I found a peculiar problem while I was setting up an openvpn link the other day. The goal was a simple shared key setup and I started with the sample configuration and modified it a bit to fit the circumstances, I allowed the correct UDP port through the firewall (I think 1194 if I recall correctly) and … it didn’t work. So…. I started over and worked from empty config files and put in the bare minimums… it still didn’t work – no appearance that it was making the connection at all to negotiate the link. I double and triple checked the firewall config/restarted it… nothing Then I decided to try TCP instead of a UDP port. Changed the firewall config to allow the TCP traffic on 1194, adjusted the server and client config and lo and behold it worked. The firewall in question….
Tag: UDP
-
Another trojan using WMF exploit in SPAM
F-Secure is reporting on another SPAM attack that tries to get people to click on a link to a site with an exploit-crafted WMF file. The message is along the lines of a claimed Professor at Yale announcing the unfortunate vandalism over the New Year holiday, the link purports to be pictures of the act in the “hope that someone may recognize the culprits work”. I’m sure this won’t be the last of that sort….
-
Phpbb include vulnerability scanning
Incidents.org is reporting scanning for phpbb include vulnerabilities through Google. Apparently there is an IRC botnet being “cultivated”. They are scanning for versions of phpBB prior to 2.0.10, the current release is 2.0.18.
The new IRC bot scans for vulnerable systems using Google, when successful it announces that “oopz and sirh0t and Aleks g0t pwned u!”, and has UDP flooding and UDP/ICMP/TCP scanning capabilities.
The file phpbb_patch was found on exploited systems.