Monday, October 14, 2013

China Still Owes $100 Million in American Debts And Refuses To Pay

Charlotte, N.C. – Oct. 15, 2013 – A North Carolina-based manufacturer is calling foul today over inflammatory statements Chinese leaders made in U.S. media outlets Monday that demanded an immediate resolution to government debt ceiling discussions while China still owes hundreds of millions of dollars to American-owned businesses.

http://www.chem.info/news/2013/10/china-still-owes-100-million-american-debts-and-refuses-pay#.UlydE1Ckp-c


#NCFraud

China Still Owes $100 Million in American Debts And Refuses To Pay

Charlotte, N.C. – Oct. 15, 2013 – A North Carolina-based manufacturer is calling foul today over inflammatory statements Chinese leaders made in U.S. media outlets Monday that demanded an immediate resolution to government debt ceiling discussions while China still owes hundreds of millions of dollars to American-owned businesses.

http://www.chem.info/news/2013/10/china-still-owes-100-million-american-debts-and-refuses-pay#.UlydE1Ckp-c


#NCFraud

New Microsoft Vulnerabilities



Microsoft -- .Net Framework The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5, allow remote attackers to execute arbitrary code via a crafted OpenType font (OTF) file, aka "OpenType Font Parsing Vulnerability." 2013-10-09 9.3 CVE-2013-3128

Microsoft -- windows_7 The DSA_InsertItem function in Comctl32.dll in the Windows common control library in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted value in an argument to an ASP.NET web application, aka "Comctl32 Integer Overflow Vulnerability." 2013-10-09 10.0 CVE-2013-3195

Microsoft -- windows_7 The USB drivers in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Windows USB Descriptor Vulnerability." 2013-10-09 7.2 CVE-2013-3200

Microsoft -- .Net Framework Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly parse a DTD during XML digital-signature validation, which allows remote attackers to cause a denial of service (application crash or hang) via a crafted signed XML document, aka "Entity Expansion Vulnerability." 2013-10-09 7.8 CVE-2013-3860

Microsoft -- .Net Framework Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 allows remote attackers to cause a denial of service (application crash or hang) via crafted character sequences in JSON data, aka "JSON Parsing Vulnerability." 2013-10-09 7.8 CVE-2013-3861

Microsoft -- Internet Explorer Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." 2013-10-09 9.3 CVE-2013-3871

Microsoft -- Internet Explorer Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3873, CVE-2013-3882, and CVE-2013-3885. 2013-10-09 9.3 CVE-2013-3872

Microsoft -- Internet Explorer Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3872, CVE-2013-3882, and CVE-2013-3885. 2013-10-09 9.3 CVE-2013-3873

Microsoft -- Internet Explorer Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." 2013-10-09 9.3 CVE-2013-3874

Microsoft -- Internet Explorer Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." 2013-10-09 9.3 CVE-2013-3875

Microsoft -- windows_7 Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Use After Free Vulnerability." 2013-10-09 7.2 CVE-2013-3879

Microsoft -- windows_7 win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows local users to gain privileges via a crafted application, aka "Win32k NULL Page Vulnerability." 2013-10-09 7.2 CVE-2013-3881

Microsoft -- Internet Explorer Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3872, CVE-2013-3873, and CVE-2013-3885. 2013-10-09 9.3 CVE-2013-3882

Microsoft -- Internet Explorer Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3872, CVE-2013-3873, and CVE-2013-3882. 2013-10-09 9.3 CVE-2013-3885

Microsoft -- Internet Explorer Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." 2013-10-09 9.3 CVE-2013-3886

Microsoft -- windows_7 dxgkrnl.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "DirectX Graphics Kernel Subsystem Double Fetch Vulnerability." 2013-10-09 7.2 CVE-2013-3888

Microsoft -- excel Microsoft Excel 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; Office Compatibility Pack SP3; and Excel Services and Word Automation Services in SharePoint Server 2013 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Excel Memory Corruption Vulnerability." 2013-10-09 9.3 CVE-2013-3889

Microsoft -- excel Microsoft Excel 2007 SP3, Excel Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Excel Memory Corruption Vulnerability." 2013-10-09 9.3 CVE-2013-3890

Microsoft -- word Microsoft Word 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Memory Corruption Vulnerability." 2013-10-09 9.3 CVE-2013-3891

Microsoft -- word Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Memory Corruption Vulnerability." 2013-10-09 9.3 CVE-2013-3892

Microsoft -- windows_7 The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a crafted CMAP table in a TrueType font (TTF) file, aka "TrueType Font CMAP Table Vulnerability." 2013-10-09 9.3 CVE-2013-3894


Microsoft -- Internet Explorer Use-after-free vulnerability in the CDisplayPointer class in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JavaScript code that uses the onpropertychange event handler, as exploited in the wild in September and October 2013, aka "Internet Explorer Memory Corruption Vulnerability." 2013-10-09 9.3 CVE-2013-3897

New Microsoft Vulnerabilities



Microsoft -- .Net Framework The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5, allow remote attackers to execute arbitrary code via a crafted OpenType font (OTF) file, aka "OpenType Font Parsing Vulnerability." 2013-10-09 9.3 CVE-2013-3128

Microsoft -- windows_7 The DSA_InsertItem function in Comctl32.dll in the Windows common control library in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted value in an argument to an ASP.NET web application, aka "Comctl32 Integer Overflow Vulnerability." 2013-10-09 10.0 CVE-2013-3195

Microsoft -- windows_7 The USB drivers in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Windows USB Descriptor Vulnerability." 2013-10-09 7.2 CVE-2013-3200

Microsoft -- .Net Framework Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly parse a DTD during XML digital-signature validation, which allows remote attackers to cause a denial of service (application crash or hang) via a crafted signed XML document, aka "Entity Expansion Vulnerability." 2013-10-09 7.8 CVE-2013-3860

Microsoft -- .Net Framework Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 allows remote attackers to cause a denial of service (application crash or hang) via crafted character sequences in JSON data, aka "JSON Parsing Vulnerability." 2013-10-09 7.8 CVE-2013-3861

Microsoft -- Internet Explorer Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." 2013-10-09 9.3 CVE-2013-3871

Microsoft -- Internet Explorer Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3873, CVE-2013-3882, and CVE-2013-3885. 2013-10-09 9.3 CVE-2013-3872

Microsoft -- Internet Explorer Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3872, CVE-2013-3882, and CVE-2013-3885. 2013-10-09 9.3 CVE-2013-3873

