Archive for Hacking
Virtual Infrastructure Security Facts The number of virtual servers will rise to more than 1.7 million physical servers by 2010, resulting in 7.9 million logical servers. Virtualized servers will represent 14.6% of all physical servers in 2010 compared [...]
Posted by Dre on Wednesday, March 18, 2009 in
Defense,
Hacking and
Security.
This is just going to be a long list of links with rants. I have taken up the duty of disseminating information on the latest in WiFi and Bluetooth penetration-testing for no real reason other than it's on the tip of my tongue. First, we have the [...]
Posted by Dre on Tuesday, September 23, 2008 in
Hacking,
Security and
Tech.
I wanted to do a post about "what web application security really is" because plenty of people out there don't get it. They understand that "security attacks are moving from hosts to the Web", but they have no idea what that means. To most people, web [...]
Posted by Dre on Sunday, June 15, 2008 in
Defense,
Hacking and
Security.
In October of 2006, a vulnerability in IE7 known as the "mhtml:" Redirection Information Disclosure was discovered. RSnake wrote up a post about how nasty it was. The basics: it took over the entire browser experience. Fortunately, the bug was patched [...]
Posted by Dre on Wednesday, May 7, 2008 in
Conferences,
Hacking,
Privacy and
Security.
Day one of PWN2OWN was unsuccessful, which is no big surprise. But today, I am really hoping for something -- otherwise we'll have to wait until tomorrow for the third-party clieint-side exploits. Here's a little summary I wrote a bit back on how to [...]
Posted by Dre on Thursday, March 27, 2008 in
Apple,
Conferences,
Hacking,
Linux,
Security and
Windows.
I've downloaded and used the Firefox 3 beta browser software for the past few months and wanted to give a report on the latest of what works and what doesn't. Note that I had to install Nightly Tester Tools to get many of these to work. I am also now [...]
Posted by Dre on Monday, March 24, 2008 in
Defense,
Hacking,
Security,
Tech and
Windows.
Lesson 13: Just this week, in lessons 12 and 13, we've covered -- at least partially -- how to significantly reduce risk and vulnerability to system and network infrastructure. We touched on protecting applications, but we weren't able to go into [...]
Posted by Dre on Thursday, March 20, 2008 in
Defense,
Hacking,
Itsm and
Security.
Lesson 12: Yesterday, I shamelessly recommended to ditch all commercial networking gear. In the same breath, I also made several Cisco configuration recommendations. This is just the way that I work. The idea is that network appliances increase risk, but [...]
Posted by Dre on Wednesday, March 19, 2008 in
Defense,
Hacking,
Itsm and
Security.
Lesson 11: Welcome back! I know that the last few weeks have been a lull, and even before ShmooCon there wasn't a lot going on our security blog. However, you're in for a real treat since I'm back with the daily ITSM Vulnerability Assessment techniques! [...]
Posted by Dre on Tuesday, March 18, 2008 in
Defense,
Hacking,
Itsm and
Security.
Taking care of business Before I get into this post, I wanted to give you some updates on progress of other projects here at TS/SCI Security. First off, I've been working on the OWASP Evaluation and Certification Criteria Project and hope to announce [...]
Posted by Dre on Monday, March 17, 2008 in
Hacking,
Security and
Work.
I've been doing some work lately with text files and have been using various shell command techniques to manipulate them for whatever purposes I need. This isn't a HOWTO guide as much as it is a reference for myself and others that just need something [...]
Posted by Marcin on Friday, March 7, 2008 in
Hacking and
Linux.
Marcin and I were talking a bit about mainframe security today. I recalled how fantastic mainframes were while he had his hands in the trenches. Yes, I know that IBM renamed MVS to z/OS (as well as other things) years ago. However, the concepts remain [...]
Posted by Dre on Tuesday, February 5, 2008 in
Hacking,
Linux,
Security and
Tech.
Here's a new 2008 security prediction for you -- The iPhone camera is an odd device. There is no notification that a picture is being taken, so the only requirement for malware is to wait for user activity and then start taking pictures. My prediction is [...]
Posted by Dre on Sunday, January 27, 2008 in
Apple,
Hacking,
Privacy,
Security and
Tech.
Lesson 10:You could say I'm a little late on posting something. However, we've been up to a lot of great research, hopefully much of which we'll publish here over the next few weeks. We had a few posts lately, some of with a change of heart. The latest [...]
Posted by Dre on Wednesday, January 23, 2008 in
Defense,
Hacking,
Itsm and
Security.
What started as a simple DoS against the RIAA through a SQL injection vulnerability, originally posted to Reddit in tinyurl form. UNION ALL SELECT BENCHMARK(100000000,MD5('asdf')),NULL,NULL,NULL,NULL%20-- led an attacker on to dump their entire database. [...]
Posted by Marcin on Sunday, January 20, 2008 in
Hacking and
News.
Lesson 9:Yesterday was a bit of a whirlwind, discussing BGP, Whois/RWhois, and the DOM all in one big post. I'll try and keep it short and sweet today. Arshan Dabirsiaghi (leader of the OWASP Anti-Samy Project), commented on yesterday's post regarding [...]
Posted by Dre on Thursday, January 17, 2008 in
Defense,
Hacking,
Itsm and
Security.
Lesson 8:Two days ago we covered VoIP assessments, and yesterday we covered Intranets and the use of proxies. Most of last week also covered internal network infrastructure assessments, except for some topics such as PDA phones and WiFi devices. Today I [...]
Posted by Dre on Wednesday, January 16, 2008 in
Defense,
Hacking,
Itsm and
Security.
