Security - We will get there

As I keep monitoring couple of security lists so I noticed last week spamassassin, one of the software used in qmailtoaster package for defending spam has vulnerability which could be exploited by attackers to execute arbitrary commands. As I use qmailtoaster for my email server so I decided to upgrade it to 3.1.3. Then I emailed the source RPM to both Mr. Nick Hemmesch and Mr. Erik A. Espinoza

It's a small thing but both of them are so kind to give me the credit for this upgrade. Thanks, guys.

Microsoft used to think it will be secure if you take care of personal firewall,auto update and anti virus. :-) So they have these three categories in their security center. Microsoft can now provide personal firewall and auto update built into the windows distribution and left the space a little bit for those anti virus vendors. Microsoft also provide anti spyware tool which is now called "Windows Defender". The newer formal release of Windows Defender is to come but the beta version shows some comfort for me. It's basically the old anti spyware plus a software explorer. The software explorer can show Startup programs, Currently running programs, Network-connected programs and Winsock service providers. It's handy to put them together and you can remove/disable the unwanted items or end processes.

When I did my check with Windows Denfender, I noticed the VNC program is still listenning over port 5800 and 5900 from the Network-connected programs category. I thought it shouldn't be there as I always turn off the little TightVNC icon show up in system tray. So I launched the service manager and found the VNC service was there up and running. I had run a VA scanner against this pc before but didn't find these ports as my windows firewall silently dropped the incoming request. But there will be problem definitely if I happen to turn the firewall off. So I turned it off and disabled the service to make sure it will no longer startup by itself. This is a good example that a handy tool can help you busy techies.

Overall, it's nice to have Windows Defender. Plus the three categories in security center, you should have pretty good coverage for Windows XP security.

It's called "Bart's Preinstalled Environment (BartPE) bootable live windows CD/DVD" but it's actually a tool to create live cd out of your windows xp installation files. The native NTFS support and live cd approach make it a best candidate to do virus cleaning, rescure files etc.
The created basic live system is a little bit too simple but the tool give you the power to add applications by plugin into this live cd so it's really up to you to extend the usage of your live cd.

There are a lot plugin repositories available with applications from hard disk partitioning to wireless hacking. So you can create a Anti-Virus/Spyware, Rescure CD as well as a network security cd.
I created one live xp with firefox, explor2fs and putty. Good enough for my daily work.

Tips: You need to enable "RpcSS needs to launch DComLaunch Service first - SP2 only" in plugin, otherwise disk management will not work.

The VMC file is XML file contains all the config info. I noticed this by trying to figure out why the share folder is not working then found out you have to setup the folder share when the vm is running. :-)

What a mistake I had.

BTW, my colleague just showed me how to  use VPN to get around the split tunneling control in one physical machine. He uses a vm to connect vpn which has split tunneling control so he can still use the host machine to do things as he wants. He can also transfer files between his host to the machines in the tunnel using this folder sharing provided by VPC. Smart. Remind me I have done this similar thing before for another vpn client software.