Microsoft -- Internet Explorer Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." 2013-10-09 9.3 CVE-2013-3874

Microsoft -- Internet Explorer Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." 2013-10-09 9.3 CVE-2013-3875

Microsoft -- windows_7 Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Use After Free Vulnerability." 2013-10-09 7.2 CVE-2013-3879

Microsoft -- windows_7 win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows local users to gain privileges via a crafted application, aka "Win32k NULL Page Vulnerability." 2013-10-09 7.2 CVE-2013-3881

Microsoft -- Internet Explorer Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3872, CVE-2013-3873, and CVE-2013-3885. 2013-10-09 9.3 CVE-2013-3882

Microsoft -- Internet Explorer Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3872, CVE-2013-3873, and CVE-2013-3882. 2013-10-09 9.3 CVE-2013-3885

Microsoft -- Internet Explorer Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." 2013-10-09 9.3 CVE-2013-3886

Microsoft -- windows_7 dxgkrnl.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "DirectX Graphics Kernel Subsystem Double Fetch Vulnerability." 2013-10-09 7.2 CVE-2013-3888

Microsoft -- excel Microsoft Excel 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; Office Compatibility Pack SP3; and Excel Services and Word Automation Services in SharePoint Server 2013 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Excel Memory Corruption Vulnerability." 2013-10-09 9.3 CVE-2013-3889

Microsoft -- excel Microsoft Excel 2007 SP3, Excel Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Excel Memory Corruption Vulnerability." 2013-10-09 9.3 CVE-2013-3890

Microsoft -- word Microsoft Word 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Memory Corruption Vulnerability." 2013-10-09 9.3 CVE-2013-3891

Microsoft -- word Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Memory Corruption Vulnerability." 2013-10-09 9.3 CVE-2013-3892

Microsoft -- windows_7 The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a crafted CMAP table in a TrueType font (TTF) file, aka "TrueType Font CMAP Table Vulnerability." 2013-10-09 9.3 CVE-2013-3894


Microsoft -- Internet Explorer Use-after-free vulnerability in the CDisplayPointer class in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JavaScript code that uses the onpropertychange event handler, as exploited in the wild in September and October 2013, aka "Internet Explorer Memory Corruption Vulnerability." 2013-10-09 9.3 CVE-2013-3897

Thursday, October 10, 2013

First Local Security Conference Thoughts A+ For the Association

OK, today I attended my first North Carolina Banks Association information security meeting.
First off I was a little excited, I have been to CarolinaCon, DefCon, BlackHat and many more.  I knew this wasn't going to be just like those or anywhere close to them. 

I was just happy to get out of my office with and speak with others in my line of work and learn some new things.  I did, we had two or three speakers that made the whole time worth it. I would also to include the staff and such that put it together many thanks to you and your efforts for the chance to go.

What I am about to say has nothing to do with my employer or any representations of my work place.  Hell my boss drove me there, don’t tell him but I enjoyed his company.

I would like to say that 85% of the information that came out was good advice for keeping up with standards, new applications, even new tech to semi proactive subjects.

I would have to say most of us geeks get no time together and speak and reach out with other IT people in our field. You want us to come up with the solutions for the work place and be able to prevent the circumvent hackers/blackhats or at least have plans in place with policies to handle certain emergency’s. You know we are no different than your Sales, Management Teams, and etc. It just seems like we are last at the line for any gatherings to where we feel comfortable and can speak and dress like we want too in a relaxed environment to exchange ideas and new information.













IT is incorporated with Geeks, Nerds, Strangers, etc.  that have a strange understanding of technology that no one else does “No this is not a manifesto LOL” and I am fine with that. I am so lucky to have a work place that semi-understands this.  A real IT person that is in his/her prime that will take any mission on solo or not, they have gaming, brute forcing, and dropping honey boxes to see what happens when so to speak the Baking Soda hits the Vinegar, or builds a giant Tesla Coil just to watch what happens. 
It is the love of technology that drives us. Yes 50% of us are white hats trying to learn as much as we can. If you really want us at the top of the technology then help us by taking time to realize we might not make you cold hard cash, but we keep you losing billions.

I hope I get a chance next year to go; I would rather speak though for the simple reason of miss information on the latest technology and scams. I have several ideas on building of information sharing without everyone having to spend out a ton of money while we have up to date information at the same time.

One more thing I did not hear one thing about Fuzzing or the Crime Origination’s hiring black-hats selling software to create major SDK structures for selling on the black market just to take advantage of wires, ach’s or even id theft.  Heck they even left out Lulzsec. This was the damaging effort of the DDoS attacks for Op’s Operations via Occupy.  Also mention of Syslogging for free to see if someone is protecting your IDS/ASA/LDAP system which is free Open source projects.

Example, 1 Module New Business Plan for Organized Crime Industry.


First Local Security Conference Thoughts A+ For the Association

OK, today I attended my first North Carolina Banks Association information security meeting.
First off I was a little excited, I have been to CarolinaCon, DefCon, BlackHat and many more.  I knew this wasn't going to be just like those or anywhere close to them. 

I was just happy to get out of my office with and speak with others in my line of work and learn some new things.  I did, we had two or three speakers that made the whole time worth it. I would also to include the staff and such that put it together many thanks to you and your efforts for the chance to go.

What I am about to say has nothing to do with my employer or any representations of my work place.  Hell my boss drove me there, don’t tell him but I enjoyed his company.

I would like to say that 85% of the information that came out was good advice for keeping up with standards, new applications, even new tech to semi proactive subjects.

I would have to say most of us geeks get no time together and speak and reach out with other IT people in our field. You want us to come up with the solutions for the work place and be able to prevent the circumvent hackers/blackhats or at least have plans in place with policies to handle certain emergency’s. You know we are no different than your Sales, Management Teams, and etc. It just seems like we are last at the line for any gatherings to where we feel comfortable and can speak and dress like we want too in a relaxed environment to exchange ideas and new information.













IT is incorporated with Geeks, Nerds, Strangers, etc.  that have a strange understanding of technology that no one else does “No this is not a manifesto LOL” and I am fine with that. I am so lucky to have a work place that semi-understands this.  A real IT person that is in his/her prime that will take any mission on solo or not, they have gaming, brute forcing, and dropping honey boxes to see what happens when so to speak the Baking Soda hits the Vinegar, or builds a giant Tesla Coil just to watch what happens. 
It is the love of technology that drives us. Yes 50% of us are white hats trying to learn as much as we can. If you really want us at the top of the technology then help us by taking time to realize we might not make you cold hard cash, but we keep you losing billions.

