Navigation

You are here: Home Security

Archive | Security

Security is not a feature; it’s a process. Notes on issues, patches and essays on security.

SANS: Top 20 vulnerabilities

By on November 22, 2005 in Security

Computerworld News and eWeek point to an interesting SANS report. Computerworld: “SANS: Cyberattackers found green fields in 2005. After years of writing viruses and worms for operating systems and Internet server software, hackers found new areas to target in 2005, according to a report on security trends released today.”

It’s interesting to see malicious crackers moving “up the stack.” One encouraging aspect is that network stacks are becoming more resistant to attack. However, applications are reaching further down into the stack, with user-space apps poking at ports and taking on more risky behaviors. We want to avoid repeating the mistakes of the past…

Unpatched IE Javascript exploit published.

By on November 21, 2005 in Microsoft, Security

InfoWorld: Top News: Hackers publish code for critical IE bug. InfoWorld) – Security experts are warning Internet users to be careful where they click, thanks to a nasty unpatched bug in the way Microsoft Corp.’s Internet Explorer browser handles the JavaScript computer language. The bug is of particular concern because security researchers in the U.K. have now published “proof of concept” code showing how hackers could exploit the problem and possibly take over a Windows system.By Robert_McMillan@idg.com (Robert McMillan).

Just to review: never browse with an untrustworthy browser.

UPDATE: Details at the Internet Storm Center, raising their InfoCon level from green to yellow. ISC is labeling it a zero-day exploit. It’s certainly the potential for one.

Look out for bootable media!

By on November 3, 2005 in Microsoft, Security

Last night, I booted my Windows XP notebook after it spent the day traveling in its padded bag – never touched, dropped, struck by lightening, etc. I had left a CD in the tray and it may have tried to boot from that — oops. Removing the disk and rebooting resulted in “NTFS.SYS is missing or corrupted.” Since the machine didn’t come with a rescue CD, I used Knoppix to boot the machine to examine the partition. Looking through the partition, the C:\WINDOWS\system32\drivers directory is empty. That’s pretty unlikely a failure on Windows part – WinXP usually keeps several of these files open, and “Windows File Protection” prevents their deletion. Ran fine until I shut it down yesterday morning. Running S.M.A.R.T. utilities shows no errors on the drive. Running SpinRite right now to confirm there’s not a drive problem, then I’ll be restoring from a Ghost backup.

Reminder: don’t leave your computer configured to boot from devices you don’t want to boot from! UPDATE: Scanned the disk on a trustworthy computer with an up-to-date NAV, and it indicates no malware. Curiouser and curioser…

Sony Music CDs install rootkit?

By on November 1, 2005 in Security

Yet another reason to avoid Digital Restriction Management: SysInternals is reporting that certain Sony music CDs install rootkits and that removing the rootkit disables the ability to play music CDs on your (Windows) computer.

These feeble restrictions surely won’t deter any serious piracy of the music, but only infringe on the abilities of consumers to rip their favorite music to their own music players.

Thanks to Ed Leafe of the ProFox mailing list for the pointer.

FireFox Logs One Hundred Million Downloads

By on October 20, 2005 in OpenSource, Security, Technology

Last OSNews post for the morning, I promise! They report Firefox Sees 100 Millionth Download. “Just shy of Firefox’s first birthday party, the Mozilla Foundation celebrated the 100 millionth download of its Web browser Wednesday. “This is a great milestone. Our massive, worldwide community of grassroots marketers and users – not to mention the developers – have helped to put out a product that’s really kicking butt,” said Asa Dotzler, the Mozilla liaison to the SpreadFirefox community.”

Nashua GNHLUG meeting next Thursday: OpenVPN

By on October 15, 2005 in OpenSource, Security, Technology

The Nashua chapter of the Greater New Hampshire Linux User Group meets the third Thursday of each month at Martha’s Exchange, Main Street Nashua. Dinner starts at 6 PM (pay for your own), the presentation starts upstairs at 7:30.

This months meeting on the 20th of October will have Ken D’Ambrosio showing OpenVPN, an open source solution to remote secure access to a network. OpenVPN runs on Windows, Linux, *BSD, OS X and Solaris. From their web page:

“OpenVPN implements OSI layer 2 or 3 secure network extension using the industry standard SSL/TLS protocol, supports flexible client authentication methods based on certificates, smart cards, and/or 2-factor authentication, and allows user or group-specific access control policies using firewall rules applied to the VPN virtual interface. OpenVPN is not a web application proxy and does not operate through a web browser.”

Sounds like a meeting not to miss!

Worm Hole!

By on October 12, 2005 in Microsoft, Security

Microsoft Watch from Mary Jo Foley reports Win2K Users Beware. “Of the 14 vulnerabilities for which Microsoft issued patches on the latest Patch Tuesday, one is especially important: a newly discovered Windows 2000 worm hole.”

The worm hole episode on STNG was one of my favorites!

IT manager mistakes

By on September 26, 2005 in LAMP, Security, Technology

Linux-Watch.com points to an IT manager’s Journal article, Avoiding some common Linux admin mistakes, that point to IT problems that happen in all shops: failing to document, failing to plan on problems and having to react to them, failing to properly evaluate the build vs. buy, host vs. rent calculations, depending on silver bullets, too much – too fast, and not giving security its due.

Older posts Newer posts

Powered by WordPress. Designed by Woo Themes

This work by Ted Roche is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 United States.