10.31.2003

Microsoft to release threat-modeling tool: "Microsoft plans to publicly release a threat modeling tool it uses internally to help software developers create more secure software, the company said Thursday."
joatBlog: YADOCD: "YADOCD Yet Another Distribution On CD: Dyne:Bolic. This one is targeted, more or less, at artists, claiming to contain everything you need to record, edit, encode and stream audio and video data, all without having to set up an extra partition on your hard drive. This distribution also auto-discovers other Dyne:Bolic systems on the LAN and clusters with them."

cool tool

10.29.2003

DWDL.de - Das Medienmagazin: "'Zimmer Frei': WDR zeigt lang verbotene Folge Sie ist vier Jahre alt und wurde nie gezeigt: Die 'Zimmer Frei'-Folge mit Cherno Jobatey. Jetzt gab es das Okay."

-> Pflichtfernsehen!
SecuriTeam.com ™: "Microsoft Exchange 2000 Heap Overflow (XEXCH50)"
# robots.txt for http://www.whitehouse.gov/

*lol*
: "Flea virus flops but Sober worm causes headaches"
MS Exchange Blog : Have you patched E2K yet?: "Have you patched E2K yet? I'm sure you have all patched your Exchange 5.5 and Exchange 2000 servers to protect them from the vulnerability outlined in MS03-046: Microsoft Security Bulletin MS03-046 If not, you shouldn't waste much more time. Exploit code is out there: www.securiteam.com"
Shatter attack on Windows XP :: Internet Security Information : "Brett Moore from Security Assesment put me (xenophi1e (oliver.lavery_at_sympatico.ca)) o­nto this o­ne. XP's Visual Styles, the feature that makes various controls in Windows XP look less dated, also introduce a new shatter type vulnerability into the OS."
The Register: "NGSCB, aka Palladium, in next generation of CPU, says Gates"

10.28.2003

News: Report: Flaws quickly spawn Net attacks: "Online vandals are quickly exploiting flaws, leaving companies with little time to patch their computer systems, according to a report published Wednesday by Symantec."
BBC NEWS | Technology | How spammers are targeting blogs: "How spammers are targeting blogs Technology analyst Bill Thompson has been getting lots of comments on his weblogs, unfortunately most of the want to sell him Viagra. He has been 'flyblogged'."

congratulations, bbc - you discovered this with warp speed
MSExchange.org Server Based Antispam Comparison: "With the multitude of antispam solutions for Exchange, choosing the one that's suited to your network's present and future needs is no simple task. That's why we have prepared this feature comparison in which five of the leading vendors of antispam solutions have participated. By comparing the features of these solutions side by side, you should be able to get a clearer picture of which solution is the best overall and which one will provide you with the best value for money, ensuring that the solution that you eventually pursue turns out to be the right one."
Hidden Vulnerability Dogs VPN Project - Page 2 - Computerworld: "A glitch in personal firewall software keeps a VPN off-line -- and prompts a scramble for the right fix."

i think i know this vendor, could be the one we have contracts with, too *sigh*

10.27.2003

News: Son of MSBlast on the way?: "Son of MSBlast on the way?"
Mop-up Continues in Worm Aftermath - Computerworld: "Mop-up Continues in Worm Aftermath"
Corporate Network Blasted From Abroad - Computerworld: "Corporate Network Blasted From Abroad"
InfoWorld: Law proposed for security audits: October 24, 2003: By : Security: "Law proposed for security audits Public companies would report results yearly"
InfoWorld: SSL VPNs best IPSec rivals: October 24, 2003: By : Security: "SSL VPNs best IPSec rivals Neoteris and Netilla prove SSL isn’t just for browsers anymore"

i personally prefer ssl- vpns just for browsers - this prxy thing is nothing which i would like to deploy.....
Inside a security audit - Computerworld: "Inside a security audit"
troy claims mth. i fully agree...

THE Network Security Blog - Geek Troy Jessup: Troubles from within...: "Among the largest problems and threats to any given network, users seem to be more and more the most difficult threat to find solutions for."
joatBlog: Cracking Windows Passwords in Seconds: "Cracking Windows Passwords in Seconds"
joatBlog: Shatter Attacks - How to break Windows: "Shatter Attacks - How to break Windows Anti-Crack has an article about shatter attacks on Windows. Note: This is a vulnerability that Microsoft is likely NOT to fix as it requires such a massive rewrite of code. The good news is that (so far) the attack requires local access to the system."

i´ve seen some tools for this and after the demonstration i was scared to hell - it´s way too easy to exploit this.
interesting thougts -> http://www.openpgp.org/

: "Hmmm.... The FBI stops by a middleschool to check on a student writing a paper on bridges. But the really interesting bit here....

