Home Private Messages Search
   Toggle Content Content Menu

 Clenched Fist Hall of Honor
 Guild Policy
 Time Converter

   Toggle Content CPG Main Menu
 Home Guild Forums News Search Projects Community Members options Web


   Toggle Content User Info

Welcome Anonymous

Security CodeSecurity Code
Type Code

Latest: Honore1
New Today: 0
New Yesterday: 0
Overall: 132

People Online:
Members: 0
Visitors: 155
Total: 155
Who Is Where:
01: Calendar
02: Calendar
03: Calendar
04: Calendar
05: Calendar
06: Calendar
07: Calendar
08: Calendar
09: Calendar
10: Calendar
11: Calendar
12: Calendar
13: Calendar
14: Calendar
15: Calendar
16: Calendar
17: Calendar
18: Calendar
19: Calendar
20: Calendar
21: Calendar
22: Calendar
23: Calendar
24: Calendar
25: Calendar
26: Calendar
27: Calendar
28: Calendar
29: Calendar
30: Calendar
31: Calendar
32: Calendar
33: Calendar
34: Calendar
35: Calendar
36: Calendar
37: Calendar
38: Calendar
39: Calendar
40: Calendar
41: Calendar
42: Calendar
43: Calendar
44: Calendar
45: Calendar
46: Content
47: Calendar
48: Calendar
49: Calendar
50: Calendar
51: Calendar
52: Calendar
53: Calendar
54: Calendar
55: Calendar
56: Calendar
57: Calendar
58: News
59: Calendar
60: Calendar
61: Calendar
62: Calendar
63: Calendar
64: Calendar
65: Calendar
66: Calendar
67: Calendar
68: Calendar
69: Calendar
70: Calendar
71: Calendar
72: Calendar
73: Calendar
74: Calendar
75: Calendar
76: Calendar
77: Calendar
78: Calendar
79: Calendar
80: Calendar
81: Calendar
82: Calendar
83: Calendar
84: Calendar
85: Calendar
86: Calendar
87: Calendar
88: Calendar
89: Calendar
90: Calendar
91: Community Forums
92: Calendar
93: Calendar
94: Calendar
95: Calendar
96: Calendar
97: Calendar
98: Calendar
99: Calendar
100: Calendar
101: Calendar
102: Calendar
103: Calendar
104: Calendar
105: Calendar
106: Calendar
107: Calendar
108: Calendar
109: Calendar
110: Calendar
111: Calendar
112: Calendar
113: Calendar
114: Calendar
115: Calendar
116: Calendar
117: Calendar
118: Calendar
119: Calendar
120: Calendar
121: Calendar
122: Calendar
123: Calendar
124: Calendar
125: Calendar
126: Calendar
127: Calendar
128: Calendar
129: Calendar
130: Calendar
131: Calendar
132: Calendar
133: Calendar
134: Calendar
135: Calendar
136: Calendar
137: Calendar
138: Calendar
139: Calendar
140: News
141: Calendar
142: Calendar
143: Calendar
144: Calendar
145: Calendar
146: Calendar
147: Calendar
148: Calendar
149: Calendar
150: Calendar
151: Calendar
152: Calendar
153: Calendar
154: Calendar
155: Calendar

Staff Online:

No staff members are online!


Clenched Fist: Security

Search on This Topic:   
[ Go to Home | Select a New Topic ]

 DEFCON 18 Opens!

Security DEF CON is one of the oldest continuous running hacker conventions around, and also one of the largest.

Many of the attendees at DEF CON include computer security professionals, journalists, lawyers, federal government employees, crackers, and hackers with a general interest in computer code and computer architecture. The event consists of several tracks of speakers about computer- and hacking-related subjects, as well as social events and contests in everything from creating the longest Wi-Fi connection and cracking computer systems to who can most effectively cool a beer in the Nevada heat.

DEF CON 18 will happen July 30th - August 1, 2010 at the Riviera Hotel & Casino. Admission is $140 USD at the door (no pre-registration available).
Printer Friendly PageScore: 0
Posted by Tessil Thursday, July 29, 2010 (03:00:00)

 Windows WMF Vulnerability

Security A serious new remotely exploitable vulnerability has been discovered in Microsoft Windows' image processing code.


This exploit can be triggered by a malicious Windows Metafile (WMF) image, regardless of the image extension (e.g. .gif, .jpg, .png etc) in any program (e.g. Firefox, Opera, MSN Messenger, IrfanView, MS Office, previewing the image in Windows, indexing by Google Desktop - everything is affected).

All versions of Windows from Windows 98 through ME, NT, 2000, XP, and 2003 are known to be vulnerable, and a large and rapidly growing number of malicious exploits (57 at last count) are already circulating in the wild. They are being actively used to install malware and Trojans into user's machines. Viruses and worms are expected to appear shortly.

