August 10th, 2008
During Paul Vixie’s talk at WOOT on some of the operational challenges of deploying source port randomization functonality in BIND, I started thinking of a few simple ways to harden DNS infrastructure against VU#800113 by leveraging the IP TTL value.
Read the rest of this entry »
Posted in Network, Security, Technical | Comments Off
July 21st, 2008
The Passive DNS Port Test (PDPT) tool acts as a passive DNS monitor to flag resolvers that may be vulnerable to the cache poisoning issue described in CERT VU #800113. Similar to OARC’s porttest, this monitor will judge the source port behavior of resolvers based on the standard deviation of observed source ports.
Read the rest of this entry »
Posted in Network, Projects, Security | Comments Off
February 10th, 2008
Later this week, I’ll be presenting at the Black Hat DC Briefings on weaknesses in the security of live virtual machine migration as implemented by popular vendors such as VMware and Xen. I thought I’d provide a teaser in advance of my presentation detailing some of the topics that will be discussed.
Posted in Analysis, Network, Security, Technical | Comments Off
February 12th, 2007
Some random technical notes on the T-Mobile WiFi Hotspots offered at locations such as Starbucks. Since I spend a fair amount of time at the 24-hour Starbucks on Washtenaw, I often end up playing around with the Cisco WAP instead of actually doing work.
Read the rest of this entry »
Posted in Analysis, Network, Security, Technical | Comments Off
November 24th, 2006
Aimject facilitates man-in-the-middle attacks against AOL Instant Messenger’s OSCAR protocol via a simple GTK interface. This 1.0 release brings Aimject functionality to the masses, being available for Linux, BSD, OS X, and Win32 platforms.
Read the rest of this entry »
Posted in Network, Projects, Security, Technical | Comments Off
September 15th, 2006
Mozilla’s auto-update system is a feature recently added to Firefox and Thunderbird that promises to bring prompt security updates to users without manual interaction. Unfortunately, this feature contains a vulnerability allowing attackers to hijack the update process and deliver malicious updates, resulting in the victim’s host being compromised.
Read the rest of this entry »
Posted in Analysis, Code, Network, Security, Technical | Comments Off
February 15th, 2006
Honeyd is a low-interaction honeypot developed by Niels Provos designed to emulate services and personalities of virtual hosts and networks. As honeypot deployments must remain undetected to maintain their value, the ability of an attacker to effectively and remotely fingerprint Honeyd is a serious issue.
Read the rest of this entry »
Posted in Analysis, Network, Security, Technical | Comments Off