Notable Security Vulnerabilities for 2017

2017 has been an exciting time for discovering security vulnerabilities.  There are some that hold your companies assets to ransom. Others can be career ending.  So I thought to compile a list to keep track.

Remember there is still 2 more months till the end of the year!

  1. Teamviewer (2 or 3?) 20170218 https://www.reddit.com/r/teamviewer/comments/5us6th/has_teamviewer_12_been_hacked/
  2. Apache Struts2 Jakarta Multipart Parser File Upload Code Execution 20170309  https://www.theregister.co.uk/2017/03/09/apache_under_attack_patch_for_zero_day_available/
  3. WannaCry 20170512 https://en.wikipedia.org/wiki/WannaCry_ransomware_attack .  This comes with love from NSA’s  EternalBlue exploit
  4. Petya / NonPetya 20170627 https://en.wikipedia.org/wiki/Petya_(malware)
  5. BlueBorne BlueTooth 20170912 https://www.armis.com/blueborne/
  6. Apache Struts RCE 20170912 http://hehackernews.com/2017/09/equifax-apache-struts.html  This is the one that got Equifax in the short and curlies
  7. KRACK (Key Reinstallation Attack) 20171016 https://en.wikipedia.org/wiki/KRACK

Hash and large files

You need to send off several large files.  These may be the parts of a very a large zip file or multiple individual files.  The receiver tried to open or merge the files together and get a bad data error message.  How do you know what is bad?

The answer is simple.  Use a hash.  A hash or hash checksum is a unique pattern created from the contents of your file.  This is a one way process.  It is commonly used to validate if two files are identical.  When the file is in the pc or smartphone, create a hash and save it.  A simple Windows tool for creating hash is FCIV.  Upload your desired file and the hash in 2 separate files.

The receiver, will again hash the file you sent.  Compare the hash signature generated versus your hash.  If the hashes match, the file has not been modified and is identical to the source.

Note there is no mention on the type of file or its contents.  It does not matter, if is a zip, msi, text, audio or video file.

File verification fciv

VMware Server discontinued

This is old news to some.  This is regarding about one of my favourite software, VMware server.  I came across several posts in the past week about its passing.  Finally found the official confirmation.

This really sad, as I have used VMware server to successfully run several simulations on my creaking old PC.  Without it I would not have pass my certification exams.  Well I suppose all things have come to an end.

link

A troika of errors.

Does everything happen in threes? It all started when I used an older version of procedure to perform a certain function. A silly but not uncommon error. What happened next was simply astounding.

To unrolled back my mistake, another application database need to have a few tables cleared out. Since I am not familiar with this application, I let my colleague to perform this task with the application owner. What can go wrong right?

They cleared out a wrong table. A table which I am told is very critical. The only way to solve this is to restore last night’s backup. Unrolling back the database transaction log was not advisable as it would end up at an unknown state.

The database restore process was interesting. The backup software refuse to restore to an alternate location on another database server. In the end we tried to restore the database offline with a different name.

Big mistake.

The restored database nuked the current database, that we trying hard to preserve. Subsequent investigation revealed that the restore problem was caused by the backup software client account configuration. Some thing that has been running for the past 2 years.

There are days were it is a good idea to stay in bed.

Useful Free Applications

Freemind –  Mind map program.  Some schools encourage their students to use mind maps.   Requires Java JRE 1.6 and above.

RoyalTS – Terminal service program.  Enables you to simultaneous connect via RDP to multiple computers.  This was open source, from version 1.4.x it is closed sourced.  The free versions allows a maximum of 10 connections.  Also covered here.

Gimp –  Graphics editing program  This is a fully featured graphics editing software.  Can be quite intimidating with its functions and layers.  Once you familiarise with the user interface, it really rocks.

Sysinternals – System Internals of Windows.  Enough said.

Robocopy – Robust copy, part of Windows Resource kit.  A great live safer for file server migration.

Ghostscript – PDF converter.  It takes PS files and converts into PDF.   This is freeware, even for commercial use.  PDF995 engine is actually Ghostcript.

Update 16 Dec 09

Portable applications are programs that don’t require installation.  All the executables and libraries are placed in a folder of your choice.  Outside the system folder.  This can really save the day when you have computers that are locked down due to security policy and what you have can’t do the job.

Thunderbird POP3 email client
Freemind mind mapping beta version, 0.9 beta9
VLC Video LAN

1 Apr 10

Keepass An excellent password manager for all the network, forums and websites. A portable version enables you to put it on a USB stick. The database can be secured by master password and/or key file. If for some reason, you can still  view the original password.  There are two versions available.  The Classic Edition (1.17)which really lightweight requires nothing from the operating system comes with 2 types of encryption,   The Professional Edition (2.10) requires Microsoft .Net Framework 2.0, comes with more features but only 1 type of encryption.  link

Update 28 Jun 10

Truecrypt Personal data encryption.  Create a file of a predetermine size to be your virtual disk.  Put your stuff in. This is available in portable and installed version.