Friday, December 28, 2007

Google news archive

Google recently introduced a new feature called News archive search. From the site,

"News archive search provides an easy way to search and explore historical archives. Users can search for events, people or ideas and see how they have been described over time. In addition to searching for the most relevant articles for their query, users can get a historical overview of the results by browsing an automatically created timeline."

Here is the output for the search term Nirvana




Tuesday, December 25, 2007

File integrity checker

Whenever I install Windows XP, the very first program I install is a file integrity checker. I take the snapshot of the entire drive including all the system files and store the hash file in a CD or USB stick. I can compare this value at any given time to identify the changes on my machine.

There are many open source tools available to do this but I like the MD5summer program http://sourceforge.net/projects/md5summer/

It lets you create MD5 hashes of a folder or all the files in the drive. Once the program recursively hashes the files, it lets you save it as a file.


The program will list some of the “locked” system files that it couldn’t hash.

To test this program, I edited a text file and added “test” to the end, after that I ran the program to verify the hashes of current system snapshot with the saved snapshot.

Sure enough it generated a checksum mismatch for the edited files

It is a good idea to deselect the browser folders so that the history, cookies and bookmark files doesn’t trip the checksum mismatches

Sunday, December 16, 2007

Charity

Thinking of charity during the holidays? Here is a great way to get involved.

I was at the Johnny Long keynote presentation during the SANS conference yesterday and he mentioned about the need for people with various IT skills for his charity. In return you will get some very good references , check out here
http://www.hackersforcharity.org/


Folks at Computer Defense did an interview with him.

More predictions

Speaking of predictions, I came across the vulnerability trends for 2008 from Nevis networks http://www.nevis-blog.com/2007/12/top-10-vulnerab.html

Most of these are client side vulnerabilities and nothing "stands out" from this list

Saturday, December 15, 2007

Memory Forensic Analysis

An interesting post on Windows Memory Analysis

http://windowsir.blogspot.com/2007/11/windows-memory-analysis.html

Also check out the volatile framework

https://www.volatilesystems.com/VolatileWeb/volatility.gsp

BackTrack 3 Beta

A new version of BackTrack http://backtrack.offensive-security.com/index.php/Main_Page is out, some of the new features of this beta release include USB support and updated Metasploit support. I plan to test this in coming weeks.

Information Security - what to look out for in 2008

Here is what we can expect in 2008

1. Botnets

Botnet based attacks will increase considerably in 2008

2. Web 2.0

Expect more security breaches on the social networking sites like MySpace and Facebook

3. Apple products

Expect more and more vulnerabilities being identified in Apple products.