It seems that security researchers are now becoming historians.

A pair of security researchers have ‘re-discovered’ a way to hack Vista (and presumably Windows 7)
http://www.blackhat.com/presentations/bh-europe-07/Kumar/Presentation/bh-eu-07-kumar-apr19.pdf
. They have released the concept prior to the Windows 7 launch to goad Microsoft into making some fixes.

I have to say this one definitely made me smile as Int13 was always my favorite interrupt, but I suspect most modern programmers don’t even know what it does – and even worst don’t know the Ralf Brown list (last updated last updated 29-Dec-02, which is way newer than I would have thought!).

Any way for us folks that know Int13 I suspect this ‘approach’ will make you smile – but it is definitely a blast from the past.

Gareth

Well today was the day we needed to fix all of our PCs with internet monitoring software. We had survived so long, but there was one click too far for one of our children that caused the need to come into play.

So being the cheapskate that I am, I had already tried Dans Guardian a year or two ago in conjunction with IPCop. This worked reasonably well but caused me to have another PC warming up my Floridian office – which as most know we are not short of heat here in Florida!

So given I didn’t want to add another device I had a look around the net for other host based offerings, rather than network based. For the difference have a look at the Wikipedia Intrusion Prevention system page and search for ‘host based’ and ‘network’. These concepts also apply to the internet monitoring software as well.

So the first attempt was Microsoft Live Family Safety, since I couldn’t find much detailed information on this I had to just try it to see how effective it actually was. The install was smooth enough, but the downsides for me were:

• Each child/person needed a live ID to alter the allowed profiles
• It didn’t fare very well at all on YouTube (aka failed miserably).
• Very limited configuration options

The big immediate one was that it really only appeared to restrict sites rather than content, obviously an easier thing to implement but not that helpful when dealing with YouTube. So in its favor it was free, but the fact we had to create live id’s for the kids, and it really failed on the YouTube test we had to test the uninstall feature. Which it did very well!

So on to the next one, NetNanny. This one had good reviews on the net, so it seemed the next choice. In addition it had a trial version to allow us to check how effective it was before committing money. Well technically I wouldn’t commit money without knowing how effective it was, it would have just been scrubbed off the list – unless it was personally recommended to me.

So the trial was easy enough, supply a email address and get started. From the get-go it seemed nice and polished, and it successfully blocked the problematic YouTube. The features that it offered were significantly more configurable than the free Microsoft offering. Significantly these were:

• Name a child in configuration, without the need for a live ID
• Link Names to Windows logins (nice and handy for fast user switching)
• Name a child in configuration, without the need for a live ID
• Blocks by content, so passed the YouTube address.
• Extensive configuration options

So it passed all the immediate needs, in addition (which to be fair I think the MS one also allows for) was email notifications of alert behaviors. So if any blocking was performed I would get the email. So after trying a couple of test scenarios it really seemed to block what we needed to be blocked, without blanket cutting out YouTube – which is really a sledge hammer approach.

So now the programmer side in me was interested. Normally I only buy software that I consider to be valuable, and my valuable that means I couldn’t trivially write it my self (or there wasn’t an equivalent Open Source version). This software is definitely valuable – and there is a lot of potential in the software. For the programmers out there, it should be noted the software is subscription rather than buy and forget – but that actually seems a sensible model to follow for this type of software (similar to AV).

So while it was installed on the computers we didnt warn the kids… 9:30 the following morning we got the question “So have you got software on the PC to block sites?”. The email chain in my inbox showed exactly what was blocked and why, and again it did the job! In addition it even seems to lock in at a nice low level even blocking all network access until the user is signed in, so no sneaking stuff in and to be honest the NetNanny team have gone about nearly everything I would have attempted to do my self anyway – so the Buy vs Build in this case for me was a no-brainer. Firstly it did what the box said, secondarily it wasn’t excessively expensive – in fact it was pretty darn reasonable given the capabilities of the software. My congratulations to the NetNanny team. There are no doubt other software solutions/options out there and people are free to comment on their recommendations. However to be clear I dont want to be perceived as disrespecting any OSS solutions as I have the greatest respect for them. However in my case the key benefit was the fact it was a host based system rather than a remote firewall with content filtering, and most OSS solutions are device/Linux based rather than host. NetNanny did the job for a good no-nonsense price, and I can be fairly assured that they will succeed as a company as they have a excellent product offering.

So congratulations and thanks to all those out there helping parents protect the younger ones.

Gareth