KellyKeeton dot Com v3.0 reverse engineering life

31Oct/070

outlook command line switches

here is a page with all the commandline options that you can run with outlook.exe I found some handy commands. Like all the clean commands.

Filed under: Microsoft No Comments
25Oct/070

Restrict Reply to all and Foward with Outlook

I ran across a fun post for a way to disable the reply to all, and forward abilitywith emails. How many times have you forward out something like “server willbe down” and you get 3 reply all’s “looks like kelly is actuallyworking today”, “haha yea kelly must have called the nerd herd”

useVBA to disable the reply to all and forward

Prevent Replyto all and forward with custom form

here is a copy of scotts post (just as a local copy)

 

Filed under: HowTo, Microsoft No Comments
24Oct/070

FINALLY some games for the xbox 360

the following video games I'm excited for, you see all the nerds waiting for Halo3? well that game is nothing as to the hours of play time that I will get from the following, sorry katie.

Burnout Paradise thiswith my next entry is why I purchased a xbox back in the day, also one of a few gamesI have every played to the end. Replay value is 5 star. I CANT WAIT

TomClancy's Splinter Cell: Conviction also the only game titles I stick around toplay to the end, I love this series more then candy (well no not really) I CANT WAIT

Grand Theft Auto IV possiblythe best game series I have ever laid eyes on, Im old enough to tell right from wrong,but this game is so real that I can choose wrong. Take that you lady of the street'gimmie back my cash' sweeeet america I CANT WAIT

The Simpsons Game I reallyliked the GTA rip off of the Hit& Run game this game looks possibly the best thing ever, I am torn if theWii will have anything cool (I doubt it) but the Wii has a list of cool games on itsown. just watching all the commercials makes me want want want I CANT WAIT

thats $200 of video games in the next 6 months. bastards, time to break open the piggy.

Filed under: Software No Comments
20Oct/070

roller party – engagement story in the newspaper!

seems like the media loves me, my priorstunt of asking my dear Katie to marry me got me into the seattletimes, and no all the facts arnt correct before you all comment back. –story as follows.

Rollingparty – Seattle Times 10–20–2007

Katie Uhlenkott thought she was the party planner. Her boyfriend, KellyKeeton, of Kirkland, had casually suggested they go roller skating soon.Wouldn't it be fun, he said, to invite friends and make it a party.

Uhlenkott, of Kent, decided to turn it into a surprise 26th birthday party for Keetonat Skate King in Bellevue.

When Kelly's mother got the call, she played along.

"Kelly invited us a couple of weeks before Katie even planned her surprise party,"said Betty Keeton of Snoqualmie. "He planted the idea and let herthink she was organizing the party."

When the couple arrived at Skate King, the emcee invited them to the center of therink. There, in front of about 30 friends and relatives, Uhlenkott realized she'dbeen set up. That's when Keeton proposed.

The couple plan to marry next year.

Filed under: Social No Comments
20Oct/070

Ubuntu 7.10 upgrade was horrible!

The new version of ubuntu is out and as longas your not on comcast(assholes) I recommend the ubuntutorrent server, I got the iso in 30 mins. I also booted up package managerand noticed that it would take care of all the work for me.  Lets just say thatthere is a reason that linux is not on the home desktop yet, granted windows couldn'tdo any better. They just have a few more years under the belt as of now. So I clickedupdate, well since my home directory was encrypted. That trashed a lot of stuff. The‘Coup de gras’ however came when it tried to update the package-managerand update service, no idea what happened but lets just say I lost everything andspent today at the office rebuilding my laptop. I did however, put office 2007 onfor the first time. I really love outlook 07. So what did I learn from all this? backupyour work and when all fails, you will find out that Microsoft makes a good emailprogram.

Filed under: Linux No Comments
20Oct/070

Funny Error on windows update with IE5.0 and WFW311

Nowindowsupdate 

This is an amusing error coming from the windows update page when I loaded up windowsfor workgroups 3.11. It thinks I’m a mac.

