NetSec
  corner   



HOME

LINUX

CYBERLAW

VIRTUALIZATION

Bugtraq

Packetstorm

FD

GrokLaw


RSS Feed


Netsec, comsec, infosec and IA news, research and trends

 

8.31.2004

 
Star38 is Planning to Offer Caller ID Spoofing as a Service Starting Next Week

posted by GeeWhiz Tuesday, August 31, 2004

 
Is it cynical to be circumspect about the Direct Marketing Association (paper SPAMmers) and the Business Software Alliance (Microsoft Front) Funding Federal Law Enforcement Operations Like Operation Web Snare?

posted by GeeWhiz Tuesday, August 31, 2004

 
SANS First Wednesday Webcast - Trends in Malware Evolution from Ed Skoudis
Wednesday, September 1, 2004, at 1:00 PM EDT (1700 UTC)

posted by GeeWhiz Tuesday, August 31, 2004

 
The case of Randall Schwartz

posted by Anonymous Tuesday, August 31, 2004

 
Fingerprinting Port 80 Attacks, Part 1
Fingerprinting Port 80 Attacks, Part 2

posted by Anonymous Tuesday, August 31, 2004



8.29.2004

 
Comprehensive Information Assurance Dictionary 3rd Draft (PDF Document)

posted by GeeWhiz Sunday, August 29, 2004

 
RFC 2828: Internet Security Glossary

posted by GeeWhiz Sunday, August 29, 2004



8.28.2004

 
Cisco Security Advisory: Cisco Telnet Denial of Service Vulnerability

posted by GeeWhiz Saturday, August 28, 2004

 
M$ Announces 2006 Target Date for Broad Availability Of Windows "Longhorn" Client Operating System

Microsoft Corp. announced yesterday it will target broad availability of the Windows® client operating system code-named "Longhorn" in 2006, and make key elements of the Windows WinFXTM developer platform in "Longhorn" available for Windows XP and Windows ServerTM 2003.

"Longhorn" will deliver major improvements in user productivity, important new capabilities for software developers, and significant advancements in security, deployment and reliability.

M$ will deliver a Windows storage subsystem, code-named "WinFS," after the "Longhorn" release. The new storage system provides advanced data organization and management capabilities and will be in beta testing when the "Longhorn" client becomes available.

Yesterday’s announcements relate only to the "Longhorn" client operating system. Anticipated availability for the Windows "Longhorn" Server operating system continues to be 2007.

Oh goodie, another unfinished operating system rushed to market. I can't wait.

posted by Brenda Saturday, August 28, 2004



8.27.2004

 
Cisco Security Advisory: Cisco Telnet Denial of Service Vulnerability

A specifically crafted Transmission Control Protocol (TCP) connection to a telnet or reverse telnet port of a Cisco device running Internetwork Operating System (IOS) may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases Hypertext Transport Protocol (HTTP) access to the Cisco device. Telnet, reverse telnet, RSH and SSH sessions established prior to exploitation are not affected.

posted by Brenda Friday, August 27, 2004

 
Raw Sockets Gone in XP SP2: Why?

posted by GeeWhiz Friday, August 27, 2004

 
Phreaknic 8 October 22nd-24th

posted by GeeWhiz Friday, August 27, 2004

 
Hackers target French ISP's site

posted by arkng Friday, August 27, 2004

 
Chinese Virus Engaged in Exam Theft

posted by GeeWhiz Friday, August 27, 2004

 
Wireless Intrusion Detection and Response

posted by GeeWhiz Friday, August 27, 2004

 
Reg Hacks to Bypass the XP SP2 "Firewall"

posted by GeeWhiz Friday, August 27, 2004

 
NetworkTools.com offers Whois and other utils for infogathering (link from Keith)

posted by GeeWhiz Friday, August 27, 2004

 
Wanadoo.fr Hacked. The Irony Abounds. Link from Ron.

posted by GeeWhiz Friday, August 27, 2004



8.26.2004

 
Joe Klein's Phreaknik Presentation on InfoLeakage

posted by Anonymous Thursday, August 26, 2004

 
Materials for Tonight:
Distributed Metastasis: A Network Attack Methodology by Andrew Stewart
NIST 800-42 Guideline on Security Testing
GoogleHacking @ Johnny.Ihackstuff.com

You Posted What?!?!? Open Sources of Information and Public Domain "Hacking"
QuickFacts Census Data
Criminal Background Checks at USSearch
Satellite Maps at TerraServer
Internet Archive: The Wayback Machine
ARIN Whois Query
SamSpade Tools
Defult Wireless Configuration Database
IEEE OUI Assignments
CyberAlert Clipping Service
Surveillance Hardware at Search Systems

posted by GeeWhiz Thursday, August 26, 2004

 

Blue Sniper? More

posted by GeeWhiz Thursday, August 26, 2004

 
The Induce Act Could Ban I-Pods and Other Noninfringing Devices: Watch out: The PC may be next. I recommend expressing your opinions to your representatives in congress.

