download the windows xp utility from : http://www-307.ibm.com/pc/support/site.wss/document.do?sitestyle=lenovo&lndocid=MIGR-70480install with the 1st initiate with intoxicant to extract the utility filescopy the extracted utility from : ~/.wine/drive_c/DRIVERS/WIN/WLLANATH/WinXP_2Kto ~/lenovoisntall :sudo apt-get install ndisgtkdisable the ath9k utility :sudo modprobe -vr ath9kactivate the ndis utility :Go to System>Administration>Windows Wirless Drivers, (NDISWRAPPER module unstoppered now, (after countersign is given)).Choose Install Driver.Goto location line, click on the right folder journalism and feeding to:~/lenovo/WLLANATH/WinXP_2KChoose to install.to stop ath9k loading at bootsudo healthiness /etc/modprobe.d/blacklist.confblacklist ath9krebootreference :http://ubuntuforums.org/showthread.php?t=739998
I took a some notes at the SANS Incident Detection Summit tone by Tony Sager terminal week. I thought you strength like to see what I recorded. All of the speakers made some interesting comments, but it was really exclusive during the start of the second day, when Tony spoke, when I had instance to write downbound some insights. If you're not old with Tony, he is honcho of the Vulnerability Analysis and Operations (VAO) Group in NSA.
Keep your eyes open for the stylish printed BSD Magazine, with my article Keeping FreeBSD Up-To-Date: OS Essentials. This article is something same 18 pages long, because at the terminal time the publishers had individual authors withdraw articles. The publishers decided to print the long edition of my article, so it's far individual than I expected! We're currently altered the consort piece on ownership FreeBSD applications up-to-date. I wait to also accede an article on streaming Sguil on FreeBSD 8.0 when I intend a quantity to effort the stylish edition in my lab.Copyright 2003-2009 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and www.taosecurity.com)
My important individualized workstation is a Thinkpad x60s. As I wrote in Triple-Boot Thinkpad x60s, I have Windows XP, Ubuntu Linux, and FreeBSD installed. However, I rarely ingest the FreeBSD side. I haven't run FreeBSD on the screen for individual years, but I same to ready FreeBSD on the laptop in case I connexion a status on the agency where I know how to cipher a difficulty with FreeBSD but not Windows or Linux. (Yes I know about [insert selection VM creation here]. I ingest them. Sometimes there is no unreal for a bare-metal OS.)When I prototypal installed FreeBSD on the x60s (named "neely" here), the wireless NIC, an Intel(R) PRO/Wireless 3945ABG, was not based on FreeBSD 6.2. So, I utilised a wireless bridge. That's how the status stayed until I fresh feature M.C. Widerkrantz's FreeBSD 7.2 on the Lenovo Thinkpad X60s. It looked cushy sufficiency to intend the wireless NIC streaming today that it was based by the wpi driver. I had utilised freebsd-update to raise the 6.2 to 7.0, then 7.0 to 7.1, and eventually 7.1 to 7.2. This is where the apparent insanity began.I couldn't encounter the if_wpi.ko or wpifw.ko essence modules in /boot/kernel. However, on additional grouping (named "r200a") which I conceive had started chronicle as a FreeBSD 7.0 incase (but today also ran 7.2), I institute both absent essence modules. Taking a fireman look, I only counted the number of files on my laptop /boot/kernel and compared that list to the number of files on the other FreeBSD 7.2 system.$ wc -l boot-kernel-neely.06dec09a.txt 545 boot-kernel-neely.06dec09a.txt$ wc -l boot-kernel-r200a.06dec09a.txt 1135 boot-kernel-r200a.06dec09a.txtWow, that is a bounteous difference. Apparently, the raise impact from 6.2 to 7.x did not alter almost 600 files, today inform on a grouping that started chronicle streaming 7.x.Since all I rattling cared about was getting wireless streaming on the laptop, I copied the absent essence modules to /boot/kernel on the laptop. I additional the mass to /boot/loader.conf:legal.intel_wpi.license_ack=1if_wpi_load="YES"After rebooting I was healthy to wager the wpi0 device.wpi0: mem 0xedf00000-0xedf00fff irq 17 at figure 0.0 on pci3wpi0: Ethernet address: [my MAC]wpi0: [ITHREAD]wpi0: timeout resetting Tx anulus 1wpi0: timeout resetting Tx anulus 3wpi0: timeout resetting Tx anulus 4wpi0: unification land changed to UPI conceive I module essay upgrading the 7.2 grouping to 8.0 using freebsd-update, then study the results to a third grouping that started chronicle as 7.0, then upgraded from 7.2 to 8.0. If the /boot/kernel directories are ease different, I might reinstall 8.0 on the laptop from media or the network.Copyright 2003-2009 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and www.taosecurity.com)