Although NOT a complete solution, Microsoft has recommended temporarily disabling the automatic display of some images by the operating system and web browser. This can be done, as detailed below, by "unregistering" the "SHIMGVW.DLL" Windows DLL. THIS IS NOT A COMPLETE SOLUTION, but it significantly lowers the risk from this vulnerability from web surfing.

Steve Gibson has provided additional details and a fix on his security blog at www.grc.com/sn/notes-020.htm. Note that Ilfak Guilfanov's WMF patch has been superceeded by the release of the official Microsoft patch via Windows Update on January 5th (ahead of the scheduled date of January 10th).

There is a Microsoft Security Advisory, Slashdot Article, and an article on Google News discussing the vulnerability.

UPDATE: Currently no patch is available for Windows 95, 98, and ME; however, GRC has committed to providing a solution for those users should Microsoft fail to provide one. Users of those operating systems should check Steve Gibson's blog at the link provided above.

UPDATE2: Two new Metafile bugs have been found, just a week after the patching of previous critical WMF issues. These bugs are not addressed by MS06-001. Microsoft is currently classing the new problems as "performance issues" and that they do not allow an attacker to run code or crash the operating system (but may cause the WMF application to crash).
Printer Friendly PageScore: 0
Posted by Tessil Wednesday, January 04, 2006 (14:45:02)

 Sony DRM Rootkit: More Sordid Details

Security a Finnish researcher named Muzzy noticed a vulnerability in the web-based uninstaller that Sony offers to users who want to remove the First4Internet XCP copy protection software. For affected users, this represents a far greater security risk than even the original Sony rootkit.

The consequences of the flaw are severe. It allows any web page you visit to download, install, and run any code it likes on your computer. Any web page can seize control of your computer; then it can do anything it likes. That's about as serious as a security flaw can get.

The root of the problem is a serious design flaw in Sony's web-based uninstaller. When you first fill out Sony's form to request a copy of the uninstaller, the request form downloads and installs a program - an ActiveX control created by the DRM vendor, First4Internet - called CodeSupport. CodeSupport remains on your system after you leave Sony's site, and it is marked as safe for scripting, so any web page can ask CodeSupport to do things. One thing CodeSupport can be told to do is download and install code from an Internet site. Unfortunately, CodeSupport doesn't verify that the downloaded code actually came from Sony or First4Internet. This means any web page can make CodeSupport download and install code from any URL without asking the user's permission.

USA Today reports that Sony will recall the affected CDs. Discs in the supply chain will not be sold, and customers who have already bought discs will be able to exchange them.
Printer Friendly PageScore: 0
Posted by Tessil Monday, November 21, 2005 (13:33:29)

 Sony BMG - Too Little, Too Late...

Security Sony has offered a sort of "fix" for the DRM rootkit that was discovered by Mark Russinovich over at Sysinternals on his recently-purchased Get Right with the Man (the name is ironic under the circumstances) CD by the Van Zant brothers. The new DRM scheme has been widely reported on Slashdot, C|Net, PC Pro, The Inquirier, The Register, and The Washington Post.

Leo Laporte also interviewed Steve Gibson from GRC.com details and consequences of Sony Corporation's alarming "Rootkit" DRM (digital rights management) copy protection scheme.

"November 2, 2005 - This Service Pack removes the cloaking technology component that has been recently discussed in a number of articles published regarding the XCP Technology used on SONY BMG content protected CDs. This component is not malicious and does not compromise security. However to alleviate any concerns that users may have about the program posing potential security vulnerabilities, this update has been released to enable users to remove this component from their computers."

The updates site initially prompts the user to install an ActiveX control which detects if there is an XCP - Aurora installation and then selects the most appropriate update. To remove this activeX control simply open the folder "%SYSTEMROOT%\downloaded program files" (On a windows XP computer with a default installation the %SYSTEMROOT% folder will be "C:\Windows") and delete the file "codesupport.ocx".

When the activeX control has been installed the Updates Site will display one of two screens. The updates site will either inform you that it cannot find an XCP installation or it will offer the download of Service Pack 2. [Ed: Note that in this case Service Pack 2 refers to XCP, it's not related to the Microsoft Service Packs.] In addition to removing the cloaking, Service Pack 2 includes all fixes from the earlier Service Pack 1 update. "In order to ensure a secure installation," Service Pack 2 includes the newest version of all DRM components.

Be warned, the patch does not remove the DRM software, it merely updates it and removes the cloaking feature.

Instead of using the "uninstaller" (which uninstalls nothing), users can perform a safe decloaking by opening the Run dialog from the Start menu, entering "sc delete $sys$aries", and then rebooting. This sequence deletes the driver from the Windows Registry so that even though its image is still present on disk, the I/O system will not load it during subsequent boots.
Printer Friendly PageScore: 0
Posted by Tessil Thursday, November 03, 2005 (12:45:47)

 Norton Windows Management Instrumentation (WMI) Update Available

Security The Norton Windows Management Instrumentation (WMI) Update is now available through Symantec's LiveUpdate content distribution feature.

