KMIP – New Encryption Protocol

A number of industry heavywights have unveiled the Key Management Interoperability Protocol (KMIP), a new specification jointly developed by Brocade, EMC, HP, IBM, LSI, Seagate and Thales.

“Our customers’ IT environments are growing in complexity and, at the same time, these companies are under extreme pressures to meet compliance regulations and limit costs,” Mark Schiller, director of HP’s security office told IT Examiner. “KMIP was developed in an effort to simplify the process of encryption key management enterprise-wide and is the broadest and most comprehensive key management standards framework developed to date.”

According to Schiller, the standard targets multiple layers, including storage, applications, databases and files.

“The initial authors of the KMIP framework, HP, IBM, RSA/EMC & Thales/Ncipher, shared a common vision of making encryption across the enterprise easier and more transparent for our customers,” explained Schiller. “These four companies engaged more than 25 senior security engineers and architects in the joint activity. This effort was kicked off in late 2007 by the (original) four, with Brocade, LSI, Seagate, and more recently, NetApp, also joining the effort.”

Source:
http://www.itexaminer.com/industry-heavyweights-create-new-encryption-protocol.aspx

Posted in Coding, Internet, Privacy, Security | No Comments

Denial of Service using Partial GET Request in Mozilla Firefox 3.06

The Partial GET Request (HTTP 206 Status Code) of a WAV file results in a Denial of Service of the application.

Last HTTP packet from Firefox before the DoS is listed below in RAW format:

GET /fpaudio/footprints_waves.wav HTTP/1.1
Accept: */*
User-Agent: NSPlayer/11.0.6001.7001 WMFSDK/11.0
UA-CPU: x86
Accept-Encoding: gzip, deflate
Range: bytes=34848-
Unless-Modified-Since: Mon, 09 Jul 2007 12:44:57 GMT
If-Range: “4f0018-440f2-434d403204440”
Host: www.footprints-inthe-sand.com
Connection: Keep-Alive

The OK GET Request (HTTP 200 Status Code) of the WAV file is
listed below in RAW format:
GET /fpaudio/footprints_waves.wav HTTP/1.1
Accept: */*
User-Agent: Windows-Media-Player/10.00.00.3802
UA-CPU: x86
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
Host: www.footprints-inthe-sand.com

Proof of Concept:
http://www.footprints-inthe-sand.com/index.php?page=Poem/Poem.php

Source:
http://www.securityfocus.com/archive/1/500915

Posted in Coding, Internet, Linux, Security, Software, Windows | No Comments

Privacy on Facebook

This is an excellent article that lists 10 ways to protect your privacy on Facebook.  Read the article for the full details, but here’s a quick summary:

1. Use Your Friend Lists
2. Remove Yourself From Facebook Search Results
3. Remove Yourself From Google
4. Avoid the Infamous Photo/Video Tag Mistake
5. Protect Your Albums
6. Prevent Stories From Showing Up in Your Friends’ News Feeds
7. Protect Against Published Application Stories
8. Make Your Contact Information Private
9. Avoid Embarrassing Wall Posts
10. Keep Your Friendships Private

Good advice for all Facebook users.

Posted in Internet, Privacy | No Comments

Crooks set cyber traps on Digg

PandaLabs, a computer security firm, is reporting that cyber-crooks are setting traps on popular news-sharing website Digg.

Criminals pose as legitimate Digg members and then entice readers with bogus links to scintillating online video in comments posted in forums related to celebrity news, according to the Spain-based firm.

Digg is a website at which stories from throughout the Internet are gathered and then given prominence depending on votes, or “diggs,” they get from website members.

Digg members chat about stories in accompanying online forums.

PandaLabs said cyber-frauds post comments claiming to have links to video of starlets having sex or stars getting into trouble.

Those that follow such links are prompted to download software to view the promised video.

What is actually installed is a program that pretends to scan computers for malicious software, claims to find critical problems and then offers to eliminate the supposed trouble at a price.

Source:
http://www.physorg.com/news153559525.html

Posted in Internet, Security | No Comments

BackTrack 4 Beta Released

This is it!  After many months of effort from the Remote Exploit Dev team, BackTrack 4 Beta is ready and available.  I thought I’d post up some “getting started” notes, to help people out with the first surge of questions.

• Default password to BackTrack 4 hasn’t changed, still root / toor.
• KDE 3 is being used in BT4. We tried KDE 4, really, we did. It sucked. Maybe 4.2 in BT4 final.
• Most of the KDE “apt gettable” packages have “kde3” appended to their names. So “apt-get install kate-kde3” is good, “apt-get install kate” is bad. Use “apt-cache search ” to search for packages to install.
• Kernel sources included in /usr/src/linux.
• DHCP disabled by default on boot, you need to /etc/init.d/networking start
• If you do an HD install and want to restore networking (DHCP) to be enabled at boot, type “update-rc.d networking defaults“.
• Getting a live USB install is nice and easy with Unetbootin
• VMware users – to fix the KDE resolution, type “fixvmware” before starting X.
• Vmware tools and kernel modules compile perfectly on VMWare 6.5.1
• If you can’t get X to work, first try to autogenerate an xorg.conf by typing “Xorg -configure” and try using the generated conf file. If that bums out, you can revert to VESA by typing “fixvesa“.
• Wireless networking in KDE can be started with KnetworkManager (/etc/init.d/NetworkManager)
• Various drivers can be found in /opt/drivers (various madwifi branches, video drivers for Nvidia and HP 2133’s).
• Installation of BT4 to HD is similar to BT3. (tip – dont forget to modify /etc/fstab after the install. Change the first line from aufs / aufs …. to the corresponding device and filesystem. For example, on my box it’s /dev/sda3 / reiserfs defaults 0 0, as my root partition is on sda3 and i used the resiserfs filesystem).
• The warning message “W: GPG error: http://ppa.launchpad.net intrepid Release: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY CB2F6C86F77B1CA9” when “apt-get update” occurs as the Intrepid KDE 3 repos do not use a GPG key. We will eventually host these package in our own repo.
• To generate ssh keys for the first time type “sshd-generate“
• Conky takes a while to load.

Download:

ISO:
http://www.remote-exploit.org/cgi-bin/fileget?version=bt4-beta-iso

VMWare Image:
http://www.remote-exploit.org/cgi-bin/fileget?version=bt4-beta-vm

Posted in Coding, Internet, Linux, Networking, Privacy, Security, Software | No Comments