So the security team at SpiderLabs have uncovered a security breach affecting cash machines currently running on Windows XP. Basically some malware allows the attacker to gain complete control over the cash machine and extract tracking data, PIN numbers, and to add insult to injury the hard cash as well!

Basically once the machine has been infected, which apparently needs to be done manually suggesting insiders are involved, the attacker can return to the infected machine at any time later and extract the information using a special trigger card, where they can then print out the required information to the built in receipt printer before telling the machine to chuck out some cash.

Ok, so only around 20 or so machines have reportedly been compromised at the moment but I would imagine it’s only a matter of time before this is happening to Windows XP powered machines around the world.

I find it amusing we’re using Windows XP on cash machines anyway, especially considering Microsoft already moved XP from mainstream support to it’s “extended support”  phase in April this year, (although they will still provide security related updates through to 2014). Cash machines should have a dedicated proprietory OS rather than use one of the most targeted platforms for malware. What next, Windows based life support machines?

Anyone who has forgotten the admin password for a Windows system will tell you that its a pain to get back into. Unless you have a bit of know-how, some might say impossible.

One way of doing it for example would be to use the free program NTFS4DOS, which allows you to access the files and folders of NTFS partitions from a DOS boot disk (without loading up Windows itself). This means you can access the SAM file without logging in, copy it to another working system and use a brute-force attempt to crack the local admin password. This can take a long time however, typically at least an hour or two, and depending on the strength of the password may take considerably longer.

Perhaps a much better way to do this would be to edit to the password directly in the SAM file and change it to one you know. That way you avoid the brute-force attack. Let me share with you a very clever program that somebody has written called the Offline NT Password & Registry Editor which can do just that.

Simply go to the website below, download the CD ISO image and burn to a blank CD. Boot up your Windows PC with this CD in the drive and you’ll get into a Linux OS with the required bits and pieces included to read in the SAM from your Windows partition, and through a number of questions that you’ll be hand-held through, you can reset the local admin password in a matter of a couple of minutes (less once you are familiar with the procedure).

This has saved me a lot of work plenty of times, and in fact I now carry the ISO around with me on the USB flash stick on my key ring.

One thing to note is that you must shut down the PC cleanly before you use this utility, otherwise it can’t write back to the SAM file succefully. If you get an error saying it failed to do this, simply reboot into windows and then click the shutdown option on the login screen before trying again.

Here’s the link… enjoy.

http://home.eunet.no/%7Epnordahl/ntpasswd/

I’ve been looking into a way to provide a safer environment at home for my kids to use the Internet. There are a number of products that have been around for years that you pay for; NetNanny, CyberPatrol, etc but I just thought I’d make you aware of a few other things I have found that you might like to try.

At the time of writing this all are completely free.

1. K9 Web Protection.

A small application that you install on your child’s PC that runs as a service in the background, and forces all web traffic through its own internal proxy service. You can configure it block websites based on categories, (60 in all; illegal drugs, pornography, firearms, etc). You can also provide time restrictions.

You do need to register on the site for a free serial number but you only have to provide your name and your email address.

http://www1.k9webprotection.com/

2. Chat Shield

This one is about Instant messaging, and allows you to restrict who is allowed to contact your kids over IM. The registration process isn’t simple, because it relies on a system called NetIDme and as a parent you may have to carry out a postal registration if the online check doesn’t work for you. (It didn’t for me for some reason). In that case you need to get a professional person that knows you to countersign your application.

However once it’s all set up you can create a list of allowed email addresses of people that are allowed to communicate with your child over IM. This list can be set up individually for multiple children also. Your children cannot add new people to their contacts list without your intervention.

It also has the ability to save all the chat logs to a central place which you can review later if you so wish.

http://www.chatshield.com/

3. Microsoft OneCare Family Safety

The last one is an offering from MS and supports similar features to both of the products above in one package; both web filtering and IM restrictions. Basically you create a MS “passport” (what MS calls a login) and then register on the Family Safety site as “A Parent”. You can then create passports for your children and individually set web filtering based on categories or block/white lists, and also restrict who they can chat with in IM.

You need to install the MS Family Safety program onto each computer that your child uses but once set up you can manage the rules and contact lists from anywhere centrally using the MS website. This includes being able to see reports about which sites your children have been visiting, and also the capability of subsequently allowing or blocking those sites from within the user interface.

I’d point out that if you have Vista there is built in functionality for this also.

http://www.microsoft.com/protect/products/family/onecarefami…

Remember, that Internet safety for your children is as much about education as it is about monitoring and restriction and you shouldn’t rely wholly on any of the products above.

Finally here’s a site with a number of podcasts about Internet Security focusing mainly on the online safety of children. Podcast topics include;

What are your kids finding on the Internet?
Content and Filtering
Safe and Responsible Surfing
Chat Rooms and Instant Messaging
Parenting Guidelines
Online Predators

http://www.internetsafetypodcast.com/

I hope you find this useful.