Recent
Prevention of unwanted telemarketing calls
I am tired of receiving multiple telemarketing calls per day, I’m tired of the Telephone Preference Service (TPS) not having an affect and I’m tired of telecommunication companies charging for prevention features which should be free.
I came across an e-petition that was setup by a Rob Whitelock, it is not perfect in its recommendations but certainly puts the general point across.
e-petitions is an easy way for you to influence government policy in the UK. You can create an e-petition about anything that the government is responsible for and if it gets at least 100,000 signatures, it will be eligible for debate in the House of Commons.
You can help by signing the petition here;
http://epetitions.direct.gov.uk/petitions/17324
Setting up Tor on BackTrack
I was playing around with getting wpscan to run through the Tor network so I needed to setup Tor (from source) and Privoxy on BackTrack. These are the steps I took to setup Tor and Privoxy on Backtrack 5 R1. (wpscan does not yet support scanning through the Tor network)
I am no Tor expert and there are probably easier/better ways of doing this.
Installing Tor (Anonymous SOCKS proxy):
$apt-get install libssl-dev
$wget https://www.torproject.org/dist/tor-0.2.2.32.tar.gz
$tar -xzvf tor-0.2.2.32.tar.gz
$cd tor-0.2.2.32
$chmod +x configure
$./configure && make && src/or/tor
OWASP AppSec Ireland 2010
Over the weekend I attended OWASP AppSec Ireland 2010 at Trinity College in Dublin. The event was a full day event held on the 17th September starting at 9AM and ‘officially’ ending at 9PM. On my first night in Dublin I went for an excellent Italian meal with some great people, these include @securityninja, @Angelill0, @danielcornell and others. The evening was polished off with a traditional pint of Guiness in a local pub.
On the day of the conference I arrived a little early and had some brief discussions with a couple of the attendees. The conference kicked off with the keynote talk by John Viega titled “Application Security in the Real World”. This was an excellent talk that put into perspective the reality of application security within business. The keynote was followed by a brief unplanned summary by Samy Kamkar on his talk which he is touring Europe with. I look forward to seeing his full talk at BruCON next weekend.
I got ha ha hacked
I had a security breach on the blog over the Christmas period. To cut a long story short two black hats named HcJ and cyb3r-1st compromised another site on the shared hosting server, they decided to deface my blogs for a short period of time while they were at it. After talking to both of them regarding the breach it turns out they are nice guys (a bit misguided), they told me how they breached the server so that I could pass the information on to the hosting provider for them to patch it.
Free software in a Windowed world
I recently upgraded to Windows 7 from Vista. I had planned to migrate fully to Ubuntu 9.10 Karmic however after nearly £100 investment in wireless equipment and none of the hardware working under Ubuntu I bit the bullet. I will now be running Ubuntu and other Linux distributions as Virtual Machines.
Here is a list (in no particular order) of essential (to me) Open Source and Free (as in beer) software (non-security) I installed on my shinny new Windows 7:
FileZilla FTP client – http://filezilla-project.org/ (Open Souce)
Mozilla Thunderbird – http://www.mozillamessaging.com (Open Source)
Inkscape – http://www.inkscape.org/ (Open Source)
BitTorrent – http://www.bittorrent.com/ (Open Source)
Wireshark – http://www.wireshark.org/ (Open Source)
7-Zip – http://www.7-zip.org/ (Open Source)
Notepad++ – http://notepad-plus.sourceforge.net/ (Open Source)
Mozilla Firefox – http://www.mozilla.com/firefox/ (Open Source)
OpenOffice – http://www.openoffice.org/ (Open Source)
Sun VirtualBox – http://www.virtualbox.org/ (Open Source)
Tortoise SVN – http://tortoisesvn.tigris.org/ (Open Source)
VLC – http://www.videolan.org/vlc/ (Open Source)
TrueCrypt – http://www.truecrypt.org/ (Open Source)
XAMPP – http://www.apachefriends.org/en/xampp.html (Open Source)
Zattoo – http://zattoo.com/ (Free)
Spotify – http://www.spotify.com/ (Free)
Skype – http://www.skype.com/ (Free)
It should now be easier than ever to pwn my box now that you all know what software and OS I’m running. ;) What Open Source/Free software can you not live without?
P.S. HAPPY NEW YEEAARRR!!!
