Archive

Archive for the ‘Programming’ Category

AutoDomain 5.60…

June 14, 2011 10 comments

NOTE – Production-ready version 5.63 (as far as I am aware) is now available on  CTOGoneWild

This version is a real departure from the 5.2 and before series, as I got rid of the dependence on IE for the UI – it was becoming a real pain, with IE trying to display first run screens, telling me it was not installed etc. Generally the IE object was unreliable to say the least.

Instead, I used a whole bunch of HTAs – This is nicer architecturally as each stands alone and can be modified as you see fit, so you can change the UI without changing the logic of the script, plus they run independently so if they crash and burn, again, no problems for the script.

Other than that, there were some more changes to make the “Run On Logon” code asynchronous, so it does not stall the user experience when provisioning them. You can find a full list of changes at the top of the autodomain.vbs script.

Finally, if you enjoy this tool and it saves you a whole bunch of time and effort, you might want to send me something from my Amazon Gift List? Thanks!

You can read more about the current version on my previous blog on this topic.

ToastCache for EEPC/EEM v5

March 28, 2011 1 comment

I finally got around to posting ToastCache to my CTOGoneWild site. This is a simple script which  uses a couple of tricks, and a kludge to force the EEM v5 Name index to rebuild on demand.

The EEM Name Index is one of the most useful performance enhancements you can enable within the product – certainly any database running more than 2000 machines needs it turned on to give reasonable performance.  The Index speeds up Name>ID resolution. Without it, the server has to crawl the entire database searching for an object which matches the name it’s looking for – This means that logging on slows down for new users (they are placed at the end of the db), and also creating new things takes more time (as the DB has to be trawled end-to-end looking to see if the name is already in use).

The index resolves both of these, and more scenarios by maintaining a “bucket list” of hashed names>IDs. Read more…

McAf.ee Launched!

September 21, 2010 1 comment

McAf.ee Secore Short URL ServiceA pet project of mine for a couple of months now, McAfee’s secure-short URL service went through a viral launch last week and has taken flight!

Leveraging McAfee Global Threat Intelligence, McAf.ee lets you create short url’s which are checked against our databases of known spammy, dangerous, malware hosting, bot control etc sites prior to being show. A while ago there was a glut of dangerous short links circulating around Twitter, Facebook etc – this is something McAfee can proactively do to help offer a little more safety in our online lives.

You can create a short URL for any site, but when someone clicks on it, if the site is flagged as dangerous we throw up a warning page to give users a chance to back out before visiting.

This service was created by the McAfee Office of the CTO, which I am part of – the team is charged with looking into and creating innovative test projects, which, if successful can be rolled into the more traditional McAfee Business Units. It means we have a little more freedom to go out on a limb and try new ideas out.

You can find more information, and of course comment and add feature suggestions, or report issues on our forum http://mcaf.ee/about

I’d love to have your feedback, and, as of now I’m proud to say you can find my blog at http://mcaf.ee/simon (smile!).

Update – Larry Magid from CNET NEws called me to interview me about the service, he was very gracious and published a great writeup of the service. He also recorded the interview and made a podcast available. Boy, I hate hearing recordings of myself.

LiveLog – interactive near-real-time Log Monitor

February 17, 2010 4 comments

EPE Log Reader for McAfee Endpoint Encryption v6

February 17, 2010 1 comment

Packing code within code – a HTA exercise in string manipulation

February 16, 2010 Leave a comment

I was working on a HTA tool this week, and to make things easier I wanted to encapsulate another HTA within it – really I just didn’t want to have to send two files to the user, I wanted everything in one, and rather than take the obvious approach of putting them both into a self-extracting zip, I decided to work out how to include the code of File B in File A.

Note – you can find the test files for this article on my companion site, CTOGoneWild

Pretty easy stuff I thought, just split B up into a string, and include a simple routine to write it out to the temp directory

    1 : Dim s : s="Some text to output to a file" &_
    2 :   " which is more than one line and go" &_
    4 :   "es on a bit."
    6 : Dim fso: Set fso = CreateObject("Scripting.filesystemobject")
    8 : fso.createtextfile("test.txt").write s

Read more…

Categories: Programming Tags: , ,

Tools and Utils – Latest Versions

January 1, 2010 Leave a comment

This page is mostly machine readable by my various tools and utilities so they know when to tell you there’s a new version.
But, if you find it interesting, well, all the better.

START: ProductVersionList
Livelog|1.50|10th Feb, 2010|http://wp.me/pyGw9-cd| Asynchronous update notifications
EEPCFSExplorer|1.09|10th Feb 2010|http://mcafee-int.hosted.jivesoftware.com/docs/DOC-1123|Changes to add menus and better error handling\nAsynchronous update notifications
ProductUpdate|9.99|4th Feb, 2010|No URL|Test update text\nwith\na couple of new lines.
EPELogReader|1.12|15th April, 2011|http://simonhunt.wordpress.com/2010/02/17/epe-log-reader-for-mcafee-endpoint-encryption-v6/|Updated to have a built in search for incompatible product messages.
EEFFMigrate|1.01|7th April 2010|http://planet.mcafee.com/docs/DOC-1273|Minor changes to support update notifications
McAf.ee GUI|1.40|19th October 2010|http://mcaf.ee/about|Added ieSpell Support\n\nAdded the ability to enter a block of text, for example if you want to make a tweet and shorten all the links at once\n\nAdded the ability to expand all the links in a block of text
END: ProductVersionList

Categories: Programming

Evil Maid, another nefarious trojan attack..

November 17, 2009 2 comments

Last month Joanna Rutkowska posted a very interesting article showing a practical “Evil Maid” attack against the open-source TrueCrypt FDE product.  The attack is reasonably simple, subvert the pre-boot authentication engine of the full-disk encryption product in question to add a password-sniffing routine, then wait for the unsuspecting user to authenticate to their machine and then retrieve the credentials at a later stage.

Evil Maid is simply hooking the pre-boot code of TrueCrypt and adding a routine to store the users password. Because the TrueCrypt code is quite simple, it’s a relatively easy thing to do, but the attack is theoretically valid regardless of this fact, just the effort to make the hook code increases with the sophistication of the pre-boot environment. Read more…

Hacking Exposed – Son of Scoop.pl

October 6, 2009 Leave a comment

After attending this mornings Hacking Exposed session at McAfee Focus 09, I was inspired to recreate Stuart McClure’s “Scoop.pl” script. I don’t have Python or Pearl installed on my machines, but I do have VBScript, and I do have Primalscript, so it seemed a simple thing to create this useful tool which helps you get the lowdown on what sites are present on a given URL. Read more…

Follow

Get every new post delivered to your Inbox.

Join 176 other followers