#TeamOpenSourceMalaysia
Graph source, http://blogs.zdnet.com/security/?p=135 A recent study by ZDnet reveals Vista has way lesser vulnerabilities and high fixes rate as compared to other OSes like RHEL, MacOS. Vista, is what i would imagine, a begining to what will be of the security enabled operating systems, come … “Security Showdown”
Read MoreI had a chance to “play” around with a few virtualization and thin client architectures lately and i must say, before you proceed in spending your big bucks in them, consider the following .. Top 5+1 things to consider before going for Citrix or Terminal … “Things to consider before going for Citrix or Terminal Services”
Read More5b69d4f5b5e7929b5c593e1d63cfc078 – Thats “password” in MD5digest. How to crack more hashes? Try www.hashbreaker.com. Register very quickly and use their free version. If you like it, use their paid service. They use Rainbowtables at the backend, which is an open source hash cracking tool available with … “Hashbreaker”
Read MoreI was doing lots of testing using IPSEC over the weekend (yea, don’t have a life). I must say, in Windows client and server environment, it’s really simple to implement it. Unlike popular application, IPSEC can be centrally deployed and managed in Windows through Group … “Windows IPSEC”
Read MoreISA Server is the ONLY FIREWALL THAT I KNOW today that supports authentication for almost all WINSOCK compliant protocols if you use Windows Operating System. 2. ISA Server stores frequently used caches in memory 3. ISA Server contain out of the box a bunch of … “Top 5 reasons why i would like to implement ISA Server 2006 as my outgoing proxy/firewall”
Read MoreThere’s a possible bypass for authentication when LDAP is used for Chap/MsChap in Cisco’s VPN. An attacker can access your internal network without providing authentication at all. This is quite serious to those running LDAP on PIXes and ASAes. So far, as i can remember … “Multiple Vulnerabilities with Cisco’s PIX and ASA”
Read MoreOk, lets start making it clear who the initiator (SRC) and receiver (DST) are. SRC is the person/computer who wants to talk to you and makes the first attempt to do so. Receiver is the person who will either respond to the attempt made by … “ISA server’s incoming vs outgoing IP (and SMTP Reverse Lookup)”
Read MoreIn a recent ISA Server 2006 Level 400 class, we discussed a vulnerability on Exchange server that could lead to remote code execution. The particular remote attack is listed in CVE http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0213 and rated high in it’s severity. If you have customers or run Exchange … “URGENT! – Serious security flaws with all Microsoft Exchange versions”
Read MoreWas doing some reading on my frequently accessed security page, SANS and found these two vulnerabilities that should be of mention. These two software i use well, often, like Quicktime (for my ITunes) and Asterisk (for my mobile VoIP support). Quicktime- A vulnerability that allows … “Vulnerabilities on Quicktime and Asterisk”
Read MoreHere’s a piece of software i must blog about, its called Fring. I just got a Nokia N80 recently and of course, i wanted to stuff the phone like what we did to the turkey in Christmas, but with software. The company i work for … “Fring Me (Asterisk and Nokia Symbian special mention)”
Read More