Filed under: Microsoft No Comments
17Oct/070

wamu sucks

So I have a wamu credit card, I have nothing good to say about wamu when I activatedthe card, I actually yelled at them that I didnt want to buy any insurance or frauddetection service. It was worse then a girl scout that needs to make a quota. So thenI went to close out the card (I used it for a 0% loan) I didnt want to call, so Iset up an account online. I had to make my password. But check out the HORRIBLE passwordrequirements. Not only do they limit to alpha 8 character, but they also give youexample passwords! haha

Wamu1

Wamu2

Filed under: Security No Comments
11Oct/070

Virtual Server Hardening

So this topic of virtual servers is starting to catch on a bit more, I still thinkit will go the waysideof bluetooth and only people that drink the Intel kool-aid will adopt it, butthats just me, dont get me wrong I feel there is a place for virtual machines in thedata center, the technology and use just isn't impressing me today. Thereal point of this post is to bring together some of the tips about virtual serversecurity, I say virtual server and not vmware becausethey arnt the only players in the market, example is Virtuozzo whoI was just talking with a friend about. I was listening to a pauldotcompodcast the other day (which if your interested you need to go listen to)

Anywhoo I have compiled a list of some of the top things to disable or change to hardenyour virtual environment. The following documents go into further detail but I wantedto explain out a few ideas. The first is disabling unused hardware, examples are FDD,CDROM, USB, and most important the NIC. Obviously you can understand the media notonly will it free up resources (other tips are shut down screensavers and the K-Desktop)but they just arnt needed typically in a virtual environment. The NIC is one thatmost people overlook (depending on setup and how you have things configured this canbe incorrect tip), they will have a virtual host with the ability to link to yourLAN. now this is particularly and issue if the threat of jumping out of a virtualever comes to light as a virus. If you have a host on a protected network and yourvm’s are on a DMZ for example, then once the virtual is hacked your protectednetwork is at risk, the amount of times that you should have to touch the host isminimal so keep the KVM attached and disable the protocalls and ip address on thehost.

Next topic that ties in with the first is to keep similar security devices on thesame host, and put that host in the proper subnet for the security of the virtuals.Meaning, dont put your web server on the same host as your financial server, and dontput your web server on the same as a tool server that is located in your ring 0/1LAN. If its a DMZ server and you would have put it there physically, then put it therephys-virtually (thats physically and virtually in one word) so say this with me onceagain, put like security servers in the proper realm with the proper vrituals sharinga host.

Now to get a little specific to vendors, example is VMware. With VMware you have coolthings like drag-and-drop file copy, cut and paste etc. In a server virtual machineyou want to shut these enhancements off.

Patch! VMware, Microsoft each have patches for the softwares they produce, updateand patch your software. vmware has no nice patch management notification like MicorosoftUpdateso Patch your softwares, also patch your hosts and virtuals for OS and APP patches.

VMWare has actually publisheda paper for security with the ESX Server, this has important tips for logs, users,and resource provisioning to prevent denial of service issues.

Also CI Security is supposed to release hardeningguides, however they also publish good standards for the OS in the virtual so checkthem out, along with that is the Microsoft published 2000 hardeningand 2003 hardeningguides.

Another interesting summary from guys at Petri,specifically because they have screenshots

Filed under: Security No Comments
11Oct/070

CrossSite Request Forgery

A “new” security threat that I thought was rather interesting. using crosssite forgery, the idea is that if you have two browsers open, one is your bankthe other is a hack-site. The hack site can use this idea to piggy back on your cookieand session to do things with your bank with out you knowing, How? well it would justsend http post data (or get) in the back end of the browser. So whats this mean whydo you care? If this takes off its nasty till’ people fix the sites you use.To not fall victim to this just dent flip browsers while your browsing, if you areon a site that you feel needs to be secure close out myspace.

Also the tool that I use for google hackingpay-sites, is the mozilla RefControl,which is the underlying idea with this hack

Filed under: Internet, Security No Comments
10Oct/070

fgdump new version

I havent had time to post up about this, but there is a newversion of fgdump, this will dump the protected storage if possible, local LMtable and cachedump of any system you have admin rights to. This tool is the ifto-factotool for collecting data for pen-test stuff. The special thing about this tool isthat it will sneek past most AV tools so you dont need to kill them to audit. I alsorecommend downloading the source and compile on your own to even further protect againstAV messing this up.

Filed under: Security, Software No Comments