NetSec

8.21.2004

IE Drag and Drop Vulnerability Proof of Concept

posted by GeeWhiz Saturday, August 21, 2004

IDAPro4.6 Demo Version

posted by GeeWhiz Saturday, August 21, 2004

The Computer History Simulation Project is a loose Internet-based collective of people interested in restoring historically significant computer hardware and software systems by simulation. The goal of the project is to create highly portable system simulators and to publish them as freeware on the Internet, with freely available copies of significant or representative software.

SIMH implements simulators for:

* Data General Nova, Eclipse
* Digital Equipment Corporation PDP-1, PDP-4, PDP-7, PDP-8, PDP-9, PDP-10, PDP-11, PDP-15, VAX
* GRI Corporation GRI-909
* IBM 1401, 1620, 1130, System 3
* Interdata (Perkin-Elmer) 16b and 32b systems
* Hewlett-Packard 2116, 2100, 21MX
* Honeywell H316/H516
* MITS Altair 8800, with both 8080 and Z80
* Royal-Mcbee LGP-30, LGP-21
* Scientific Data Systems SDS 940

posted by GeeWhiz Saturday, August 21, 2004

The Digital Forensics Research Workshop took place earlier this month. Check out the papers and presentations.

posted by GeeWhiz Saturday, August 21, 2004

The National Software Reference Library (NSRL) provides a repository of known software, file profiles, and file signatures for use by law enforcement and other organizations in computer forensics investigations. Here is a list of the hash signatures that they maintain.

posted by GeeWhiz Saturday, August 21, 2004

8.20.2004

HP sets 'good worm' loose. More info here

posted by GeeWhiz Friday, August 20, 2004

8.19.2004

The Ponemon Institute conducted a survey at Blackhat, Defcon and elsewhere comparing public opinions on e-voting versus the opinions of security experts. The results were frightening. Here is an article on the survey.

Even more frightening WinVote by Advanced Voting Solutions has been approved for use in the US. It is Windows Based, Communicates with a voting server via 802.11 protocols and uses WEP for security of the voting records! Wow... our democracy is in danger and no one seems to care. Except Rebecca Mercuri who gace the Hack the Vote presentation at Defcon 12.

"Hack the Vote"!

posted by GeeWhiz Thursday, August 19, 2004

Cisco Security Advisory: Cisco IOS Malformed OSPF Packet Causes Reload

posted by GeeWhiz Thursday, August 19, 2004

8.18.2004

Windows XP SP2 via Automatic Update Postponed

"Microsoft has revised its plans to deliver Windows XP SP2 through the Automatic Updates (AU) delivery mechanism in Windows to give customers more time to plan the rollout of this critical update, or temporarily block the download of Windows XP SP2 to those machines using AU.

Here is the revised delivery schedule of Windows XP SP2:

8/16 - Release to Software Update Services.
8/18 - Release to Automatic Update for users running Windows XP Home Edition only.
8/25 - Release to Automatic Update for all Windows XP users including those running Windows XP Professional Edition; release to Windows Update for interactive user installations."
-- from today's Biweekly TechNet Flash Newsletter

Knowledge Base Article 842242 released yesterday reported almost 50 programs experiencing compatibility problems after SP2 is installed, but who's counting.

M$ has created a tool for network admins to use to block delivery of SP2 to clients via Automatic Updates (AU) and Windows Update (WU) for up to FOUR months. Will it really take them that long to sort out the problems caused by their new SECURITY MINDED Service Pack?

I have been having crash trouble with Office XP Outlook's COM+ Add-in (Norton AntiVirus 2004's AntiSpam) since M$ issued an Security update for Lookout in March. Sending multiple error reports to M$ hasn't moved them to fix it. Symantec support referred me to their support article posted May 25, but they still haven't fixed it. Maybe I should post it to bugtraq. Being overly patient isn't working.

posted by Brenda Wednesday, August 18, 2004

Unpatched PC's Compromised in 20 Minutes According to ISC Study. 16 minutes seems almost a bit long. If you are using XP, at least take some of the steps outlined in this SANS document. Wanring: They recommended that you patch with Windows Update promptly. If you patch a live system while connected to the Internet (without some form of firewall in place) the system will be owned before you are done with the first patch.

posted by GeeWhiz Wednesday, August 18, 2004

Biometrics Increasingly Used for Authentication and Access Control

posted by GeeWhiz Wednesday, August 18, 2004

IEEE Works on Standard to Enhance Embedded Systems Security

posted by GeeWhiz Wednesday, August 18, 2004

Blaster.B Teen Pleads Guilty

posted by GeeWhiz Wednesday, August 18, 2004

DoJ's Nation Institute for Justice has Published Forensic Examination of Digital Evidence: A Guide for Law Enforcement which complements an earlier report titled Electronic Crime Scene Investigation: A Guide for First Responders

posted by GeeWhiz Wednesday, August 18, 2004

8.17.2004

Forum On Risks To The Public In Computers And Related Systems: Moderator Peter G. Neumann

posted by GeeWhiz Tuesday, August 17, 2004

Adobe Acrobat/Acrobat Reader ActiveX Control Buffer Overflow Vulnerability

posted by GeeWhiz Tuesday, August 17, 2004

8.16.2004

McAfee to acquire Foundstone Inc.

posted by GeeWhiz Monday, August 16, 2004

Sp2Torrent.Com was offering a BitTorrent for XP SP2... until the vendor stepped in with a cease and desist order. Other vendors are beginning to look at such legitimate uses for P2P technology to distribute software. The failure to adapt to technological change leaves existing firms completely exposed to unrivaled competition. The tremendous losses of the recording industry came as a direct result of their refusal to provide a viable product in the P2P market space.

posted by GeeWhiz Monday, August 16, 2004

8.15.2004

BOFH: How dangerous are your users? from Ron

posted by GeeWhiz Sunday, August 15, 2004

Snort 2.2.0 Released

posted by GeeWhiz Sunday, August 15, 2004