Nasty Javascript attack possibilities



There were demonstrations of some nasty javascript attacks at Black Hat as well (as if the wireless driver issues wasn’t a big enough problem…) Javascript is a powerful language and can be used for many things, but in these demonstrations, it was used to track recently visited sites (by the browser victim) and identify the IP address of the victim on the internal LAN AND to alter firewall settings. From the way I read the article at the Security Fix – this is changing HARDWARE firewall settings.


I don’t know details as of yet, but have to wonder if uPnP would be involved with being able to change the firewall settings. I don’t know quite how else it could easily be done to alter a hardware firewalls configuration without lucking out and the target pc being the same pc that’s used to 1)administer the firewall or 2)save the login/password…. I do understand that uPnP enabled firewalls are susceptible to quite a number of possible attacks once the attacker is “in the internal network”.

More reasons to filter/proxy traffic at the firewall to begin with?

Update –8/3/06 4PM edt–

Betanews has some posibilities on these javascript exploits being aimed at rss readers. The idea here being that the baddies could either have a feed that they insert javascript into, OR more likely insert javascript into the comments on posts on a legit site. Many sites provide rss feeds for the comments on posts. The bottom line on this is that software that pulls data from untrusted sources needs to be cautious about verifying the data. (Or for rss readers to disable advanced features like javascript?)

Related Posts

Blog Traffic Exchange Related Posts
  • Network Security guide for the home or small business network - Part 1 - A Hardware firewall Computers can communicate over networks. (Surprise!) That's how you're reading this post. The machine that this site is hosted on is listening for requests for connection. When it receives a request it answers back with a web page. In fact, computers can listen for a great many different kinds of......
  • Viruses and worms can come in from many directions For a long time, email was the primary vector for viruses, before that floppy discs carried bugs from pc to pc. Then came network worms exploiting windows security vulnerabilities which led to the rise of firewalls and the increase in viruses piggy-backing into the system through browser bugs. But, any......
  • Firewall musings... Yesterday I had a bit of a realization. I had just been looking at a wireless router/firewall setup and was thinking about the firewalling rules (which seemed to be geared at the WIRELESS lan... i.e. blocking that activity on the Wireless segment.) You know, traditionally firewalls have had the attitude......
Blog Traffic Exchange Related Websites
  • Interactive Blogging For Corporate Bloggers As readers become more involved with the blogs they frequent, a new form of communication is becoming prevalent – interactive blogging. There are a few ways to look at this and determine whether or not this form of interaction is right for your corporate blog and your readers. When used......
  • Solidifying WP Security Designed with PHP, and powered by mySQL directories, WordPress is used by an amazing 8.5% of all websites. Web delivered spyware and web page hacking are becoming progressively more common. With such a lot of web content using WordPress as a CMS, any security weaknesses in the CMS structure or......
  • Firewall Internet Security Firewall seems to be very popular these days. Firewall is the program that helps you to protect your digital world. There are many companies, which produce the firewall because of its tremendous demand. If you are using windows xp, there is default firewall software that you can use to furnish......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site