I hope I get a chance next year to go; I would rather speak though for the simple reason of miss information on the latest technology and scams. I have several ideas on building of information sharing without everyone having to spend out a ton of money while we have up to date information at the same time.

One more thing I did not hear one thing about Fuzzing or the Crime Origination’s hiring black-hats selling software to create major SDK structures for selling on the black market just to take advantage of wires, ach’s or even id theft.  Heck they even left out Lulzsec. This was the damaging effort of the DDoS attacks for Op’s Operations via Occupy.  Also mention of Syslogging for free to see if someone is protecting your IDS/ASA/LDAP system which is free Open source projects.

Example, 1 Module New Business Plan for Organized Crime Industry.


Funny Phishing Post of the Day

FAKE EMAIL DO NOT USE

UN/ WORLD BANK COMPENSATION
PAYMENT UNIT
3 WHITEHALL COURT
LONDON, SW1A 2EL.
UNITED KINGDOM
Respected Beneficiary,
RE: UNITED NATIONS/ WORLD BANK COMPENSATION PAYMENT GBP 950,000.00
The United Nations Compensation Commission in Affiliation with the World Bank is using this medium to compensate all Victims of Natural Disaster and those Lottery winners who have not yet received their winning prizes/compensations due to corrupt officials of the lottery payment department. We have received so many complain about the widespread corruption and irregularities within the officials both in Government and Banking sector and within the Lottery organization. So many Lucky winners of the UK National Lottery, Irish Lottery, Coca Cola Lottery, FIFA World cup Lottery, Microsoft/Yahoo Lottery, Common Wealth Lottery, Shell Petroleum Lottery and Euro Million Lotteries have not received their winning prizes and compensations up till now.
The United Nation Compensation Commission is receiving a direct support from the World Bank and the United Kingdom government to compensate all Lottery winners and Victims of Natural Disaster who have not yet received their winning prizes/compensations due to corrupt officials in the Lottery organization and corrupt delivery agents who were suppose to deliver the winning prizes to the lucky winners. In most cases, these corrupt officials have diverted the lottery prizes into their own personal bank accounts. After the last auditing carried out by the United Nations senior auditors, we discovered that 58 % of lottery winners and Victims of Natural Disaster did not receive their winning compensations. After series of investigations, we discovered that some corrupt officials within the Lottery organization have diverted the lottery compensation into their own personal account.
The United Nations Compensation Commission is using this medium to apologize to all lottery winners and Victims of Natural Disaster who have not received their winning compensations. Your name and e-mail address appeared among the list of lottery winners/beneficiaries who have not yet received their winning compensations. Therefore, we are compensating you with the sum of GBP 950,000.00 Great British Pounds Sterling.
To claim your compensation fund you must stop any further communication with any office/ individuals and contact the Central Bank of India known as Reserve Bank of India through the help of British legal administrator under British High Commission India.
Please contact British administrator under British High Commission who is currently in India through his email address below so that he will help you to speed up the official procedure with the Reserve Bank of India as we have already told him about you.
THE PRINCIPALE ATTORNEY
BRITISH ACCREDITED ATTORNEY
SHANTIPATH CHANAKYAPURI
NEW DELHI - 110021
OFFICE HOURS: 0900-1700 HRS
CONTACT PERSON:  HON. BARRISTER ANTHONY COLLINS
PHONE NUMBER: 91-8377952174
You have to provide them with your information as stated below:
Your full Name:
 Home address:
Occupation:
Age and Sex:
 Contact Mobile Phone Number:
Regards,
Mrs. Patricia Williams
Coordinator

Funny Phishing Post of the Day

FAKE EMAIL DO NOT USE

UN/ WORLD BANK COMPENSATION
PAYMENT UNIT
3 WHITEHALL COURT
LONDON, SW1A 2EL.
UNITED KINGDOM
Respected Beneficiary,
RE: UNITED NATIONS/ WORLD BANK COMPENSATION PAYMENT GBP 950,000.00
The United Nations Compensation Commission in Affiliation with the World Bank is using this medium to compensate all Victims of Natural Disaster and those Lottery winners who have not yet received their winning prizes/compensations due to corrupt officials of the lottery payment department. We have received so many complain about the widespread corruption and irregularities within the officials both in Government and Banking sector and within the Lottery organization. So many Lucky winners of the UK National Lottery, Irish Lottery, Coca Cola Lottery, FIFA World cup Lottery, Microsoft/Yahoo Lottery, Common Wealth Lottery, Shell Petroleum Lottery and Euro Million Lotteries have not received their winning prizes and compensations up till now.
The United Nation Compensation Commission is receiving a direct support from the World Bank and the United Kingdom government to compensate all Lottery winners and Victims of Natural Disaster who have not yet received their winning prizes/compensations due to corrupt officials in the Lottery organization and corrupt delivery agents who were suppose to deliver the winning prizes to the lucky winners. In most cases, these corrupt officials have diverted the lottery prizes into their own personal bank accounts. After the last auditing carried out by the United Nations senior auditors, we discovered that 58 % of lottery winners and Victims of Natural Disaster did not receive their winning compensations. After series of investigations, we discovered that some corrupt officials within the Lottery organization have diverted the lottery compensation into their own personal account.
The United Nations Compensation Commission is using this medium to apologize to all lottery winners and Victims of Natural Disaster who have not received their winning compensations. Your name and e-mail address appeared among the list of lottery winners/beneficiaries who have not yet received their winning compensations. Therefore, we are compensating you with the sum of GBP 950,000.00 Great British Pounds Sterling.
To claim your compensation fund you must stop any further communication with any office/ individuals and contact the Central Bank of India known as Reserve Bank of India through the help of British legal administrator under British High Commission India.
Please contact British administrator under British High Commission who is currently in India through his email address below so that he will help you to speed up the official procedure with the Reserve Bank of India as we have already told him about you.
THE PRINCIPALE ATTORNEY
BRITISH ACCREDITED ATTORNEY
SHANTIPATH CHANAKYAPURI
NEW DELHI - 110021
OFFICE HOURS: 0900-1700 HRS
CONTACT PERSON:  HON. BARRISTER ANTHONY COLLINS
PHONE NUMBER: 91-8377952174
You have to provide them with your information as stated below:
Your full Name:
 Home address:
Occupation:
Age and Sex:
 Contact Mobile Phone Number:
Regards,
Mrs. Patricia Williams
Coordinator

Sunday, August 25, 2013

How To Create a VMWare Helpdesk Quick and Easy

First download Ubuntu Server. http://www.ubuntu.com/download/server Next download Hesk Helpdesk Software (It is free but I suggest donating or buying a web server license) http://www.hesk.com/
Now you will need VMWare to create a Virtual Machine. Use the quick server creator it does everything for you so you can let it install while you do other things.

