Help Support my Blog!

Virgin Mobile USA
Glasses USA
Amazon
Newegg
VPN4ALL
Netflix
Hulu
CafePress

 

Subscribe to Paul’s Tech Talk Affiliate Marketing Blog

Subscribe to Paul’s Tech Talk Science Fiction Blog

Subscribe to Paul’s Tech Talk Scams Blog

  • Acer 11.6
    Acer 11.6" Laptop 2GB 16GB | C710-2856
    Acer

    Currently  in process review this Acer Chrome book and boy is it nice!

Navigation
Sponsors

Entries in research (11)

Monday
Feb232009

Being a Bad BOT!

badbot1

I had the strangest thing happen today, Seemed a Bad Bot was Crawling my pages. I was getting at least 60 page views an hour from this bad Bot!! The individual IP's of this Bad Are:
65.208.151.112
65.208.151.113
65.208.151.114
65.208.151.115
65.208.151.116
65.208.151.117
65.208.151.118
65.208.151.119


[ad#ad2-right]After the first initial hour of this going on, I started wondering what this bot was doing.   I did some more research into this little bot.   I did find out it is owned by Kintiskton LLC.  (Twitter Search)

Anyways It bothers me that when you do a Google Search for this company, it comes back with no company.  Some people have already did there research and have come up with very little.

I dug even more and some are saying this might be Homeland Security, and I have my own thoughts on this.   I might be paranoid myself but if there is no company out there and the IP keeps coming back, I assume it is BAD mojo.  Some people worry that it is a hacker probing for vulnerabilities and that worried me.

I decided with the Help from Godaddy, to ban the lot of IPs.  I figure someone is trying to get information or trying something they shouldn't, I'll stop it myself.   If you have Wordpress and are also having problems with this ip, you can ban it by adding this to your HtAccess file:

order allow,deny
deny from 65.208.151.112
deny from 65.208.151.113
deny from 65.208.151.114
deny from 65.208.151.115
deny from 65.208.151.116
deny from 65.208.151.117
deny from 65.208.151.118
deny from 65.208.151.119
allow from all


This is how you block those ip in the HtAccess file. Thanks to Wordpress for showing me how.
Wednesday
Dec102008

Xbox Zune? or A Zune Phone?

Could Microsoft be planning to talk about the Zune.   Some blogs are talking about how this will be talked about in next month at CES.  According to some posts and I'll quote:






The Tech Trader Daily column earlier this week on Barron's reports that Global Equities Research analyst Trip Chowdhry predicts Microsoft will reveal a Zune phone next month at CES. Chowdry expects that much like Apple's iPhone the device will combine music player capabilities with, he says, "some motion enhancement features."





[Via 1UP]





Although this is a theory, and I can see this happening due to the fact that Microsoft has always like to tie together there products.    So what makes this even more tangible is the fact that Microsoft hinted about this in the past:



[ad#ad2-left]

Dated Dec 20, 2006

Xbox European boss Chris Lewis has admitted for the first time that Microsoft is considering games content for the recently released portable multimedia player Zune.



[via Gamasutra]




As you can see Microsoft did hint this and probably will be fact sooner or later.   Some sources are claiming they have this already in the works but it's still a rumor.   I'll let you decide for yourself.

Friday
Dec052008

Trojan.PWS.ChromeInject.A is not a Firefox plugin.

A new type of malware designed to harvest web passwords has been detected in-the-wild by BitDefender’s antivirus research labs. This latest e-threat – called Trojan.PWS.ChromeInject.A – is intended to be delivered onto a compromised computer system by other malware for subsequent download into Mozilla Firefox's Plugin folder. Once installed it gets to work every time Firefox is started.

[Via Bitdefender]

[ad#ad2-right]So having seen this I thought I'd come up with ways around this to better protect yourself.  One way to prevent this from getting your sensitive data is to get a program like Sandboxie.   You could stop using Firefox that would be silly, because right now Firefox is more secure than Chrome and Internet Explorer.   I'd also suggest checking out my Anti-spyware page and Anti-Virus page and get some more protection.

