Jon's Network

Symantec announced that hackers have had the source code for remote access software pcAnywhere since 2006. It can’t be trusted until they issue a patch. Some organizations may be anxious to see how many of their machines have pcAnywhere installed. If you have an application aware firewall like Palo Alto Networks, you can see if there is pcAnywhere traffic on the network easily. To find out where it’s installed but not in use, most are probably using software like Altiris, Tivoli, etc.

One tool that can find pcAnywhere (or any software for that matter) is Tanium – and it can do it for you in 15 seconds. For example, you could ask a question looking for a file or registry key and the endpoints are directly queried and the responses come back in 15-30 seconds, even if the machines are scattered around the world.

It’s great for tiger teams doing incident response.

Tanium

Disclosure: Digital Scepter is a Tanium distributor and a Palo Alto Networks Platinum partner. That means if you’d like to learn more, you can hit me up at (888)299-3718 or by email.

M86 authenticator and web-based authentication should work fine side by side. If you are using web-based authentication ONLY for ipad/iOs devices, then use Tier2 instead of Tier3 as it does not include Java Applet. Instead they configure authentication session retention time in the filter i.e. keep profile active for 60 minutes once authenticated. In WFR 4.2, you will be allowed to select Tier 3 Web Based Authentication so PC/Macs running java can leverage the session based authentication, while iOS/Android devices will fall back to the Tier 2 setting.

Here’s what you need to know about WF Web Based Authentication:

http://www.screencast.com/t/6aNS7CNxOyi7

TinEye

TinEye is a reverse image search engine. You can submit an image to TinEye to find out where it came from, how it is being used, if modified versions of the image exist, or to find higher resolution versions. TinEye is the first image search engine on the web to use image identification technology rather than keywords, metadata or watermarks. It is free to use for non-commercial searching.

I use and highly recommend MacWise for connecting to network devices via a console on a Mac. The driver I had for the USB to Serial device I have stopped working after my recent upgrade to Lion. The following fix worked like a dream:

OS X Lion PL2303 Driver

This command can yield some interesting information:

find / -nouser -o -nogroup

Learned about it while playing with NeXpose today.

Protect your confidential files

This free tool lets you secure your data easily and quickly without any central infrastructure in place. Individuals and businesses alike can easily protect selected files for email communication without building up a back-end PKI infrastructure.

Quick and easy encryption for all your data

• Sophos Free Encryption creates password-protected encrypted archives so you can share confidential data quickly and easily. Create or extract a secure archive simply by a right clicking on a file in Windows Explorer.
• The tool integrates with most email applications to automatically create a new message with the selected encrypted archive already attached.
• Sophos Free Encryption’s integrated compression efficiently packs the archive, saving time and money in data transfer costs.
• Features like the password vault, self-extracting archives and scripting for process automation simplify handling data.
• When used in combination with Sophos’ flagship encryption product SafeGuard Enterprise, Sophos Free Encryption can use SafeGuard Enterprise’s keyring to handle passwords on archives.

For Windows users only.

Download Sophos Encryption Tool