The update requires running LiveUpdate twice (once to update LiveUpdate, and once to add the WMI feature). After the second time that you run LiveUpdate, the Windows Security Center will accurately read Norton AntiVirus and Norton Personal Firewall as ON.

More information is available at the Symantec Windows XP Service Pack 2 information center.
Printer Friendly PageScore: 0
Posted by Admin Wednesday, August 11, 2004 (18:11:34)

   Toggle Content Guild Wall of Fame
Guild Name:
 Clenched Fist
Guild Level: 130
Guild Status: N/A
Total Characters: 190
Unique Members: 33
Average Adv. Level: 80
Average Art. Level: 45

Date Formed:
 Wed, 12 Jan 2005 21:31:00
Average Quests Completed: 231
Total Rares Harvested: 4,633
Total Items Crafted: 608,635

Highest Guild Status Contributor:
 Tulvarus (44,262,577)
Most Quests Complete:
 Tulvarus (6,203)
Most Collections Complete:
 Toukai (927)
Highest Max Melee Hit:
 Tulvarus (2,125,406,123)
Highest Max Magic Hit:
 Jerrad (2,136,515,421)
Most rares collected:
 Tulvarus (1,421)
Most items crafted:
 Tulvarus (488,607)
Longest Time Played:
 Tulvarus (2 years 1 week 8 hours 34 minutes 53 seconds)

Class Breakdown:
  • Fighter: 11
    • Berserker: 2
    • Guardian: 3
    • Bruiser: 1
    • Monk: 3
    • Paladin: 2
    • Shadow Knight: 0
  • Priest: 8
    • Templar: 1
    • Inquisitor: 3
    • Warden: 1
    • Fury: 1
    • Defiler: 0
    • Mystic: 2
  • Mage: 9
    • Warlock: 2
    • Wizard: 3
    • Illusionist: 1
    • Coercer: 0
    • Necromancer: 1
    • Conjuror: 2
  • Scout: 12
    • Brigand: 0
    • Swashbuckler: 0
    • Dirge: 2
    • Troubador: 3
    • Assassin: 2
    • Ranger: 3
    • Beastlord: 2

Trades Breakdown:
  • Craftsman: 11
    • Craftsman: 1
    • Provisioner: 4
    • Woodworker: 2
    • Carpenter: 4
  • Outfitter: 6
    • Outfitter: 1
    • Armorer: 2
    • Weaponsmith: 2
    • Tailor: 1
  • Scholar: 8
    • Scholar: 0
    • Jeweler: 3
    • Sage: 2
    • Alchemist: 3

   Toggle Content Forums Last Posts
Last 10 Forum Messages
 MC Lars - "Dragon Blood"
Last post by Tessil in The Forum on Sep 17, 2015 at 21:46:44

 [Workaround] Double/Ghost Image in Tranquil Sea
Last post by Tessil in The Forum on Nov 24, 2014 at 00:07:53

 Everquest2 VS Cat
Last post by Diatomic in The Forum on Mar 31, 2014 at 22:31:49

 TOV Armor comparison
Last post by bordorg in The Forum on Feb 23, 2014 at 22:05:55

 SOE LIVE 2013 Tulvarus
Last post by Tulvarus in The Forum on Jul 29, 2013 at 22:15:58

 LON Packs February 2013
Last post by Tulvarus in The Forum on Feb 02, 2013 at 23:20:27

 SOE LIVE 2013
Last post by Tulvarus in The Forum on Feb 02, 2013 at 23:18:47

 Moving in to a House
Last post by Tessil in The Forum on Aug 12, 2012 at 03:03:06

 Computer Opinion
Last post by Tulvarus in The Forum on Dec 02, 2011 at 21:01:05

Last post by Tulvarus in The Forum on Nov 06, 2011 at 13:38:26

   Toggle Content Coming Events
There are no events scheduled in the next 10 days.

   Toggle Content Useful Links
The Dragons Armory - Character analysis
The EQ2 Wire - Breaking News and Commentary
EQ2i - The EverQuest II Wiki
EQ2U - Live Game and Character Data
EQ2Interface - User Interface Mods and Add-ins

Adornment Calculator
Guide to Velious Armor

EQ2 Decorators
EQ2 Traders
Everseek - Furniture and House Items

   Toggle Content Information

CPG Dragonfly CMS

Powered by GNU

Powered by Apache

Powered by PHP

Protected by Suhosin

Powered by MySQL



Valid CSS! Valid XHTML 1.0!
The logos and trademarks used on this site are the property of their respective owners.
We are not responsible for content posted by our users, the individual user assumes full responsibilty.
You can syndicate our news using the file news.php (RSS 0.91), or news2.php (RSS 2.0).

Interactive software released under GNU GPL, Code Credits, Privacy Policy