The key to this virus protection is just be cautious of where you go and keep all you system update to date to prevent all this from happening.  It is also advisable to not have your passwords saved on Firefox, you should use something like Roboform, it is free  to download and try.  It will encrypt your passwords so if they don't know the master password then they are out of luck.  Roboform is also good for coming up with some strong passwords.  Just some suggestions to prevent from people seeing your sensitive data, you don't want anyone to get that data.
Tuesday
Nov252008

Some program Vulnebilities Detected!!

Just got done looking at some of my security sites and according to SecuriTeam there are are several programs that have vulnerabilities. here are the Ones that I've found:
Google chrome is vulnerable to URI Obfuscation vulnerability.
An attacker can easily perform malicious redirection by manipulating the browser functionality. The link can not be traversed properly in status address bar.This could facilitate the impersonation of legitimate web sites in order to steal sensitive information from unsuspecting users. The URI specified with @ character with or without NULL character causes the vulnerability.


[ad#ad2-right]iPhone Configuration Web Utility for Windows Directory Traversal
iPhone Configuration Web Utility lets "you easily create, sign and distribute configuration profiles using a web browser". A vulnerability in iPhone Configuration Web Utility allows remote attackers to access files that reside outside the bounding root directory of the program's files folder.


Streamripper Multiple Buffer Overflows
Streamripper "records Shoutcast and Live365 MP3 streams to a hard disk, creating separate files for each track. Runs under Unix and Windows." Secunia Research has discovered some vulnerabilities in Streamripper, which can be exploited by malicious people to compromise a user's system.


Amaya URL Bar Stack Overflow Vulnerability
A vulnerability in Amaya browser allows remote attackers to cause it to overflow an internal buffer which in turn can be leveraged to execute arbitrary code.

These are the ones that I found and wanted to let you know about these so you can make your system even more secure.   if I find any others I'll let you know!!!
Wednesday
Nov122008

A good free VPN Client -- OpenVPN & more

I've been doing some research on what might be good to use in case, I was away from my home network.  I was thinking how safe am I at Starbucks or other places that I might doing my web.  So I did a little looking around to see which one I liked and I came to the conclusions that only one I need right now is:

openvpn


The nice thing about this was the simple installation of the software and how easy it was to set it up. This service is in beta but seems to be really well done with regards to the end users. When you install this software and want to connect it uses the OpenVPN software with there configurations. OpenVPN, is a open sourced SSL VPN solution and is free to use. The way this this free is of Ad Supported banners. Now it is cheaper than paying monthly for a VPN service. The ones I've found so far are these few:




  • OpenVPN (FREE)(*advertisement)(Linux, and Windows)

  • Always VPN (Prepay) (5 GB to 80 GB limit) (Linux, Mac and Windows)*Out of Beta

  • Hotspot Shield (FREE) (*advertisement) (Windows) (3 gig Cap)

  • WiTopia (40$/ Year) (Mac, Linux, and Windows)


[ad]There is of course others out that but these are just a few that I saw that looks like the cheapest there is.  Others I've seen cost 40 to 50 dollars a month.   If you have any other ones that are free or cheap let me know.  I don't think we need to pay a lot just to have security on an open network. I'm certain that they're more out there but will keep looking for more later on. I did my initial research and will come back and find more.

*Update Feb 8, 2009*

As of recent a friend emailed me saying telling me to check the site out again and I did.  Not sure when they went out of Beta because I've not been using Always VPN lately due to my Broadband Cricket Prepay Internet.  I just checked and yes they are charging here's the break down:

  • 5GB - USD 8.50

  • 10GB - USD 15.00

  • 20GB - USD 26.00

  • 40GB - USD 33.00

  • 80GB - USD 47.00


So I must ask why they didn't just keep the 5 GB limit with the Advertising, I do not know but  I did want to let people know that it is no longer free and no longer in Beta.  I went from Always to OpenVPN which still works despite the fact they are using Always VPN back client.   It's open source so it will probably change to something else sooner or later.   If you see it changes let me know, I will update more when I find out more!!
Friday
Nov072008

Is Vista just Windows 7?