On another note: Duke University is Going to Give Apple iPods to First-Year Students for Educational Use (link from Keith).

posted by GeeWhiz Thursday, August 26, 2004

 
Remember Randall Schwartz? He was convicted of three felonies for doing what he thought was his job. Be careful. Always get authorization in writing for doing any security testing or assessment. In the authorization document, define exactly what it is that you will do and have two officers or managers of the company sign and date te declaration. Make no assumptions.

posted by GeeWhiz Thursday, August 26, 2004

 
Chaos Computer COnference 21C3: The Usual Suspects

posted by GeeWhiz Thursday, August 26, 2004

 
Multiple Vulnerabilities in Cisco Secure Access Control Server

posted by GeeWhiz Thursday, August 26, 2004



8.25.2004

 
US DoJ Announces Major Cybercrime Crackdown is Funded by the Direct Marketing Association

posted by GeeWhiz Wednesday, August 25, 2004

 
DNA Analysis Spots SPAM

posted by GeeWhiz Wednesday, August 25, 2004

 
Don't fall prey to such hysteria as "Electronic Jihad Live, Thursday, August 26th!!! The sky is falling... b-caawwk!!!"

posted by GeeWhiz Wednesday, August 25, 2004

 
The Rbot-GR Worm Can Enable Webcams to Spy on People

posted by GeeWhiz Wednesday, August 25, 2004



8.24.2004

 
Defacements Archive at Zone.H

posted by Anonymous Tuesday, August 24, 2004

 
Institute for the Advanced Study of Information Warfare

posted by Anonymous Tuesday, August 24, 2004

 
The Art of War

posted by Anonymous Tuesday, August 24, 2004

 
TCP/IP Illustrated in HTML Format

posted by Anonymous Tuesday, August 24, 2004

 
Astaro Linux is a Feature Rich Firewall Product Based on Linux. It now has support for FreeS/WAN VPN's and Snort in an IPS Configuration. It is free for personal use and starts at $400 for commercial applications. Link from Nick

posted by GeeWhiz Tuesday, August 24, 2004



8.21.2004

 
IE Drag and Drop Vulnerability Proof of Concept

posted by GeeWhiz Saturday, August 21, 2004

 
IDAPro4.6 Demo Version

posted by GeeWhiz Saturday, August 21, 2004

 
The Computer History Simulation Project is a loose Internet-based collective of people interested in restoring historically significant computer hardware and software systems by simulation. The goal of the project is to create highly portable system simulators and to publish them as freeware on the Internet, with freely available copies of significant or representative software.

SIMH implements simulators for:

* Data General Nova, Eclipse
* Digital Equipment Corporation PDP-1, PDP-4, PDP-7, PDP-8, PDP-9, PDP-10, PDP-11, PDP-15, VAX
* GRI Corporation GRI-909
* IBM 1401, 1620, 1130, System 3
* Interdata (Perkin-Elmer) 16b and 32b systems
* Hewlett-Packard 2116, 2100, 21MX
* Honeywell H316/H516
* MITS Altair 8800, with both 8080 and Z80
* Royal-Mcbee LGP-30, LGP-21
* Scientific Data Systems SDS 940

posted by GeeWhiz Saturday, August 21, 2004

 
The Digital Forensics Research Workshop took place earlier this month. Check out the papers and presentations.

posted by GeeWhiz Saturday, August 21, 2004

 
The National Software Reference Library (NSRL) provides a repository of known software, file profiles, and file signatures for use by law enforcement and other organizations in computer forensics investigations. Here is a list of the hash signatures that they maintain.

posted by GeeWhiz Saturday, August 21, 2004



8.20.2004

 
HP sets 'good worm' loose. More info here

posted by GeeWhiz Friday, August 20, 2004



8.19.2004

 
The Ponemon Institute conducted a survey at Blackhat, Defcon and elsewhere comparing public opinions on e-voting versus the opinions of security experts. The results were frightening. Here is an article on the survey.



Even more frightening WinVote by Advanced Voting Solutions has been approved for use in the US. It is Windows Based, Communicates with a voting server via 802.11 protocols and uses WEP for security of the voting records! Wow... our democracy is in danger and no one seems to care. Except Rebecca Mercuri who gace the Hack the Vote presentation at Defcon 12.

