Home Private Messages Search
   Toggle Content Content Menu

 Clenched Fist Hall of Honor
 Guild Policy
 Time Converter

   Toggle Content CPG Main Menu
 Home Guild Forums News Search Projects Community Members options Web

   Toggle Content User Info

Welcome Anonymous

User Name

Latest: Honore1
New Today: 0
New Yesterday: 0
Overall: 132

People Online:
Members: 0
Visitors: 49
Total: 49
Who Is Where:
01: Calendar
02: Calendar
03: Calendar
04: Calendar
05: Calendar
06: Calendar
07: Calendar
08: Calendar
09: Calendar
10: Calendar
11: Home
12: Calendar
13: Calendar
14: Calendar
15: Calendar
16: Calendar
17: Calendar
18: Calendar
19: Calendar
20: Calendar
21: Calendar
22: Calendar
23: Calendar
24: Calendar
25: Calendar
26: Calendar
27: Calendar
28: Calendar
29: Calendar
30: Calendar
31: Calendar
32: Calendar
33: Calendar
34: Calendar
35: Calendar
36: Calendar
37: Calendar
38: Calendar
39: Calendar
40: Calendar
41: Calendar
42: Calendar
43: Calendar
44: Calendar
45: Calendar
46: Calendar
47: Calendar
48: Calendar
49: News

Staff Online:

No staff members are online!


Clenched Fist: Security

Search on This Topic:   
[ Go to Home | Select a New Topic ]

 DEFCON 18 Opens!

Security DEF CON is one of the oldest continuous running hacker conventions around, and also one of the largest.

Many of the attendees at DEF CON include computer security professionals, journalists, lawyers, federal government employees, crackers, and hackers with a general interest in computer code and computer architecture. The event consists of several tracks of speakers about computer- and hacking-related subjects, as well as social events and contests in everything from creating the longest Wi-Fi connection and cracking computer systems to who can most effectively cool a beer in the Nevada heat.

DEF CON 18 will happen July 30th - August 1, 2010 at the Riviera Hotel & Casino. Admission is $140 USD at the door (no pre-registration available).
Printer Friendly PageScore: 0
Posted by Tessil Thursday, July 29, 2010 (03:00:00)

 Windows WMF Vulnerability

Security A serious new remotely exploitable vulnerability has been discovered in Microsoft Windows' image processing code.


This exploit can be triggered by a malicious Windows Metafile (WMF) image, regardless of the image extension (e.g. .gif, .jpg, .png etc) in any program (e.g. Firefox, Opera, MSN Messenger, IrfanView, MS Office, previewing the image in Windows, indexing by Google Desktop - everything is affected).

All versions of Windows from Windows 98 through ME, NT, 2000, XP, and 2003 are known to be vulnerable, and a large and rapidly growing number of malicious exploits (57 at last count) are already circulating in the wild. They are being actively used to install malware and Trojans into user's machines. Viruses and worms are expected to appear shortly.

Although NOT a complete solution, Microsoft has recommended temporarily disabling the automatic display of some images by the operating system and web browser. This can be done, as detailed below, by "unregistering" the "SHIMGVW.DLL" Windows DLL. THIS IS NOT A COMPLETE SOLUTION, but it significantly lowers the risk from this vulnerability from web surfing.

Steve Gibson has provided additional details and a fix on his security blog at www.grc.com/sn/notes-020.htm. Note that Ilfak Guilfanov's WMF patch has been superceeded by the release of the official Microsoft patch via Windows Update on January 5th (ahead of the scheduled date of January 10th).

There is a Microsoft Security Advisory, Slashdot Article, and an article on Google News discussing the vulnerability.

UPDATE: Currently no patch is available for Windows 95, 98, and ME; however, GRC has committed to providing a solution for those users should Microsoft fail to provide one. Users of those operating systems should check Steve Gibson's blog at the link provided above.

UPDATE2: Two new Metafile bugs have been found, just a week after the patching of previous critical WMF issues. These bugs are not addressed by MS06-001. Microsoft is currently classing the new problems as "performance issues" and that they do not allow an attacker to run code or crash the operating system (but may cause the WMF application to crash).
Printer Friendly PageScore: 0
Posted by Tessil Wednesday, January 04, 2006 (14:45:02)

 Sony DRM Rootkit: More Sordid Details

Security a Finnish researcher named Muzzy noticed a vulnerability in the web-based uninstaller that Sony offers to users who want to remove the First4Internet XCP copy protection software. For affected users, this represents a far greater security risk than even the original Sony rootkit.