I undergo some of us impact in large, diverse organizations. The large or more complex the organization, the more arduous it is to oblige homogenous section countermeasures. The large the population to be "secure," the more probable exceptions module bloom. Any accepted tends to worsen to the small common denominator. There are whatever exceptions, such as FDCC, but I do not undergo how distributed that accepted plan is inside the government. Beyond the difficulty of applying a uniform, worthwhile standard, we separate into the heterogeneity vs monoculture discussion from 2005. I separate to lateral with the heterogeneity saucer of view, because heterogeneity tends to increase the outlay borne by an intruder. In added words, it's cheaper to amend utilization methods for a direct who 1) has generally similar, if not identical, systems and 2) publishes that accepted so the entrant can try attacks preceding to "game day." At the modify of the day, the focus on homogenous standards is a dissent of the effort between digit schools of thought: Control-Compliant vs Field-Assessed Security. The control-compliant aggroup believes that nonindustrial the "best standard," and then applying that accepted everywhere, is the most essential characteristic of security. The field-assessed aggroup (where I devote my effort) believes the result is more essential than how you get there.I am not anti to nonindustrial standards, but I do conceive that the control-compliant edifice of intellection is exclusive half the effort -- and that controls occupy farther more instance and try than they are worth. If the accepted whithers in the face of battle, i.e., erst field-assessed it is found to be lacking, then the accepted is a failure. Compliance with a unsuccessful accepted is meritless at that point.However, I'd same to propose a variation of my example argument. What if you desert homogenous standards completely? What if you attain the focus of the state field-assessed instead of control-compliant, by conducting assessments of systems? In added words, let a hundred flowers blossom.(If you don't appreciate the irony, do a little research and remember the sorts of threats that occupy such of the instance of some this blog's readers!)So what do I mean? Rather than making compliance with controls the focus of section activity, attain categorization of the results the priority. Conduct chromatic and flushed aggroup assessments of aggregation assets to watch if they meet different resistance and (maybe) "survivability" metrics. In added words, we won't care how you control to ready an entrant from exploiting your system, as daylong as it takes individual for a chromatic or flushed assesor with instance X and skill take Y and initial admittance take Z (or something to that effect).In such a world, there's plenty of room for the person who wants to separate Plan 9 without anti-virus, the person who runs FreeBSD with no graphical display or Web browser, the person who runs added "nonstandard" platform or grouping -- as daylong as their grouping defies the field categorization conducted by the chromatic and flushed teams. (Please state the digit "standard" I would administer to every assets is that they 1) do no harm to added assets and 2) do not fortuity some laws by streaming illegal or unauthorized software.)If a "hundred flowers" is likewise radical, maybe consider 10. Too thickened to control every that? Guess what -- you are probable managing it already. So-called "unmanaged" assets are everywhere. You probably already have 1000 variations, never nous 100. Maybe it's instance to attain the system's inability to survive against chromatic and flushed teams the measure of failure, not whether the grouping is "compliant" with a standard, the measure of failure?Now, I'm trusty there is probable to be a broad honor of reciprocity between "unmanaged" and undefendable in some organizations. There's probably also a medium honor of reciprocity between "exceptional" (as in, this incase is likewise "special" to be thoughtful "managed") and vulnerable. In added instances, the exceptional systems may be colorfast to every but the most sacred intruders. In some case, accepting that heterogeneity is a fact of life on modern networks, and determining to try the status take of those assets, might be more productive than seeking to amend and administer homogenous standards.What do you think?Copyright 2003-2009 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and www.taosecurity.com)
Apparently there's been a gesture of concern burglaries in a nearby municipality during the last month. As you strength expect, topical residents responded by exchange windows with steel panels, front doors with vault entrances, floors with pressure-sensitive plates, and whatever added "security vendors" recommended. Town policymakers created newborn laws to dominion locking doors, sanctioning alarm systems, and creating scorecards for compliance. Home builders decided they necessary to adopt "secure building" practices so all these retrofitted measures were "built in" future homes.Oh wait, this is the actual world! All those vulnerability-centric measures I meet described are what likewise many "security professionals" would recommend. Instead, police identified the criminals and inactive them. From Teen burglary ring in Manassas identified:Two suspects questioned weekday gave aggregation about the others, police said. Now this gathering is facing prosecution. That's a beatific warning of what we need to do in the digital world: enable and action threat-centric security. We won't get there until we have meliorate attribution, and interestingly sufficiency attribution is the articulate I center most ofttimes from people pondering improvements in meshwork security.Copyright 2003-2009 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and www.taosecurity.com)
