Author: admin

I may have noted this before, but I do quite a bit of local domain exploration, service detection, backup system verification, design and implementation. Finding devices and tagging them is a very helpful process, as I have seen quite a few 3rd party contractor run organizations over the years. The most fun part, is when you are local and have been asked to survey said network, you are within the letter of the law, able to help fix things, and in my case, having fun along the way.

Common thread 01: Verify all backups.
– You will be told everything is being backed up, but do not believe it. The tricky part in validating this, is knowing enough about the business systems to identify the types of data systems and file shares they utilize. Are the MSSQL driven, do they have file shares and DB pointers, etc.

How are the backups run, what is being backed up, on what schedule, full or differential, local and remote backups? Especially in the realm of contractors, you need to validate all of this. I have seen many assumptions that “backing up the main file server” will catch everything. However in reality this tends to be false. Does the application or users rely on local information? Does that replicate somewhere? Virtual / DFS a factor too?

As you can see, questions are a huge factor to mapping an existing network. Be polite to the prior contractor if you are able to obtain information before they leave. Even a subtle hint can go a long way. What backup systems are in use? Can you show me the main backups? This will establish the known systems and applications used for data backup.

From there, I am currently mapping each server to backup systems. Since there are multiple backup utilities in place, I am logging use of each one on every server. Since I have some DBA experience, I find mapping each portion to be effective in delivering a more concise end-report. Think of it as System Normalization. Once the Server Side is mapped, I will correlate the Business systems to backup methodologies.

Speaking of Business Systems / Application Data… Do not be afraid of working with end users. They will possibly and probably be your best indication of where information is being stored. Either by them telling you, or checking their mapped drives and local / web based application configurations.

From Week 02 of my new gig. Tons of data and business systems here. As I have encountered many times in the past, the belief of “everything being backed up properly”, is a huge bluff. Thank goodness at least most essential systems are here. Believe me when I have seen places with 0 active backup systems.
Since I am an employee here, they will not get all pissed about me finding problems and resolving them.

Interview wisely, my friends. There are many many many bad companies out there. Try to find the better ones, even if you go without pay for a longer time period. Your life and mind will thank you.

When running java -version, I was getting an error

Error: could not open `C:Windowsjrelibamd64jvm.cfg’

Also before that, I was trying to run Eclipse and got

Failed to load the JNI shared Library (JDK)

. Since I am on a x64 OS, with the same builds of Eclipse and Java, my version error was the tip off.

I used to have Java on this machine but had since removed it months ago. I am thinking this may be as to why the installer and java execution failed. TO resolve this, Delete the c:windowsjre folder. You should then be able to use Java again.

Information from this link. Transcribed with my personal experiences.

Prior Last installed version of Java:
jre-7u25-windows-x64.exe

Currently installed Java version:
jre-7u60-windows-x64.exe

CIPA is the new iteration of the internet censor bill floating around. In politics, if you cannot pass a corporate empowering bill, you keep changing the names and hope no one notices it being passed.

No commercials and plenty of content is what many know Netflix for. No wonder the RIAA and MPAA (Music and Movie industries) hate them so much. As for this bill, let us not forget the vaguely worded context and clauses to relay information to federal agencies.

Also relevant, The Internet’s Own Boy The Story of Aaron Swartz 2014 is out to watch.

The topic name format will likely change, but yeah. Computers are a common part of many people’s lives these days, yet there are many gaping issues that are finally coming to more minds as valid concerns. Especially the pocket computers, AKA Smartphones.

Spying is a concern for some folks, since it used to only be suspected criminals, now a days, it is quite literally entire populations, if not the entire world. On that note, why is the ex-NSA General Keith Alexander running a 1 million per month security firm?. Personally I get a very Haliburton / Blackwater / Academi vibe. Call me paranoid.

Also in the Gov’t sector, the US Marshals Service is auctioning ~29600 bitcoins. Roughly worth $17.5 million USD. Flashback being Silk Road was the online drug retailer taken down by law enforcement sometime in 2013. Also of note, is when the BCC for all buyers turned into a reply-all and that list was leaked. Oops.

Cryptome.org was temporarily taken offline for a ‘malware issue’ by their host provider. Cyptome has been disclosing leaked documents since June 1996.

In entertaining news, World Cup Wif-Fi password for the security center was disclosed in a press article. If you are taking photos in a security center, check those screens for info you would rather not publicize.

A 16 year old crafted a browser plugin that shows the financial contributions to politicians.

You know mobile phones have been backdoored to spy on people, right? Well some good people are reverse-engineering those spy tools to try and defeat the methods used, and to further disclose their operations.

