Tuesday, May 31

Apple's "known bad" Xprotect file is now automatically updated

Very technical term I used there in the subject.. I know.

Apple just released Security Update 2011-003, in which they check for the MacDefender Malware, which I wrote about here.  But the most interesting part of the update is this paragraph:

File Quarantine
Available for:  Mac OS X v10.6.7, Mac OS X Server v10.6.7
Impact:  Automatically update the known malware definitions
Description:  The system will check daily for updates to the File
Quarantine malware definition list. An opt-out capability is provided
via the "Automatically update safe downloads list" checkbox in Security Preferences. Additional information is available in this.
Knowledge Base article: http://support.apple.com/kb/HT4651
Where apparently, Apple has built in an automatic updater to their anti-malware file, in it's most basic form, giving Apple the ability to directly protect their OS against the newest Malware.

If you don't know what I am talking about when I say "anti-malware file"  I suggest you read this post as well.


Please leave comments below.

Friday, May 27

Resolving Flowbit dependancies

I put this blog entry up over on the Snort.org blog this morning.  Figured it might help people answer some questions.  Check it out.

http://blog.snort.org/2011/05/resolving-flowbit-dependancies.html

Please leave comments below.

Sunday, May 15

Speaking Engagements

This past week I was invited to come speak at ISOI9 in Sterling, VA.  The talk seemed to go over rather well, and while I didn't get a lot of questions in the presentation, I got a ton of questions afterwards out in the hall.

This coming week I'll be down at the Richmond Area Virginia Linux User Group.  The coordinators of the group were kind enough to invite me down to talk about Sourcefire and the OpenSource company that we are.

If you are in the Richmond, VA area, be sure and come out!

I have another speaking engagement in August as well, but I'll blog about that when it gets a bit closer to the time.

If you are interested in coming to the meeting this week, it's on Tuesday, May 17th at 6pm.

Register here: http://rvalug.org/content/may-guest-speaker-joel-esler-opensource-community-director-sourcefire-cybersecurity


Please leave comments below.

Locking your screen on OSX

Friend of mine tipped me to this (thanks @englishlfc).  People have asked me in the past about this, basically, how to lock your screen (Start your screen saver) using a keyboard shortcut on OSX.

On Windows you can mash Windows-L and it will lock your screen.  Or Ctrl-alt-del, enter.  (God it pains me to watch people hit Ctrl-Alt-Del and then MOUSE to "Lock Screen"... GRR!!)

My solution in OSX has always been to set my bottom left corner of my screen to "activate screen saver".  Then I could just move my mouse to that corner, and viola, locked screen.

But @englishlfc was looking to the same thing with the keyboard, and there are a ton of ways of doing it in Applescript, but it's even easier with Automator.

So, go open Automator, and select new "Workflow".

You'll get a blank screen that looks like this:


Select "Utilities on the left, and then find "Start Screen Saver" in the next column:


Drag "Start Screen Saver" over to the right:


That's it.  Save it as an "Application" in Documents or Applications.

Then go to System Preferences and set up a Keyboard Shortcut to activate that App:


Simple.

I did it a bit differently.  I used Alfred's new "Global Keyboard Shortcut" functionality to activate the app.


Done.

Maybe this'll help someone.

Want to know how to do this in Applescript?



Please leave comments below.