Review of ROTSS Episode 2

I saw episode 2 of the ROTSS which is now called TWIT or This Week in Tech.  I think it is a great show.  It is like the Screen Savers to the 2nd power because you've got Leo Laporte, KRose, Patrick Norton, and Robert Heron (even Dovorak show up, kind of). 

I listened to the podcast right after seeing SystmSystm is great but it doesn't give me the feel of being the Screen Savers.  TWIT definitely delivered.  They talked about Hitch Hiker's Guide the the Galaxy, they talked about the trailer for Serinity.  They went tech and discussed Long Horn and OS X and some old formats that didn't work.  They talked about and  They even took a couple of audio emails.  I am impressed.  I will be surprised if no one picks these guys up to do another Screen Savers like show.  Unfortunately, the best candidate would be G4TV. 

You know I don't have anything bad to say about any of the tech show (Broken, Systm or TWIT).  I guess it would be like a starving man complaining about a cracker.  There is such a void on TV when it comes to actual tech.  Yet its the Information Age and our reliance on computers and the Internet continue to grow exponentially at scary proportions.  It will always amaze me that G4 did not take advantage of the existing market that was held by TechTv.  It has pushed us all completely on line to get the content we crave.  The original crew have really formed a bond with their viewers that is begining to approach Trekie level… o.k. maybe not that crazy.


p.s. thebroken kicks TWITS ASSSS!! They just need to get Leo Laporte on there.  Get Leo in some fly Pimp Gear, put a hoe on each arm and them let him school us on Mac hacking.  That would be the SHIZNIT!

Review of the Systm (the bittoreent)

I'm a huge fan of the old Screen Savers show.  I had recorded
all the last (and in my oppinion) the best Screen Savers shows that
featured the HILARIOUS Alex Albrech and Tech Talented Kevin Rose
The show was out of control.  I laughed out loud on every single
show.  I thought they'd finally established a groove and you could
feel it in the voice and reaction of the fans that were screamed in the
audience and callers. 

And then my wife erased all the files from my DVR which I planned on downloading and keeping forever… Why… Why, honey.

I eventually got over it.  But then out of the
blue G4, fired half the original crew and hired geek gamers
and gear whores from like three other shows.  WTF.  That
asian chick is kinda tasty [some kinda of freaky asian fetish I have]

but those other pukes
make me want to turn off the TV.  Kevin Pereira has become
the face of all things unholy.  For me he represents the end of
the Screen Savers.  I know its not his fault, but someone must
suffer for this atrocity.

What followed was scandalous.  They changed the whole format of the show and nuked Screen Savers
Attack of the Show was born.  It was like seeing Anakin Skywalker
get sedused by the darkside.  I felt betrayed.

But now there is a New Hope.  The first Systm show is pure, unforgiving, hardcore tech.  Kevin Rose and Dan Huard host the show in a smooth, effective rythm that leaves you hungry for more. 

In there first show they talk about WarSpying, something they
covered briefly on the Screen Savers.  These geeks actually tell
you how to create a hand held WarSpying device that you plug into
your car to drive around and pick up unencrypted Video feeds from CCTVs
in peoples homes and commercial establishments.  I will admit I
thought is was Geeked OUT!  But whenever people start breaking out
the soder sucker and microchips my eyes start glazing over. 
Electronics is TOTAL magic to me.  But the message is clear.. get
CCTV, home and commercial security cameras with built in

It was a good show.  Kevin once again shows his amazing skills
in producing quality, quality content leaning toward my one of my
favorite subjects, security.  If you are a fan of the old Screen
Savers and you're a TRUE geek you will love Systm. 

p.s. theBroken kicks Systms ASS, but I ain't one to gossip.. so you ain't heard that from me.


Security+ Authentication Methods Explained: Kerberos, CHAP, Certificates

Authentication and Crypto are two of the hardest subject for me.  So I've tried to break each one down in terms I can understand.  I've only gotten up the Certificates.  I'll finish the others soon.


