Friday, January 30, 2009
It looks like President Obama has outlasted the Secret Service and will be allowed to keep his beloved BlackBerry 8830 for "personal use" with the use of Sectera Edge for official business.
Thursday, January 15, 2009
Buffer Overflows in DNS Resolver Library
| || |
Solaris 8 **
Multiple buffer overflows exist in the BIND DNS resolver library (libbind) that allows an attacker to execute arbitrary code on vulnerable systems.
To correct the vulnerability upgrade to the most recent release of BIND. The Internet Software Consortium (ISC) currently maintains three branches of the BIND package: 4.x, 8.x and 9.x. You may download the most recent release of each branch of BIND in source code form from ftp://ftp.isc.org. In addition, you may obtain further information on BIND at http://www.isc.org/products/BIND/ BIND 4.x is depreciated and will not be updated further by the ISC. BIND 8.x is still supported and will be for some time due to it's wide distribution. The latest BIND 8 series information is located at http://www.isc.org/products/BIND/bind8.html The BIND 9.x distribution which was a major rewrite of the BIND architecture is the suggested upgrade path for current 4.x or 8.x servers.
To build the BIND packages:
$tar -xvzf bind-x.x.x.tar.gz
If the version of BIND you are replacing was included with the UNIX distribution and not installed separately you may need to change the install directories using the --prefix option when running configure.
BIND should normally be run in a chroot: meaning that the running daemon cannot access files outside of it's predetermined directory tree. This helps minimize the damage from a exploited service by restricting it's access to the file system once compromised. The following guides give examples of setting up chrooted BIND environments.
Chroot-BIND HOWTO (covers BIND 9)
To determine which version of BIND you are using, you can run the following command at your console:
# name -v
named 8.2.2-P5 Tue Mar 5 17:19:57 PDT 2002
The DNS resolver libraries contain remotely exploitable buffer overflow vulnerabilities in the code used to handle DNS responses.
For more information:
Common Vulnerabilities & Exposures (CVE) Link:
IAVA Reference Number
Tuesday, January 6, 2009
Phishing is the act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user’s information (http://www.webopedia.com/TERM/P/phishing.html).
These attacks lead Twitter users to a drive-by malware site. A drive-by download or malware is a program that is automatically downloaded to your computer without your consent or even your knowledge.
Then hackers used Twitter’s own support tools to gain control of 33 member accounts -- including that of President-elect Barack Obama, CNN's Rick Sanchez, and pop star Britney Spears.
As a Twitter participant, I found this to be very interesting and as always I will increase my awareness while using Twitter or any online tool.
Monday, January 5, 2009
Digital forensics is the science of discovering and retrieving digital information from digital devices about an event in such a way to make it admissible in court to either prove culpability or innocent.