When the server install is finished login to the server and put in the command ubuntu@root: sudo apt-get update. Then ubuntu@root: sudo apt-get upgrade. When the updates are finished restart the vmware image. Log back into the server and type ubuntu@root: sudo tasksel here you will see a list of server types to install. Select LAMP Server. Then reboot after the install keep in mind you will need to put in a password for the mysql admin account

You might need an ftp server sometimes it doesn't auto install with LAMP. I use ftpd, so you will need to ubuntu@root: sudo apt-get install ftpd. Then I suggest to restart the host again this way you know if you have an issue with the server. One step at a time, I have found doing steps it is easier to keep up with in case something goes corrupt or has a bad install.

When the server comes back up login and cd .. down to the last directory. Then go to /var/.  ubuntu@root: chmod 777 www. That allows the server default web directory to be writable. Keep in mind you might want to adjust permissions when this is completed.

OK, from your windows or linux machine ftp to the ip address that it gets assigned. Unzip the directory that you downloaded from Hesk. Upload the files to your /var/www directory. I would also change the permissions again. chmod 777 /www. This makes the files you ftped write and replaceable.

Open a web browser go to "http://192.168.0.2/admin" this will allow you to configure the install of the helpdesk. Or whatever your ip address for the vmware server.

After the install you should be ready to go. Make sure to adjust the permissions that you made changes too. Also make sure to check for updates for the server and Hesk.

If you do not have VMWare you can find several vm images and just download the player, or a physical server.

I will post adjustments and the finer points of an install like this later on. This is a quick and dirty way to get it started.

-Gary



How To Create a VMWare Helpdesk Quick and Easy

First download Ubuntu Server. http://www.ubuntu.com/download/server Next download Hesk Helpdesk Software (It is free but I suggest donating or buying a web server license) http://www.hesk.com/
Now you will need VMWare to create a Virtual Machine. Use the quick server creator it does everything for you so you can let it install while you do other things.

When the server install is finished login to the server and put in the command ubuntu@root: sudo apt-get update. Then ubuntu@root: sudo apt-get upgrade. When the updates are finished restart the vmware image. Log back into the server and type ubuntu@root: sudo tasksel here you will see a list of server types to install. Select LAMP Server. Then reboot after the install keep in mind you will need to put in a password for the mysql admin account

You might need an ftp server sometimes it doesn't auto install with LAMP. I use ftpd, so you will need to ubuntu@root: sudo apt-get install ftpd. Then I suggest to restart the host again this way you know if you have an issue with the server. One step at a time, I have found doing steps it is easier to keep up with in case something goes corrupt or has a bad install.

When the server comes back up login and cd .. down to the last directory. Then go to /var/.  ubuntu@root: chmod 777 www. That allows the server default web directory to be writable. Keep in mind you might want to adjust permissions when this is completed.

OK, from your windows or linux machine ftp to the ip address that it gets assigned. Unzip the directory that you downloaded from Hesk. Upload the files to your /var/www directory. I would also change the permissions again. chmod 777 /www. This makes the files you ftped write and replaceable.

Open a web browser go to "http://192.168.0.2/admin" this will allow you to configure the install of the helpdesk. Or whatever your ip address for the vmware server.

After the install you should be ready to go. Make sure to adjust the permissions that you made changes too. Also make sure to check for updates for the server and Hesk.

If you do not have VMWare you can find several vm images and just download the player, or a physical server.

I will post adjustments and the finer points of an install like this later on. This is a quick and dirty way to get it started.

-Gary



Sunday, August 11, 2013

Systems Administration and the Social Enviorment

Well I have seen a few issues in my career over these past 18 years with socializing and being a good Administrator.

A fine line is drawn in the sand between a good manager and the employees. Yes you can be friends, but you need to keep a bit of respect so you can properly complete your job.

System Admins have a similar issue, but it is not really due to a respect ideal more of a abuse issue. If your best friend or close friend does something against policy are you going to report it? I know I am because I keep that fine line in the sand. I am not trying to be a sour puss or an kiss up, I have my career to protect.

The company you work for has hired you to complete a task and they are trusting you with it, please respect that try to keep everyone on the same level when you review logs.


-Gary

Systems Administration and the Social Enviorment

Well I have seen a few issues in my career over these past 18 years with socializing and being a good Administrator.

A fine line is drawn in the sand between a good manager and the employees. Yes you can be friends, but you need to keep a bit of respect so you can properly complete your job.

System Admins have a similar issue, but it is not really due to a respect ideal more of a abuse issue. If your best friend or close friend does something against policy are you going to report it? I know I am because I keep that fine line in the sand. I am not trying to be a sour puss or an kiss up, I have my career to protect.

The company you work for has hired you to complete a task and they are trusting you with it, please respect that try to keep everyone on the same level when you review logs.


-Gary

Thursday, August 8, 2013

Simple LDAP Error Fix (MFP Device)

If you are like me you are around multifunction devices on Windows Domains a lot. I had a strange issue pop up that I over thought.

We made a user account that is limited for the scanned or email distribution on the network "If you don't you need one and limit security issues"

Anyway all the devices one by one stopped working so I was looking into every server trying to figure out what service or server was giving bad LDAP information. It was as simple as the account locking itself out. So I spent 20 minutes figuring out my GPO locked my printer user account. So start with the simple things first. "Hand Slap to Head"


-Gary

Simple LDAP Error Fix (MFP Device)

If you are like me you are around multifunction devices on Windows Domains a lot. I had a strange issue pop up that I over thought.

We made a user account that is limited for the scanned or email distribution on the network "If you don't you need one and limit security issues"

Anyway all the devices one by one stopped working so I was looking into every server trying to figure out what service or server was giving bad LDAP information. It was as simple as the account locking itself out. So I spent 20 minutes figuring out my GPO locked my printer user account. So start with the simple things first. "Hand Slap to Head"


-Gary

Thursday, August 1, 2013

Network Malware Scanner - False Positive

I ran into an issue scanning for malware with EMCO Network Malware Scanner. It is a great tool for a quick scan, but I did run into a false positive with it. I turned it into them.

