New registry entry for controlling the TCP Acknowledgment (ACK) behavior in Windows XP and in Windows Server 2003

http://support.microsoft.com/kb/328890

AQADMCLI

delmsg flags=SENDER,sender=postmaster@domain.com

http://blog.sapien.com/current/2006/11/28/command-line-one-liners.html

Cisco VPN PCF Decoder

Open the PCF file in notepad, grab the text after enc_GroupPwd= and go to the following website:
http://www.unix-ag.uni-kl.de/~massar/bin/cisco-decode
Copy and paste the encrypted code into that and VOILA! Clear text password is generated.

Real Estate valuation websites.

Realestateabc.com
Domania.com
Zillow.com

reviews of 15 security podcasts at
http://www.owasp.org/index.php/Reviews_of_security_podcasts

List of security Podcasts List of security Podcasts
http://realtime-voip.typepad.com/voipcommunity/2006/09/it_security_pod.html
I would say that off the top of my head a list of 10 very popular [keyword *remote], non database related vulns would be:

   1: 1. Cross-site scripting

   2: 2. Remote File Includes

   3: 3. HTML and script code injection

   4: 4. Directory traversals

   5: 5. Authentication bypass

   6: 6. Remote command/code execution

   7: 7. DoS - usually via memory corruption (failed overflows against differing SPs or hotfixes), resource exhaustion, sometimes a cool race condition or something.

   8: 8. Buffer overflows (heap/stack/format string)

   9: 9. Privilege escalation

  10: 10. Information disclosures (arbitrary read and sometimes write vulns [different class]. Often coupled with dir traversal

  11: Besides OWASP Top Ten there is also WASC (Web Application SecurityConsortium) threat classification:http://www.webappsec.org/projects/threat/

I was interviewed here about the Kindle

http://news.medill.northwestern.edu/chicago/news.aspx?id=92537

This coming week brings us the MMCUG (Midwest Messaging and Collaboratioin Users Group) and the CWUG (Chicago Windows Users Group)

Both events will take place at the Downers Grove Microsoft Offices.

If you’re interested in Exchange (MMCUG) and Virtualization (CWUG) I’d advise you check out their websites and signup.

www.cwug.net

www.mmcug.org

Christopher Kusek

Who’d want that?!

Well, apparently I do, and so do many others!

WinDirStat is the “f0 shizzle” as though it were. Or maybe that’s just what the kids are saying!

This thing is absolutely cool! An Excellent way to get a real idea of how your data is allocated and equally allow you to manage that data once it is presented.

Best of all, instead of paying for a product which does something, or even if you’re just trying to profile your FileServers and ask the question of “How many AVI’s do I really have stored across this entire server” Bam, it’s all there for you! Also a good way to go, “Hmm, why is this persons home directory eating up a chunk of my drive!”

So, if you like the idea of free visual representations and access of your data structure without paying for some random third party product for it! Go get it here!

http://windirstat.sourceforge.net/

A list of uses of this product are as follows

• See if the content on your file servers is work related (Lots of XLS, DOC, PPT good, lots of MP3, AVI and RAR bad!) – from a business sense. :)
• Easily see who has the largest home directories and respectively if the data contained within it is valid to business requirements.
• See if there is a buildup of non-essentials or data which should be moved off elsewhere (TMP, OST, PST, ISO)

Any other good suggestions for its uses would be great!

~Christopher Kusek

MSFP Rom Updates!

Cingular 8125 MSFP (AKU2) Update.

Notes:
http://www.america.htc.com/support/8125/software-downloads.html

Download:
http://www.america.htc.com/support/docs/RUU_Wizard_225111_22511102_022511_CWS_WWE_Ship.exe

Cingular 2125 MSFP (AKU2) Update.

Notes:
http://www.america.htc.com/support/2125/software-downloads.html

Download:
http://www.america.htc.com/support/docs/To_CWS_20130_284222_022501_Ship.exe

Palm 700W MSFP (AKU2) Update as mentioned before – Here it is again.

General Verizon Palm Downloads:
http://www.palm.com/us/support/downloads/

Treo 700W Downloads (Including Sprite Backup):
http://www.palm.com/us/support/downloads/treo700w.html#treo700wverizon

Notes:
http://www.palm.com/us/support/downloads/treo700wupdater/verizon.html

And as far as the Motorola Q goes, everything I’ve seen to date seems to speculate a 4Q release of the AKU2 Update.

~Christopher Kusek

Here are the links to download the PocketPC and SmartPhone Emulators (Which are AKU2/MSFP). Very useful for testing connectivity of your ActiveSync Exchange as well as testing third party apps.
Standalone Device Emulator 1.0 with Windows Mobile OS Images
http://www.microsoft.com/downloads/details.aspx?FamilyID=C62D54A5-183A-4A1E-A7E2-CC500ED1F19A&displaylang=en

You’ll need to download and install both of these applications – And to get it to function, you’ll need to install the application listed below first.
Virtual Machine Network Driver for Microsoft Device Emulator
http://www.microsoft.com/downloads/details.aspx?familyid=DC8332D6-565F-4A57-BE8C-1D4718D3AF65&displaylang=en

Once it is up, all you need to do is click “Notification” and “Connect” and it will use your existing network connection and allow you to perform functionality as though you were on your mobile device!

~Christopher Kusek