The blogs will be under construction as we find and modify a theme and graphics to suit the rest of our site.  We appologize for any inconvienance.

After posting the last post on creating a two thousand general purpose server using VMWare’s ESXi software hyper-visor, I thought some would like to know more about the hyper-visor software, as well as how to get it started up and running.

ESXi can be downloaded free from http://www.vmware.com/products/esxi/

This video from the Hak5 group at http://revision3.com/hak5 shows how to build a general pupose server using VMWare’s ESXi system for under two grand including all new hardware with 3 TB of storage, 4 core processor and 8 GB of RAM.  For those curious about building a low maintenance, low cost server for small to medium business usage, this video is very to the point and helpful.

Those not familar with VMWare or virtulization, the ESXi software is free and can be downloaded from http://www.vmware.com/products/esxi/.

Click below if you usually blog, post links to twitter, youtube, or anywhere. Very handy to knock down those insanely long links.

bit.ly, a simple url shortener.

Just recently (I am a little late on this story however), they have found a zero-day exploit (IE: it was already being used to run arbitrary code on peoples machines when found), in Adobe Reader and Acrobat.

The exploit takes advantage of the fact that almost all of the newer versions of this software leave JavaScript on by default. While I have never personally seen, or heard, of a PDF file using JavaScript, it is included, and enabled by default. The good news is that disabling JavaScript in the application removes no functionality.

The affected versions are Adobe Reader & Acrobat 7.x, 8.x and 9.x. If you are running any of these versions you can run the update utility which patches the software from being vulnerable to this exploit.

There is however another way to prevent this exploit from ever being used, which is to simply turn off JavaScript inside Adobe Reader and Acrobat. Below are instructions for how to do so.

• Turning off JavaScript inside Adobe Reader & Acrobat 9 (Older versions should be similar).

1. Open Adobe Reader or Acrobat
2. Click on Edit>Preferences
3. Click JavaScript in the list to the left.
4. Un-check “Enable Acrobat JavaScript” in the first check-box.
5. Un-check (If checked) “Enable JavaScript menu item execution privileges”

Doing the above steps will keep you protected from this exploit even if you do not install the update, and in fact, I highly recommend leaving JavaScript off at all times in this program anyway, unless it is explicitly needed by the PDF you are reading/working with.

Since there is so much press going around about conficker, and with three versions in the wild and a possible forth version in the works (or maybe it’s hit the wild already), I thought it should listed in here somewhere for people to find out why this virus is getting so much press and why anti-virus companies are having such trouble eliminating it.

• First one for anyone with a little time to listen to a podcast, maybe on their way to work, and has an interest in how this virus is coded, in lay terms, and why it has the security community in such a bother, should check out this podcast by Security Now on TWIT. Not only do I recommend this podcast for anyone that has an interest in security, but also for those that just enjoy learning new things.  Leo LaPorte and Steve Gibson have a roundtable type discussion weekly on various techinical subjects from encryption algorithms to user questions, all explained in very layman terms that just about anyone can understand.  http://twit.tv/sn193

---

• Snopes.com: This website has the origins, history, reward information and removal/protection information for conficker. http://www.snopes.com/computer/virus/conficker.asp

---

• Microsoft’s response article for conficker: http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx

---

• Symantec’s response article for conficker: http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm

---

• PC World article on protecting yourself: http://www.pcworld.com/article/157876/protecting_against_the_rampant_conficker_worm.html

---

• VERY easy eye-chart (based on the built-in domain blocking in conficker) that will show you in 5 seconds if you should check for conficker infection: http://www.confickerworkinggroup.org/infection_test/cfeyechart.html

After some rearranging of the website we have gotten our WordPress blog up and running on the servers, and plan to replace our old news system with our blogs.  This will reduce overhead and time required to update our news, and allow more authors to contribute to the site with less hassle. We have also left comments enabled for the time being, and will see how that goes, however with the abundance of spam around the net, we aren’t sure how that will go.

Feel free to comment on any of our postings, and hit our forums for more in-dept discussions of topics.