I finally found Cat Schwartz or Kat Shwartz

The reason I haven’t been able to find Cat Schwartz is because I’ve been spelling her name with a “K” Kat Schwartz. My graMARr and speling Good, it is not.

Silly me. Shes at Catschwartz.com [dead and gone]a pretty cool blog hi tech mommy. I feel so empty now that I’ve found you Catherine.

I know I should be happy but the guess I let the obsession of finding you fill me for so long that it began to comfort me. Wait… perhaps I can meet you in REAL life. Just kidding Cat, I’m not really psycho. Or am I?

Contact Cat:


Cat Schwartz Obsession:





Old Cat Schwartz Pictures:



ISP versus the SSAA

a System Security Engineer most of my work has been on DITSCAP (SOON DIACAP)
Certification and Accreditation and producing System Security
Authorization Agreements. But now the government is have us SSEs do
Information Support Plan (formerly C4ISP). Anyway, the Program Managers
want us to do it.

While it is a little frustrating that I'm
stepping out of my security world and into Acquisitions, I can see the
potential for growth as I'm force to learn the Military equivalent of a
Business Continuity Plan.

Once I get a handle on the ISP I have a feeling that it will lead me to great things.

Internet Revolution for old TechTV crew

Something is happening.   G4TV has made the mistake of releasing Mr. Kevin Rose from his contract on “Attack of the Show.”  Kevin is about to go buck wild and cause some sort of Internet revolution by releasing ground breaking HIGH QUALITY technical shows similar to what used to be on TechTV (before it was seduced by the Dark Side).  He is going to be hooking up with some Internet Celebs like:


Leo Laporte

Dan Huard




O.k. all they need now is Alex Albretch (former SAIC employee), Kat Swartz (hottie who seems to have fallen off the face of the Earth) and Lockergnome (don't remember his name but its that guy that used to host Call For Help–man, I hated that show, but Lockergnome has a pretty kick ass site in my useless opinion). 

My only question is how the hell will they get paid.  Donations are cool but I'm not sure if donations alone will pay the light bills.  They shouldn't have a problem though.  Their names alone will get them $100K traffic and thousands of dollars in ads.  That is a winning combination.

This is a comprehensive list of all the most popular TechTV folks and where they are now.  from Redlobo dot com.

Here is Kevin's call to arms:

After several weeks of lawyer negotations with G4, they have agreed to release me from my contract.  Friday May 27th 2005 marks my last day on the G4 network.

I’m leaving G4 so that I can focus on what I love most, in-depth tech content. Starting with today’s premiere release of our new tech HOW-TO show ’Systm,’ we will begin to build a network of technology television programming from the ground up.  While Systm and thebroken will be our two flagship shows, in time, we hope to add more shows to the schedule with former TechTV cast members you all know and love.  All episodes will be released free of charge, in a variety of formats (Theora, Xvid, WMV, H.264, PSP), wrapped in RSS (for vidcasting), and liscensed under the Creative Commons.

How you can help –
– Spread the word: Post in message boards, blog about it, email/IM your friends.  Let anyone and everyone know that tech programming is alive and well.

– Sign up for the newsletter: Ecourage your friends and family to sign up for the systm newsletter so that we can keep you up-to-date with all the latest happenings.

– Help us distribute: Keep your bittorrent lines open after you finished the download.

– Advertise: Get your product or service in front of thousands of geeks!  Email: ads at systm dot org


Broadband Internet Security

3 Easy Steps for Broadband Internet Security for your Cable Modem and DSL


Broadband Internet Security for Cable Modems/DSL: 

1)    Get Yourself a Router

your ISP issues you a fairly robust router with instructions on how to
secure it, you may not need a router. Just follow their instructions on
how to configure the security on the device. Step 1B explains what
security features are needed.


A. Types of routers:


linksys, Netgear, Actiontec When you buy a router look for the following features:


Four 10Base-T/100Base-TX RJ-45 ports, one 10Base-T broadband WAN port, one 10Base-T/100Base-TX RJ-45 uplink port


This means that it can get four of you

computers online using Cat 5.

If you have multiple computers and your Cable/DSL device does not support more than one connection I do NOT recommend wireless.

you can, connect the DSL device to another router. You will need to use
a crossover CAT 5 cable to connect the two like devices (i.e. computer
to computer, router to router) require a crossover cable.

A USB cable will also work.


B. Configure the Router Correctly:

security, as a minimum, use the Network Address Translation (NAT)
feature of the router to hide your internal computers from the

You may have to go to an Advanced Setup Feature on your router to turn on the NAT feature.

C.     Additional Router Security


routers offer additional firewall features for broadband Internet
security such as actively closing ports, blocking websites, blocking
services and integrating third party software firewalls such as
ZoneAlarm and PC-Cillin.