1.2 Recognize and be able to differentiate and explain the following methods of authentication · Kerberos
· CHAP (Challenge Handshake Authentication Protocol)
· Certificates
Username / Password
· Tokens
· Multi-factor
· Mutual
· Biometrics


The following definitions are necessary to understand the different methods of



Authentication: Verification of person who created or sent the data and the integrity of the data.


Data Integrity:  Assurance (confidence) that the data created or sent by an authenticated person has not been corrupted and/or tampered with, data is in original form.


Principal: Authenticated person.


Peer: client or user trying to get authenticated


Verifier : server or application approving the principal.  CHAP term is “authenticator.”  These terms are used interchangeably.


Hackers tools make it very easy to “sniff” out passwords and logins over a network or computers and allow unauthorized programs or users to impersonate authorized users.  That is why authentication is so important to computer security.




Kerberos was created in the ’80 by MIT’s Athena Project.  Kerberos is a distributed application that works over a network.  A Kerberos client acts on behalf of the principal to authenticate with a verifier without exposing the users data to hacker tools.


The Kerberos client sends encrypted messages to the verifier.  These messages are time stamped and sent using Kerberos protocol.  Kerberos protocol is based on the Needham and Schroeder authentication protocol.  The current implementation of Kerberos uses Data Encryption Standard (DES).


CHAP (Challenge Handshake Authentication Protocol)


The CHAP authenticator (a.k.a verifier) randomly sends “challenge” message to the peer (a.k.a client, or user).  The responses with a value that calculated by running the “challenge” message through a one way hash function (using MD5).  The authenticator checks the message against its own calculations. 


CHAP replaces Password Authentication Protocol (PAP) which sends logins and passwords CLEAR TEXT over the network.  Upon initial connection between peer and authentication CHAP is used and maybe used over and over again as the authenticators sends random challenge messages.


The disadvantage is that the challenge message is sent in plain text allowing a hacker to possible capture the data and do a Man in the Middle attack.




Certificates are used a lot on web pages with a need for strong security.  Certificates are based on two or more people or groups using a trusted third party to confirm that each of the two parties are who they claim to be.  Certificates provide public-key infrastructure (PKI) solutions.  Certificates are provided by Certificate Authorities such as thawte and VeriSign.  These, and other Certificate Authorities, act as a third party issuing Private keys to organization, groups and/or persons and confirm the identities of by verifying the issued private key with a public key.  Usually Certificate Authorities us a secure method of communication called Secure Socket Layer (SSL) to send and receive messages.  SSL was developed by Netscape.  SSL uses a private key to encrypt data over the SSL connections.  Secure Http is an alternative to SSL.  Public keys are not need for S-Http or SSL.  When a secure session is occurring when the URL turns from HTTP to HTTPS.


Issues digital IDs to enable authenticated, 128-bit SSL encryption that secure e-commerce and online payments across the Internet.



  1. Neuman b. & Theodore T. Kerberos: An Authentication Service for Computer Networks. USC/ISI Technical Report number ISI/RS-94-399.
  2. Simpson W. PPP Challenge Handshake Authentication Protocol (CHAP), RFC 1994 (RFC1994). Internet RFC Archives. August 1996
  3. Karve, Anita. SSL and S-HTTP: Secure Communication over the Internet. 1 Jan 1997.

Importance of applying security to your system

This is an update on my first post about the removing the trojan called smithfraud.  I help my friend get rid of the trojan and had the system purring, but shortly after he got back on the Internet with no protection and got hacked again.  This time worse then before.  Not only did he get smithfraud AGAIN but he got some crap I never even heard of.  I may have to wipe his entire hard drive.

I constantly tell him how important it is to secure your system even if your on dial-up.  Just having Sp2 for XP is not enough.  I recommend at least a firewall

If you have a broadband connection check out my walk through on securing broadband Internet connections.