"Hack the Vote"!

posted by GeeWhiz Thursday, August 19, 2004

 
Cisco Security Advisory: Cisco IOS Malformed OSPF Packet Causes Reload

posted by GeeWhiz Thursday, August 19, 2004



8.18.2004

 
Windows XP SP2 via Automatic Update Postponed

"Microsoft has revised its plans to deliver Windows XP SP2 through the Automatic Updates (AU) delivery mechanism in Windows to give customers more time to plan the rollout of this critical update, or temporarily block the download of Windows XP SP2 to those machines using AU.

Here is the revised delivery schedule of Windows XP SP2:

8/16 - Release to Software Update Services.
8/18 - Release to Automatic Update for users running Windows XP Home Edition only.
8/25 - Release to Automatic Update for all Windows XP users including those running Windows XP Professional Edition; release to Windows Update for interactive user installations."
-- from today's Biweekly TechNet Flash Newsletter

Knowledge Base Article 842242 released yesterday reported almost 50 programs experiencing compatibility problems after SP2 is installed, but who's counting.

M$ has created a tool for network admins to use to block delivery of SP2 to clients via Automatic Updates (AU) and Windows Update (WU) for up to FOUR months. Will it really take them that long to sort out the problems caused by their new SECURITY MINDED Service Pack?

I have been having crash trouble with Office XP Outlook's COM+ Add-in (Norton AntiVirus 2004's AntiSpam) since M$ issued an Security update for Lookout in March. Sending multiple error reports to M$ hasn't moved them to fix it. Symantec support referred me to their support article posted May 25, but they still haven't fixed it. Maybe I should post it to bugtraq. Being overly patient isn't working.

posted by Brenda Wednesday, August 18, 2004

 
Unpatched PC's Compromised in 20 Minutes According to ISC Study. 16 minutes seems almost a bit long. If you are using XP, at least take some of the steps outlined in this SANS document. Wanring: They recommended that you patch with Windows Update promptly. If you patch a live system while connected to the Internet (without some form of firewall in place) the system will be owned before you are done with the first patch.

posted by GeeWhiz Wednesday, August 18, 2004

 
Biometrics Increasingly Used for Authentication and Access Control

posted by GeeWhiz Wednesday, August 18, 2004

 
IEEE Works on Standard to Enhance Embedded Systems Security

posted by GeeWhiz Wednesday, August 18, 2004

 
Blaster.B Teen Pleads Guilty

posted by GeeWhiz Wednesday, August 18, 2004

 
DoJ's Nation Institute for Justice has Published Forensic Examination of Digital Evidence: A Guide for Law Enforcement which complements an earlier report titled Electronic Crime Scene Investigation: A Guide for First Responders

posted by GeeWhiz Wednesday, August 18, 2004



8.17.2004

 
Forum On Risks To The Public In Computers And Related Systems: Moderator Peter G. Neumann

posted by GeeWhiz Tuesday, August 17, 2004

 
Adobe Acrobat/Acrobat Reader ActiveX Control Buffer Overflow Vulnerability

posted by GeeWhiz Tuesday, August 17, 2004



8.16.2004

 
McAfee to acquire Foundstone Inc.

posted by GeeWhiz Monday, August 16, 2004

 
Sp2Torrent.Com was offering a BitTorrent for XP SP2... until the vendor stepped in with a cease and desist order. Other vendors are beginning to look at such legitimate uses for P2P technology to distribute software. The failure to adapt to technological change leaves existing firms completely exposed to unrivaled competition. The tremendous losses of the recording industry came as a direct result of their refusal to provide a viable product in the P2P market space.

posted by GeeWhiz Monday, August 16, 2004



8.15.2004

 
BOFH: How dangerous are your users? from Ron

posted by GeeWhiz Sunday, August 15, 2004

 
Snort 2.2.0 Released

posted by GeeWhiz Sunday, August 15, 2004



8.12.2004

 
Microsoft Windows: A Lower Total Cost of 0wnership from Dave Aitel of ImmunitySec Inc. (A mix of humor and information)

posted by GeeWhiz Thursday, August 12, 2004

 
SecurityFocus Article: Antispam Solutions Part I and Part II

posted by GeeWhiz Thursday, August 12, 2004

 
LIDS 1.2.2.rc2 released

posted by GeeWhiz Thursday, August 12, 2004



8.10.2004

 
Airpwn is an application layer data insertion tool for 802.11 networks

posted by GeeWhiz Tuesday, August 10, 2004

 
Symbian Cell Phone Dialer Trojan

posted by GeeWhiz Tuesday, August 10, 2004

 
AIM Client Buffer Overflow Vulnerability

posted by GeeWhiz Tuesday, August 10, 2004



8.09.2004

 
The Proof of Concept Exploit for Firefox 0.9.0-0.9.3 is Quite Convincing Check out the Cert properties for "Paypal".