The consequences of the flaw are severe. It allows any web page you visit to download, install, and run any code it likes on your computer. Any web page can seize control of your computer; then it can do anything it likes. That's about as serious as a security flaw can get.

The root of the problem is a serious design flaw in Sony's web-based uninstaller. When you first fill out Sony's form to request a copy of the uninstaller, the request form downloads and installs a program - an ActiveX control created by the DRM vendor, First4Internet - called CodeSupport. CodeSupport remains on your system after you leave Sony's site, and it is marked as safe for scripting, so any web page can ask CodeSupport to do things. One thing CodeSupport can be told to do is download and install code from an Internet site. Unfortunately, CodeSupport doesn't verify that the downloaded code actually came from Sony or First4Internet. This means any web page can make CodeSupport download and install code from any URL without asking the user's permission.

USA Today reports that Sony will recall the affected CDs. Discs in the supply chain will not be sold, and customers who have already bought discs will be able to exchange them.
Printer Friendly PageScore: 0
Posted by Tessil Monday, November 21, 2005 (13:33:29)

 Sony BMG - Too Little, Too Late...

Security Sony has offered a sort of "fix" for the DRM rootkit that was discovered by Mark Russinovich over at Sysinternals on his recently-purchased Get Right with the Man (the name is ironic under the circumstances) CD by the Van Zant brothers. The new DRM scheme has been widely reported on Slashdot, C|Net, PC Pro, The Inquirier, The Register, and The Washington Post.

Leo Laporte also interviewed Steve Gibson from GRC.com details and consequences of Sony Corporation's alarming "Rootkit" DRM (digital rights management) copy protection scheme.

"November 2, 2005 - This Service Pack removes the cloaking technology component that has been recently discussed in a number of articles published regarding the XCP Technology used on SONY BMG content protected CDs. This component is not malicious and does not compromise security. However to alleviate any concerns that users may have about the program posing potential security vulnerabilities, this update has been released to enable users to remove this component from their computers."

The updates site initially prompts the user to install an ActiveX control which detects if there is an XCP - Aurora installation and then selects the most appropriate update. To remove this activeX control simply open the folder "%SYSTEMROOT%\downloaded program files" (On a windows XP computer with a default installation the %SYSTEMROOT% folder will be "C:\Windows") and delete the file "codesupport.ocx".

When the activeX control has been installed the Updates Site will display one of two screens. The updates site will either inform you that it cannot find an XCP installation or it will offer the download of Service Pack 2. [Ed: Note that in this case Service Pack 2 refers to XCP, it's not related to the Microsoft Service Packs.] In addition to removing the cloaking, Service Pack 2 includes all fixes from the earlier Service Pack 1 update. "In order to ensure a secure installation," Service Pack 2 includes the newest version of all DRM components.

Be warned, the patch does not remove the DRM software, it merely updates it and removes the cloaking feature.

Instead of using the "uninstaller" (which uninstalls nothing), users can perform a safe decloaking by opening the Run dialog from the Start menu, entering "sc delete $sys$aries", and then rebooting. This sequence deletes the driver from the Windows Registry so that even though its image is still present on disk, the I/O system will not load it during subsequent boots.
Printer Friendly PageScore: 0
Posted by Tessil Thursday, November 03, 2005 (12:45:47)

 Norton Windows Management Instrumentation (WMI) Update Available

Security The Norton Windows Management Instrumentation (WMI) Update is now available through Symantec's LiveUpdate content distribution feature.

The update requires running LiveUpdate twice (once to update LiveUpdate, and once to add the WMI feature). After the second time that you run LiveUpdate, the Windows Security Center will accurately read Norton AntiVirus and Norton Personal Firewall as ON.

