Thursday, February 27, 2003

Catweasel
Catweasel is a universal floppy disk controller that uses unmodified PC diskdrives. The Catweasel can handle nearly any disk format, you just have to find a drive for them. Normally, these drives are just 3.5 inch and 5.25 inch drives. PC floppy drives used to be known as being able to work with PC formatted disks only, but now you can access any of the disk formats listed further below.

Wednesday, February 26, 2003

CD Data Recovery
We are experts in recovery and repair of inaccessible, unreadable or deleted data, files, pictures, documents, or AutoCad® drawings etc., from optical storage media such as: CD-ROM, CD-R, CD-RW, DVD-RAM, DVD-R/W, DVD+R/W, 3-inch Mini CD-R., (Used in Mavica® MVC-CD1000 digital cameras), Home Audio Recording CDs, Compact Flash ™(CF), Smart Media ™ (SSFDC), Sony® memory sticks and PCMCIA ATA Cards.

Tuesday, February 25, 2003

The SPAM-L FAQ - Tracking Spam
This section deals with the technical aspects of spam, like telling where it came from. Having a UNIX shell account will be extremely helpful as a lot of the utilities are native to UNIX; however, you can perform most of these functions with other operating systems using third-party (usually shareware) tools, unlike UNIX, which comes with many of the tools mentioned already installed.
Reading Email Headers
This document is intended to provide a comprehensive introduction to the behavior of email headers. It is primarily intended to help victims of unsolicited email ("email spam") attempting to determine the real source of the (generally forged) email that plagues them; it should also help in attempts to understand any other forged email. It may also be beneficial to readers interested in a general-purpose introduction to mail transfer on the Internet.
Disk Splicing
Forensic Disk Splicing for Law Enforcement is designed to teach disk splicing techniques to law enforcement personnel who are already trained in computer forensics. The course teaches how to reconstruct 3.5 inch and 5.25 inch diskettes that have been cut, segmented, bent, torn, melted and/or (in the case of 3.5 inch diskettes) removed from the disk hub and recover data from the diskette.
Frontline Test Equipment
Frontline Test Equipment, Inc. is the leading provider of PC-based data communication protocol analyzers in the world. Our products are used by engineers and technicians who develop, test, install, maintain, and repair equipment and instrumentation that is interconnected by a variety of communication technologies.
Currently available products include asynchronous serial data analyzers, synchronous serial data analyzers, Bit Error Rate Testers (BERT), Ethernet protocol analyzers, Industrial Automation and SCADA communication protocol analyzers, Bluetooth™ protocol analyzers and Intelligent Traffic System (NTCIP) protocol analyzers.

Sunday, February 23, 2003

Stupid Security
We've all been there. Standing for ages in a security line at an inconsequential office building only to be given a security pass that a high school student could have faked. Or being forced to take off our shoes at an airport that can't even screen its luggage.
If you thought the accounting profession was bad news, just wait till you hear how stupid the security industry has become. Even before 9/11 a whole army of bumbling amateurs has taken it upon themselves to figure out pointless, annoying, intrusive, illusory and just plain stupid measures to "protect" our security.
It's become a global menace. From the nightclub in Berlin that demands the home address of its patrons, to the phone company in Britain that won't let anyone pay more than fifty pounds a month from a bank account, the world has become infested with bumptious administrators competing to hinder or harass you. And often for no good reason whatever.
The sensitive and sensible folk at Privacy International have endured enough of this treatment. So until March 15th 2003 we are running an international competition to discover the world's most pointless, intrusive, stupid and self-serving security measures.
How to protect yourself from snooping software
Beware: tiny software apps called adware or spyware may be tracking your behavior online right now. Don't like that idea? Robert tells you the best--and cheapest--way to get rid of these pests.
Fighting the enemy within
Fortunately, there is an answer to the risk of social engineering and the threats posed by employee use of company machines. Security policy automation, an emerging security software concept, removes many security risks by implementing a security policy across enterprise systems and consistently auditing and monitoring systems for compliance.
Security of Email
A PDF document.
Decimalisation Table Attacks for PIN Cracking
Two Cambridge University researchers have discovered a new attack on the hardware security nodules employed by banks that makes it possible to retrieve customers' cash machine PINs in an average of 15 tries. The attack takes advantage of a weakness in the cryptographic model used by many HSMs to encrypt, store and retrieve PINs. The system, used by many ATMs, reads the customer's account number that is encoded on the magnetic strip of the ATM card. The software then encrypts the account number using a secret DES key. The ciphertext of the account number is then converted to hexadecimal and the first four digits of it are retained. Those digits are then put through a decimalization table, which converts them to a format that's usable on the ATM keypad. By manipulating the contents of this table, it's possible for an attacker to learn progressively more about the PIN with each guess. Using various schemes described in the paper, a knowledgeable attacker could discover as many as 7,000 PINs in a half hour, the authors say.