posted by GeeWhiz Monday, August 09, 2004

 
Metasploit 2.2 Final Released

Some highlights in this release:
- Handful of useful new exploit modules (lsass, afp, etc)
- The Win32 DLL-injection payload system has been integrated
- A new SMB library has been added (used with lsass)
- The DCERPC library has been overhauled (frag support)
- The socket API has been rewritten and enhanced
- Payload encoders have been written for PPC and Sparc architectures
- A "polymorphic" x86 encoding engine has been added (1.5m combos)
- The x86 nop generator now supports smart random nop sleds
- Massive improvements to the crash course user guide
- Online updates via the new 'msfupdate' script

The 2.2 release is the first version which embraces third-party
development. The API should remain stable for the foreseeable future. An
exploit module tutorial is included in this release and can be found in
the sdk subdirectory.

posted by GeeWhiz Monday, August 09, 2004

 
The Hackademy School teaches computer security and "hacking" techniques to its students in Paris. The staff operate a magazine, the Hackademy Journal, for an international audience. Dave Aitel Rates it a Buy, and based on the copy I recently read, so do I.

posted by GeeWhiz Monday, August 09, 2004

 
Free Version of IDAPro Released! This is the debugger/disassembler of choice in the market today and is used by A/V firms worldwide.

posted by GeeWhiz Monday, August 09, 2004

 
Structural Comparison of Executable Objects from Halvar Flake

posted by GeeWhiz Monday, August 09, 2004



8.07.2004

 
Long-awaited Windows update released

Microsoft on Friday released a much-delayed security update for Windows XP that aims to improve the operating system's security shortcomings. Customers who receive automatic updates from Microsoft will begin getting Service Pack 2 within a few days.

Most users will have to download about 80 MB of data for the upgrade, which on average should take about 60 to 90 minutes for users with a broadband connection.

Service Pack 2. They're finally through tinkering with it. I can't wait.

posted by Brenda Saturday, August 07, 2004

 
Understanding Malicious Content Mitigation for Web Developers - "CERT Advisory CA-2000-02 describes a problem with malicious tags embedded in client HTTP requests, discusses the impact of malicious scripts, and offers ways to prevent the insertion of malicious tags."

posted by GeeWhiz Saturday, August 07, 2004

 
Integrity-Driven Performance: A New Strategy for Success Through Integrated Governance, Risk and Compliance Management - White Paper from Price-Waterhouse-Coopers

posted by GeeWhiz Saturday, August 07, 2004

 
The irony of "Outsourcing" abounds

posted by GeeWhiz Saturday, August 07, 2004



8.06.2004

 
SANS has a new LAMP (Linux + Apache + MySQL + PHP) Track

posted by GeeWhiz Friday, August 06, 2004

 
ExploitWatch.org is a new dlist/site for exploit availability information. Right now their archive is fairly spartan but keep an eye out... it might get interesting.

posted by GeeWhiz Friday, August 06, 2004

 
Warning: The system backs out enrollments for unpaid tuition on August 10th!

posted by GeeWhiz Friday, August 06, 2004

 
Microsoft Security Bulletin MS04-025 - Ignorance is Indeed Bliss - A Rant By hellNbak

posted by GeeWhiz Friday, August 06, 2004



8.05.2004

 
The DC12 Wifi-Shootout led to a (likely) new world record. 55.1 Miles on an unamplified 802.11b Link!!! It was great just to see these teenagers receive the award. They certainly aren't the youngest kids to ever be in Wired.

To get the 55.1 mile link they used 2 32-milliwatt Orinoco Gold USB Wifi adapters mounted on the feed points of two surplus 9-1/2 foot satellite dishes. Technically, this was a homemade antenna since they built their own elements. The least suprising moment of the weekend was when one of them stated their father was is an RF engineer.

The wireless insanity also involved the Blue Sniper. Kids don't try this at home. High gain RF is how you cook your popcorn and RF, like any EM force, never dies.... the signal to noise ratio just goes to crap. Case in point: traversing 1 mile with a bluetooth link.