I run ESET Nod on our systems and the scanner was showing infections. After inspecting the findings it was hitting on a registry key for Nod. This is just a heads up if anyone else see's this warning.

1 DOMAINNAME
127.0.0.1
NMC.WORM.WIN32.NUQEL.FEQ
WORM
3 [REGKEY_HKLM_EXISTS] : \SYSTEM\CurrentControlSet\Services\ekrn  

-Gary

Network Malware Scanner - False Positive

I ran into an issue scanning for malware with EMCO Network Malware Scanner. It is a great tool for a quick scan, but I did run into a false positive with it. I turned it into them.

I run ESET Nod on our systems and the scanner was showing infections. After inspecting the findings it was hitting on a registry key for Nod. This is just a heads up if anyone else see's this warning.

1 DOMAINNAME
127.0.0.1
NMC.WORM.WIN32.NUQEL.FEQ
WORM
3 [REGKEY_HKLM_EXISTS] : \SYSTEM\CurrentControlSet\Services\ekrn  

-Gary

Tuesday, July 30, 2013

Bank Systems Always Under Attack

DDoS is Back; 3 Banks Attacked

Experts Analyze Whether There's an al-Qassam Connection
by Tracy Kitten

Three banks last week suffered online banking outages apparently linked to distributed-denial-of-service attacks. But can these outages be traced directly back to Izz ad-Din al-Qassam Cyber Fighters?

http://ddos.inforisktoday.com/ddos-back-3-banks-attacked-a-5951?rf=2013-07-30-eb&elq=bba9b8a219cc401ea518f39618b64804&elqCampaignId=7380



Bank Systems Always Under Attack

DDoS is Back; 3 Banks Attacked

Experts Analyze Whether There's an al-Qassam Connection
by Tracy Kitten

Three banks last week suffered online banking outages apparently linked to distributed-denial-of-service attacks. But can these outages be traced directly back to Izz ad-Din al-Qassam Cyber Fighters?

http://ddos.inforisktoday.com/ddos-back-3-banks-attacked-a-5951?rf=2013-07-30-eb&elq=bba9b8a219cc401ea518f39618b64804&elqCampaignId=7380



Friday, June 28, 2013

Activesync and Domain Users Permissions

I ran into a slight problem setting up a Domain Users iPhone to our Exchange 2007 Server. The client on the iPhone couldn't connect to the server. I thought it was a connection issue but it turns out since I migrated that server from Exchange 2003 to 2007 some of the permissions did not come over.

Make sure that you change the permissions for that Users Account to give the Account Rights to it self. Go into Active Directory Users and Groups, select the user having the issue right click on the account and go to Properties. Click into the Security Tab then click Advance. Add the user with read permissions to there account.

-Gary

Activesync and Domain Users Permissions

I ran into a slight problem setting up a Domain Users iPhone to our Exchange 2007 Server. The client on the iPhone couldn't connect to the server. I thought it was a connection issue but it turns out since I migrated that server from Exchange 2003 to 2007 some of the permissions did not come over.

Make sure that you change the permissions for that Users Account to give the Account Rights to it self. Go into Active Directory Users and Groups, select the user having the issue right click on the account and go to Properties. Click into the Security Tab then click Advance. Add the user with read permissions to there account.

-Gary

Wednesday, June 26, 2013

Remotix Capslock

I just recently received my iPad a few weeks ago, and I needed a application to remote control UltraVNC machines. Remotix was my choice and still is. Make sure you identify the version of VNC you are using or certain keystrokes will not work such as caps locked. When you open Remotix select the server and type at the bottom of the properties select the version instead of Auto-detect. Great product good price. http://nulana.com/


-Gary

Remotix Capslock

I just recently received my iPad a few weeks ago, and I needed a application to remote control UltraVNC machines. Remotix was my choice and still is. Make sure you identify the version of VNC you are using or certain keystrokes will not work such as caps locked. When you open Remotix select the server and type at the bottom of the properties select the version instead of Auto-detect. Great product good price. http://nulana.com/


-Gary

Saturday, April 20, 2013

Bugging out by Vehicle Part 1


Dual Battery Systems
When operating in the outback each battery should be used individually on a daily basis.
When making camp for the night the appropriate drill should be used to ensure that the
alternate battery is fully charged and will start the vehicle in the morning. The battery used for
overnight use [refrigerator, etc.] may go flat.

Fuel
Long-range fuel tanks are an excellent idea but make sure yours is fitted in the approximate
centre of the vehicle between the chassis rails. Use the rear tank first to equalise load. If you
do not have a long-range tank then 20 litre jerry cans are an excellent method of carrying fuel.
If you carry jerry cans make sure they are metal or designed to carry fuel and use tie wire on
all caps to prevent spillage.

Water
Allow 4 to 5 litres of drinking water for each person per day while travelling. If you have a
built in water tank fitted with an external tap it should be fitted with a tap guard and the tap
itself lock-wired when moving.

Emergency PackEnough spare food, water and blankets should be included to allow for any unforeseen delays.
Emergency rations should last at least three days on top of your planned trip. A three-day
emergency pack for each person should consist of –
• 6 ready to eat meals
• 4 litres of water
• Emergency blanket

Vehicle Loading
The loading of the vehicle is critical and the vehicle's centre of gravity kept as low as possible
always. Get in the habit of checking levels whenever you are in the vehicle.

Bugging out by Vehicle Part 1


Dual Battery Systems
When operating in the outback each battery should be used individually on a daily basis.
When making camp for the night the appropriate drill should be used to ensure that the
alternate battery is fully charged and will start the vehicle in the morning. The battery used for
overnight use [refrigerator, etc.] may go flat.

Fuel
Long-range fuel tanks are an excellent idea but make sure yours is fitted in the approximate
centre of the vehicle between the chassis rails. Use the rear tank first to equalise load. If you
do not have a long-range tank then 20 litre jerry cans are an excellent method of carrying fuel.
If you carry jerry cans make sure they are metal or designed to carry fuel and use tie wire on
all caps to prevent spillage.

Water
Allow 4 to 5 litres of drinking water for each person per day while travelling. If you have a
built in water tank fitted with an external tap it should be fitted with a tap guard and the tap
itself lock-wired when moving.