All of this leaves one question: How did the FBI stumble onto the information? Are there agents who spend their days monitoring millions of private messages?"
Microsoft Security Ideas: "Microsoft Security Ideas Robert Scoble and I have recently sparred in another venue over what I consider a failing on Microsoft's part in the 'computer security for Microsoft users' area. I was perturbed(and still am) that the solutions coming out of Microsoft seem to always involve more and 'improved' technology(often ending in the refrain 'wait until Longhorn')."
vnunet.com Risk management falls short: "Risk management falls short By Martin Veitch [21-10-2003] A new report argues that business leaders have a poor understanding of IT-related risks and responsibilities"

we are all surprised *sigh*
.:[ Security-Protocols ]:.: "eEye: Retina Messenger Service Vulnerability Scanner"
: "Framework for Exploits II"
iinteresting links to exploit frameworks - have fun :-)

10.26.2003

sorry, was at the systems, therefore no blogentries the last days

10.17.2003

Symantec Security Response - W32.HLLW.Gaobot.AZ: "W32.HLLW.Gaobot.AZ"

this is another worm exploiting ms03-26 - i ask myself if there are still unpatched systems ??

10.16.2003

: "Factual and Legal Risks regarding wireless Computer Networks English language version of 'Risiken bei Wireless Ethernet' The IEEE 802.11b wireless ethernet standart has several serious security flaws. This paper describes this flaws, surveys wireless networks in the Cologne/Bonn area to get an assessment of the security configurations of fielded networks and analizes the legal protections provided to wireless ethernet operators by german law. We conclude that wireless ethernets without additional security measures are not usable for any transmissions which are not meant for a public audience. We also point out problems in german criminal laws regarding the protection of encripted communication."
disLEXia 3000 blog: Data on second-hand harddisks: "Data on second-hand harddisks After reading Rememberance of Data Passed: A Study of Disk Sanitatization Practices by Garfinkel and Shelat I devided to verify their results. They bought a large number of second hand harddisks and analyzed the contents of this disks. They found a wealth of information. Read their Article!"

10.15.2003

new Windows RPC issue (race condition), RANDEX.Q virus

Internet Storm Center: "Windows RCP race condition for a few days, a possible new RPC DCOM vulnerability has been discussed on a number of vulnerability lists. Exploit code has been posted, but it is not widely accepted that this code exploits a new RPC vulnerability in order to obtain a remote shell. However, according to an ISS XForce advisory, a denial of service condition is possible even if the system is fully patched."
Study: Internet fraud and attacks rise in tandem: "Study: Internet fraud and attacks rise in tandem"
Teen charged with hacking brokerage account - Oct. 9, 2003: "Teen hacked TD Waterhouse account Boston officials file charges against the teen for hacking into someone else's brokerage account."
Cox Crow: "Water Leaking through the Duct Tape So the minimally competent programmers in the code mines of Redmond forgot to check another buffer. Swell. So some ISPs have blocked the ports used for the Microsoft RPC services involved, which leads Jon Udell talks about folks blocking tcp/135 and the subsequent loss of network neutrality. In the course of the article he mentions RPC-over-HTTP."

the article below was a link from this text
Inside RPC-over-HTTP: "Inside RPC-over-HTTP"

a nice way to circumvent the isp block of the rpc ports *argh*
Heise News-Ticker: Neues Loch in Windows RPC-Dienst: "Neues Loch in Windows RPC-Dienst"

auch heise hat inzwischen die meldung - etwas spaet, abe rimmerhin
Sichere Hosting-Angebote für Spammer? - Golem.de: " Wired: Sicherheitslücken erlauben Spammern unentdecktes Web-Hosting"

ubeer trojanisierrte rechner - die haben doch nen knall - illegaler gehts nicht mehr
Viruses, anti-viruses, events, facts and commentary: "Modems Are Still A Viable Point Of Attack"

-> war dialing is still a topic - hard to belief. to be honest, if i would conduct a pentest i would focus on different pen points (eg web appilcations or user management (priviledge escalation...))
: "SQL Injection Walkthrough"

10.14.2003

MS Exchange Blog : "Server-Side Antivirus Protection": "'Server-Side Antivirus Protection' Chapter 3 of Paul Robichaux's free eBook 'The Administrator Shortcut Guide to Email Protection' has been published by Sybari."
Finding all the access points: "Finding all the access points"

again an article about wifi finders

10.13.2003

SecurityFocus HOME Guest Feature: Counterpoint: Linux vs. Windows Viruses: "Counterpoint: Linux vs. Windows Viruses"
RPC DCOM 2 Exploit source code in the wild - MS03-039 patch flawed? :: Internet Security Information : "***Currently available information indicates that the patch from Microsoft MS03-039 does not properly protect machines against this exploit!!!*** Although Proof of Concept source code has been circulating for some time now a fully functional exploit is now available. It appears there are also some issues with the MS03-039 patch released to mitigate this vulnerability. According to currently circulating information it has been confirmed that the following operating systems are still vulnerable to attack even if they ARE patched: - Microsoft Windows XP Professional - Microsoft Windows XP Home - Microsoft Windows 2000 Workstation Although it has not been verified at this time, other versions of Microsoft Windows are also suspected to be subject to this vulnerability. As with the prior RPC vulnerability (MS03-026), these attacks can occur o­n TCP ports 135, 139, 445 and 593; and UDP ports 135, 137, 138 and 445."
SECURITY.NNOV:Search:News: "Windows NT/2000/XP/2003 RPC buffer overflow"

this is a new exploit, causing ddos at patches systems, rooting at unpatched

10.12.2003

interessanter artikel in der nzz ueber den slammer befall der schw. post

10.10.2003

the next exploit in the wild.......
for ms03-39 - son of blaster is near

/* Microsoft Windows RPC2 (Universal) Remote Exploit (MS03-039) */

if you have not patched yet - hurry up :-(

heise warnung..

