Image of Cortney & Jeremy

Security

Why Best Practices Are Important (or: How I Pwn’d The Shit Out Of My ISP)

September 28, 2012
Thumbnail image for Why Best Practices Are Important (or: How I Pwn’d The Shit Out Of My ISP)

Note: The events described herein took place many, many years ago (the statute of limitations has long since expired!), but the moral of the story remains the same. This topic came up on IRC a few nights ago and since a) several were interested in the story and b) I’m heading out to DerbyCon shortly, […]

3 comments Read the full article →

Why Gigamon Scares The Crap Out of Me

October 31, 2011
Thumbnail image for Why Gigamon Scares The Crap Out of Me

I had the opportunity to visit with some of the Gigamon folks at their Milpitas, California, office last week as part of the Net Field Day 2 event and, frankly, what they showed us scared the shit out of me. Gigamon has a variety of products in their line-up. At the most basic is the […]

9 comments Read the full article →

Free Two-Factor Auth for your Servers and VPNs

June 23, 2011

Last week, I wrote about bitcoin and its reliance on exchanges such as Mt. Gox. A few days later, Mt. Gox had a few more “issues” including their entire user database being leaked to the Internet. In various online discussions afterwards, the use of two-factor authentication came up repeatedly. I wondered if there was a […]

6 comments Read the full article →

Why I Use Jungle Disk and Tarsnap

April 20, 2011

Two weeks ago, Derek Newton wrote an article entitled “Dropbox authentication: insecure by design” after discovering that one could take Dropbox’s config.db file, copy it to another host, and gain access to that Dropbox account. Dropbox is a free service that lets you bring your photos, docs, and videos anywhere and share them easily. Dropbox […]

3 comments Read the full article →

Comodo’s SSL certificates: the underlying problem

March 25, 2011

Ten days ago, a “hacker” obtained legitimate (but fraudulent) SSL certificates that gave them the ability to impersonate some of the highest trafficked websites on the Internet: login.yahoo.com, mail.google.com, login.skype.com, and addons.mozilla.org, among others. Comodo, the vendor with such lax security that allowed this to happen, quickly pointed out that the attack originated “mainly from […]

0 comments Read the full article →

Should Verizon Revoke Etisalat’s SSL CA Certificate?

August 14, 2010

Etisalat is a telecommunications company in the United Arab Emirates that provides various services for home users such as mobile Internet access and broadband and dial-up Internet. They also operate a network of hotspots in various public locations. Just over a year ago, Etisalat issued a “firmware update” to roughly 145,000 BlackBerry users that was […]

1 comment Read the full article →

Access Controls for HP ProCurve Devices

August 6, 2010

Yesterday, the Internet Storm Center published a diary called “Access Controls for Network Infrastructure”. That particular diary is Cisco-centric, so I thought I’d put together something similar for HP ProCurve gear (at least the 2650, 2910s, and 5400s I’ve worked with). Default Credentials HP ProCurve gear ships without any type of authentication, by default. This […]

6 comments Read the full article →

Ubuntu 9.10 and 10.04 LTS vulnerability

July 10, 2010

Update your Ubuntu 9.10 and 10.04 LTS servers (see USN-959-1) if you haven’t already, especially if they’re multi-user systems: [jlgaddis@homer ~]$ ssh helium jlgaddis@helium.lab.evilrouters.net’s password: Linux helium 2.6.32-22-generic-pae #36-Ubuntu SMP Thu Jun 3 23:14:23 UTC 2010 i686 GNU/Linux Ubuntu 10.04 LTS Welcome to Ubuntu! * Documentation: https://help.ubuntu.com/ 7 packages can be updated. 4 updates are […]

0 comments Read the full article →

RANT: Adobe and (in)Security

June 14, 2010

Last week — yet again — more security issues in Adobe products were announced. Adobe’s Security Advisory APSA10-01 confirmed that a 0-day exploit was being actively exploited. This vulnerability affected Flash Player, Acrobat Reader, and Acrobat. While the advisory listed techniques for mitigation, many of these are simply not feasible or practical in many environments. […]

0 comments Read the full article →

IOSTrojan: Who really owns your router?

May 12, 2010

This evening, I noticed a paper in the SANS Reading Room entitled, “IOSTrojan: Who really owns your router?” (PDF).  The paper was written by Manuel Humberto Santander Peláez, as part of the requirements for the GCIH certification. To entice you to read it, I’ll simply include one paragraph from the Introduction: Cisco routers are not […]

0 comments Read the full article →