Have you made any progess on the SNK calculator for Palm that you mention on your web site?
http://www.cs.vu.nl/~leendert/pilot.html
I'm very interested in this project. There are some serious known issues with the X9.9 standard, so I'm hoping to find a framework into which I can plug a more secure challenge (alphanumeric) and crypto mechanism.
http://www.freeradius.org/radiusd/doc/rlm_x99_token
Wednesday, January 23, 2002
Monday, January 21, 2002
Congrats on the Interview, and Chicago's view of Bernie
Congrats to Neil on the Newspaper interview.
FYI, we know all the network security people in the Chicago area, and we have never before heard of Bernie. He was never anybody of note in the Chicago scene, and after this, he never will be.
FYI, we know all the network security people in the Chicago area, and we have never before heard of Bernie. He was never anybody of note in the Chicago scene, and after this, he never will be.
Friday, January 11, 2002
Solaris login exploit seen in the wild
A little birdie just told me that the Solaris/Sparc exploit for the buffer overflow in /bin/login is 'in the wild'. I have also received a binary executable of the exploit.
Available now to 'black hats' is a remote exploit overflowing the TTYPROMPT variable. A local exploit should also be expected, allowing anybody who can execute code on an unpatched solaris host to become superuser.
Any internet-accessible Solaris host with port 23 open that has not already been patched should be assumed to have been compromised. Internal hosts are also at risk if not patched.
All of the outsourced hosts with which I am familiar (the ones we audited back in '99) either block telnet entirely, or reject telnet login attempts from arbitrary internet addresses via 'tcp wrappers'. This 'protection' is not an excuse not to apply the Sun patch.
Available now to 'black hats' is a remote exploit overflowing the TTYPROMPT variable. A local exploit should also be expected, allowing anybody who can execute code on an unpatched solaris host to become superuser.
Any internet-accessible Solaris host with port 23 open that has not already been patched should be assumed to have been compromised. Internal hosts are also at risk if not patched.
All of the outsourced hosts with which I am familiar (the ones we audited back in '99) either block telnet entirely, or reject telnet login attempts from arbitrary internet addresses via 'tcp wrappers'. This 'protection' is not an excuse not to apply the Sun patch.
Chicago Tribune Editorial on Spam and UCE
I found Don Wycliff's editorial this Thursday very interesting in view of our recent high-level discussions on unsolicited mail, in particular, HTML messages which automatically download and display pornographic images:
http://www.chicagotribune.com/news/columnists/chi-0201100043jan10.column
Don hits the nail on the head, stating "Newspapers, which must be as open to the public as possible, ought be loath to close themselves off in any way that can be avoided."
He also mentions the two-year-old Illinois anti-spam law. The act provides both legal remedies if the company suffers "actual damages" (I'd like to see the legal definition of this term), and also protection from liability for "action taken in good faith" to stop spam. The full text of the law (and lots of other good anti-spam info) can be found at this location:
http://law.spamcon.org/us-laws/states/il/ema-91-0244.shtml
http://www.chicagotribune.com/news/columnists/chi-0201100043jan10.column
Don hits the nail on the head, stating "Newspapers, which must be as open to the public as possible, ought be loath to close themselves off in any way that can be avoided."
He also mentions the two-year-old Illinois anti-spam law. The act provides both legal remedies if the company suffers "actual damages" (I'd like to see the legal definition of this term), and also protection from liability for "action taken in good faith" to stop spam. The full text of the law (and lots of other good anti-spam info) can be found at this location:
http://law.spamcon.org/us-laws/states/il/ema-91-0244.shtml
Subscribe to:
Posts (Atom)