Emergency PackEnough spare food, water and blankets should be included to allow for any unforeseen delays.
Emergency rations should last at least three days on top of your planned trip. A three-day
emergency pack for each person should consist of –
• 6 ready to eat meals
• 4 litres of water
• Emergency blanket

Vehicle Loading
The loading of the vehicle is critical and the vehicle's centre of gravity kept as low as possible
always. Get in the habit of checking levels whenever you are in the vehicle.

Downtime

Sorry for the downtime. I had to adjust some security settings, my fault everything is good now. Surf On.

Downtime

Sorry for the downtime. I had to adjust some security settings, my fault everything is good now. Surf On.

Monday, April 15, 2013

Drobo Mini

I have been a huge fan of Drobo products. I have 3 right now. A Gen1 and i8000's and now they have released the mini Drobo. The review is here.
http://onemansblog.com/2013/01/27/drobo-mini-review/



Drobo Mini

I have been a huge fan of Drobo products. I have 3 right now. A Gen1 and i8000's and now they have released the mini Drobo. The review is here.
http://onemansblog.com/2013/01/27/drobo-mini-review/



Survival by Keeping Information in Control


All great detectives solve crimes by applying deductive reasoning to the clues of the case. Certainly crime-scene evidence and eye-witnesses are of great importance in police work but when one examines the reality of criminal investigations it becomes apparent that without informants, "rats", and confessions the vast majority of crimes would go unsolved.

Police routinely offer cash rewards and set up "hotlines" to entice the acquaintances of criminals to come forward. Once police have a suspect in mind they will attempt to interrogate everyone around him, friends, co-workers, family members. With the use of threats, lies and deceit the police are usually successful in extracting information from these sources. Friends and co-workers will be told that they have been implicated in the crime by the suspect and will be charged along with him unless they tell their side of the story. Family member will be told that the suspect has confessed or that evidence proving his guilt exists and that the police want to act in his "best interests" and the testimony of family members would allow him to "get the help he needs". The suspect’s spouse or intimate partner will be told that during the course of their investigation the police have discovered evidence of the suspect’s infidelity in an attempt to break the unique protective feelings developed in an intimate relationship.

Control of information thus becomes the most vital element in the security of our movement. Information is more valuable than any material resource, it can make you rich or it can send you to the gallows. Even the slightest leak can provide investigators a new lead and they are tenacious especially when confronted with a difficult case. We must assure that no piece of information, no matter how seemingly irrelevant, is transformed from our secret into a law-enforcement resource. How can secrets be kept? How can information be controlled? Ben Franklin once said "Three men can keep a secret, if two of them are dead!"… this is a realistic assessment. We all have our own secrets, a dark deed committed alone, a childhood indiscretion, or a act of foolishness in our past which we shall never reveal to the world. These personal secrets are given a level of protection by us that can never be equaled by the swearing and blood-oaths which protect communal secrets. The truth will come out eventually in nearly every case, the best we can do for our communal secrets is to prolong their revelation for as long as possible. Here are some points to consider in the control of information.

- Share no secret which does not have to be shared. In military terminology this is referred to as the "need to know" and is applied so that each individual is given only enough information to perform the mission required.

- Use "disinformation" in order to confuse and deceive.

- Don't discuss your beliefs in violent action with anyone who is not directly involved in our struggle. Always adhere to non-violence in public.

- When in doubt keep your mouth closed. "It's better to make people think you are ignorant then opening your mouth and remove all doubt"



Survival by Keeping Information in Control


All great detectives solve crimes by applying deductive reasoning to the clues of the case. Certainly crime-scene evidence and eye-witnesses are of great importance in police work but when one examines the reality of criminal investigations it becomes apparent that without informants, "rats", and confessions the vast majority of crimes would go unsolved.

Police routinely offer cash rewards and set up "hotlines" to entice the acquaintances of criminals to come forward. Once police have a suspect in mind they will attempt to interrogate everyone around him, friends, co-workers, family members. With the use of threats, lies and deceit the police are usually successful in extracting information from these sources. Friends and co-workers will be told that they have been implicated in the crime by the suspect and will be charged along with him unless they tell their side of the story. Family member will be told that the suspect has confessed or that evidence proving his guilt exists and that the police want to act in his "best interests" and the testimony of family members would allow him to "get the help he needs". The suspect’s spouse or intimate partner will be told that during the course of their investigation the police have discovered evidence of the suspect’s infidelity in an attempt to break the unique protective feelings developed in an intimate relationship.

Control of information thus becomes the most vital element in the security of our movement. Information is more valuable than any material resource, it can make you rich or it can send you to the gallows. Even the slightest leak can provide investigators a new lead and they are tenacious especially when confronted with a difficult case. We must assure that no piece of information, no matter how seemingly irrelevant, is transformed from our secret into a law-enforcement resource. How can secrets be kept? How can information be controlled? Ben Franklin once said "Three men can keep a secret, if two of them are dead!"… this is a realistic assessment. We all have our own secrets, a dark deed committed alone, a childhood indiscretion, or a act of foolishness in our past which we shall never reveal to the world. These personal secrets are given a level of protection by us that can never be equaled by the swearing and blood-oaths which protect communal secrets. The truth will come out eventually in nearly every case, the best we can do for our communal secrets is to prolong their revelation for as long as possible. Here are some points to consider in the control of information.

- Share no secret which does not have to be shared. In military terminology this is referred to as the "need to know" and is applied so that each individual is given only enough information to perform the mission required.

- Use "disinformation" in order to confuse and deceive.

- Don't discuss your beliefs in violent action with anyone who is not directly involved in our struggle. Always adhere to non-violence in public.

- When in doubt keep your mouth closed. "It's better to make people think you are ignorant then opening your mouth and remove all doubt"



Friday, April 12, 2013

It Finally Came.. Gamo!


Received my Gamo Silent Stalker Air Rifle with IGT, Whisper Technology, 3-9X50 Scope and PBA Platinum Pellets .177 Caliber Today. I must say I love this Air Rifle. It has a lot more power than I was thinking it would have.

Also it lives up to its 1300 fps, my chronograph read 1300-1250 with the Gamo Platinum Ammo. I also purchased the Multi-use Pellet Pack. I plan on giving them each a few runs through it Sunday.
I really suggest finding your right ammo that works the best for your gun and range preferences it will be worth it's weight in gold.

This setup has my gold standard stamp of approval on it, which doesn't mean much but it works for me.

It Finally Came.. Gamo!