[ad#ad2-left]According to Steven J. Vaughan-Nichols from Computer World, He talks about how Microsoft is scared on Linux and that people are flocking to remove Vista off there Machines. I say otherwise, you see according to some experts like Mark Hall from Computer World, he states Vista is better than Mac OS X. So why do people say one thing and do another?

Now I know Vista isn't what people expected and that it had high expectations when they first released it.  I think that is due to the fact Microsoft tried so hard to make Vista seem more than it actually was.  Now According to Ina Fried from CNET her post was about Windows 7: A better Vista?. In her post she talked about the features of Windows 7, and how Windows 7 is almost like Vista. I tend to agree because of the look from screenshots I've seen to make me think it will be Version 2 of Vista. I don't think it is anything that will change from Vista to Windows 7. It will however be more ready to boot up and shutdown that is according to what Microsoft said to Ina.

What is Windows 7 going to have?  Some reports are saying:

[ad#ad2-right]I did some research and everything so far is either confirmed to be in this next release of Window 7 or is speculation.  I don't know if these are true.  I do know however everything they talked about is looking to me to be like Vista Version 2.  Nothing they've said so far couldn't of been an update like a service to pack to fix all these things people are wanting right now.  Vista to be faster, have better battery life, be lean, be embedded, better Uac, and boot faster.

Now I could be wrong but that is everything Vista could of done and still is possible to do!!  If only Microsoft would do what is needed people wouldn't be wanting Windows 7.  Although I suspect people will have there hopes broken, or complain about it when it comes out.  I suspect the ones who want Windows 7 will be saying Vista is great!!  I will just have to watch what happens in the future!!
Friday
Nov072008

Reports are coming in that WPA is no longer secure!

[ad#ad2-left-1]
According to a media reports, Erik Tews and Martin Beck claim that they have found a way to unlock the Temporal Key Integrity Protocol (TKIP) key, used by WPA, to read data sent from a wireless router to laptop computers. According to the researchers, the key can be cracked in 12-15 minutes.

[via Sophos]

According to Sophos, they are claim that people can now watch what you are doing on a Wireless router to a laptop. Although this isn't to be unexpected this is a very serious out come. It is now easier to watch what people are doing online. So does that mean people can see everything you do? Not necessary. According to some people this is harder than it seems, most of the websites you visit are not encrypted, but websites that use the "https" protocol are more safer to use online. You should be safe if you are buying things online as long as you are sure it is secure. Some other steps to take to help make it harder to unencrypte your wireless single is to use Roboform promotion codes you will get for 10% or 20% off the purchase price!!

[ad#ad2-right]Some other steps to consider are:




If you have a wireless router and want to be secure with any transactions online you might think about hooking up to the internet via the CAT5 cable.  This is one way to prevent anyone from seeing what you are doing online and protects your privacy.  Although this too can be overcome in certain circumstances they are much harder to do and implement so you are safer this way than with most others.
Monday
Nov032008

Peek Email tops Time Gadget of the Year!



[ad#ad2-right]I've not seen this yet, I will do my research on this Peek Email Device. This is fascinating that I didn't know that there was something I've never heard of.   Anyways, I can't beleive they don't have a netbook or the new Gaming Laptop.  Please, a WII fit, Now how did they get there too?   How did The T-Mobile G1 get number 5th in the list.  I'm surprised that the GameBoy Advanced wasn't one to be on there, After all they sold so many this year.   Why not the Xbox 360?  It seems people can still vote but don't expect anything to change.

Go Vote and lets make our voice heard!!
Sunday
Nov022008

Sites that you need not Visit:

[ad#ad2-right]I've had some Anti-virus problems in the past few weeks and have been trying to see if it is my system or if it was just luck of the draw.  So I did some research and found some sites that you should not go to, or download from.   These sites have been know to spread the fake anti-virus malware software.   So I wanted to warn people of some common websites that have been known to have viruses on them:




  • hxxp://movieportal2008q.com/freemovie/Movie/xxxx/x/ -- this site usually tries to send you the "Trojan.HTML.Zlob.AG" Virus.


  • hxxp://porntubedot.com/xxxxxxxx/WatchFreeMovie.php --This site usually tries to send you the "Trojan.Dropper.SMN" Virus.


