Friday, October 30, 2009

HACKING EXPOSED: Network Security Secrets & Solutions

HACKING EXPOSED: Network Security Secrets & Solutions, 6th Edition" is 720 pages, and over two pounds, full of information. And I found, as stated in the forward: "...Its goal is education..."

It is full of all kinds of knowledge.

Table of contents
Part I: Casing the Establishment
Chapter 1. Footprinting
Chapter 2. Scanning
Chapter 3. Enumeration
Part II: System Hacking
Chapter 4. Hacking Windows
Chapter 5. Hacking Unix
Part III: Infrastructure Hacking
Chapter 6. Remote Connectivity and VoIP Hacking
Chapter 7. Network Devices
Chapter 8. Wireless Hacking
Chapter 9. Hacking Hardware
Part IV: Application and Data Hacking
Chapter 10. Hacking Code
Chapter 11. Web Hacking
Chapter 12. Hacking the Internet User
Part V: Appendixes
Appendix A. Ports
Appendix B. Top 14 Security Vulnerabilities
Appendix C. Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks

Some of the new material includes:
the "Hacking Hardware" chapter (about physical locks, access cards, RFID, laptop security, USB, U3, Bluetooth, firmware, hard drives)...
Windows hacks (covering Terminal Services, Kerberos sniffing, man-in-the-middle attacks, Metasploit, device driver exploits, new password cracking tools)...
and UNIX hacks (such as THC Hydra, Solaris input validation attacks, dangling pointer attacks, DNS cache poisoning, UNIX Trojans, and kernel rootkits).

Some of the tactics and strategies that attackers use to gather information to prepare targets for attacks are noted, like: culling IP addresses, wardialing (it can still be effective), and spoofing e-mail messages (pretending to be support and administrative personnel).

To defend against attacks, you must understand the enemy. Preparing against access is better than trying to make repairs after a system has been. (Once someone has been inside you don't know what was left in the system, and where it was left at.) Instructions on how to perform network reconnaissance show how a network, and connected devices(firewalls/routers/etcetera), can be diagrammed. And there is a section regarding how to identify potential probing activities, and attacks.

This book can be used as a checklist of things that can sometimes be unintentionally available, but are: (web) cameras, and remote administration services...and the Microsoft Windows Remote Desktop Web Connection. Misconfigurations exist, and so do exploits that target them.

In Chapter 4, "Hacking Windows", there's a great reminder about proper password management. I've noticed that people seem to be better at it, but it's good to review best practices.

In the book the authors point towards many other sources of information and reference. There are suggestions of other books to enlighten and educate about how some prepare to access a network. And other websites and software that will allow you to test the openess of a network (hardware and services) and website.

(After going through the book, I remembered how there are instances where administrators and content managers are given more consideration than support and security managers and personnel...until there's a problem.)

If you are responsible in any way for a network or website, get this book. If there is anyone that works for you that is responsible for a network or website, get this book for their library!

The website of the book is

Labels: , , , , , ,

Saturday, October 17, 2009

book about witty Twitter posts

I received “Twitter Wit: Brilliance in 140 Characters or Less” from the publisher, HarperCollins. It's "edited" by Nick Douglas and contains posts from Twitter.

Some of those posts are from celebrities: Ashton Kutcher, Jimmy Fallon, Stephen Colbert, Neil Gaiman, Margaret Cho, Stephen Fry, Rainn Wilson, Penn Jillette, Diablo Cody, Michael Ian Black, Paula Poundstone, Eugene Mirman, Russell Brand, Aziz Ansari, Lisa Lampanelli, John Hodgman, Sarah Silverman, Susan Orlean, and more. (To my surprise, I didn't notice any from Shaquille O'Neal...)

The first "tweet" in the book got it off to a good start for me: "What's the deal with deaf people? Like, HELLO?" (Get it? As in, "Hello...and now we begin the book"?...) After that, I thumbed through it to see if any other posts might jump-out at me. What I found is that I would rather not reveal any more quotes, because I think the book is best experienced through your own browsing.

I intend to keep it accessible and available for those times when I'm trying to kill time. It's available in paperback. And, as an e-book (Sony, Kindle, eReader, and PDF formats). I suggest you put it in your purse, backpack, or portfolio for when you want (or need) to have something to do. The greatest thing about the book is that you can start reading it, and stop without feeling that you invested effort to either action.

Douglas (, should be working on a follow-up. With more pages.

I wish I had thought of doing this book...(heel of palm to forehead)

Labels: , , , ,

Google Building Maker

Introducing Google Building Maker

Do you use Google Maps?

Can you build a building on it?

Well ....

On Oct. 13. 2009 - Google "today we're announcing the launch of Google Building Maker, a fun and simple (and crazy addictive, it turns out) tool for creating buildings for Google Earth."

"We like to think of Building Maker as a cross between Google Maps and a gigantic bin of building blocks. Basically, you pick a building and construct a model of it using aerial photos and simple 3D shapes – both of which we provide. When you're done, we take a look at your model. If it looks right, and if a better model doesn't already exist, we add it to the 3D Buildings layer in Google Earth. You can make a whole building in a few minutes."