Common Criteria, the Rainbow Series and Windows 2K

Windows 2000 was awarded the Common Criteria Certificate.  This
is the first Microsoft Operating System to receive such a prestigious
certification putting it on the same level as SecureOS Solaris Unix,
both built on an operating system that has been around for over thirty
years.  This document will explain what the Common Criteria Certificate is, how a vendor achieves it and why a vendor would want it.

Common Criteria is based on the idea of a sound way of evaluating the security of an operating system.  Common Criteria has evolved over the years.  Security evaluation criteria goes back to the ‘70’s.  The
first standard for this criteria was published in the United States
Trusted Computer Systems Evaluation Criteria (TCSEC), the “Orange Book.”  It was published in 1985 by the National Security Agency.  Europe
came up with similar standards in an effort to create an international
standard called Information Technology Security Evaluation and
Certification (ITSEC) in 1991.  This led to the CC Editorial Board (CCEB) which was formed establishing globally recognized standards for security evaluation (dinopolis).  Each country has its own organization that enforces and advertises these international standards.  In the United States,
both the NSA and the National Institute of Standards and Technology
meet the security and testing needs of Information Technology producers
and consumers.  They do this through a joint program called the National Information Assurance Partnership (NIAP).  The responsibilities of these organization are outlined in the Computer Security Act of 1987 (epic).

In order for a vendor to be awarded the Common Criteria Certification it must pass all required tests for a security certification accepted in 15 countries.  There
are three parts to the CC: 1) Introduction and general model, is the
introduction to the CC. It defines general concepts and principles of
IT security evaluation and presents a general model of evaluation.  2)
Security functional requirements, establishes a set of security
functional components as a standard way of requirements for Targets of
Evaluation (TOEs).  3) Security assurance
requirements, establishes a set of assurance components as a standard
way of expressing the assurance requirements for TOEs (CRYPTIC).

Common Criteria is essential particularly in these times of heightened Information security awareness.  The CC Certification is verification that the operating system has met a specific level of security.  Consumers
are more likely to purchase an operating system that is internationally
accredited than one with just a good reputation.

This certification took Microsoft three years and millions of dollars to attain.  Very few companies have the time, money and resources to reach this level security.  According to Microsoft they obtained the Common Criteria “because its evaluation and certification process helps consumers make informed security decisions (Microsoft).”


Works Cited


Dinopolis. Common Criteria History. 11 May 2001.

 NIAP. Common Criteria Evaluation Verification Scheme.

 Electronic Privacy Center. Computer Security Act of 1987.

 Microsoft. Windows 2000 achieves the Common Criteria Certificate. 29 Oct 2002.

Radium. The Rainbow Series Library. 28 June 2000.

Digg This

I finally found Cat Schwartz or Kat Shwartz

The reason I haven’t been able to find Cat Schwartz is because I’ve been spelling her name with a “K” Kat Schwartz. My graMARr and speling Good, it is not.

Silly me. Shes at [dead and gone]a pretty cool blog hi tech mommy. I feel so empty now that I’ve found you Catherine.

I know I should be happy but the guess I let the obsession of finding you fill me for so long that it began to comfort me. Wait… perhaps I can meet you in REAL life. Just kidding Cat, I’m not really psycho. Or am I?

Contact Cat:[dead?]

Cat Schwartz Obsession:


Old Cat Schwartz Pictures:

ISP versus the SSAA

a System Security Engineer most of my work has been on DITSCAP (SOON DIACAP)
Certification and Accreditation and producing System Security
Authorization Agreements. But now the government is have us SSEs do
Information Support Plan (formerly C4ISP). Anyway, the Program Managers
want us to do it.

While it is a little frustrating that I'm
stepping out of my security world and into Acquisitions, I can see the
potential for growth as I'm force to learn the Military equivalent of a
Business Continuity Plan.

Once I get a handle on the ISP I have a feeling that it will lead me to great things.