Speaking of Spying, USA politics continues to be largely theatrical in restricting the bulk surveillance of persons around the world. Since the House of Representatives was called out for being really weak on their stance, they are apparently looking to cut NSA funding. If you are not concerned about spying yet, I really advise you to see what organizations are involved with NSA compliance. When software and hardware is deliberately weakened, these agencies are not the only ones with access.

Then get into the vast amount of spying 3rd parties do under contracts, with an addition of Stingray (cell phone interception spying by false cellular tower) surveillance by local police departments (Guardian write-up). Thanks for reading this current events in security post.

Think of this sub-forum as the Summer (in)security thread, but as this forum will display newest posts 1st, it will be vastly easier to keep on current dialog, without jumping through prior posts to current.

I have been a fan of combing information security news and rss feeds for years. Largely because if a flaw is unknown then it gets a published release, you can bet it will be more commonly used against that package or program. Keeping up on things helps prevent intrusions and unscheduled downtime, as that is my intent to avoid dealing with both issues. As usual I will add some dialog and overview to the articles, to save you time reading them all, and possibly getting a chuckle out in the process.

Bonus Port and Service info by command.

Thanks to Vas.com for this syntax, you can get what ports are running and what those services and applications are.

netstat -a -n -b -p TCP

Running an Nmap will likely show the ports 49152 – 49159 running on a Windows system. On your scan (with -A scanning option) they will list as [Version]Microsoft Windows RPC and a [Service]msrpc. The details on what is actually running on these ports, is provided via the above netstat command.

As described in the above link, these are Event Log and other remote services & domain related items. As with most all of the .MMC options, you can execute them to load remote servers. I do this often in administration.

compmgmt.msc /computer:"IP or MachineName"

Chain these in a batch file if you have multiple machines to audit. Closing the MMC will open the next one in your batch list. For a list of .mmc objects you can invoke by command line, this list should do you justice.

Hello. I have been thinking as I search the IT industry for a new position and I have decided Bliss PC will be a Non-Profit Charity based entity. I will do training, support, design and consulting for IT and potentially other systems as well.

I have been interested in instruction for years, but do not have the time or financial resources to obtain a Masters Degree to do so. Thus I will offer assistance via my experience and exposure to various systems and persons. Donations are always welcome, but surely not enforced. Friends to FunTimeBliss should be familiar with this format.

If you are interested and would like me to travel, I would like to ask for assistance with the commute fees. If I have friends in the region who can host me for a few days, I would likely rest there overnight.

http://BlissPC.com

Feel free to get at me on LinkedIn as well. You can review my various experience over the last 13+ years.
https://www.linkedin.com/in/ryanmitch

I’ve been trying to keep up on things regarding information security for quite some years. Issues and concerns post 2001-09-11 (9/11 as the media calls it) had been a president for huge erosion of privacy for domestic spying on citizens, politicians and businesses.

Over the last few years, these issues have been proven, but now thank to #SEA (Syrian Electronic Army), details and costs from Microsoft have been proven and disclosed on how this spying is happening and being itemized by the companies to respond to government requests, with a scope of how often this is / was occurring. Trade secrets have also been recently confirmed to have been stolen from major firms in other nations.

As for Microsoft, they are charging $50 to $200 per request, totalling hundreds of thousands of dollars per month. Considering this is likely paid from tax money and unlisted black budget funds, it especially highlights the lack of oversight or consent that has occurred in this domestic spying process.

It has been awhile since I had a heady topic on InfoSec here @ Funtime. That should do some justice. I have been having fun watching content be removed from my Facebook pages, with very occasional #FreeAnons info being blocked or removed on the Twitter. I’ll add them to my profile details (On my Profile Bio page). We can be all social network spam bots. However.
FuntimeBliss forever. So long as I can pay the bill. I private email.

Happy 2014! Hopefully Spring emerges here in the near future. I am currently located in Lancaster County, Pennsylvania, however I am looking to migrate to Albuquerque, New Mexico. I am following some leads but they are pending at this point.

I support and am also skilled in remote support and administration. Full time employment would be cheaper for any long-term work and businesses. I do not plan on being in the job market for much longer, to be honest. My personal consulting rates are as follows:

[*]$20 / hr – Personal & Residential users.
[*]$35 / hr – Small Business users.
[*]$60+ / hr – Large businesses or Government work.
(Any work is taken upon my discretion) I will not perform a role or task I am uncomfortable with.
[/list]Since I no longer bother with private WhoIs domain registration, I will save you a step and provide my LinkedIn Profile. I have 13+ years professional work experience and have been into computers and database systems since the early 1990’s.
http://www.linkedin.com/in/ryanmitch