Posts Tagged ‘windows’

Serious DNS Vulnerability

July 15, 2008

Older versions of almost every popular implementation of DNS (eg. BIND, Windows, Cisco, Solaris, Juniper) have a vulnerability which would allow an attacker to “cache-poison” the server. This means that a compromised server, possibly your ISP’s, could direct you to fraudulent websites.

For example, this sort of attack could mean that if you typed http://www.paypal.com into your browser, a cache-poisoned DNS could direct you to an IP address that is not operated by PayPal, but the address bar would still say http://www.paypal.com. This attack can not spoof the PayPal SSL certificates, but could list one with a similar name, making this an extremely dangerous phishing technique.

One would hope all the major ISPs and public name servers would have patched this vulnerability, but it’s likely that smaller servers, such as at businesses, universities or individuals, may not have.

Test your DNS server here, many large ISPs have been very slow to patch:

http://www.doxpara.com/

If this test shows your DNS to be vulnarable, change your DNS settings to the ones specified at OpenDNS.

Vulnerability specifications:
http://www.auscert.org.au/render.html?it=9546

Unlocker

March 20, 2008

I can’t understand why Windows has so little control over itself. Specifically, I take issue with the fact that it periodically refuses to terminate processes on demand, usually saying something like:

Cannot delete file: Access is denied
There has been a sharing violation.
The source or destination file may be in use.
The file is in use by another program or user.
Make sure the disk is not full or write-protected and that the file is not currently in use.

Sorry to bother you Windows. How inconsiderate of me.

Unlocker is a tool you can use to get around Windows’ incompetence. It’s a lightweight app that adds a context menu allowing you to unbind files, folders and USB device from any process or user.

Along with being just plain useful for everyday, there’s also a security tie-in. A lot of malware will use this inadequacy in Windows to prevent you or your anti-malware program from removing files. With Unlocker on hand, you can delete or move whatever you like, when you like, without having to boot to Safe Mode or a Linux live-cd.

lockup-unlocker.png

http://ccollomb.free.fr/unlocker/