Exciting news here at PC Cybertek! I’ve expanded the capabilities of the void of sunlight, purple walled, silver celling, neon lit, smoke filled, PC Cybtek Laboratory. And yes, that is an accurate description of the lab. But who cares what the room I spend countless hours staring at monitors looks or smells like? I’ve finally done what I have been threating to do for ages. Get on with it already you say… OK OK After the break, I’ll tell you
I’m going to make this short and sweet to get the word out there. I will delve further into what actual malware is being served and what the effects are at a further date.
The following image was taken from a screen shot I made. It shows the fake video player that shows a rotating “waiting” graphic and pretends that it can’t load the video because it needs to be updated.
I knew this was a threat because I’m also a video editor and I keep all my codecs up to date. However, I thought I would pursue this further so I could see what file was going to be installed. Then I could run analysis on it and report my findings here. But I was running ESET NOD32 and it recognized this page was a threat and also blocked whatever this page tried top send me. You can see the results below.
So just don’t update your video player through any website that claims your video player needs to be update to view an online video. I would imagine there will be variations of this soon. Like fake Quicktime Player or Windows Media Player updates. I will grab a copy of the file this site is trying to distribute, for further analysis, later and post my findings here. That’s going to take some time and I have seen this fake xvid update a couple times now and decided I should spread the word sooner rather than later.
Here’s another little fix that I performed on one of my computers that I thought I would share. When I play videos on sites like Youtube, while in full screen mode, the video itself would often freeze after playing for a minute or two. The audio would continue to play correctly and if I would escape from full screen mode back to a normal video playing in the webpage, the video would begin to play correctly again.
It seems that using hardware video acceleration was the culprit. Once I disabled it, everything worked fine. This is easy to do. Just right mouse click on the video that is playing. 
Then a window should open that says Adobe Flash Player Settings. Select settings and then uncheck the box that says enable hardware settings. If you don’t have that option, you may need to click on the icon at the bottom right of that window. It looks like a monitor with a paintbrush. And that’s it. Your videos should now play in full screen mode without the video freezing.
If you follow this blog, you know that I did an article on the first stable release of Namp http://www.pccybertek.com/2010/01/nmap-5-20-released yesterday. Now that it has been out for a week, Fydor has already released another update, Namp 5.21 which is also a stable
release and not a beta. It’s mainly just a bug fix release. So I have updated the download section here with a link to the 5.21 release, which is on the right column about 3/4 of the way down the page. My download link is directly to the file on the insecure.org website or you can go to the Nmap download page yourself.
But I don’t want to just tell you about the update, I’d like to offer you some more since you took the time to stop by here. So here is a link to Iron Geek’s Baisc Nmap Tutorial video. And if already know the basics and would like to move on to some more advanced lesson, here is Iron Geek’s Nmap Video Tutorial 2: Port Scan Boogaloo Happy port knocking.
I’m not a big fan of Norton Anti Virus or Internet Security. Norton Anti Virus was the best selling software I ever sold at the computer store. Most the time, customers had no problem installing it, unless they were buying it because they were already infected. In which case, I don’t fault Norton AV if it wouldn’t install because many virus attack Norton.
Then Syamntec decided it needed copy protection. I think it was 2004. All of the sudden, most of the people that bought Norton couldn’t get it installed. If they had ever installed any other anti virus, even Norton, it wouldn’t install. Many of my customers were upset. Some even went to the website and downloaded a program that was supposed to fix it so they could install it, and that didn’t work either. When I had to charge people an hour labor, which didn’t even cover the time I spent, they were even more upset. My fix was to go in to safe mode, find and remove every program and directory named either Norton or Symantec. Then I would have to do the same in the registry. Then it would finally install. If Norton wasn’t to blame, this wouldn’t have fixed it. Not to mention what a system hog it had become. Many times it would just break and I would have to go through all of that to reinstall it. Too many alienated customers later, I quit selling Norton altogether and would only offer it if they were buying a computer from me. By the way, I tried installing NAV 2006 on a computer at work several years ago and spen hours trying to get it to install, so apparently it still isn’t any easier. That way I knew it would install because it had a fresh OS on it. Just so you know, I use ESET NOD32 which is why I have an add for it. I have never had a single problem installing or updating it. It uses less system resources and has a more complete virus definition data base. And that computer at work that wouldn’t install NAV 2006, NOD32 installed without a hitch. It makes me wonder if all that copy protection actually increased profits at all. The funny thing is, the copy protection didn’t stop the pirates, it was available for download. Ironically, it wasn’t the copy protection that kept pirates from sharing it, it was how bad the program had become.
So when I saw this video, I had to post it here. Between my experience with Norton and working at a TV station, where we use stuff like Power Point while broadcasting, I couldn’t pass this up.