Internet Revolution for old TechTV crew

Something is happening.   G4TV has made the mistake of releasing Mr. Kevin Rose from his contract on “Attack of the Show.”  Kevin is about to go buck wild and cause some sort of Internet revolution by releasing ground breaking HIGH QUALITY technical shows similar to what used to be on TechTV (before it was seduced by the Dark Side).  He is going to be hooking up with some Internet Celebs like:


Leo Laporte

Dan Huard




O.k. all they need now is Alex Albretch (former SAIC employee), Kat Swartz (hottie who seems to have fallen off the face of the Earth) and Lockergnome (don't remember his name but its that guy that used to host Call For Help–man, I hated that show, but Lockergnome has a pretty kick ass site in my useless opinion). 

My only question is how the hell will they get paid.  Donations are cool but I'm not sure if donations alone will pay the light bills.  They shouldn't have a problem though.  Their names alone will get them $100K traffic and thousands of dollars in ads.  That is a winning combination.

This is a comprehensive list of all the most popular TechTV folks and where they are now.  from Redlobo dot com.

Here is Kevin's call to arms:

After several weeks of lawyer negotations with G4, they have agreed to release me from my contract.  Friday May 27th 2005 marks my last day on the G4 network.

I’m leaving G4 so that I can focus on what I love most, in-depth tech content. Starting with today’s premiere release of our new tech HOW-TO show ’Systm,’ we will begin to build a network of technology television programming from the ground up.  While Systm and thebroken will be our two flagship shows, in time, we hope to add more shows to the schedule with former TechTV cast members you all know and love.  All episodes will be released free of charge, in a variety of formats (Theora, Xvid, WMV, H.264, PSP), wrapped in RSS (for vidcasting), and liscensed under the Creative Commons.

How you can help –
– Spread the word: Post in message boards, blog about it, email/IM your friends.  Let anyone and everyone know that tech programming is alive and well.

– Sign up for the newsletter: Ecourage your friends and family to sign up for the systm newsletter so that we can keep you up-to-date with all the latest happenings.

– Help us distribute: Keep your bittorrent lines open after you finished the download.

– Advertise: Get your product or service in front of thousands of geeks!  Email: ads at systm dot org


Broadband Internet Security

3 Easy Steps for Broadband Internet Security for your Cable Modem and DSL


Broadband Internet Security for Cable Modems/DSL: 

1)    Get Yourself a Router

your ISP issues you a fairly robust router with instructions on how to
secure it, you may not need a router. Just follow their instructions on
how to configure the security on the device. Step 1B explains what
security features are needed.


A. Types of routers:


linksys, Netgear, Actiontec When you buy a router look for the following features:


Four 10Base-T/100Base-TX RJ-45 ports, one 10Base-T broadband WAN port, one 10Base-T/100Base-TX RJ-45 uplink port


This means that it can get four of you

computers online using Cat 5.

If you have multiple computers and your Cable/DSL device does not support more than one connection I do NOT recommend wireless.

you can, connect the DSL device to another router. You will need to use
a crossover CAT 5 cable to connect the two like devices (i.e. computer
to computer, router to router) require a crossover cable.

A USB cable will also work.


B. Configure the Router Correctly:

security, as a minimum, use the Network Address Translation (NAT)
feature of the router to hide your internal computers from the

You may have to go to an Advanced Setup Feature on your router to turn on the NAT feature.

C.     Additional Router Security


routers offer additional firewall features for broadband Internet
security such as actively closing ports, blocking websites, blocking
services and integrating third party software firewalls such as
ZoneAlarm and PC-Cillin.


2)    Consider using software to protect your system for broadband Internet security

A.    Virus protection

Free online virus scan:



More Free Virus tools:


Thefreesite Dot Com

Free trial of Norton Anti-Virus

Free for DOD Employees

Other virus tools:




heard that Norton was better than McAfee and vise-versa, but in my
experience basic computer security can not be beat. The best practices
are to not download e-mail attachments from unknown sources, turn off
java script, cookies and asp functions on the browser and make sure you
don’t put virus infected disks into your system. If you do use
Anti-virus software make sure it is updated with the latest virus


Even More Anti-Virus Resources

Software Downloads:

As you can see MajorGeeks is one of the best resources for freeware on the net.