More information is available at the Symantec Windows XP Service Pack 2 information center.
Printer Friendly PageScore: 0
Posted by Admin Wednesday, August 11, 2004 (18:11:34)

   Toggle Content Guild Wall of Fame
Guild Name:
 Clenched Fist
Guild Level: 140
Total Characters: 74
Average Adv. Level: 70
Average Art. Level: 33

Date Formed:
 Wed, 12 Jan 2005 21:31:00
Average Quests Completed: 683
Total Rares Harvested: 14,187
Total Items Crafted: 664,495

Highest Guild Status Contributor:
 Tulvarus (103,495,334)
Most Quests Complete:
 Tulvarus (6,586)
Most Collections Complete:
 Toukai (1,249)
Highest Max Melee Hit:
 Tulvarus (24,571,024,834)
Highest Max Magic Hit:
 Tulvarus (81,148,608,372)
Most rares collected:
 Tulvarus (8,985)
Most items crafted:
 Tulvarus (534,032)
Longest Time Played:
 Tulvarus (2 years 5 months 5 days 9 hours 57 minutes)

Class Breakdown:
  • Fighter: 17
    • Berserker: 5
    • Guardian: 3
    • Bruiser: 2
    • Monk: 3
    • Paladin: 4
    • Shadow Knight: 0
  • Priest: 17
    • Templar: 2
    • Inquisitor: 3
    • Warden: 2
    • Fury: 2
    • Defiler: 1
    • Mystic: 4
    • Channeler: 3
  • Mage: 18
    • Warlock: 3
    • Wizard: 4
    • Illusionist: 3
    • Coercer: 2
    • Necromancer: 3
    • Conjuror: 3
  • Scout: 19
    • Brigand: 2
    • Swashbuckler: 2
    • Dirge: 2
    • Troubador: 4
    • Assassin: 2
    • Ranger: 3
    • Beastlord: 4

Trades Breakdown:
  • Craftsman: 10
    • Craftsman: 0
    • Provisioner: 4
    • Woodworker: 2
    • Carpenter: 4
  • Outfitter: 6
    • Outfitter: 1
    • Armorer: 2
    • Weaponsmith: 2
    • Tailor: 1
  • Scholar: 10
    • Scholar: 0
    • Jeweler: 6
    • Sage: 1
    • Alchemist: 3

   Toggle Content Forums Last Posts
Last 10 Forum Messages
Last post by Tulvarus in The Forum on Dec 19, 2018 at 05:54:44

 MC Lars - "Dragon Blood"
Last post by Tessil in The Forum on Sep 17, 2015 at 21:46:44

 [Workaround] Double/Ghost Image in Tranquil Sea
Last post by Tessil in The Forum on Nov 24, 2014 at 00:07:53

 Everquest2 VS Cat
Last post by Diatomic in The Forum on Mar 31, 2014 at 22:31:49

 TOV Armor comparison
Last post by bordorg in The Forum on Feb 23, 2014 at 22:05:55

 SOE LIVE 2013 Tulvarus
Last post by Tulvarus in The Forum on Jul 29, 2013 at 22:15:58

 LON Packs February 2013
Last post by Tulvarus in The Forum on Feb 02, 2013 at 23:20:27

 SOE LIVE 2013
Last post by Tulvarus in The Forum on Feb 02, 2013 at 23:18:47

 Moving in to a House
Last post by Tessil in The Forum on Aug 12, 2012 at 03:03:06

 Computer Opinion
Last post by Tulvarus in The Forum on Dec 02, 2011 at 21:01:05

   Toggle Content Coming Events
July 2020
01 02 04
05 06 07 08 09 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30 31

Sat Jul 04, 2020
Event Independence Day

   Toggle Content Useful Links
The Dragons Armory - Character analysis
The EQ2 Wire - Breaking News and Commentary
EQ2i - The EverQuest II Wiki
EQ2U - Live Game and Character Data
EQ2Interface - User Interface Mods and Add-ins

Adornment Calculator
Guide to Velious Armor

EQ2 Decorators
EQ2 Traders
Everseek - Furniture and House Items

   Toggle Content Information

CPG Dragonfly CMS

Powered by GNU

Powered by Apache

Powered by PHP

Protected by Suhosin

Powered by MySQL



Valid CSS! Valid XHTML 1.0!
The logos and trademarks used on this site are the property of their respective owners.
We are not responsible for content posted by our users, the individual user assumes full responsibilty.
You can syndicate our news using the file news.php (RSS 0.91), or news2.php (RSS 2.0).

Interactive software released under GNU GPL, Code Credits, Privacy Policy