I hope there aren’t too many browser developers that have planned on taking July off….. I ran across browserfun.blogspot.com where it is planned to release information on a web browser vulnerability EACH DAY for the month of July. This comes to us from HD Moore of Metasploit. Judging from This securityfocus article, most of the vulnerabilities may just lead to a browser crash, but some seem to be remote code execution vulnerabilities. Microsoft Internet Explorer is where they found most of them, but other browsers were NOT immune and did find at least one remotely exploitable vulnerability to gain remote access for each browser tested.
Category: Computers
-
Vandals banging on the door of ssh….
Sometimes I wish I wasn’t curious about things…. The other night I was working on something on the testbox in the back room and saw the switch lights flickering fairly actively between the server and the internet gateway. At first I thought maybe it was some mail coming in, but it was awfully persistent. So, I started nosing around. I saw that sshd was showing up in the process list and on checking /var/log/messages…. found hundreds of ongoing attempts to break in through the ssh server. (sigh….) Now, there was a time when I’ve kind of snickered when I’ve seen these futile attempts, because I have a VERY short list of allowed ssh users. (AllowUsers username can be set in /etc/ssh/sshd_config) But, this was fairly persistent and there was more variety to the usernames than I’m used to seeing.
-
New User Guides for Ubuntu, Fedora, Mandriva
As I was searching online this weekend for something ubuntu related… I ran across this nice reference Wiki…. ubuntuguide.org. They’ve got a good Ubuntu new user guide and also a few things Mandriva and Fedora related. The site is done wiki style so you should be able to collaborate if you have suggestions (although they require login it appears due to wiki-vandalism.) Anyway, looks like a good guide, fairly new-user friendly.
-
Exploit in the wild for Apple vulnerability
A couple days ago there was a release of Mac OS X 10.4.7 which addressed several security flaws. There is now an exploit published for one of these vulnerabilities. The attacker using this exploit could gain remote root (administrator) access to the machine. So, don’t delay any further on patching. No system is a fortress if the administrator doesn’t keep up with security updates……
-
OpenOffice.org security update
Version 2.0.3 of OpenOffice.org has been released. It includes quite a few bugfixes, including three security related fixes. The security vulnerabilities were apparently found in an internal audit. One of the improvements in 2.0.3 is an integrated update check, to be able to check for available updates directly from within OpenOffice. I think this is an important area to be improved.
-
The great firewall of China
The great firewall of China may be just an illusion in technical terms. This article describes the details of how things work…. Basically when “banned content” is detected, both ends of the connection are sent a flood of tcp reset packets. Which (if both sides are designed to pay attention to) means that the two computers “hang up” assuming the other side reset the connection. But, while most current PC operating systems obey the reset packets…. it’s not something that is imperative. (You might think of this as a targeted/surgical denial of service attack using TCP reset packets…) The article goes a bit deeper though….
-
Your own custom BSOD
Do you tire of XP’s blue screen text…. is it too drab and dry? Well you too can spice up your blue screen text…. This is not for the faint of heart when it comes to tinkering with “important files”…. But all you need is Windows XP and resourcehacker (Free). fluxiontech.com has the tutorial. Happy modifying your ntoskrnl.exe …….. (Please follow their directions and save it to another file name so you’ve got your original…) Then just make a change to boot.ini to point to the new kernel and you too have a customized BSOD.
-
Intelliadmin – free disable usb storage tool
For Windows system administrators that have sweated over the perils of usb drives and memory sticks…. Intelliadmin has a tool for you. It’s a small utility that will allow to remotely disable usb drives over the LAN. It won’t affect usb mice/keyboards – just usb storage. So, if your network security policy doesn’t like USB storage you can easily use this to make sure those devices don’t work on plugin.
-
Exploits a plenty – IE / Excel (Firefox?)
There are a number of vulnerabilities that are currently unpatched, but have working publicly known exploits for Excel (*2) and Internet Explorer (2 vulnerabilities here as well.) Proof of Concept code has been released for both the Excel and Internet Explorer vulnerabilities. This means, with the code publicly available, it won’t be long before it’s bundled into other malware delivery structures…. You might look at alternative browsers, BUT…. be forewarned that one of these vulnerabilities appears to work on a fully patched install of Mozilla-Firefox. (According to Sans – the Secunia code doesn’t – but the full disclosure exploit code does affect Firefox.) I’ve seen word of early 1.5.0.5 builds being available – I wonder if that will be modified to fix this issue?
-
Apple Mac OS X updates
There are several issues fixed by a bundle of updates for OS X (for 10.4 up to 10.4.6). The new release is 10.4.7 There are a number of issues fixed in addition to at least 3 security related problems. Incidents.org has more details. I know many Mac users feel the “aura of invincibility”, but…. keeping your OS updated is important no matter what Operating system you use…. mac, windows, linux, bsd, etc.