B.    Ad-ware protection

my opinion, adware, spam and spyware have become worse than Virii,
trojans, worms, logic bombs or any other malware in compromising
broadband Internet security.


times there is no difference between adware, spyware and malware.
Adware and spyware creators are constantly coming up with creative ways
to get there software on our computers. Just when I think I’ve figured
out a way to eliminate ALL adware, and adware, they come up with a new
brilliant method of deploying their software on my system and keep it


Here is a list of common Adware/Spyware  removal tools:


Hijackthis (don’t use unless you know what your doing)

Spyware Blaster

best resource in getting rid of adware and spyware and malware are
search engines. Usually you can find someone online who managed to fix
the problem. Forums are an incredible resource for your broadband
Internet security.


Even More Anti-Spy/Ad ware Resources

Software Downloads:



of Freeware & Shareware from illegitimate sites. A lot of spyware
and shareware comes from freeware such as P2P (i.e. Kazaa). Manytimes
what you think is free is really not free at all. Even if you have a
rare legitimate copy of beloved Kazaa or Sharezaa, WinMX, or whatever,
you MUST beware of what you download.

aware that malware and spyware can be hidden in .jpg, .gif, video and
even sound files. Its call stenography. Its very cool. The safest thing
to do is not use P2P at all. It is almost as bad as wireless.



For secure methods of P2P check out:

Creators of Kazaa: Joltid


C.    Software firewall

have used firewalls built in Linksys, Netgear, and Actiontec routers
and I think they work great. They are by no means the push button
solution to broadband Internet Security. For one thing they have holes
just like any other software, hardware and firmware on the market.
Malware can still get to your system. Many times people think just
because they have a firewall they have an “S” on their chest.

Computer Security Principles

Be humble. Know that you need:

– More than one layer of defense (patches, security configurations, cleaning tools)

Security awareness of what is going on with the services, applications
and operating system you are running that are exposed to the Internet.
Be proactive. Look at your Event/Audit logs, processes, and network
activity at least bi-weekly.

– If your system seems slower than usual assume the worst and check it out immediately.
I hate software firewalls but they are probably the best way to protect your home computer if you keep up with it.

Free software firewalls:

Zone Alarm

Not free but still good:



Tiny Firewall

My resources:



3)    Check your Security


A.        SCAN your own IP

These are sites that allow you to scan your system from the outside. It is a very simple penetration test.



I would also recommend using a port scanner such as SuperScan


Check your processes with Task Manager

If your on a Windows NT/2000/XP system hit

and choose Task Manager. Once your in Task Manager select processes and
take look at what is running. This is a great resource for locating and
killing rogue applications.




Use netstat to examine what network activity is happening on your system.

Netstat is a built in feature.


Go to Start | Run | type “cmd”

This will bring up a DOS prompt. Type “netstat”


there is a ridiculous amount of activity scrolling up the screen and
your system is a sluggish, you may have a Trojan, virus or worm.

I had one called HWCLOCK.exe
on my system. It actually scanned other people in my ISP's network
looking for other people to exploit. I had to shut off the process
called HWCLOCK in my Task Manager and remove the malware while in Safe

Other Broadband Internet Security Sites:

Broadband Internet Security software

CERT Home Network Security

Broadband Internet Security links

Broadband Internet Security



Remove the HWCLOCK.EXE/W32.Hwbot-A Trojan

I got the HWCLOCK.EXE when I was testing my new Internet connection.  I noticed it when my Internet DSL connection started feeling like a  56K dialup. 

I removed it by going into Showing all files, going into Safe Mode and deleting the HWCLOCK.exe/W32.Hwbot-A Trojan.

This is a trojan that can actually steal your passwords and other personal data.  On my system is was attacking other system.

I've got more detail instructions on how to remove the HWCLOCK.exe at

If you found this post or others useful, feel free to donate to

elamb – Home Computer Security.  No amount is too low (or high).

1 170 171 172 173 174