08.27.05
Posted in Windows at 4:48 pm by Keith
Although it reportedly doesn’t work in unpatched Windows XP (run Windows Update now!) at is useful command line program. I found out about it when trying to figure out a way to schedule a daily reboot of Windows XP. You can use the at command to do this with the following:
at hh:mm /every:M,T,W,Th,F,S,Su shutdown -r
where hh is the hour (24 hour clock a.k.a. military time) and mm is the minutes that you want the reboot to happen. You can use at with any other CLI command. To view what you have scheduled type at; to remove your scheduled commands type at /delete; to see all of at’s options type at /help.
Powered by Gregarious (34)
Share This
Permalink
08.24.05
Posted in Malware, Windows at 4:29 pm by Keith
SANS has a tip about hidden registry entries. Sounds like these could be a real PITA, allowing malware to be even sneakier than usual.
Powered by Gregarious (34)
Share This
Permalink
08.19.05
Posted in Windows at 9:10 am by Keith
I ran into a dial-up problem that I’de never seen for the first time in quite a while. Windows dial-up has a terminal login feature built into it. A user had inadvertently turned on this feature, so his dial-up connection attempted to make a terminal connection after dialing.
To make sure this option is disabled:
- Click start, click Control Panel, and then double-click Network Connections.
-
Right-click the dial-up connection on which you want to use Terminal, and then click Properties.
- On the Security tab, make sure the Show terminal window check box is unchecked.
further info
Powered by Gregarious (34)
Share This
Permalink
08.11.05
Posted in Malware, Windows at 3:37 pm by Keith
If you don’t allready know about this tip then read carefully and error on the side of caution. It involves editing the Windows registry; which can ruin your Windows installation (i.e. computer won’t start) if done incorrectly. If in doubt get help from a professional.
Most malware programs set themselves to start automatically when the computer starts up. They do this by making an entry in one of a few specific directories in the registry. Removing these entries will prevent these malware programs from starting automatically, making them less bothersome and easier to remove.
You can edit the registry with regedit. To start regedit go to the start menu and select Run…, then type in regedit and click the OK button. The Registry Editor will open with a list of directories on the left side. The directories you are looking for are named Run, RunOnce, or other variations beginning with Run. They are located in two different places: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ and HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\. You can go through each of these Run folders and look for anything suspicious. It isn’t a good idea to remove everything from these Run folders (and don’t remove the folders themselves!); most of these entries will likely be legitimate such as your antivirus program, CD burning software, or display drivers/applications. Delete keys corresponding to any malware (do a google search for the key/executable name if in doubt) from each of these Run folders. After rebooting the corresponding malware shouldn’t start up. Now you can run your antivirus/spyware-removing programs with a better chance of getting rid of that pesky malware.
Another easier and safer, although not quite as thorough, way to access the same information is through msconfig (not available in Windows 2000). Go to the start menu and select Run…, then type in msconfig and click OK. The System Configuration Utility will open. Click on the Startup tab. Now you can look through the list that comes up for anything that you don’t want to start automatically, unchecking the corresponding check-box. Again, be careful not to remove anything you need. After clicking on the OK button you will be prompted to restart the computer. After restarting you will get a warning that the System Configuration Utility has been used, uncheck the box on this warning so that it won’t bug you everytime you reboot and click OK.
further info
Powered by Gregarious (34)
Share This
Permalink
08.10.05
Posted in Uncategorized at 1:30 pm by Keith
CSUC has some information security tips called The Security 7. Check it out for some helpful information on the following 7 security measures: Protect your password; Protect confidential information; Update system patches, security fixes, and anti-virus software; Use secure and supported applications; Don’t open suspicious e-mail attachments; Back up your data; Use a password protected screensaver to “lock” your computer when unattended, and turn off your computer at night.
Powered by Gregarious (34)
Share This
Permalink
Posted in Software, Windows at 10:36 am by Keith
Outlook Express can sometimes be overzealous in its email attachment blocking. However, before using the following instructions for disabling this attachment blocking check out this attachment opening lecture. If you feel it is safe to proceed…
- Start Outlook Express.
- On the Tools menu, click Options.
- Click the Security tab, click to clear the Do not allow attachments to be saved or opened that could potentially be a virus check box under Virus Protection, and then click OK.
Powered by Gregarious (34)
Share This
Permalink
Posted in Malware, Windows at 10:08 am by Keith
Although there are some viruses that can infect your computer without user intervention through unpatched or unknown vulnerabilities most infections are enabled through the actions of the computer user. The most common method is email attachments. You should keep this in mind every time an attachment shows up in your inbox. There are some common sense things you can do to avoid opening a virus-laden attachment.
- First and most important: don’t open an attachment that you aren’t expecting. Even if it is from someone you know! Many viruses will send through the infected computer’s email program or spoof the sender so that it looks like the email came from someone you know and trust.
- Check out the file extension. If the file has a common file extension like .jpg or .gif it is probably safe. If you don’t recognize the file extension look it up. If it is any kind of executable file don’t open it (.pif, .scr, or .exe). Also, don’t be fooled by something like monkeypicture.jpg.exe; it’s the last file extension that matters. This is far from a foolproof method; so refer to rule #1.
- Keep your PC up to date and secure. If you do open a virus-laden attachment it is less likely to do damage if your PC is up to date and secure. That means running Windows Update frequently (at least once per month), and running and updated Virus scan program (Bit Defender, AVG, McAfee, Nortons)
Powered by Gregarious (34)
Share This
Permalink
08.09.05
Posted in Apple at 4:09 pm by Keith
I found a couple documents on how to turn an Mac OS X machine into a kiosk: Mac OS X labs, Apple Developer Connections.
You may be better off with KDE though.
Developers working in vertical markets (for example Education) have been creating kiosks or adding kiosk behavior to their applications for quite some time. Specifically, this means the ability to lock the user into a certain application or disable certain operating system functionality normally available. Developers requiring kiosk behavior on computer systems have often been forced to use “jury-rigged” solutions which often were quite hard to maintain in the long term. With the advent of Mac OS X 10.2, creating kiosks and adding kiosk functionality to an existing application has become much easier to implement and support.
Powered by Gregarious (34)
Share This
Permalink
Posted in Apple at 1:46 pm by Keith
I’ll expound on this further when I learn more, but apparently Mac OS X has a bug w/ the automatic login settings. If your mac unexpectedly starts requesting a username and password when you start it up even though you have “Automatically log in as” selected then you’ve encountered this bug. To get around it change from “Automatically log in as” to one of the other login options, restart and log in, then change it back.
To access this option:
- Open the System Preferences application. It is found in the Apple menu.
- Click on the “Accounts” icon in the System Preferences window.
- Click on the “Login Options” item in the list of accounts on the left side of the “Accounts” System Preferences window.
Of course, this is the least secure login method. I would recommend not using automatic login to keep your computer more secure.
more info on disabling auto login
Powered by Gregarious (34)
Share This
Permalink
08.08.05
Posted in Hardware at 3:25 pm by Keith
We had a Gateway PC refuse to boot up this morning. Apparently it froze up and when the user tried to reboot they got the following: “Invalid boot diskette. Insert boot diskette in A.” There were no disks in the floppy or CD drives. I tried changing the boot order in the BIOS settings but that had no effect. Then we removed the cable select jumper from the hard drive and it booted up properly. No clue what happened…but removing the jumper seemed to take care of it.
Powered by Gregarious (34)
Share This
Permalink
« Previous entries