Welcome to www [  [ net!

· Home
· AvantGo
· Content
· Feedback
· Forums
· Help Desk
· Journal
· Members List
· News
· Private Messages
· Recommend Us
· Search
· Statistics
· Submit News
· Surveys
· Top 10
· Topics
· Weather
· Web Links

     Who's Online
There are currently, 3 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking

     Content Categories
· Features (2)
· InfoSec (2)
· Spicey Chicken Cartel (8)

 Look to the Blog for Future Content Updates

News & Stuff

After several years, I have decided to change out the Content Management System (CMS) for the site once again. PHP-Nuke is an OK piece of software, but it has had its 'issues' over the years, and it is popular enough that Nuke sites tend to find themselves targets for the legions of skiddies who can't get a date of Friday night (and you know who you are.)

So, effective pretty much immediately, I will no longer be posting new articles on the Nuke site. Instead, I will be posting all new content on my blog, and over the next &HOWEVER_LONG_IT_TAKES_ME I will be migrating the existing content over to the blog, as well. Hopefully, when all is said and done, some feature (like the photo gallery) I had to take down because of security-related problems, will magically re-appear.

The URL for the blog is: https://.net/blog, or you can just scroll down and you will see a block with the last 5 postings.

The 'Web-meister'

Posted by etee on Monday, February 13 @ 07:32:51 CST (3 reads)
(Read More... | Score: 0)

 Bad Things Are Happening...

Info Sec

Folks, there is a storm a-brewin' out there on the Internet, and when it hits full force, things are going to get really ugly, really fast.

What I am talking about is the rash of exploits for the 'WMF 0-day' vulnerability that have been showing up over the last week. There is a security advisory from Microsoft on the subject, but as of yet no patch has been released.

This thing has been spreading via malicious Web pages, via email spamm, and via IM spamm ('spimm'), meaning people have lots of opportunities to get their systems infected. 'Infection' can result in the installation of malware ranging from adware and spyware (LOTS of adware and spyware) to trojan programs and rootkits designed to turn your PC into a zombie, ready to do the bidding of its new master, capable of nefarious activities ranging from being a spam-bot to being a participant in a Distributed Denial of Service (DDoS) attack.

And, folks it is gonna get really, really bad, as people return to work, fire up their office PCs, and give these exploits a fresh set of targets to go after. And, since many companies are likely to wait on Microsoft to supply an 'official' patch before doing anything, those machines are going to be vulnerable... in a big way.

So, what can you do to protect yourself and your PC? There are several sources of good advice on this matter. In addition to the Microsoft security advisory (above), here are some sites I found at the SANS/ISC Diary which provide good guidance:

F-Secure Weblog

Secunia Advisory

SANS/ISC Diary: Trustworthy Computing


While I hate to start a new year out like this, I have one thing I need to say:

Be Afraid... Be VERY Afraid...

Update 03-Jan-2006: Microsoft has updated their security advisory this morning to document the steps they have taken to prepare a permanent fix for this problem. An excerpt from the revised advisory is quoted below:

"'Microsoft has completed development of the security update for the vulnerability. The security update is now being localized and tested to ensure quality and application compatibility. Microsoft's goal is to release the update on Tuesday, January 10, 2006, as part of its monthly release of security bulletins. This release is predicated on successful completion of quality testing."

At least we have a small glimmer of hope: now let us all pray that the light at the end of the tunnel isn't an oncoming train...

Update 06-Jan-2006: Yesterday, Microsoft released a patch for this vulnerability. If you don't have Windows Update set to install patches automatically, get thee to the patch and install it, quickly.

Posted by etee on Sunday, January 01 @ 10:25:57 CST (7 reads)
(Read More... | 6 comments | Score: 0)

 Welcome to 2006, from .net!

News & Stuff

I would like to take this opportunity to wish all the readers of this site a Happy and Prosperous 2006.

I know things haven't been updated around here as much as I would have liked in the past year. Hopefully, the challenges of 2005 are behind us, and we can move forward into the future. So, keep an eye out, who knows, there may even be new content show up here, and sooner than you think!

Cheers and Best Wishes,

Posted by etee on Sunday, January 01 @ 10:02:35 CST (3 reads)
(Read More... | 6 comments | Score: 0)

 A Little Gift For You... From Microsoft

Info Sec

Yesterday was "Black Tuesday", the day of the month when Microsoft releases the current month's crop of Security Bulletins and patches for the Windows OS and Microsoft applications. This month, they gave us 2 bulletins:

  • MS4: Cumulative Security Update for Internet Explorer (905915) - this update patches four separate vulnerabilities, including the '0-day' exploit that has been running around the 'Net. Patch immediately, if not sooner.
  • MS5: Vulnerability in Windows Kernel Could Allow Elevation of Privilege (908523) - this update patches a vulnerability in the Windows Kernel, which could allow a local user (one who is logged on to the system) to gain Administrator privileges. While Microsoft says this is only exploitable by a local user, eEye Digital Security outlines a path by which this vulnerability could indirectly be exploited 'remotely', which might lead to worm-like propogation. It may also be possible to exploit this remotely if the user credentials are known. This vulnerability only affects Windows 2000 SP4 (and, according to eEye, NT 4.0.)

SANS Internet Storm Center has a good analysis of these bulletins, which can be read by clicking on this link.

As always, if you don't have Windows Update set to download and apply patches automatically, then you need to do so manually. And soon.

Posted by etee on Wednesday, December 14 @ 06:36:49 CST (4 reads)
(Read More... | 6 comments | Score: 0)

 Next Tuesday is ''Microsoft Tuesday''

Info Sec

This came out today:

On 13 December 2005 Microsoft is planning to release:

Security Updates

• 2 Microsoft Security Bulletin affecting Microsoft Windows. The highest Maximum Severity rating for these is Critical. These updates will require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer (MBSA).

For the full details, click on the following link: Microsoft Security Bulletin Advance Notification.

Soooo, if you don't have automatic updates turned on, don't forget to patch, and patch promptly. Remember, there are a couple of active exploits running around, and you don't want your PC to be 0wn3d by anyone else, now, do you?

Posted by etee on Thursday, December 08 @ 14:51:34 CST (3 reads)
(Read More... | 6 comments | Score: 0)

Don't have an account yet? You can . As a registered user you have some advantages like theme manager, comments configuration and post comments with your name.

     Big Story of Today
There isn't a Biggest Story for Today, yet.

     Traffic Report
We received
page views since
October 2003

Total Hits
· New Today 108
· New Yesterday 234

Average Hits
· Hourly 53.16
· Daily 1,275.8
· Monthly 38,806
· Yearly 465,675

Server Time
· Time 17:12:03
· Date 20 Apr 2006
· Timezone -0500

     Forums Scroll
Topics 305
Posts 2091
Views 34648
Replies 1786
Members 74