2)    Consider using software to protect your system for broadband Internet security

A.    Virus protection

Free online virus scan:



More Free Virus tools:


Thefreesite Dot Com

Free trial of Norton Anti-Virus

Free for DOD Employees

Other virus tools:




heard that Norton was better than McAfee and vise-versa, but in my
experience basic computer security can not be beat. The best practices
are to not download e-mail attachments from unknown sources, turn off
java script, cookies and asp functions on the browser and make sure you
don’t put virus infected disks into your system. If you do use
Anti-virus software make sure it is updated with the latest virus


Even More Anti-Virus Resources

Software Downloads:

As you can see MajorGeeks is one of the best resources for freeware on the net.

B.    Ad-ware protection

my opinion, adware, spam and spyware have become worse than Virii,
trojans, worms, logic bombs or any other malware in compromising
broadband Internet security.


times there is no difference between adware, spyware and malware.
Adware and spyware creators are constantly coming up with creative ways
to get there software on our computers. Just when I think I’ve figured
out a way to eliminate ALL adware, and adware, they come up with a new
brilliant method of deploying their software on my system and keep it


Here is a list of common Adware/Spyware  removal tools:


Hijackthis (don’t use unless you know what your doing)

Spyware Blaster

best resource in getting rid of adware and spyware and malware are
search engines. Usually you can find someone online who managed to fix
the problem. Forums are an incredible resource for your broadband
Internet security.


Even More Anti-Spy/Ad ware Resources

Software Downloads:



of Freeware & Shareware from illegitimate sites. A lot of spyware
and shareware comes from freeware such as P2P (i.e. Kazaa). Manytimes
what you think is free is really not free at all. Even if you have a
rare legitimate copy of beloved Kazaa or Sharezaa, WinMX, or whatever,
you MUST beware of what you download.

aware that malware and spyware can be hidden in .jpg, .gif, video and
even sound files. Its call stenography. Its very cool. The safest thing
to do is not use P2P at all. It is almost as bad as wireless.



For secure methods of P2P check out:

Creators of Kazaa: Joltid


C.    Software firewall

have used firewalls built in Linksys, Netgear, and Actiontec routers
and I think they work great. They are by no means the push button
solution to broadband Internet Security. For one thing they have holes
just like any other software, hardware and firmware on the market.
Malware can still get to your system. Many times people think just
because they have a firewall they have an “S” on their chest.

Computer Security Principles

Be humble. Know that you need:

– More than one layer of defense (patches, security configurations, cleaning tools)

Security awareness of what is going on with the services, applications
and operating system you are running that are exposed to the Internet.
Be proactive. Look at your Event/Audit logs, processes, and network
activity at least bi-weekly.

– If your system seems slower than usual assume the worst and check it out immediately.
I hate software firewalls but they are probably the best way to protect your home computer if you keep up with it.

Free software firewalls:

Zone Alarm

Not free but still good:



Tiny Firewall

My resources:




3)    Check your Security


A.        SCAN your own IP

These are sites that allow you to scan your system from the outside. It is a very simple penetration test.



I would also recommend using a port scanner such as SuperScan


Check your processes with Task Manager

If your on a Windows NT/2000/XP system hit

and choose Task Manager. Once your in Task Manager select processes and
take look at what is running. This is a great resource for locating and
killing rogue applications.




Use netstat to examine what network activity is happening on your system.

Netstat is a built in feature.


Go to Start | Run | type “cmd”

This will bring up a DOS prompt. Type “netstat”


there is a ridiculous amount of activity scrolling up the screen and
your system is a sluggish, you may have a Trojan, virus or worm.

I had one called HWCLOCK.exe
on my system. It actually scanned other people in my ISP's network
looking for other people to exploit. I had to shut off the process
called HWCLOCK in my Task Manager and remove the malware while in Safe

Other Broadband Internet Security Sites:

Broadband Internet Security software

CERT Home Network Security

Broadband Internet Security links

Broadband Internet Security



Remove the HWCLOCK.EXE/W32.Hwbot-A Trojan

I got the HWCLOCK.EXE when I was testing my new Internet connection.  I noticed it when my Internet DSL connection started feeling like a  56K dialup. 

I removed it by going into Showing all files, going into Safe Mode and deleting the HWCLOCK.exe/W32.Hwbot-A Trojan.

This is a trojan that can actually steal your passwords and other personal data.  On my system is was attacking other system.

I've got more detail instructions on how to remove the HWCLOCK.exe at http://elamb.blogharbor.com/hacked/hwclock.htm

If you found this post or others useful, feel free to donate to

elamb – Home Computer Security.  No amount is too low (or high).

Securing Internet Explorer

Securing Internet Explorer:
Step 1.  Turn Security WAY UP
   Tools | Internet Options | select the Security tab | Move the
“security levels for this zone” to HIGH

Step 2. Turn off and Delete All Cookies.
   The first thing you should do is clear out all your cookies.
   Tools | Internet Options | select the Privacy tab | Move the slider in the Settings area to a higher level of security.  Keep in mind that if you block ALL cookies some sites will be limited or even unaccessable.. but you can always go back and change it.

