Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2008-04-01 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Security in everyday life -- A true April Fools story

Published: 2008-04-01
Last Updated: 2008-04-02 01:06:20 UTC
by Joel Esler (Version: 1)
0 comment(s)

Handler story (not mine)--

There is an elderly couple from my church that have subscribed to the <name deleted> Satellite service for a number of years.  <name deleted> has decided to drop their satellite service and go to an internet <name deleted> service instead.
So they notified all of their customers that they are turning off the satellite at the end of the month so a box is being mailed to them with easy instructions on how to connect it to their existing Internet service.... Easy, anyone can do it.. (Right).  Anyway, the elderly couple got the box in the mail on Monday and attempted to connect it.  The instructions were poor at best but they gave it a try.  When they couldn't get it to work they called me and I went over last night to help them out.  Easy instructions right?  How long could it take?  I got there and attempted to connection the gateway/router/cable modem/whatever you want to call it box to the existing wireless network in their house.  I scanned for the network and wa-la came right up with the network....  put in the WPA key and it started the connect and came back with unable to connect, dhcp failed.  I checked a couple of other things then called <name deleted> tech support. After waiting on hold for quite some time I was finally connected to a technician.  I explained that I was attempting to connect the system and when I put in the WPA key it attempted to connect and then came back with the DHCP failure. 

You are not going to believe what I was told.  Yep, you got it, sorry you need to change your network to WEP.  Our system only recognizes WEP.    I could not believe what I was hearing.  I informed him that the change was not going to happen on their network, explained to him why, and then explained to them how totally irresponsible they were being.  He said that he totally agreed, however, the company that they are purchasing the hardware from does not know how to do anything but WEP.  He said that they were working on figuring it out, but it isn't going to happen for a while. He said that he has only had a couple people that complained about the WEP thing and that they did change their security so that they could watch <name deleted>. He stated for the most part no one complains. And my response was.... do you suppose it is not because they don't care but rather that they don't know/understand. He said... yeah, you could be right.

And we wonder why we have so many issues on the net.

 I'm out for the night, Adrien is here to take over..  Enjoy the podcast in the meantime!

Joel Esler

http://www.joelesler.net

Keywords: wireless
0 comment(s)

April Fools Day

Published: 2008-04-01
Last Updated: 2008-04-01 23:13:49 UTC
by Joel Esler (Version: 8)
2 comment(s)

As a reminder, today is April 1st, a common day for the pranksters, the tricksters, and a great day to have fun.  However, things to remember today, some of what you read on the interwebz today will be fake.  So, remember to keep your humor about you today as you are out there today.

UPDATE:  I am getting a ton of submissions!  Thanks!  Keep them coming, I'll pick out the really good ones and put them up here. 

DISCLAIMER:  THESE ARE MEANT TO BE FUNNY.  WE DO NOT NECESSARILY ENDORSE THE SITE WE ARE LINKING TO, AND ARE MERELY LINKING.  BROWSE TO THESE SITES AT YOUR OWN RISK!!

P.S.  If you wanna submit some good sites to me that you read, I'll put em up here: 

1) http://www.sophos.com/security/blog/2008/04/1246.html -- RAPIL - a slap in the face for hackers and virus writers

2) http://packetstormsecurity.org/err0r.txt -- Nice password file.

3) http://antwrp.gsfc.nasa.gov/apod/image/0804/dextre_sts123_big.jpg -- The astronomy picture of the day from http://apod.nasa.gov

4) http://spool.metasploit.com/pipermail/framework/2008-April/003365.html  -- A nice one from the guys at Metasploit.

5) http://www.caughq.org/advisories/CAU-2008-0001.txt -- A special bulletin on the "Slowly Closing Door Race Condition".

6) http://www.laptopsdirect.co.uk/bodyadvertising/body_ads.asp -- This has got to be a joke.  Funny one.  Slightly NSFW. (picture of a plumbers crack)

7) http://www.f-secure.com/weblog/archives/00001411.html -- A new banking trojan from F-secure.   This one GIVES you money.

8) http://www.theregister.co.uk/2008/04/01/ibm_scoble_nano/ -- A new projector from IBM.

9) http://www.securitynewsportal.com/ -- NSFW, so I am not linking to it, (hey, I am looking out for YOU) but SecurityNewPortal has changed to the Naked Security News Portal.

10) http://mail.google.com/mail/help/customtime/index.html -- Send email from the past!  Man!  Sometimes that would be a useful feature!

11)  http://www.thinkgeek.com -- Pretty much all of thinkgeek has been modified. 

12)  http://www.officeformac.com/blog/Announcing-Microsoft-Games-for-Apple-Remote -- Microsoft announces games for the Apple Remote. (Yes that little white thing, I hope this is a joke).

13) http://www.rfc-editor.org/rfc/rfc5241.txt -- RFC5241 - Naming Rights in protocol fields

14) http://www.xbox.com/en-US/community/promotions/2008/spring/ -- Future XBox products

15) http://wifinetnews.com/archives/008249.html -- Wifi over Ethernet (802.11af)

16) http://www.infoworld.com/archives/t.jsp?N=s&V=96815 -- A bunch over at Infoworld.

 17) http://www.worldofwarcraft.com/moltencore/ -- WoW the console game.

 

Joel Esler

http://www.joelesler.net

Keywords:
2 comment(s)
Diary Archives