Received my Gamo Silent Stalker Air Rifle with IGT, Whisper Technology, 3-9X50 Scope and PBA Platinum Pellets .177 Caliber Today. I must say I love this Air Rifle. It has a lot more power than I was thinking it would have.

Also it lives up to its 1300 fps, my chronograph read 1300-1250 with the Gamo Platinum Ammo. I also purchased the Multi-use Pellet Pack. I plan on giving them each a few runs through it Sunday.
I really suggest finding your right ammo that works the best for your gun and range preferences it will be worth it's weight in gold.

This setup has my gold standard stamp of approval on it, which doesn't mean much but it works for me.

Self Defense without Firearms



Bows and Crossbows

The bow is among the oldest weapons in the world and even the latest, high-tech bows use the same basic principles of the earliest bows. The idea is to silently deliver lethal force at a distance by using elastic energy to propel an arrow at the target. Modern bows are capable of reasonable accuracy and power but require a fair amount of practice to become proficient. Modern crossbows on the other hand, require less training, (they are aimed and fired much like a rifle) are more powerful and are more accurate than bows.

Bows and crossbows can only serve one purpose to and that is assassination. These weapons are capable of operation so quiet it would make a professional, machine shop silencer envious. The killing range of these weapons is quite limited and accuracy is a problem. 50 yards is the absolute maximum effective range but I would suggest less than half that for practical purposes. Hunting tipped arrow or bolts must be used for assassination work, target tips will not produce sufficient penetration. A clean shot to the heart will be necessary to ensure fatality, even a razor tipped arrow can't be counted on to make penetration with a head-shot. Firing a bow or crossbow at a target wearing heavy clothing or who is behind vehicle or building window glass will greatly reduce your chances of success.

A great deal of planing must be used to make the use of bow or crossbow for selective assassination a success. Reloading time is rather slow (faster for bows than crossbows) so a follow up shot probably won't be a possibility… you've got to make your shot count. You will have to make your shot from fairly close range, somewhat like a Silenced .22 LR Rifle.

The large size of arrows and bolts produce a number of possibilities for modified ammunition including poison-filled hypodermic, incendiary or explosive. The use of modified ammunition will greatly increase the versatility of these weapons.


Notes:

  • Choose a bow with at least a 75 Pound draw weight
  • Choose a crossbow with at least a 175 Pound draw weight
  • Select weapons with flat black or camouflage stocks and limbs.
  • Hunting tips must be used for selective protection.
  • Optical sights will increase crossbow accuracy.
  • Modified ammunition will increase the versatility of these weapons.


Air Guns + Slingshots

Pellet guns, BB guns and slingshot are all useful for certain acts of vandalism and sabotage. These types of weapons are widely available and are unlikely to be banned by even the most repressive governments.

Weapons that can be used at a distance with little noise.

Air rifles can be modified to fire poisoned darts or pellets. Only powerful toxins, such as ricin, should be considered for this application. See the poisons section for instructions on producing appropriate toxins.


Knives or Other Close Combat Weapons

A heavy bladed knife with at least a 5" blade is an absolutely essential and universally available tool. You may choose either a single or double-edged blade, according to your preference but be sure its sharp and tough.

When using a knife for sentry removal or selective assassination, approach the target from behind, grab his face and tilt it back. Simultaneously stab the knife into the side of his neck and push in forward. This will sever the arteries and wind pipe. Don't attempt to slash across the throat as this is a more awkward motion and is much less effective. A stabbing wound to a kidney is also very effective but may leave the target able to make quite a scene before dying. Approach the target from behind, grab the shoulder with one hand and stab the knife into the kidney area as deep as it will go with the other hand. Turn the knife sharply it and rip it out. This will leave an wound which will be nearly impossible to close.

The US Army FM 21-150 offers several sentry removal techniques with the combat knife. These two are the most suitable for selective assassination:

Kidney Stab, Throat Cut:

This technique relies on a stab to the kidney to induce immediate shock. The kidney is relatively accessible and by inducing shock with such a stab, the operative has the time to cut the target's throat. The operative completes his stalk and stabs the kidney by pulling the target's balance backward and downward and inserts the knife upward against his weight. The target will possibly gasp at this point, but shock immediately follows. By using the target's body weight that is falling downward and turning, the operative executes a cut across the front of the throat. This completely severs the trachea and carotid arteries.


Nose Pinch, Mouth Grab, Throat Cut:

In this technique, completely pinch off the target's mouth and nose to prevent any outcry. Then cut his throat or stab his subclavian artery. The danger with this technique is that the target can resist until he is killed, although he cannot make a sound.

 If it is necessary to strike the target from the front or if you are in a self-defense situation, keep the knife out of view until you plunge it into the enemy. Use a backhand grip and hide the knife behind your wrist. At the last instant flip it to a front grip and thrust it upwards dead-center into the solar plexus. Pull it down and turn it as you rip it out. The target's guts will spill out along with copious amounts of blood. He will make very little sound if any but you will be soaked with blood.

An ice pick or a similar thrust-only type weapon can be used to produce wounds which will bleed much less than those inflicted by a knife. This is a definite advantage for selective assassination where the operative must make a getaway without being spotted with blood-soaked clothes. The wounds are, however, not nearly as lethal as those produced by a knife. The kidney attack can be made with an ice pick but a direct thrust into the heart or brain will be more likely to produce a fatal wound.

A hammer can be used to produce lethal injuries silently and almost completely bloodlessly. A very hard blow to the head with a standard claw-hammer its almost certain to kill, a follow up blow or two will certainly do the trick. Again an attack from behind will be most effective, strike as hard as you can.

A thin length of strong rope, cod, or even a belt can be used to make a garrote which can be used from behind for silent and bloodless killing. Loops or handles are often added to the garrote in order to increase the effectiveness of the attack. Surprise is absolutely imperative when using one of these weapons.

The following technique is also form the US Army FM 21-150:

The Garrote:

In this technique, use a length of wire, cord, rope, or webbed belt to destroy a target. The operative carefully stalks the target from behind with the garrote ready The garrote is looped over the target's head across the throat and the operative forcefully pulls the target backward as he turns his own body to place his hips in low against the hips of the target. The target's balance is already taken at this point, and the garrote becomes crossed around the target's throat when the turn is made. The target is thrown over the operative's shoulder and killed by strangling or breaking his neck.

This is for informational purposes only.

