Tuesday, December 1, 2009

Hashing out a sidewiki comment.

Helpful information about "http://www.xtremecomputer.com/addnew10.asp#1234".

XCtM v1.1 Monitor SideWiki Comments, SQL Injection, Spammers, BotNets.
Please read the Policy Statement from Google before you post any comments to any websites SideWiki. Google's SideWiki Policy

in reference to:

"XCtM v1.1 Monitor SideWiki Comments, SQL Injection, Spammers, BotNets. Please read the Policy Statement from Google before you post any comments to any websites SideWiki. Google's SideWiki Policy"
- http://www.xtremecomputer.com/addnew10.asp (view on Google Sidewiki)

Posted by at No comments:

Saturday, November 14, 2009

TeamViewer Needs more Testing.

Remote Access isn't something you just want to jump into because it's easy.

You need to know how the connection is made and how it is secured.

Having a session controlled by a server makes the weak link the server.
As I posted in CNet Reviews during my 3rd test I watched as two outside connections entered into the same TeamViewer Session on the same Ports.

Now the question is have you setup a firewall that will block TeamViewer?
If not you should then you can allow the connection for the duration of the remote call and close out the session blocking the TeamViewer application.

Read More and if you would like to test with me I'll setup the same systems and let you be the judge.

More Information about this Session Hijacking of TeamViewer

http://www.xtremecomputer.com/articles/view_article.asp?v=59

in reference to: TeamViewer - Reviews and free TeamViewer downloads at Download.com (view on Google Sidewiki)
Posted by at No comments:

Wednesday, November 4, 2009

XtremeComputer.Com SideWiki API out of Beta!

I thought it would be good to post a SideWiki Comment on the side of my Forum Post looking for Beta Testing Sites.

I've had the opportunity to test on 7 websites and over 60,000 pages monitored with my API.

Now for more discussion you can visit the XC SideWiki Monitor Forum at
http://www.xtremecomputer.com/forum/forum.asp?FORUM_ID=112

To see the local SideWiki Monitor Checker visit: http://www.xtremecomputer.com/sidewiki_comments.asp

If you are interesting in this API contact me at XtremeComputer.Com or here via Email for your Monitoring API Key.

in reference to: SideWiki Comment Monitor API - WebProWorld (view on Google Sidewiki)
Posted by at No comments:

Tuesday, November 3, 2009

Article Example of Under the Radar 404 page

Tom,
I'll delete the Blog Post but wanted to show you how carders could be using your own site to exchange card information.

This is the same as when they used dead forums to post.

This also could be a way to sign merchants that have had cards tested on their sites.
Here carders might be able to abuse things offer by Google.

in reference to: http://www.merchant911.org/blog/carder/login/yes/jo/mamma/fresh/cards/for/sale/here/ (view on Google Sidewiki)
Posted by at No comments:

TeamViewer Session Hijacking (FireWall Info)

Helpful information about "http://www.xtremecomputer.com/articles/view_article.asp?v=59".

If you are a TeamViewer user or a business that uses TeamViewer to remotely connect to computers online you should read this and follow a few simple checks to make sure what happened to me doesn't happen to you.

TeamViewer Server seems to have been hacked and the hackers are picking up on the Session ID's.

In my Case it was 2 outside connections during my TeamViewer Session with a friend.
Both attempted to access my computer and my friends computer.
Because I was running an old version of TinySoftware I noticed the connection attempt and noted who and where it was. On the remote system it was only running Sunbelt Personal Firewall which allows TeamViewer to pass without even a challenge.

If I didn't see it for myself I might not have believed it but this is what the person did while I was watching.

They moved the remote mouse to minimize the screens to display the TeamViewer information. They highlighted the Session ID and with a Right Click I saw them Copy the session ID. (It was interesting that they didn't use key commands. )

Next I pulled up Notepad and typed "WHO ARE YOU?"
They minimized it and went to the machine name.
I restarted the remote computer before they could continue.

This experience had me up in arms and deleted the TeamViewer from all my systems and emailed my friend to remove it.

The weak link is their own server which has to be the way they knew about the connected computers.

Good luck if you still use it. I would recommend getting a firewall that blocks TeamViewer that allows you to select a single IP address. With that you can control just how many others connect during your session. But unless both computers have the same firewall strength one of you might not be safe.

in reference to: http://www.xtremecomputer.com/articles/view_article.asp?v=59 (view on Google Sidewiki)
Posted by at No comments:
Subscribe to: Posts (Atom)