MUNG

mashuntilnogoodmashuntilnogoodmashuntilnogoodmashuntilnogoodmashuntilnogoodmashuntilnogoodmashuntilnogood

Thursday, December 29, 2005

WMF Exploit. Update #2.

More on this delightful exploit, from the horses ... mouth.

http://www.microsoft.com/technet/security/advisory/912840.mspx

Snort sigs if you're interested:

Bleeding Snort Sigs

posted by Joe Williams @ 1:15 PM   0 comments

Wednesday, December 28, 2005

IRC Channel.

If you do the whole IRC thing (idle or otherwise) check out: irc.duffsnetwork.org channel #MUNG. It's where all the cool kids be. Also, DuFFs is coming back from the dead. So be on the look out for the website and the IRC server to fill out. Give 'em some support.

DuFFs

posted by Joe Williams @ 10:03 PM   0 comments

WMF Exploit. Update #1.

A workaround just in case:

http://sunbeltblog.blogspot.com/2005/12/workaround-for-wmf-exploit.html
http://blogs.washingtonpost.com/securityfix/2005/12/exploit_release.html

posted by Joe Williams @ 5:32 PM   0 comments

WMF Exploit.

There is a really bad Windows exploit floating around the net, so be very carefull when attempted to download anything with a WMF file extension. Or just get a Mac or run *nix. :)


Info:

http://www.frsirt.com/english/advisories/2005/3086
http://isc.sans.org/diary.php?storyid=975 (includes link to video of it happening)
http://isc.sans.org/diary.php?storyid=972
http://www.f-secure.com/weblog/archives/archive-122005.html#00000753
http://www.f-secure.com/weblog/archives/archive-122005.html#00000752



If you are interested in learning hands on about how it works it's available through the Metasploit Framework on my server aerial.mine.nu. Email me: joe at 621 dot org for a SSH account.

Info:

http://metasploit.com/projects/Framework/exploits.html#ie_xp_pfv_metafile

posted by Joe Williams @ 1:06 PM   0 comments

Monday, December 19, 2005

Routing Protocol Comparison.

Here is a paper I wrote a while back on routing protocols, their job and different qualities.

Routing Protocols: A Comparative Analysis

I hope you enjoy.

posted by Joe Williams @ 6:41 PM   0 comments

Sunday, December 18, 2005

New Toy.


img_0710
Originally uploaded by zeusfaber.
With some of the early Christmas money I received I got this beast. It's a Pioneer portable XM radio. It's pretty sweet. I will post more about it later once I get the entire lowdown on it and hopefully find some hacks for it. Ahhrrrrr, I'm a pirate matey.

posted by Joe Williams @ 9:43 PM   0 comments

Thursday, December 15, 2005

Quicktime 7 w/o iTunes

Many a day do I have to help those in need upgrading to Quicktime 7 for viewing presentations, and def trailers and so forth. However, Apple makes it very difficult to find the "standalone" installer unless you do some detective work or simply google it. So as it come as a relief to many of my friends and colleagues, I present to you the Quicktime 7 installer w/o itunes.

Direct Link
Web Page
19.1 mb's

posted by Guicho @ 6:20 PM   0 comments

Monday, December 12, 2005

Rename file script.

This might come in handy for some of you Unix/Linux people out there. It adds a string to the name of a file before the file extension. Great for renaming tons of files in a similar manner. There is probably a better way to do it but this works well for me.

echo "Enter Name Addition: "
read newadd

for file in *
do
filename=`echo $file | awk 'BEGIN {RS="."} {print $0}'`
filename2=`echo $filename | awk '{print $1}'`
newname=`echo $file | sed -e 's/'"$filename2"'/'"$filename2-$newadd"'/g'`
mv $file $newname
done

posted by Joe Williams @ 3:24 PM   2 comments

Wednesday, December 07, 2005

JVM Performance Comparison.