Self Defense without Firearms



Bows and Crossbows

The bow is among the oldest weapons in the world and even the latest, high-tech bows use the same basic principles of the earliest bows. The idea is to silently deliver lethal force at a distance by using elastic energy to propel an arrow at the target. Modern bows are capable of reasonable accuracy and power but require a fair amount of practice to become proficient. Modern crossbows on the other hand, require less training, (they are aimed and fired much like a rifle) are more powerful and are more accurate than bows.

Bows and crossbows can only serve one purpose to and that is assassination. These weapons are capable of operation so quiet it would make a professional, machine shop silencer envious. The killing range of these weapons is quite limited and accuracy is a problem. 50 yards is the absolute maximum effective range but I would suggest less than half that for practical purposes. Hunting tipped arrow or bolts must be used for assassination work, target tips will not produce sufficient penetration. A clean shot to the heart will be necessary to ensure fatality, even a razor tipped arrow can't be counted on to make penetration with a head-shot. Firing a bow or crossbow at a target wearing heavy clothing or who is behind vehicle or building window glass will greatly reduce your chances of success.

A great deal of planing must be used to make the use of bow or crossbow for selective assassination a success. Reloading time is rather slow (faster for bows than crossbows) so a follow up shot probably won't be a possibility… you've got to make your shot count. You will have to make your shot from fairly close range, somewhat like a Silenced .22 LR Rifle.

The large size of arrows and bolts produce a number of possibilities for modified ammunition including poison-filled hypodermic, incendiary or explosive. The use of modified ammunition will greatly increase the versatility of these weapons.


Notes:

  • Choose a bow with at least a 75 Pound draw weight
  • Choose a crossbow with at least a 175 Pound draw weight
  • Select weapons with flat black or camouflage stocks and limbs.
  • Hunting tips must be used for selective protection.
  • Optical sights will increase crossbow accuracy.
  • Modified ammunition will increase the versatility of these weapons.


Air Guns + Slingshots

Pellet guns, BB guns and slingshot are all useful for certain acts of vandalism and sabotage. These types of weapons are widely available and are unlikely to be banned by even the most repressive governments.

Weapons that can be used at a distance with little noise.

Air rifles can be modified to fire poisoned darts or pellets. Only powerful toxins, such as ricin, should be considered for this application. See the poisons section for instructions on producing appropriate toxins.


Knives or Other Close Combat Weapons

A heavy bladed knife with at least a 5" blade is an absolutely essential and universally available tool. You may choose either a single or double-edged blade, according to your preference but be sure its sharp and tough.

When using a knife for sentry removal or selective assassination, approach the target from behind, grab his face and tilt it back. Simultaneously stab the knife into the side of his neck and push in forward. This will sever the arteries and wind pipe. Don't attempt to slash across the throat as this is a more awkward motion and is much less effective. A stabbing wound to a kidney is also very effective but may leave the target able to make quite a scene before dying. Approach the target from behind, grab the shoulder with one hand and stab the knife into the kidney area as deep as it will go with the other hand. Turn the knife sharply it and rip it out. This will leave an wound which will be nearly impossible to close.

The US Army FM 21-150 offers several sentry removal techniques with the combat knife. These two are the most suitable for selective assassination:

Kidney Stab, Throat Cut:

This technique relies on a stab to the kidney to induce immediate shock. The kidney is relatively accessible and by inducing shock with such a stab, the operative has the time to cut the target's throat. The operative completes his stalk and stabs the kidney by pulling the target's balance backward and downward and inserts the knife upward against his weight. The target will possibly gasp at this point, but shock immediately follows. By using the target's body weight that is falling downward and turning, the operative executes a cut across the front of the throat. This completely severs the trachea and carotid arteries.


Nose Pinch, Mouth Grab, Throat Cut:

In this technique, completely pinch off the target's mouth and nose to prevent any outcry. Then cut his throat or stab his subclavian artery. The danger with this technique is that the target can resist until he is killed, although he cannot make a sound.

 If it is necessary to strike the target from the front or if you are in a self-defense situation, keep the knife out of view until you plunge it into the enemy. Use a backhand grip and hide the knife behind your wrist. At the last instant flip it to a front grip and thrust it upwards dead-center into the solar plexus. Pull it down and turn it as you rip it out. The target's guts will spill out along with copious amounts of blood. He will make very little sound if any but you will be soaked with blood.

An ice pick or a similar thrust-only type weapon can be used to produce wounds which will bleed much less than those inflicted by a knife. This is a definite advantage for selective assassination where the operative must make a getaway without being spotted with blood-soaked clothes. The wounds are, however, not nearly as lethal as those produced by a knife. The kidney attack can be made with an ice pick but a direct thrust into the heart or brain will be more likely to produce a fatal wound.

A hammer can be used to produce lethal injuries silently and almost completely bloodlessly. A very hard blow to the head with a standard claw-hammer its almost certain to kill, a follow up blow or two will certainly do the trick. Again an attack from behind will be most effective, strike as hard as you can.

A thin length of strong rope, cod, or even a belt can be used to make a garrote which can be used from behind for silent and bloodless killing. Loops or handles are often added to the garrote in order to increase the effectiveness of the attack. Surprise is absolutely imperative when using one of these weapons.

The following technique is also form the US Army FM 21-150:

The Garrote:

In this technique, use a length of wire, cord, rope, or webbed belt to destroy a target. The operative carefully stalks the target from behind with the garrote ready The garrote is looped over the target's head across the throat and the operative forcefully pulls the target backward as he turns his own body to place his hips in low against the hips of the target. The target's balance is already taken at this point, and the garrote becomes crossed around the target's throat when the turn is made. The target is thrown over the operative's shoulder and killed by strangling or breaking his neck.

This is for informational purposes only.

Thursday, April 11, 2013

Spring is Coming but the Pollen Beat It

Well it has been a while since I have posted anything. I have had a lot projects that have been taking up my time.
 I am sad to say today though I have to say good bye to a loved one. My Grandmother Stephenson's sister, Ms. Evelyn Lee. She was one of the nicest people I have ever known. She was always giving and never asking for anything in return. She also never married but she was always visiting the family at Sunday lunch. So Aunt Evelyn say hi to Grandpa and Grandma for me. You will be missed and I love you.

Miss Lee was born August 24, 1928 in Johnston County to the late Rufus and Mollie Ryals Lee. She was also preceded in death by a sister, Claudia Stephenson; and brothers, Worth Lee and Bobby Lee. Miss Lee was the office manager for Benton Card Company and was a member of Benson Baptist Church. She also operated Bill’s Frame Shop in Benson.