  • hxxp://handballfondi.it/xxxxxx1.php -- This site is one of the new Malware sites that looks like Youtube,   When you go to this site they say you need a special to play a video clip.  Most of the time when you get something like this, it is going to try to install Malware. A good broad set of Codecs that you may want to download is called Klite Mega Codec, which if you us that you should never need to download any other codec to play a movie clip from any site online.


  • hxxp://0scanner.com/---censored---/ --  This site usually tries to send you the "Adware.FakeAntiVirus.L" virus.  Another site trying to install malware. [ad#ad2-left]



If you want to check your system, here are some places to go to get a free Anti-virus check:

If you have any other ways sites that we should avoid by all means comment about it. I would love to hear sites that you know are bad!!
Thursday
Oct232008

Microsoft Windows Server Service Vulnerability (MS08-067)

A vulnerability has been identified in Microsoft Windows, which could be exploited by attackers to take complete control of an affected system. This issue is caused by an error in the Server service that does not properly handle specially crafted RPC requests, which could be exploited by attackers to crash an affected system or execute arbitrary code via a specially crafted request.

On Windows Vista and Windows Server 2008, the vulnerability is only exploitable by authenticated users.

Note: This vulnerability is being exploited in targeted attacks.

[via FrSirt]


[ad]


This was just discovered and needs to let people know. I will do more research on it and maybe come up with a way to fix the problem. According to my sources there is a patch that will fix the problem!!

*UPDATE*
According to Microsoft:
This security update resolves a privately reported vulnerability in the Server service. The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request. On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit. Firewall best practices and standard default firewall configurations can help protect network resources from attacks that originate outside the enterprise perimeter.
[Via Microsoft Security Bulletin]
Friday
Oct172008

AVG detected trojan ; Generic11.BEOG

I had a Friend tell me his system detected  this Trojan GENERIC11.BEOG.  I did my research and right now.  It looking like Adobe added something to there recent updates *see updates below*.   I'll  Have to check with some other sources but it looking like AVG over did it again and found something that might just be an AVG issue.  (correction)


[ad]

I usually wait before updating something like adobe.  It is sure to be some minor change to adobe but if your are worried here's the link to watch and see what people are asking or talking about this false positive:

Malwarebytes Security Forums

It seems that AVG is calling this possible virus but yet it looks like it is a false positive.  So don't you worry.  If it was a true virus you'd probably would never know!! ;)

[ad]

*UPDATE*

I installed Adobe 9.0 and updated the virus scan database for AVG.  It hasn't found any thing yet but I am still scanning my system.  I'll let you know if it finds this false positive on my Vista machine!!  I'm doing this to test it out!!!  Come back later to find out the results of the test.  (if you like this website by all means google this website so it too can be on google trends.   I want to see it be up on google trends for a day or two.)

*UPDATE #2*

Just did a whole system scan.  It did not find anything.  So I will be doing a reboot and scanning again.   It might be something that is attached to a PDF, if you went to a malicious website.   So I will do another scan.

*Update #3*

I just rebooted and almost finished scanning with AVG.  I still haven't found anything wrong.   I have did some more digging into what might cause it.   I just did a look registry look up on {AC76BA86-7AD7-1033-7B44-A90000000001} and I found out something really interesting.   It's a PDFFile_8.ico File.  This is tells me this is an Icon for the desktop.   I'm using one of the examples from Malwarebytes Security Forums to try to figure out what might be infected.

Here's what AVG said after it finished scanning my system:



So I must assume that it is neither Adobe or AVG who have anything to do with this.  I will have to say that it must be a real infection as to not having any viruses after an install of Adobe.  How do you get this type of virus.  Check out my article on : Some Important programs to prevent yourself from having viruses and Malware!!

There you will find some useful tips on how not to get infected and other useful tools to help restore you system to it's glory days.

So I will tell my friend to do a full virus scan and double check the results.  I can't replicate the so called virus but I am sure there is something going on with the HASH files of the AVG Database and something might be coming back from the adobe install that has the same HASH files.  That also might be making AVG flag it as an Virus or Trojan.  I might never know though.