Java is everywhere these days, cell phones, servers and our desktops all use it to some extent. One thing a lot of people over look is the JVM and its effects on performance of your applications. While for small devices and desktops the choice is limited, usually either proprietary or Sun, servers have more flexability. Two of the most popular across all uses and platforms are Sun "Hot Spot" and BEA JRockit. Here I put these two head to head, while my tests are not all encompasing I think they will give a rough idea about how these two run in a "normal developer desktop" environment. The desktop and server tests I performed focused on memory footprint. The compilation test I ran focuses on CPU usage.


Test Box:
AMD Athlon XP 3000+ (400 FSB)
1GB PC3200 SDRAM
MSI nForce 2 400 Ultra Motherboard
Western Digital 80GB SE Hard Drive
Debian Sarge (Unstable) Kernel 2.6.14

Desktop Tests:

Azureus Bittorrent Client 2.3.0.6
* No torrents running

Eclipse IDE 3.1.1 Build M20050929-0840
* One project open with 3 Java sources

Server Test:

Atlassian Confluence 2.0.1 Build 321 (standalone)
* Uses Tomcat 4.1.27
* One user, two spaces created

Compilation Test:

Java Performance Test 1.0
* http://www.jole.fi/JavaPerformanceTest/
* Runs a Ant Build
* Apache Ant 1.6.2

_________________________________________

Sun Java "HotSpot"

java version "1.5.0_06"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_06-b05)
Java HotSpot(TM) Client VM (build 1.5.0_06-b05, mixed mode, sharing)


Azureus:

Memory:
Virtual (Swap + Res): 369m Resident (Code + Data): 54m Shared: 23m


Eclipse IDE:

Memory:
508m 94m 30m


Confluence:

Memory:
488m 190m 19m


Java Performance Test 1.0

Build Time: 20 Seconds

_________________________________________

BEA JRockit

Version:
java version "1.5.0_03"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_03-b07)
BEA JRockit(R) (build dra-45238-20050523-2008-linux-ia32, R25.2.0-28)


Azureus:

Memory:
Virtual (Swap + Res): 202m Resident (Code + Data): 74m Shared: 6692k


Eclipse:

Memory:
366m 135m 6880k


Confluence:

Memory:
364m 224m 1748k


Java Performance Test 1.0

Build Time: 24 seconds


_________________________________________

Conclusion:

It seems that in the memory usage department JRockit comes out fairly far ahead, but for the more CPU intensive compilation test Sun has a lead. As I said before this not by any means an all inclusive test, just more of an example of the system footprint I experienced. In all cases there are more things at work than just the JVM. The code, application server, CPU (AMD, Intel, x86, x86-64), even down to the version of Ant will all make a difference in these numbers.


More info:
J2EE Application Server Comparison

BEA vs. Sun JVM Article

A Sun Engineer's Blog and Comparison

posted by Joe Williams @ 11:23 PM   0 comments

Tuesday, December 06, 2005

Oscarbot, The Cool Aim Virus

Being in College there are bound to be plenty of people who contract a virus or two.
But nothing as cool as the "Check This Out" Virus
It's a pretty neatly devised trojan that writes a script for each aim user account logged on the computer that sends random messages (They are sent without your knowledge) with a link tag that spreads the same virus around and around.
The main virus or trojan, "conime.exe" sends information back to it's host which may include email addresses, passwords, or other private information. Many Aim Accounts have been hijacked and taken over because of this sly little virus.

Now if you want to get rid of this pest update your McAfee or Symantec Definitions.
Although these sites give you convenient instructions on how to remove the virus I found a much easier way to do this thanks to a fellow named Jay. He made a simple program that searches for the most common forms of the virus and then quarantines them to the desktop and cleans out your registry and aim scripts.

Here is the awesome website that provides the link for download and simple instructions.
So next time you see the words "Check out This Pic" on aim make sure not to click it as you'll probably be getting a virus and not your girlfriends hawt pix.

posted by Guicho @ 12:34 AM   1 comments