All things digital
Looks like the pfSense team has put out their first release candidate for the version 2 of the open source pfSense firewall.
Looks like the pfSense team has put out their first release candidate for the version 2 of the open source pfSense firewall. This is a great firewall that will run on just about any hardware. It has as many features as commercially available firewalls and works great. I’ll be doing a few upgrades shortly and may post about it here.
Take a look at the blog post about this release on the pfSense site.
So, a co-worker from the office asked me to clean their personal laptop from one of those anti-virus application that install themselves and creates a bunch of pop-ups telling you you are infected. Obviously, I didn’t want to connect that machine to our corporate LAN, so I figured I should use a rescue CD of some sort that does AV scans. I was highly recommended to use F-Protect’s rescue CD for this type of malware in my SANS 504 course that I just took last week.
So, a co-worker from the office asked me to clean their personal laptop from one of those anti-virus application that install themselves and creates a bunch of pop-ups telling you you are infected. Obviously, I didn’t want to connect that machine to our corporate LAN, so I figured I should use a rescue CD of some sort that does AV scans. I was highly recommended to use F-Protect’s rescue CD for this type of malware in my SANS 504 course that I just took last week.
A quick Google search returned a very useful page from techmixer.com titled FREE Bootable AntiVirus Rescue CDs Download List. This page lists seven freely available Antivirus rescue CD options. So I downloaded the ISO for F-Protect and burned it to a CD. Obviously, you want to make sure you are scanning with the latest virus definition update, but since the CD is a read-only media, you can’t update the virus definition on it. The ISO contains a virus definition file from July 2009, but that’s way to old to be useful. I tried to follow the instructions that were on the techmixer.com page about F-Protect to use the updates on a USB stick, but without success. When all else fails, read the instructions. 😉
I downloaded the PDF manual from http://www.f-secure.com/linux-weblog/files/rescue_cd_user_guide.20090717.pdf and those instructions, unlike the ones on the techmixer.com ones, instructed to create a fsecurerescuecd folder on your USB stick. That way, the virus definition gets expanded to the rescuecd folder as well as the results of the scan is saved in a reports folder. The trick is to use a USB drive that has nothing else on it. Why they had to do it that way, I’m not sure. I wished that it wasn’t so because I would rather carry only one stick instead of dedicating one to having the F-Secure virus definition file.
For those of you who prefer bullets and get ‘er done, here is a step-by-step how-to:
F-Secure picked-up that I had a USB drive connected and used the virus definition for the scan. Simply follow the on-screen instructions and your computer will be cleaned up.
I’m back to blogging! BackTrack 4, the latest version of the most popular all-in-one Linux based penetration testing suite is now out.
Sorry for being away for so long (almost a year since the last post). I have been making sure that this server and WordPress is always up to date even though I was not actively posting. I’d hate for a blog about IT security to be compromised, especially if I’m the one managing it.
In any case, it would appear that BackTrack 4 is out of Beta and is available for all to download! I’m downloading it as I am typing this and will be burning it to a DVD to play with it. You can download it from http://www.backtrack-linux.org/downloads/. BackTrack is a great collection of software and tools in a bootable DVD or in a VM. As described on the BackTrack home page:
BackTrack is a Linux-based penetration testing arsenal that aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking.
Even if penetration testing is not your thing, this is an easy way to get some of the most popular security tools into your hands without having to search and download from all over the Internet.
Enjoy!