Lesson 7: Today I wanted to bring the real meaning behind these techniques into the spotlight. Learning about how IT groups do real security is only part of this. I'm also talking about what I've seen that IT security shops don't do. What [...]
Posted by Dre on Tuesday, January 15, 2008 in
Defense,
Hacking,
Itsm and
Security.
Lesson 6: Last week was great as I started out talking about a variety of topics including -- Day 1 -- Physical network segmentation / Browser tools Day 2 -- Kernel protection in network drivers / Crawling tools Day 3 -- Sandboxing / HTTP tools Day 4 -- [...]
Posted by Dre on Monday, January 14, 2008 in
Defense,
Hacking,
Itsm and
Security.
Lesson 5:After the first week, many of these assessment techniques don't all fit together or seem congruent. Mid next-week, I think a lot of these pieces will start to come together to form a big picture. The recommendations I've given so far are not [...]
Posted by Dre on Friday, January 11, 2008 in
Defense,
Hacking,
Itsm and
Security.
Lesson 4: We've touched on some of the critical-path ways to assess and protect your infrastructure including network segmentation and OS/application sandboxing. Often, the weakest area of technology is what you can't segment or sandbox effectively, [...]
Posted by Dre on Thursday, January 10, 2008 in
Defense,
Hacking,
Itsm and
Security.
Lesson 3: After the first few days, we've covered securing WiFi, as well as basic software assurance tools to get you started with a web browser and crawler. This is just the beginning. Part 1: Information assurance vulnerability assessment — Sandboxing [...]
Posted by Dre on Wednesday, January 9, 2008 in
Defense,
Hacking,
Itsm,
Linux and
Security.
Lesson 2: We hope that you are enjoying the format of these, as well as the content. Yesterday, I talked about how rogue AP's/clients can be scanned for without adding infrastructure or spending active time walking around the office. I also introduced [...]
Posted by Dre on Tuesday, January 8, 2008 in
Defense,
Hacking,
Itsm and
Security.
Lesson 1:These techniques are in two-parts, 1) Information assurance strategies, and 2) Software assurance tools. My feeling is that vulnerability assessments are typically done less strategically/operationally in IT environments (relying too much on [...]
Posted by Dre on Monday, January 7, 2008 in
Defense,
Hacking,
Itsm and
Security.
I made an epic post to the LSO forums a few minutes ago. I felt the need to re-post a portion of it here. While meeting Joe earlier this evening, who is one of the founders of LearnSecurityOnline, I was inspired to think and write about XSS and a variety [...]
Posted by Dre on Tuesday, December 18, 2007 in
Hacking and
Security.
*Update on the TS/SCI Security Blog* First of all, I would like to announce that I will be retiring the long, diluted threads that have recently appeared on the TS/SCI Security Blog. This is the last of the "longer" threads I've been saving up for our [...]
Posted by Dre on Monday, December 17, 2007 in
Hacking and
Security.
Office collaboration services look like 1985 Microsoft Outlook and Exchange server have been the staple for office collaboration for over 10 years, with a model that has been around since Novell and Lotus in the mid-80's. Collaboration services are [...]
Posted by Dre on Thursday, December 13, 2007 in
Defense,
Hacking,
Security and
Work.
An audit framework for evaluating structured security program frameworks How many readers implemented a new security plan for 2006 or 2007? How many had clients that implemented a new security program? Which frameworks were involved? Possible frameworks [...]
Posted by Dre on Monday, December 10, 2007 in
Defense,
Hacking,
Intelligence,
Politics,
Security,
Tech and
Work.
Chris Hoff published his 2008 Security Predictions, which offer a very dim future for the security industry. His first attack vector is regarding the virtualization hypervisor attacks. Didn't Ptacek prove that this vector is useless? I'm starting to see [...]
Posted by Dre on Wednesday, December 5, 2007 in
Defense,
Hacking and
Security.
Pen-testing is an art, not a science Penetration-testing is the art of finding vulnerabilities in software. But what kind of an "art" is it? Is there any science to it? Is pen-testing the "only" way or the "best" way to find vulnerabilities in software? [...]
Posted by Dre on Sunday, December 2, 2007 in
Defense,
Hacking,
Security and
Tech.
In my last post, I explored some ways of using formal method tools to perform security testing in the most advanced scenarios. It may have been over the heads of many people, so I wanted to offset that by talking to some basic tools which I think anyone [...]
Posted by Dre on Saturday, November 24, 2007 in
Hacking and
Security.
Epic and the gang over at roothack.org have revived the old but popular and fun wargames in a new style. The old games used to be 72-hour team-based games but are now level-based Capture the Flag (CTF) along the same vein as the PullThePlug games. If PTP [...]
Posted by Casey on Wednesday, November 7, 2007 in
Hacking.
This is the second blog post covering Sunday's talks at ToorCon 9. You can read the first installment here. After a hard night of partying, I didn't want to get out of bed early in the morning. Gotta give props to Hikari for foreseeing this and not [...]
Posted by Marcin on Thursday, October 25, 2007 in
Conferences,
Hacking,
People and
Security.
This weekend I was in San Diego, California for ToorCon 9 and had an absolute blast. On Friday, I had checked out the USS Midway Aircraft Carrier Museum and enjoyed listening to veterans recount fascinating experiences on the ship during the war. I took [...]
Posted by Marcin on Monday, October 22, 2007 in
Conferences,
Hacking,
People and
Security.
I'd like to introduce a new segment we'll be doing called "Phrack a Day." Casey and I are going back to the roots of the hacking and phreaking culture and reading through every Phrack article, beginning with the first one to the most current. We'll be [...]
Posted by Marcin on Tuesday, July 24, 2007 in
Hacking and
Phrack a day.