DNS Protocol Flaw: Don`t Panic, Just Patch

July 14, 2008 – 4:11 PM

The exploit discovered by IOActive’s Dan Kaminsky, takes advantage of a fundamental flaw in the DNS (Domain Name Server) protocol. Organizations should move quickly to patch vulnerable DNS servers against a flaw revealed last week. Dan Kaminsky said the bug can be exploited to redirect Internet traffic, but the problem has been solved by implementing port randomization.

Despite the fact that few people know all the technical details of the bug affecting domain name servers that security researcher Dan Kaminsky reported last week, there are no shortage of opinions on it.

As we all should know by now, the exploit discovered by Kaminsky, director of penetration testing for IOActive, takes advantage of a fundamental flaw in the DNS (Domain Name Server) protocol. While Kaminsky is tight-lipped about the specific technical details of the bug, which can be exploited to redirect Internet traffic, he has said the problem has been solved by implementing port randomization.

Source:
http://www.eweek.com/c/a/Security/DNS-Flaw-Dont-Panic-Just-Patch/

Researcher to Demonstrate Attack Code for Intel Chips

July 14, 2008 – 4:00 PM

Security researcher and author Kris Kaspersky plans to demonstrate how an attacker can target flaws in Intel’s microprocessors to remotely attack a computer using JavaScript or TCP/IP packets, regardless of what operating system the computer is running.

Kaspersky will demonstrate how such an attack can be made in a presentation at the upcoming Hack In The Box (HITB) Security Conference in Kuala Lumpur, Malaysia, during October. The proof-of-concept attacks will show how processor bugs, called errata, can be exploited using certain instruction sequences and a knowledge of how Java compilers work, allowing an attacker to take control of the compiler.

“I’m going to show real working code…and make it publicly available,” Kaspersky said, adding that CPU bugs are a growing threat and malware is being written that targets these vulnerabilities.

Different bugs will allow hackers to do different things on the attacked computers. “Some bugs just crash the system, some allow a hacker to gain full control on the kernel level. Some just help to attack Vista, disabling security protections,” he said.

The demonstrated attack will be made against fully patched computers running a range of operating systems, including Windows XP, Vista, Windows Server 2003, Windows Server 2008, Linux and BSD, Kaspersky said, adding that the demonstration of an attack against a Mac is also a possibility.

Source:
http://www.pcworld.com/businesscenter/article/148353/researcher_to_demonstrate_attack_code_for_intel_chips.html

FWAuto v1.1 – Firewall Auditing & Ruleset Analyzer Tool

July 14, 2008 – 5:51 AM

FWAuto (Firewall Rulebase Automation) is a Perl script and should work on any system with Perl installed. Provide the running config of a PIX firewall to fwauto. It will analyze and give you a list of weak rules in your rule base and store the result in multiple output files.

Maybe there have been times when you have pentested a firewall. As part of a grey box engagement you were assigned the task of auditing that HUGE firewall rulebase and were stuck on how to proceed, just because of the sheer volume of information. This tool in Perl is created to help in auditing a rulebase and helping you to narrow down on the weak rules. Current support is just for Cisco PIX though the framework was designed to scale across multiple firewalls and no major changes need to be made.

Source:
http://www.darknet.org.uk/2008/07/fwauto-v11-firewall-auditing-ruleset-analyzer-tool/

ISPs Join to Block Child Porn

July 13, 2008 – 10:39 AM

AT&T Inc. and AOL LLC have joined three other major Internet service providers in eliminating access to child pornography newsgroups, New York Attorney General Andrew Cuomo said Friday.

In June, Verizon Communications Inc., Time-Warner Cable and Sprint Nextel Corp. signed an agreement with Cuomo to shut down access to two major sources of child pornography.

Like those ISPs, AT&T and AOL will also rid their servers of child porn Web sites, according to a statement from Cuomo’s office.

“AT&T takes its obligation to protect its customers from child pornography very seriously, and we’re happy to work with Attorney General Cuomo’s office and the National Center for Missing and Exploited Children in the effort to help prevent the distribution of this harmful and abusive content,” said AT&T spokesman Marty Richter in an e-mail.

Source:
http://www.pcworld.com/article/148295/isps_join_to_block_child_porn.html

Accessing Internet at 640 Gb/s?

July 13, 2008 – 8:45 AM

University of Sydney physicists have developed an optical chip that could potentially improve ‘Internet speeds to up to 100 times faster than current Australia’s networks.’ According to the Sydney Morning Herald, these chalcogenide glass photonic chips will be very cheap to produce as they’re based on plain glass. As said the lead researcher, ‘we are talking about networks that are potentially up to 100 times faster without costing the consumer any more.’ He adds that these chips could be scaled to operate at data rates approaching 640 Gb/s — the equivalent to transmitting approximately 17 complete DVDs per second! These chips could be commercially available in 5 years with the possible first network deployments in Japan.

Source:
http://blogs.zdnet.com/emergingtech/?p=977