Building The Net

So, you are going to donate your PC, well you need to clean it all off don’t you? Here is how to use the built in reset features of Windows 10 to clean your PC and reinstall the OS to factory settings.

Heartbleed – What is it? (for non geeks)

The Heartbleed bug was caused by a programming error in a software package called OpenSSL. This error had the potential of allowing bad people to attach to secure web and email servers, as well as services that rely on the TLS/SSL protocol, and steal the private encryption key off the servers. The TLS/SSL protocol is what puts the pretty little lock in the address bar in your browser. The private key is what the owners of the sites you go to are suppose to keep secret, and not share with anyone because if someone has it, they can decrypt the encrypted data traveling between your system and the server. THIS IS BAD…

Heartbleed – What is it? (for geeks)

The Heartbleed bug was caused by a programming error in the OpenSSL library that deals with TLS handshakes. A couple years back, a new RFC (rfc 6520) proposed a new extension to the TLS protocol that would allow a heartbeat to be exchanged between the client and server to reduce the number of re-negotiations during a TLS session. This all sounds good, and actually is a very beneficial to the protocol in general, but when it was implemented in OpenSSL, an error in the way the code was written allowed a request to grab a bunch of data without checking the boundaries of the data itself. This could allow someone to make a request crafted in a certain way that would cause OpenSSL to return 64k of protected memory data possibly containing the SSL private key of the server.

Read more »

We have received reports that the CryptoLocker ransom-ware is becoming more prolific every day.

CryptoLocker ransom-ware is a malware program that when ran, will search all connected drives on your Windows PC, and then using strong public/private key encryption, proceeds to encrypt all of your data files it can find.

What it does:

Once it is done encrypting all the data files it can find, it will delete the private portion of the encryption key, and present the user with a popup. This popup informs the user that they have been infected and must pay $300 dollars via Bitcoin to receive the key to regain access to the data.

Read more »

Samba 4 as an Active Directory Server – Can it dance the dance?

Two weeks ago I thought to myself ‘Gee, now that Samba 4 has a real release out, wouldn’t it be fun to test it out and see how it holds up?‘ And so my adventure began. Now mind you, I’m not a novice to Samba, or to Active Directory, so I figured this would be a simple setup and test. How hard could it be?

Read more »

My ‘Linux as an IPv6 dual stack Firewall’ Talk from SCaLE11x

— Stu

Millions of LinkedIn, E-Harmony, and Last.fm password hashes posted on message board.

Well, if we have learned anything from the past, if it can go wrong, it will… Although this has been downplayed by the companies involved,  there is no doubt in my mind that many people will be effected by this compromise. Once again, public networking sites storing user data on the internet, have failed to protect that data, and worse, have tried to hide the importance of this compromise. This is sad, but certainly is nothing new. We can take some comfort in the fact that these companies at least used sha1 hashing when storing the password data. Thing is, we don’t know what other information was compromised besides the passwords.

Read more »

My God, can it all be the same?

Seems like most of my job now a days is looking at large systems and isolating problem areas. Things like performance problems, data corruption, or even failure analysis. Many of these systems have several independently managed processes, all tied together in a single forward facing application. Over the years, I’ve developed some methods of approaching system failures and problems that gives me a better chance of quickly evaluating and repairing the issues that plague these systems. I used to believe that these methods were only valid on larger system models, then, one day, a colleague of mine and I were sitting in a small coffee house discussing a problem they were having with one of the desktops they manage. While we exchanged ideas, I suddenly realized that I was using the same mental process on this little desktop as I did with the large cluster systems.

Read more »

SIP brute force attacks escalate over Halloween weekend.

Looks like the bad guys were up to no good again this weekend. SIP based PBX operators reported a huge increase in bogus registration attempts against their systems over the Halloween weekend. Our hosted PBX farm experienced this increase first hand. Logs showed an attack from a new and unique IP address about every minute. At the end of the weekend, over 1300 unique IP addresses were logged.

Read more »

Exploit Against Adobe Flash and Adobe Reader.

I thought I got this posted the beginning of the week, but I guess it slipped through the cracks… June 4, 2010, Adobe confirmed that a zero day exploit exists in it’s Flash Player,  Acrobat and Adobe Reader software. This bug effects all of it’s supported platforms, and has been found in the wild.

So, you all know the drill, if your computer has the software listed in the Adobe Security Bulletin, then follow the instructions and get yourself safe!

— Stu

Building Redundant Networks in Data Centers.

I recently was asked to put together a brief web presentation on the different methods of creating redundant networks. I couldn’t think of a better place to put it, then right here on my blog. After all, I was overdue for a post anyways…

What do I mean by redundant networks?

A redundant network is two or more distinct paths for data to travel to and from an upstream network. In it’s simplest form, it can be a piece of equipment that can be manually placed into service easily upon a failure. More often though it is set up so that any single device or connection can fail, and without user intervention, a backup system or connection will automatically step in and take over the job of the failed device, or connection. A redundant network does not mean that no mater what happens, your data will still be reachable. There are many factors that need to be considered, ranging anywhere from your providers, to your applications, that can cause a failure.

Read more »