Limiting the number of cookies you except can increase your privacy

Step 3. Disable Java and Active X
   Jave and Active X are know as mobile code because they download software from a remote source (or run from a remote source) to your computer.  Some of the most effective malware are mobile code.
   Tools | Internet Options | select the Security tab | Select the “Costum Level” button which will open up “security settings.”
   Once in Security Settings disable everything under “Active X” and “Scripting.”

What I do is Highten the Security Tab and use Internet Explorer as little as possible.  I use Firefox.  It is also very important to update these (and all other applications) with the latest patches.  This, combined with my router firewall, seems to work really well. 

Neither Firefox or Internet Explorer are secure if you don't take the appropriate measures.

If you do use cookies you should delete them all about twice a week.

http://elamb.blogharbor.com/hacked/igothacked.htm –> get rid of malware
http://elamb.blogharbor.com/broadband/broadband.htm –> secure your broadband connection


A lot of people seem to have the Smitfraud trojan and seem to looking all over the place to get a fix.  So I've consolidated the best resources that I've found on the Smithfraud this blog.  Enjoy.


New Trojan Agent Go

Is a memory-resident trojan that comes through via downloads from malicious web sites.  It executes files from other websites.

Remove Trojan_Agent.go:

Open Task Manager:
CTRL+SHIFT+ESC (on XP), then click the Processes tab.

locate the process:

Select the EVTHTM.EXE process, then press either the End Task or the End Process button, depending on the version of Windows on your system.

  1. To check if the malware process has been terminated, close Task Manager, and then open it again.
  2. Close Task Manager.

If the process does not shutdown, Go to Safe Mode and shut it down.





Report Phishing Instantly with gmail

As I was hitting the “Show Original Message” link on my gmail account, I noticed that there is a “Report Phishing” link on my gmail account. 

Very cool.. Anyway here is the latest phishing attempt I got hit with.

This one is supposedly from ebay.  It is saying that some has added a seller to my account.  The only thing is that I don't have an ebay account attached to this email. 

So view the source of an email from your gmail account click “Show Options” Then “Show Original Message.”  Most email software have this feature:

X-Gmail-Received: 330662dcee7d7f96e1a81e48ae9c33265fe033b5
Delivered-To: elamb.security@gmail.com
Received: by with SMTP id t17cs20860nza;
        Wed, 11 May 2005 14:15:24 -0700 (PDT)
Received: by with SMTP id u8mr396722nzd;
        Wed, 11 May 2005 14:15:24 -0700 (PDT)
Return-Path: <root@localhost.localdomain>
Received: from localhost.localdomain (cam-in1.ztv.ad.jp [])
        by mx.gmail.com with ESMTP id 15si749916nzn.2005.;
        Wed, 11 May 2005 14:15:24 -0700 (PDT)
Received-SPF: neutral (gmail.com: is neither permitted nor denied by domain of root@localhost.localdomain)
Received: from localhost.localdomain (localhost.localdomain [])
 by localhost.localdomain (8.13.1/8.13.1) with ESMTP id j4BLAxdC009474
 for <elamb.security@gmail.com>; Thu, 12 May 2005 06:10:59 +0900
Received: (from root@localhost)
 by localhost.localdomain (8.13.1/8.13.1/Submit) id j4BLAxA5009473
 for elamb.security@gmail.com; Thu, 12 May 2005 06:10:59 +0900
Date: Thu, 12 May 2005 06:10:59 +0900
To: elamb.security@gmail.com
Subject: You have successfully added a new email address
Message-ID: <1115845859.27531.qmail@paypal.com>
From: “eBay” <accounts@eBay.com>
Content-Type: text/html

<DIV><DIV id=message><TT style=”FONT-SIZE: x-small;
FONT-FAMILY:'couriernew',monospace”>You have added <A href=”
target=_blank>phoneseller@yahoo.com </A>as a new email address for your
eBay account.<BR><BR>If you did not authorize this change or if you need
assistance with your account, please contact eBay customer service
at:&nbsp;</TT> <P><TT style=”FONT-SIZE: x-small; FONT-FAMILY:
you for using eBay!<BR>The PayPal Team<BR><BR><BR>Please do not reply to
this e-mail. Mail sent to this address cannot be answered. For
assistance, log in to your eBay account and choose the<BR>”Help” link in
the header of any
PROTECT YOUR PASSWORD<BR><BR>&nbsp;&nbsp; NEVER give your password to
anyone and ONLY log in at <A
target=_blank>http://scgi.ebay.com/verify_id=ebay.</A&gt; Protect yourself
against fraudulent websites by opening a new web browser (e.g. Internet
Explorer or Netscape) and typing in the eBay URL every time you log in
to your account.<BR><BR><BR>
<BR><BR><BR></B>eBay Email ID PP007</TT></P></DIV></DIV>


1 172 173 174 175