DNS Attack

March 30, 2012

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1093

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1093

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1105

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1132

Apparently the loosely organized hacking collective/meme known as Anonymous has announced that they will take out the Internet’s root DNS servers with a massive DDoS tomorrow.

How likely is it that they’ll succeed? Not very, for a whole host of reasons.


MS12-020

March 14, 2012

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1093

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1093

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1105

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1132

One of Microsoft’s recent patches should really be installed right away on any system running Remote Desktop Protocol. It’s only a matter of time — weeks at best, days at worst — before reverse engineers get to work on the patch and start crafting an exploit. Details available at the ISC.


SonicWall

March 13, 2012

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1093

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1093

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1105

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1132

Apparently Dell has agreed to purchase SonicWall from the private equity group that has owned them for the last couple of years. This should be an interesting transition for current SonicWall customers; hopefully the support experience doesn’t degrade too terribly much.


Open a Padlock With a Coke Can

January 17, 2012

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1093

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1093

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1105

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1132

Well, I wish I’d known about this technique the last time I forgot my gym lock combination.


WPS Flaw

January 3, 2012

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1093

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1093

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1105

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1132

WPS, or WiFi Protected Setup, is a vendor-neutral scheme to make it easier for computer neophytes to securely configured a home wireless access point. Unfortunately, the PIN-based scheme it uses for authentication is easily bruteforced.

From the article:

“When the PIN authentication fails the access point will send an EAP-NACK message back to the client. The EAP-NACK messages are sent in a way that an attacker is able to determine if the first half of the PIN is correct. Also, the last digit of the PIN is known because it is a checksum for the PIN. This design greatly reduces the number of attempts needed to brute force the PIN. The number of attempts goes from 108 to 104 + 103 which is 11,000 attempts in total.”


Iran Drone

December 21, 2011

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1093

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1093

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1105

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1132

The recent capture of an American drone by Iranian forces has been a hot news item. Interestingly, Iranian engineers are coming forward with information on how it was captured. Rather than trying to crack the encryption on the command-and-control link to the pilot, they used spoofed GPS data to force its autopilot to land in Iran, all the while thinking it was in Kandahar. Nice hack.


Nmap Bundling

December 7, 2011

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1093

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1093

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1105

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1132

Cnet’s download.com site has apparently begun bundling toolbars and spyware with nmap and other open source tools.


Printer Attacks

November 29, 2011

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1093

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1093

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1105

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1132

HP is looking into some new attacks on their Laserjet printer line, discovered by researchers at Columbia. It seems that the printers will, by default, accept unauthenticated firmware updates sent along with a print job. Uh-oh.


747s

November 15, 2011

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1093

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1093

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1105

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1132

From a post on the Interesting People mailing list:

Craig S Wright says: “I was contracted to test the systems on a Boeing 747. They had added a new video system that ran over IP. They segregated this from the control systems using layer 2 – VLANs. We managed to break the VLANs and access other systems and with source routing could access the Engine management systems.”

https://plus.google.com/u/0/110897184785831382163/posts/5qsNxFEaiML


Columbia FOG

November 8, 2011

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1093

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1093

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1105

Warning: Illegal string offset 'status_txt' in /home/graciem/digital/blog/wp-content/plugins/share-and-follow/share-and-follow.php on line 1132

An interesting, DARPA-funded project over at Columbia: FOG allows for false documents to be created which then “beacon” a message back to the originator when they are opened. Clearly, the intent is twofold – to seed places like Wikileaks with false information, and to ferret out people who are trading in stolen documents.