Nasty Javascript attack possibilities



There were demonstrations of some nasty javascript attacks at Black Hat as well (as if the wireless driver issues wasn’t a big enough problem…) Javascript is a powerful language and can be used for many things, but in these demonstrations, it was used to track recently visited sites (by the browser victim) and identify the IP address of the victim on the internal LAN AND to alter firewall settings. From the way I read the article at the Security Fix – this is changing HARDWARE firewall settings.


I don’t know details as of yet, but have to wonder if uPnP would be involved with being able to change the firewall settings. I don’t know quite how else it could easily be done to alter a hardware firewalls configuration without lucking out and the target pc being the same pc that’s used to 1)administer the firewall or 2)save the login/password…. I do understand that uPnP enabled firewalls are susceptible to quite a number of possible attacks once the attacker is “in the internal network”.

More reasons to filter/proxy traffic at the firewall to begin with?

Update –8/3/06 4PM edt–

Betanews has some posibilities on these javascript exploits being aimed at rss readers. The idea here being that the baddies could either have a feed that they insert javascript into, OR more likely insert javascript into the comments on posts on a legit site. Many sites provide rss feeds for the comments on posts. The bottom line on this is that software that pulls data from untrusted sources needs to be cautious about verifying the data. (Or for rss readers to disable advanced features like javascript?)

Related Posts

Blog Traffic Exchange Related Posts
  • Most home pc users lacking on PC security... Surprise!!... ummm wait, no... This article has come out while I've been in the midst of cleaning up a Windows ME pc that has been "0\/\/ned" (owned/controlled...) by someone other than the owner for a bit over 15 months. The system had NO antivirus, no firewall (no antispyware) and used......
  • Zotob worm bites big media outlets According to several reports there are several big media outlets seeing what is reported as the zotob worm which exploits a Microsoft Windows vulnerability (MS05-039) disclosed last week. There seems to be no better way for something to make the news than for it to affect the companies that bring......
  • RSS feed to spread the word of software updates The computer security landscape today is such that pretty much ALL software, whether it's Operating System, Office Suite, Web browser or device driver is at any given time "the weakest link". One of my dreams as someone that does IT is "what IF there were an easy way to keep......
Blog Traffic Exchange Related Websites
  • What is an RSS Feed and Why Syndicate Your Blog? Blog feeds or RSS feeds allow for feed readers to access a site that automatically looks for new content from all of their favorite blogs. By syndicating your blog through an RSS feed you can allow your readership to access all of your new blog posts without requiring them to......
  • Interactive Blogging For Corporate Bloggers As readers become more involved with the blogs they frequent, a new form of communication is becoming prevalent – interactive blogging. There are a few ways to look at this and determine whether or not this form of interaction is right for your corporate blog and your readers. When used......
  • Find Out How To Make A 6 Figure Income - Make Money With Your Survival Blog Blogging To The Bank! Every online business needs traffic in order to survive, that much we already know. But in this article, we're going to look at 4 of the most effective ways to set up windfalls of consistent traffic through one of the best publishing platforms online - blogs. Check out blogging to......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site