Archive for the Category » Systems «

Sunday, October 19th, 2008 | Author:

I just read this article on using compressed air to cool a memory chip so it will retain data even power is been cut off.

A video can be found here on the process and on why colder memory chip will retain data longer. By retaining the data, you can do a dump of the data and extract the cryptographic keys. They were able to extract keys for BitLocker, TrueCrypt, FileVault and dm-crypt.

The attack is not exploiting weakness of the encryption software but due to the fact that the keys have to be stored in memory. Encrypting the key in memory don’t really help, you still need to store that key that encrypts somewhere !


Category: Security, Systems  | Tags: ,  | Leave a Comment
Thursday, March 20th, 2008 | Author:

I was looking for a way to force my VM to boot up with a specific date and time without going into the VM BIOS to change it every time I boot up.

I just need a VM for testing and evaluating certain software or platforms but I don’t like re-building it when the licenses expires.

Especially when trial software always expires in like 15 or 30 days ? 7 for a particular secure os and 15 for a particular secure platform. 🙂

more…

Category: Systems, Technical  | Tags: ,  | Leave a Comment
Saturday, December 09th, 2006 | Author:

I got my Sandisk 2GB U3 drive at Sitex 2006 @ SGD71. This is a real threat of U3 drives, check the hacks available here: http://www.hak5.org/wiki/USB_Hacksaw

Forbes reported, A recent news of data related to U.S underground nuclear weapon tests been leaked from Los Alamo Labs.

The threat of USB and other removable media is real and enterprises should be looking into solutions to protect those endpoints

Sunday, July 16th, 2006 | Author:

VMware has announced VMware Server 1.0 and it’s FREE.

I’m a great fan of VMware Workstation for testing various Linux distros and creating a infrastructure to test certain software features.

With VMware Server free, I can bring my work home too. (Not really a good thought ?)

You can download VMware Server here.

Category: Systems, Technical  | Comments off
Monday, April 24th, 2006 | Author:

When I plugged in my USB harddisk to my PC, to my horror, I started to hear some kind of clicking sound and the harddisk is trying to spin up and stop repeatively.

So I looked at my system’s dmesg messages and realised my HDD is a goner. My OS is unable to mount the vfat partition.

Remove the 2.5in harddisk from my USB casing and connected it back into my IBM X21, inserted an Ubuntu 5.10 LiveCD. Once Gnome desktop came up, I tried to mount the partition again, this time is successful !

I managed to save most of my data except 2 ISO files which I suspected they are residing on the harddisk bad sectors. I ran the harddisk diagnostic tool, guess what, bad blocks were detected.
Googled around and found a site with most of the different harddisk vendors’ Low Level Formatting tools. At the same time, I decided to “nuke” my harddisk.

more…

Category: Linux, Systems, Technical  | Comments off
Friday, April 07th, 2006 | Author:

I had a major problem. I have to “analyze” Windows event logs from several Microsoft Windows Servers in a centralised location.

Procedures:
Open Event Viewer
Browse to folder
Open hostname-year-month-day.evt
Filter Errors and Failure Audits
Repeat for the rest of the servers

I was lucky to stumble upon the Log Parser, a command-line which allows SQL queries to be run against log files and dump the required results into simple csv files.
“C:\program files\log parser 2.2\logparser.exe” -i:evt “select EventLog, TimeGenerated, EventID, EventTypeName, EventCategoryName, SourceName, Strings, ComputerName, SID, Message into %2 from %1 where EventTypeName like ‘Error%%'” -o:csv -resolveSIDs:on -direction:BW

Where %1 refers to your source and %2 to your destination.

Quoted from my friend “If you have to click on the same thing more than 2 times, automate it.”

Category: Systems, Technical  | Comments off
Wednesday, December 14th, 2005 | Author:

By default, Microsoft RPC allocate ports from 1024 – 65535.

To restrict them to 5000 – 5100, Use the Registry entries below.

— cut here —
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Internet]
“Ports”=hex(7):35,00,30,00,30,00,30,00,2d,00,35,00,31,00,30,00,30,00,00,00,00, 00
“PortsInternetAvailable”=”Y”
“UseInternetPorts”=”Y”

— cut here

Category: Network, Security, Systems, Technical  | Comments off