The Shmoo Group Announced ShmooCon February 4-6th. No info on the listserve yet but, based on the Shmooo Group's track record, I bet it's going to be great.

posted by GeeWhiz Thursday, August 05, 2004

 
The DC12 Meet the Fed panel was quite good (errata_alert: it wasn't, as Tom's Hardware contends, "press only"... it was totally open). Some of the speakers were a bit nervous at first but, overall, there was a positive attitude of gamesmanship (rather than warfare). Paraphrased "Do what you want... do your research... but if you mess with a federal interest computer, you stand to lose a lot... and then we won't hire you."

It was worth tuning into just to hear Robert Morris Sr. speak....other than the five minutes of his solo presentation that he spent advising everyone to drink lot's of water and fluids. It was well founded but awkward.

Cool Stuff About Robert Morris Sr:
Ever hear of the Robert Morris Sequence?
He participated in the early computer "game" darwin that involved simple evolving programs with a will to live (more). The apple doesn't fall far from the tree. The game itself later evolved into Core Wars.
He Introduced Password Encryption to UNIX

posted by GeeWhiz Thursday, August 05, 2004

 
Beware what you put out there, password protect it, throw ACL's on it, something... unless it really is your intention to share it with the world: Google Search for inurl:acid_main.php or inurl:phpinfo.php?

posted by GeeWhiz Thursday, August 05, 2004

 
Hey look - Someone put their Acid Console (perhaps other parts of their IDS also) on a public server! Maybe Im missing the point, but can someone explain why this is a good idea? I'm sure there are others...

posted by Anonymous Thursday, August 05, 2004

 
Rootsecure linked to the DC12 Presentations last night and the traffic increase was fairly significant. If anyone would like to mirror the whole thing, download these files (a-k and l-z) instead of wget mirroring. This will be more efficient for all of us.

posted by GeeWhiz Thursday, August 05, 2004



8.04.2004

 
2004-08-03 SECURITY HOLE, fixed in PuTTY 0.55

PuTTY 0.55, released today, fixes a serious security hole which may allow a server to execute code of its choice on a PuTTY client connecting to it. In SSH2, the attack can be performed before host key verification, meaning that even if you trust the server you think you are connecting to, a different machine could be impersonating it and could launch the attack before you could tell the difference. We recommend everybody upgrade to 0.55 as soon as possible.

Core Advisory 2004-0705

posted by GeeWhiz Wednesday, August 04, 2004

 
New Linux Kernel Memory Leak Issue

posted by GeeWhiz Wednesday, August 04, 2004

 
Does your workplace use all Windows desktops/servers? Do you miss having a REAL Operating System? If so, now you can run FreeBSD (or Linux) on your HP Scanjet

posted by GeeWhiz Wednesday, August 04, 2004

 
NGSEC StackDefender 2.0 Invalid Pointer Dereference Vulnerability

posted by GeeWhiz Wednesday, August 04, 2004

 
Google queries provide stolen credit cards. Clever Google queries (AKA Google Hacking) yield all kinds of interesting information. Here is Johnny Long's presentation that spurred the CNET article.

posted by GeeWhiz Wednesday, August 04, 2004



8.03.2004

 
Insert is a bootable Virus Recovery CD for Windows. It uses ClamAV and Linux (knoppix) to provide a safe way to resuce windows. The GUI even let's you update ClamAV's signatures prior to scanning the system.

posted by GeeWhiz Tuesday, August 03, 2004

 
Defcon 12 Presentations

posted by GeeWhiz Tuesday, August 03, 2004

 
Oops... an addendum to the MS-August Security Bulletin.

posted by GeeWhiz Tuesday, August 03, 2004

 
Metasploit 2.2 Prerelease and Presentations from Defcon/Blackhat. HD and spoonm have been nice enough to include an autoupdate (msfupdate) feature into recent builds.

posted by GeeWhiz Tuesday, August 03, 2004

 
Mozilla/Firefox Certificate Spoofing PoC: After you get a "secure" connection to the page, click on the lock and view the certificate details. Take some pepto first.

posted by GeeWhiz Tuesday, August 03, 2004



8.02.2004

 
Houseofdabus (of MS04-011 lsasrv.dll exploit fame) has produced a new, similarly well written "universal" exploit for MS04-022. There is another exploit for the same flaw, that came out two weeks ago, but HoD's is much more versatile.

Download, compile, and smile!

posted by Anonymous Monday, August 02, 2004

 
Big Brother - Mexican officials have been implanted with microchips to track their movements. I love the statement that the chips are "unremovable." Seems like a machete might do the trick! I think I'll run like hell when they come to implant one into me.

posted by Anonymous Monday, August 02, 2004





This page is powered by Blogger.
Site Meter Locations of visitors to this page