have to love the release names they come up with 🙂
So I downloaded the Remix version because I run Ubuntu on my Acer Aspire One 110, and its just a little more user friendly that a standard desktop gui. For reference I did a fresh install, and not an upgrade from the 9.04 I was running.
So the download and install onto USB stick was a doddle with the packaged USB Creator, then about 15 mins and the install was good to go.
So first impressions, well in the past getting things to work first time with the Aspire One can be a little difficult. Like the wireless doesn’t always work, or the led doesn’t flash, or the sound is no good, or the camera doesn’t work, you get the idea. Well I am pleased to say I had no issues, touch wood everything works as you would expect. The SD card reader doesn’t work in real time, and requires a reboot but that’s always been the case. So everything is working, and I have to say it seems to boot faster to.
So on start up with have the Remix interface we expect, with some slight colour and theme changes. The interface is as intuitive as ever, and somehow seems abit slicker. The motion seems improved and I can move between the different areas very easily. I did an update check, and as expected its all up to date. I know its only been out two minutes, but you never know 😀
Next I thought I would fire up Firefox, and I am happy to see 3.5.3 is pre-installed (I know 3.5.4 has just been released, but we will let them off there). Everything works as expected, things seem pretty slick. I still get a few minor HDD pauses from the Solid State Drive on my 110 but, this is a feature 🙂
What new OS wouldn’t be complete with its own bit of Cloud 🙂 So 9.10 comes with a link to Ubuntu ONE, I don’t know all the details about this offering, I think its something to do with Amazon’s cloud offering. Regardless, this is just a quick link from within Ubuntu to allow you backup, sync and share your data easily. I might look into this at some point as you can get 2GB for free 😀 We like free.
Next I thought I would take a quick look at the Ubuntu Software Centre. This is basically a simple interface to manage and install all your applications. I guess this is to make it easier than using the old package manager.
So here we are, all very simple and easy to understand. I popped Pidgin at this point, and it was found and installed without issue.
Just a quick look at my Ones spec info, lovingly named Betty 🙂
I appreciate this isn’t an in depth review, but I think you can normally tell if your going to have any issues early. I think its a certainly an improvement in appearance and performance compared to the previous version I was running. I have not tried out the standard desktop version yet, but everything seems straight forward and easy to use. I really do think Ubuntu is a real alternative to Windows for anyone, not just the hardcore IT Unix guru’s.
I hope this mini review was of little help to those considering going with 9.10, especially those of you who are Netbook users.
Tuesday night in the Fountains Abbey in London at 7:30PM the first official RSA Security Bloggers Meet Up in the UK kicked off, and it was a great success.
The event was sponsored by Qualys, IronKey and ISACA, and it was thanks to them that we were able to provide an excellent buffet, an open bar, T-Shirt and USB key for every registered attendee. Over 30 people attended the event, everyone comment to me on what a success they thought the event was, the great opportunity to meet with new people and those they had only spoken to online. They also appreciated the relaxed atmosphere, and good discussions.
I am really pleased how the event panned out, and we had people there until 11PM when we had to pack up and head off.
I would like to thanks Kevin Riggins, Mel Johnson and I think it was Tomasz Miklas (sorry I am rubbish with new names) for helping to get everything setup before the official kick off.
I also want to thank Mel again from eclat marketing and Neil Stinchcombe from Eskenzi for all their help with organising sponsorship for the event.
I like others had a really great time, and will be more than happy to set this type of event up again in the future, so watch this space. A quick pointless stat, Stella and Guinness where the most drunk beverages of the evening 🙂
Registered Attendes got a bag with a T-Shirt, Sticker, and 1GB USB Memory Stick.
Below are a few pictures from the event taken by Xavier Mertens who blogs at Rootshell, thanks for taking these.
Links to some of the peoples blogs who attended the event below:
Infosec Ramblings | Help Net Security | BH Security Watch | Craig Balding’s Blog | IT Security Expert | Root Shell | NAC Blog | Ira Winkler | PCI DSS Blog | Rothke Blog | CTRL ALT DEL | Stefan Tanase’s Blog | Infosec Cynic | CNIS Mag | Heise | H-Online
This is the third and final of my 3 videos recorded at BruCon 2009. Sorry its taken so long, I had some upload issues due to size, so this needs to be in two parts.
This is the excellent presentation from Chris Nickerson on Red and Tiger Team Testing.
Abstract: The world of Information Security is changing. Budgets are tighter, attacks are more sophisticated, and the corporate network is no longer the low hanging fruit. That leaves web-enabled applications as the vector-du-jour, but that well is quickly drying up for organized crime as well. As they creep up the OSI Model looking for easier ways to steal your corporate assets, they are quickly making their way up the stack to the unspoken 8th layer, the end user. So what is the next step in the never-ending escalation of this cyber war?
To find out, we must do as Sun Tzu taught. “Think like our enemy!” That is, after all, the primary tenet of penetration testing AKA ethical hacking, isn’t it? After years of hardening physical systems, networks, OSs, and applications, we have now come full circle to a new dawn of attack. People are now the target of the advanced hacker, and the cross-hairs are focused squarely on their foreheads… literally. It is only a matter of time before corporations fall from the raw effectiveness and lack of preparedness for this all too common attack.
Also to learn more about Chris and what hes up to check out his website and Exotic Liability.
Chris Nickerson – Red and Tiger Team Testing Part 1 – BruCon 2009 from Dale Pearson on Vimeo.
Chris Nickerson – Red and Tiger Team Testing Part 2 – BruCon 2009 from Dale Pearson on Vimeo.
Presentation Slides – Click Here
:: Please do not copy this video without written permission of Security Active or Chris Nickerson | Linking to is fine ::
This is just a quick reminder that this coming Tuesday the 20th October 2009 at 7:30PM the first official Security Bloggers Meet Up will be happening in London.
The Security Bloggers Meet Up is an ideal place to meet with fellow Security Bloggers, Podcasters and Journalists. There is still a short amount of time to RSVP to bloggermeetup [at] securityactive.co.uk if you are interested in attending.
The event is kindly being sponsored by Qualys, IronKey and ISACA, and its thanks to these guys we will have all food and drink provided (within reason 🙂 ) and possibly a door prize or two.
Please take some time out of your busy schedule to visit our sponsors site and find out about their latest product offerings and services.
I look forward to seeing you all there, and lets hope its the first of many to come in the future.
See you soon.
As previously blogged I took the opportunity to get involved in the Beta of MSE and it was a good result.
Microsoft have now moved this product out of testing and making it available for everyone to enjoy. I have tried the product on Vista and W7 32 and 64bit machines, all with positive results. So if your looking for a free AV alternative, that does what it says on the tin then this is certainly worth consideration.
I just wish they did a version for WHS 🙂
Microsoft Security Essentials provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software.
Microsoft Security Essentials is a free* download from Microsoft that is simple to install, easy to use, and always kept up to date so you can be assured your PC is protected by the latest technology. It’s easy to tell if your PC is secure — when you’re green, you’re good. It’s that simple.
Microsoft Security Essentials runs quietly and efficiently in the background so that you are free to use your Windows-based PC the way you want—without interruptions or long computer wait times.
Check out the Microsoft Security Essentials Web Site to learn more,.