For further details:

What kind of building did your build?

Let us know at:

Labels: ,

Friday, October 16, 2009

"Second Skin", movie review

I was given an opportunity to review "Second Skin"...

"Second Skin takes an intimate look at three sets of computer gamers whose lives have been transformed by online virtual worlds...From individuals struggling with addiction to couples who have fallen in love without meeting; from disabled players...Second Skin opens viewers’ eyes to a phenomenon that may permanently change the way human beings interact."


(In regards to the production values of the movie: I've never played World of Warcraft, and EverQuest, so I must assume that the graphical representations that are displayed of the games in the movie are the same as it is when played on a computer and console.)

One of the first things that caught my attention was the statement that: in (real) life, we can be considered to begin our journey...if you will...with nothing of value. In a virtual life, it doesn't need to be that way. And, similar to outsourcing a school report, there have been opportunities to gain credit for work someone else has done when it comes to gaming. "Gold farming" is examined. It's where you hire someone to do the work that will strengthen and enhance your account within a game.

"Second Skin" explains why playing games can offer social possibilities. Especially for those who find it difficult to socialize. In life, we sometimes need to create an event which we can use to begin a relationship with someone. (I have always hated "dating": I hate going to dinner and a movie for the only reason of spending time with someone. Some of the best times I've spent with a "date" have been when she was watching television, and I was relaxing and listening to music with my headphones on...doing what we want together, even if we're not doing the same thing.) Games offer an opportunity to enter into a prepared scenario for interaction. And, it can be easier to "dump" someone you lose interest in...

Online, you can sometimes be who you want to be or wish you were: thinner, younger, male/female, etcetera. Doing so could help you offline, as it can give confidence from the experiences and practice in socializing.

In addition to accessing people and places that...for whatever reason...are out of reach, people can do things that they may never have an opportunity to. (I am reminded of simulation games that allow you fly airplanes and operate trains.) Through an avatar, those physically disabled can: go to dances, climb rocks, and participate in other things that they currently are unable to. In the movie we are introduced to a gamer and game developer who uses a wheelchair. Technology has, and can, remove barriers.

Another perspective considered is that, online, "the real you"...the person you are, but don't show...could be displayed. In real life, people may consider you nice and peaceful...because you don't break rules and violate laws. But, if you could get away with it, online you might behave differently. So when in a virtual world you allow your online persona to be the person you wish you were, and to do things you cannot in real life.

The online community is worldwide. And so are relationships. In my view, that means that the odds of being able to find someone with who you will be compatible with in some way (friendship and other) increase in your favor! So, this could be a good thing for those who aren't like most...who aren't like the norm. (Like me...)

Just a warning to heterosexual males: the movie states that the ratio of female gamers to male 1 to 10.

Exclusive communities do exist, though. "The Syndicate" is one of them: "...The Syndicate is the most successful Virtual Community in the history of Online Gaming...we only actively recruit new members for our presences in two major MMOs which are the worlds of Ultima Online and World of Warcraft. The Syndicate isn't just a guild..." That description does not do them justice. They seem "uppity"..."country-club uppitty"...

This movie does attempt to address issues from life to death. The story of one gamer involves his wife's pregnancy, and their life after the birth of their children.

When covering the subject of video game addiction, there's the story of a guy who was addicted to videogaming who committed suicide. But it seems that gaming alone did not contribute to his decision to commit appears that he may have pursued an online relationship, and the person he was interested in was not interested in him. As happens in "real life"...

This movie reminded me of what I've been saying about other activities. People who are considered to have played video games too much, are very similar to those who watch hours and hours of television. I've never been able to understand those who appear to sit all day and all night, and watch ANYTHING that is on. Some of the gamers profiled in the movie were overweight, and I assume unhealthy. And I believe that a lot of "couch potatoes" are also. But, then again, with the majority of our national population gaining weight due to horrible diets, it might not just be gamers and television watchers.


Watching "Second Skin" reminded me of similar documentary I had seen: "You Only Live Twice" was mostly about Second Life.

You can watch it at these links:

Sunday, October 11, 2009

Zoom: Handy Video/Audio Recorder Q3

Handy Video/Audio Recorder Q3

Is it really a handy audio and video recorder?
Well according to all reports and a review by the "GizWiz" it seems to work well enough for the price.
With this Q3 you should be able to do quick shooting with great stereo sound and descent video (640x480)with a digital zoom. For editiing is has a built in USB cord and also comes with a 2GB SD card (and will take up to a 32GB SDCH card.
Did I mention that it records in stereo! It has two condenser mics. These mics X/Y are directionals so that you can focus the mics on the sound sourse. It also has built in audio meters. You can also just record the audio without using the video side. and it all runs on two AA batteries.
Accessories include: windscreen, AV cable, soft carrying pouch, 2GB SD card and AA/LR6 trial batteries. Optional accessories are a Mic clip adaptor and an AC adaptor.