The most excellent packet sniffing tool, formerly known as etheral, now known as wireshark has recently been updated to ver 1.0.6 This is one of those programs that I find hard to write up. All I can say is, I love it. When I was first learning about network traffic, I tried out etheral. I loved being able to see that raw network traffic. I was amazed at the shear amount of traffic on my LAN. It also stirred my interest in what all these protocols were.
Soon I was using it to uncover malware and where they were phoneing home to. I also used it to get ip addresses of people on IRC when they DCC to me. And just recently I used it at work. Someone forgot their e-mail password and they needed it to get on their web mail. I just fired up wireshark and the launched Outlook. Then I just looked through the log and found to communication to the POP server, and there was the user name and password. Set it up with a wifi card and you can capture some intresting packets.
Then there is Sharkfest, June 15th – 18th at Stanford University which I can only dream of going to.
Here is a beginers video intro to wireshark
It was 20 years ago Tim Berners-Lee invented the World Wide Web. Not quite 20 years to the day, but close enough. In this Ted talk, Tim talks about what is the next step in the evolution of the World Wide Web.
Seeing how I’m now running Word Press, it only makes sense that I would tell you about Word Press TV. If you are running Word Press, or are just thinking about using it, you owe it to yourself to give this site a look.
Even though it’s only been up for maybe 2 months, there’s a lot of great content. There’s plenty of How-To videos, for beginners to advanced users. There’s videos about administration, set-up, widgets, publishing, media, plugins, themes, custom design, and more. There is also a section of videos from Word Camp.
I wanted to write about Word Press TV when it first went live, but I haven’t actully spent any amount of time on it, untill recently. Most of them are using vimeo to host their videos, so the quality is execlent. Theses aren’t some junky, pixalated Youtube videos. They are high quality and when I viewed them with HD turned on, the screen captures of in the how-to videos was perfect and crisp and easy to read the all the text in the videos. Even when not in full screen or HD you can read them easily. If only everyone made instructional videos at this quality. Check out the example below.
I’m working at a radio & TV station. Our website has our daily TV news broadcast on it. The video we have on there is flash video and I’ve been given the task of improving our flash player. I’ve decided to go with the JW FLV Media Player. Which just happens to be the same player our website developer wanted to go with.
The JW FLV Media Player is free for non commercial use. It has a lot of great features. The most useful feature for me is you can create playlists. In this playlist you can tell the flv player to not allow certain videos to be skipped. So when someone chooses to watch the news, the can select any segment they want or start at the beginning and watch all of it, one segment after another. The files in the playlist that can’t be skipped will be commercials. The JW FLV Media Player can also be skinned so you can give it any look you want. You can also add a logo which will be placed in the upper right corner. The code is pretty easy to figure out and there is also a setup wizard and lots of examples of how to use all the variables. You can use java or embed code to add it to any website. Thanks to the embed code, it’s very easy to add any video, and the player, to a blog or forum post. So if you’ve been looking to add your own video to a website or blog, the JW FLV Media Player could be just what you’re looking for.
We interrupt the previous story to get down to what I said we would be featuring this month, Hacking. When it comes to hacking, video tutorials, this site is one of the best. Irongeek’s Hacking Illustrated Videos
can be found at, where else, Irongeek.com
There’s a lot of them and he has been making them himself for years. He also has a tutorial on how he makes the videos. This site isn’t the prettiest sight around but it more than makes up for its looks with great content. From the Basic Nmap Usage, Sniffing VoIP Using Cain, Metasploit Flash Tutorial, Using SysInternals’ Process Monitor to Analyze Apps and Malware, Creating a Windows Live CD for System Recovery and Pen-Testing with Bart’s PE Builder,
and so many more. There’s bound to be something of interest to all but the most seasoned veterans.
While Irongeek maybe best known for his video tutorials, he has also written some nice netowrk security articles. His latest, State Hacking/Computer Security Laws, is very informative and was posted at the end of December of 2007, so it’s current. How To Cyberstalk Potential Employers “This article is less diabolical than its title might imply. Essentially, I want to give the reader some tips for finding more information about a potential employer than the job listing may reveal.” And he does. It’s well written and I like his inclusion of screen shots.
If irongeek.com only had the video section, that would be enough alone for me to recomend it. I’m sure he laid the ground work and inspired others to make hacking video tutorials. There’s also a couple scripts/apps that he wrote, some reviews, and don’t forget the clips of him working out. And if my word isn’t good enough, there’s also half a dozen campuses that use his material. And here’s a nice little link that shows you all the info that can be seen from your browser.
This one is a keeper. Definitely worthy of a bookmark and some time for further exploration. I tip my proverbial hat to Iron Geek. Well done sir.
Content © PC Cybertek. Proudly powered by WordPress. To bookmark this site, press Control+D.
"Black Hat" theme by Nicki Faulk. For best results, please view with Firefox. [ Register / Log in ]