btw:
http://www.securityfocus.com/archive/1/340937
: "Inside Cisco's eavesdropping apparatus: 'Cisco Systems has created a more efficient and targeted way for police and intelligence agencies to eavesdrop on people whose Internet service provider uses their company's routers. The company recently published a proposal that describes how it plans to embed 'lawful interception' capability into its products. Among the highlights: Eavesdropping 'must be undetectable,' and multiple police agencies conducting simultaneous wiretaps must not learn of one another. If an Internet provider uses encryption to preserve its customers' privacy and has access to the encryption keys, it must turn over the intercepted communications to police in a descrambled form.' [CNET News.com]"
http://news.com.com/2010-1071-997528.html?tag=fd_nc_1

i read this at heise before and i don´t like this :-((
Hi,

just put the floppy reading java call in an applet for those who think
the problem has nothing to do with java. The problem is that
the sandbox should protect the system from untrusted access
to system ressources, such as a floppy drive. But again
like many things in the jdk (see illegalaccess.org for details)
this does not work like printed in the java specification.

You can try the new floppy applet at:
http://www.illegalaccess.org/exploits/java/applet/MyFloppySucks.html

Tested on:
- IE 6
- Opera 7.2
- Netscape

on Win32...

Warning: The applet may start an alert message to enter a floppy
disk, if this [your own!] disk is infected by a virus, it may damage
your PeeCee. But the applet itself is plain java, no
disk virus included !

*again full-disclosure*
A new white paper on shatter attcks has been released and is available
from this website;

www.security-assessment.com/Papers/Shattering_By_Example-V1_03102003.pdf

This white paper includes information from both shatterseh2.txt and
shatterseh3.txt.

It also includes a shatter attack exploit against statusbars that uses
the following messages;
* WM_SETTEXT
* SB_SETTEXT
* SB_GETTEXTLENGTH
* SB_SETPARTS
* SB_GETPARTS

*from full-disclosure*
vnunet.com IM menace quadruples: "IM menace quadruples"

check your network with tools like akonix.... (it´s free)
heise Security - Papers - Sicherheit bei GPRS: "Geir Stian Bjåen und Erling Kaasin: Security in GPRS"
one of the articles i will read this weekend - escpecially interesting due to some gprs usage i know ...
heise Security - Papers - Die Kosten von Monopolen: "Cyber Insecurity: The Cost of Monopoly"

very interesting article - and even more interesting reactions from mircosoft (check the securityfocus/basic maillinglist for this)
: "SANS releases its Top Twenty Vulnerabilities List"
ThinkGeek :: The ThinkGeek White or Black Hacker Hats: "The ThinkGeek White or Black Hacker Hats"
.:[ Security-Protocols ]:.: "Cisco's LEAP Authentication"
The Register: "SunnComm to sue 'Shift key' student for $10m"

interesting way to make money if you can´t sell more cds... *yak*
vnunet.com Bosses are the weakest link: "Bosses are the weakest link"

*agree* ;-)
New Scientist: "Many Bluetooth gadgets open to wireless snooping"

interesting article, again - history repeating ? (wlan)
SecurityFocus HOME Infocus: Pocket-Sized Wireless Detection: "Pocket-Sized Wireless Detection"

comparison between two wifi finder. interesting and a lot cheaper than a notebook (if you only want to check where to find a wlan (e.g. on a company campus) :-)

de.indymedia.org | Open Posting in Hamburger U-Bahn: "Open Posting in Hamburger U-Bahn"

wie auch bei heisec gemeldet, gab es bei den hamburger u-bahnen (die infoscreens) eine kleine "panne"
THE Network Security Blog - Geek Troy Jessup: My Joy in Computer Forensics: "My Joy in Computer Forensics"

nice article about a special rootkit *gulp*
heise Security - News - Wurm legt Schweizerische Post lahm [Update]: "Wurm legt Schweizerische Post lahm [Update]"

slammer - nach einem jahr noch immer nicht gepatcht....

COMPUTERWOCHE ONLINE - Homepage www.computerwoche.de: "Gartner teilt Sicherheitsbedenken über Windows"
schick, vor allem dieser passus hier:
"ein Positionspapier, in dem sie die Auffassung vertreten, dass Microsoft-Produkte von Fehlern durchsetzt und systembedingt gefaehrlich sind - sowohl für Anwender als auch für die Gesellschaft insgesamt"
als ob wir das nicht schon laengst wuessten :-)

This page is powered by Blogger. Isn't yours?