The Case of the Backup Software DoS.

Our vulnerability scanner is causing the server backup software’s we use on to crash. After examining a crash dump, a developer for the backup software replied “Looking at the logs it we are getting some corrupted packets and that is causing the to try to allocate huge memory and that is the reason for the …

Continue reading ‘The Case of the Backup Software DoS.’ »

The Case of the New DC and the LM Hash

While reviewing the results of the latest windows domain password audit, I noted that there was an increase in the number of lanman hashes stored. We had two domain controllers blow up recently and they had to be rebuilt from scratch rather than restored from backup. I correctly figured that on one or both of …

Continue reading ‘The Case of the New DC and the LM Hash’ »

Shmoocon 2008 Day 2

Here are some notes from Shmoocon day 2. Today was a return to the traditional Build It, Break It, and Bring it on tracks. Here are some notes/summaries from the sessions I attended. It was another fun day. Active 802.11 Fingerprinting, Bratus, Cornelius and Peebles How can you identify if an access point is legitimate …

Continue reading ‘Shmoocon 2008 Day 2’ »

IRPStackSize

I have a whole bunch of Windows XP sp2 systems that give me an error when I attempt to connect to their c$ or admin$ shares: “Not enough server storage is available to process this command.” The remote system’s event log records: Event ID : 2011 Source : Srv Description: The Server’s configuration parameter “IRPStackSize” …

Continue reading ‘IRPStackSize’ »

Symantec Steps into software as a service

I thought this article was interesting, Symantec Steps into Software as a Service. The Cupertino, Calif.-based company said that the launch of its Online Backup Service, which provides outsourced data storage and disaster recovery services to SMB customers, is merely the first piece in a wider set of offerings it will introduce dubbed Symantec Protection …

Continue reading ‘Symantec Steps into software as a service’ »

SANS 2.2 Desktop Encryption

This is a 5 company report on their lessons learned and experience. Rhonda Maluia from the Naval Special Warfare Development Group spoke on their use of hardware based encryption. They use Flagstone which is a British company (opening U.S. offices shortly). I took less notes on this talk due to the dark background of the …

Continue reading ‘SANS 2.2 Desktop Encryption’ »

SANS Session 1.4 Top Ten Things to Look out for in Laptop Encryption

These are my notes from a talk Eric Cole gave at today’s SANS Secure Storage and Encryption Summit. If you have a chance to hear Eric talk on any subject, run do not walk to sign up. I dint have a lot of security heroes but he is someone I admire. Again these are my …

Continue reading ‘SANS Session 1.4 Top Ten Things to Look out for in Laptop Encryption’ »

SANS Section 1.3 Top Mistakes in Deploying Mobile Data Encryption

Again these are my notes from the SANS Secure Storage and Encryption Conference. In Session 1.3 four companies discuss their experiences deploying encryption. JP Morgan Chase – Guardian Edge EPHD 48k laptops deployed. They found problems due to standardization issues and multiple support teams. Key Challenges – If your goal is to encrypt data on …

Continue reading ‘SANS Section 1.3 Top Mistakes in Deploying Mobile Data Encryption’ »