Discussions on computers and beyond

Sections

User Functions






Lost your password?

What’s New

Stories

No new stories

Comments last 2 days

No new comments

Links last 2 weeks

No recent new links

Welcome to Topsight.net
Monday, February 08 2010 @ 05:45 PM EST

View Printable Version

A simple way to Create a windows 7 image to roll out to multiple computers

Tuesday, January 05 2010 @ 05:34 PM EST

Views: 153

MicrosoftWhile studying for the win7 exam (70-680) I stumbled upon rather simple way to implement desktop imaging without investing in external tools such as Ghost or Acronis. Although, due to the numerous errors and omissions from all sources I researched, I found no single reference that contained the information needed to generate and apply a working image without error. I’m therefore puting together the following how-to as a complete reference. Click read more to see the how-to. Questions/Comments can be directed to (opticfiber at topsight.net).

read more (189 words) Post a comment

Comments (0)

View Printable Version

Process Memory Dumper

Saturday, January 03 2009 @ 02:08 PM EST

Views: 1,232

General"Process Memory Dumper (PMD) is an application that allows you to dump the entire memory of the chosen process. NOTE: this is NOT a PE Dumper. PMD dumps the ENTIRE memory space of the process. We believe that this tool could help in Forensics and Credentials Disclosure Research."

More info and download here:

www.evilfingers.com

Post a comment

Comments (0)

View Printable Version

Creating a rogue CA certificate

Tuesday, December 30 2008 @ 01:20 PM EST

Views: 1,078

SecuritySecurity researchers Alexander Sotirov, Marc Stevens, Jacob Appelbaum, Arjen Lenstra, David Molnar, Dag Arne Osvik, and Benne de Weger have identified a vulnerability in the Internet Public Key Infrastructure that allows them to create rouge CA's (basicly makes all PKI based SSL useless).

"Our attack takes advantage of a weakness in the MD5 cryptographic hash function that allows the construction of different messages with the same MD5 hash. This is known as an MD5 "collision". Previous work on MD5 collisions between 2004 and 2007 showed that the use of this hash function in digital signatures can lead to theoretical attack scenarios. Our current work proves that at least one attack scenario can be exploited in practice, thus exposing the security infrastructure of the web to realistic threats."

To read the full article see: www.win.tue.nl/

Post a comment

Comments (0)

View Printable Version

FACE RECOGNITION BROKEN IN LENOVO, ASUS, and TOSHIBA LAPTOPS

Monday, December 08 2008 @ 07:39 AM EST

Views: 1,285

AnnouncementsToday Vietnamese security research and Anti virus company BKIS announced a vulnerability in the proprietary facial recognition authentication systems included with most laptops. Le Nhat Minh, Nguyen Minh Duc, Bui Quang Minh, Le Minh Hung found that by using not so special printed photographs of the target users, certain facial systems simply recognized the photographs as the actual user allowing successful authentication.

One could infer that most systems are vulnerable to this vulnerability due to the two dimensional nature of these systems. For more information and video demo see the below link.

Video: http://security.bkis.vn/Proof-of-concept/Face_Recognition/FaceRecognitionBypassing_DemoVideo.wmv

Announcement: http://security.bkis.vn/?p=292

Post a comment

Comments (0)

View Printable Version

An indepth Intro to wireshark

Sunday, December 07 2008 @ 02:07 PM EST

Views: 1,174

Interesting Stuffirongeek.com has once again done a fantastic job of putting together an in depth video demo, this time focusing on wireshark. If your new to wireshark, or just need a refresher on how to use and create filters, this video is very helpful.

Check it out at irongeek.com

Post a comment

Comments (0)

View Printable Version

IOSMap: TCP and UDP Port Scanning on Cisco IOS Platforms

Monday, December 01 2008 @ 07:29 AM EST

Views: 1,315

Interesting StuffRobert VandenBrink has publish a paper on SANS detailing how to get a complete port scanner up and running via TCL on cisco IOS.

"This paper describes IOSmap, a port scanning tool implemented on Cisco IOS using the native TCL (Tool
Command Language) scripting language on that platform. The business requirement for this tool,
implementation considerations and challenges, and design choices are discussed."

See more here: www.sans.org

Post a comment

Comments (0)

View Printable Version

IE in Windows Mobile still sucks.

Thursday, November 27 2008 @ 07:39 PM EST

Views: 1,180

GeneralReading Gizmodo's mobile web round up and I just had to laugh at this:

"Internet Explorer on Windows Mobile
Jesus Christ. This is a joke, right Microsoft? Hahaha. No really, this is the worst smartphone browser on the planet. It couldn't render its way out of an ASCII-art paper bag. It totally screwed up every single test page, except for Wikipedia, which it only mostly screwed up. Good luck navigating a page if you're granted the miraculous occurrence of it being rendered in a state that's usable. Grade: F-"

See the whole article here: http://gizmodo.com/5090988/mobile-browser-battlemodo-which-phones-deliver-the-real-web

Post a comment

Comments (0)

View Printable Version

New IRC channel

Thursday, November 27 2008 @ 09:37 AM EST

Views: 1,358

AnnouncementsJust an FYI

We've setup a new IRC channel (#topsight) on dalnet. stop by.

www.dal.net

Post a comment

Comments (0)

View Printable Version

WPA TKIP broken by Erik Tews

Sunday, November 09 2008 @ 12:11 PM EST

Views: 3,039

AnnouncementsErik Tews and Martin Beck of TU-Darmstadt, Germany (Both contributors to aircrack-ng)
yesterday released the first published work on cracking WPA encryption in less then 15
minutes without the use of brute-force or dictionary based attacks in a paper titled
Practical attacks against WEP and WPA

From: dl.aircrack-ng.org

In this paper, we describe two attacks on IEEE 802.11 based wireless
LANs[2]. The first attack is an improved key recovery attack on WEP,
which reduces the average number of packets an attacker has to intercept
to recover the secret key. The second attack is (according to our know-
ledge) the fi rst practical attack on WPA secured wireless networks, besides
launching a dictionary attack when a weak pre shared key (PSK) is used.
The attack works if the network is using TKIP to encrypt the traffic. An
attacker, who has about 12-15 minutes access to the network is then able
to decrypt an ARP request or response and send 7 packets with custom
content to network.

See the full paper at dl.aircrack-ng.org

Post a comment

Comments (0)

View Printable Version

Lantopolog

Friday, October 31 2008 @ 12:53 PM EDT

Views: 1,143

SoftwareLanTopolog is a freeware application that provides physical network topology discovery, visualization and monitoring.

- Automatic physical network topology discovery based on SNMP
- Provide detailed and searchable physical network topology map so
you can quickly isolate network connectivity failures
- Topology views show which network devices are connected to each
switch port; port connections are labeled with port numbers
- Ability to auto-discovery new devices at they are added to your network
- LanTopolog also includes network monitoring tools
- Monitoring device's state (active/inactive) in real-time using ICMP
- Generating alarms when there are failures in the network.
- E-mail alerts notifying
- Web browser-based access from anywhere in the network

See more at http://lantopolog.googlepages.com/

Post a comment

Comments (0)

First | Previous | 1 2 3 4 5 6 7 8 9 10 | Next | Last

Google News - Tech

Slashdot

Kuro5hin

The Register

OSNews
 Copyright © 2008 Topsight.net
 All trademarks and copyrights on this page are owned by their respective owners. 		Powered By Geeklog 
Created this page in 0.18 seconds