Free Sysinternals Windows utilities now available online, 24/7

May 28, 2008 – 7:30 PM

If you troubleshoot Windows PCs for fun or profit, then chances are you’ve used one or more tools from Sysinternals. Microsoft bought the company and its amazing library of diagnostic, troubleshooting, and management utilities in 2006, and the collection has been continually updated ever since. It’s also still completely free.

A few weeks ago, I ran into Sysinternals co-founder Mark Russinovich at a technical conference, where he told me about a new Sysinternals service that was in private beta testing. Today, I can finally break the news that Sysinternals Live is now open to the public.

The new service enables you to execute the most recent version of any Sysinternals tool directly from an Internet-connected PC, without having to hunt for the executable file and manually download it first. To access the complete library of tools, use either of these methods from a Windows-based PC:

• Go to the Sysinternals Live directory and click the name of the tool you want to run. Because the directory listing is a bare-bones HTML file, it can be used in any browser.
• If you know the name of the executable file for the tool you want to use, enter it directly, using the syntax \\live.sysinternals.com\tools\<toolname>, where <toolname> is the name of the executable file. (Note the UNC syntax uses backslashes, not slashes, as in a URL. Start with a pair of backslashes to indicate that live.sysinternals.com is the remote server, and don’t include the angle brackets with the tool name.)

If you’ve never used Sysinternals tools before, you’d do well to start at the Sysinternals home page, which includes descriptions of each tool, along with download links and installation instructions. But if you are already familiar with one or more tools in the library, you can create direct shortcuts to those tools on your desktop or on the USB flash drive you keep with your emergency toolkit.

Read the rest of the story…

Posted in General BS, Internet, Software, Windows | No Comments

Firefox 3 RC2 Confirmed

May 28, 2008 – 7:55 AM

On today’s Firefox 3 status meeting, the need for a second release candidate was confirmed and it has been tentatively targeted for early June.

RC2 will fix about a couple dozen bugs including some top crashers, some affecting performance and localization related. Most of the bugs already have patches waiting for review or landing and the revised code is expected for tomorrow, with initial builds available on Thursday. QA will start the same day and last for about a week.

If all goes as planned, RC 2 should be released close to June 6 for a new round of tests by Firefox users. Depending on whether a new critical bug is found or not, a third RC could be necessary or RC2 will become Firefox 3 final.

Source: Mozilla Links

Posted in Internet, Linux, Security, Software, Windows | No Comments

10 essential security downloads for Windows

May 28, 2008 – 6:04 AM

To use an Internet-connected computer is to be insecure and place your privacy in danger. Spyware, viruses, Trojans and assorted malware are everywhere on the Net, trying to hop onto your PC and cause damage. Snoopers want to get at your personal information for nefarious purposes, such as identity theft.

Operating systems of all kinds are under assault, but the prime target is Windows, because the vast majority of PCs worldwide use that operating system. If you use Windows, hackers have you in their cross hairs.

Luckily, there’s plenty of free software for Windows that can help protect your privacy and security. I’m not talking about anemic, underpowered applications. I’m talking about industrial-strength tools that can do everything that expensive security software does.

With all the free stuff out there, which software should you choose? I’ve selected 10 of my favorite programs that can protect your privacy and security. Download and install them, and you’ll be far safer against all the nastiness out there.

Read the rest of the story…

Posted in Security, Windows | No Comments

Less is more (secure)

May 28, 2008 – 5:58 AM

Complexity is the enemy of security. Simple systems are inherently more secure than complex solutions. We see this idea validated again and again in security.

Unfortunately, our IT systems are getting more and more complex as we depend on technology to fuel business growth and innovation. But do we really need to expose ourselves to ever-increasing complexity? Surely, in security, less is more.

In my daily life, I try to minimize the amount of unnecessary exposure to risk. Most security professionals do that. I avoid giving out personal details unless absolutely necessary. When asked for ID to enter a building, I give out my British driver’s license, not my New York license. I started doing this after a few instances where I handed over my N.Y. ID only to have it scanned into a database without my permission. Once dipped into the scanner, my ID number and a whole host of other information were in a database of unknown security. Both British and N.Y. ID establish identity, but only the N.Y. ID number is used by U.S. banks as a unique individual identifier. Also, I doubt the British ID can be scanned in the same scanners.

I sometimes get asked for a Social Security number by someone who clearly has no valid reason to ask. The most ridiculous example of this was a neighborhood dry cleaner that used the SSN as a convenient “customer number” in its database. In cases like those, I provide a fake SSN (my phone number, minus one digit) — easy to remember, useless if compromised. Less information about me floating around equals more security for my identity.

I take a similar approach to my corporate security policies. For example, we standardize on Firefox as our company browser. This is not because Firefox is better (though it is) or more secure (though it is), but because it is less entangled with the operating system and less “enriched” with code-execution features. On top of the basic installation, we add a little plug-in called NoScript. What NoScript does is strip pages down to basic HTML: no Java, no Javascript, no other code or embedded objects. Every page visit by default is minimized to the bare essentials of HTML. If you need code for a menu or a fancy feature, you can decide to enable it just for a session or permanently. Even though the user can override the protection, the vast majority of sites are visited in a “less is more” posture. As a result, the incidence of spyware, viruses and other nasties is shockingly low in our environment.

Read the rest of this story…

Posted in General BS, Hardware, Internet, Linux, Networking, Privacy, Security, Software, Windows | No Comments

fgdump 2.1.0 and pwdump 1.7.1 Released – Dump LanMan & NTLM Hashes

May 28, 2008 – 5:54 AM

The major change is both tools now support 64-bit targets! Good news for us.

pwdump6 is a password hash dumper for Windows 2000 and later systems. It is capable of dumping LanMan and NTLM hashes as well as password hash histories. It is based on pwdump3e, and should be stable on XP SP2 and 2K3. If you have had LSASS crash on you using older tools, this should fix that.

fgdump is a more powerful version of pwdump6. pwdump tends to hang and such when antivirus is present, so fgdump takes care of that by shutting down and later restarting a number of AV programs. It also can dump cached credentials and protected storage items, and can be run in a multithreaded fashion very easily.

I strongly recommend using fgdump over pwdump6, especially given that fgdump uses pwdump6 under the hood! You’ll get everything pwdump6 gives you and a lot more.

fgdump now has:

• Better 32/64 bit detection. This is not as easy as it sounds, at least not remotely! If someone has a sure-fire way for 100% reliably detecting the target OS, please let me know. In the mean time, if fgdump is unsure, it will report it and default to 32-bit.
• The -O [32|64] flag will manually override the target OS architecture. So, for example if fgdump is reporting a host as 32-bit and you KNOW it is 64-bit, you can use -O 64 (or vice-versa, of course). Note that this flag will apply to ALL hosts you are dumping! You might want to single out any hosts you need to override.

So if you’re still using pwdump…DON’T! Use fgdump.

Get pwdump here

Get fgdump here

You can read more here and here.

Via Darknet

Posted in General BS, Internet, Linux, Privacy, Security, Windows | No Comments