tag:blogger.com,1999:blog-302370672024-02-08T04:02:34.720-08:00A for-now blog of Araz Samadisorry! too busy these days...Araz Samadihttp://www.blogger.com/profile/13033146382834659071noreply@blogger.comBlogger103125tag:blogger.com,1999:blog-30237067.post-44214546562385412682012-02-01T01:12:00.000-08:002012-02-01T01:14:48.274-08:002007-20125 years, wow! :)Araz Samadihttp://www.blogger.com/profile/13033146382834659071noreply@blogger.com4tag:blogger.com,1999:blog-30237067.post-3394433453561374522007-04-09T12:26:00.000-07:002007-04-09T02:46:54.667-07:00An inside look into building and releasing MS07-017<blockquote>As part of that, we not only investigate the specific issue that was reported to us, but any surrounding issues. Customers have told us clearly that they want us to make the security update as comprehensive as possible, they don’t want to have to apply multiple updates to address issues in the same components. So our triaging stage focuses on finding as many related issues as possible... Every vulnerability reported to Microsoft is triaged personally by a member of my team (in this case it was Adrian Stone) and they work on those issues reported to us end-to-end until the point we are able to produce an update that helps protect customers. In many cases, there is a delicate balance we strive to strike between meeting customer needs, our ability to test an update for appropriate quality and protecting customers against possible attacks...</blockquote>Read <a href="http://blogs.technet.com/msrc/archive/2007/04/03/an-inside-look-into-building-and-releasing-ms07-017.aspx">the post</a> in MSRC blog.Araz Samadihttp://www.blogger.com/profile/13033146382834659071noreply@blogger.com3tag:blogger.com,1999:blog-30237067.post-60372276928483147082007-04-06T12:23:00.000-07:002007-04-09T02:52:21.028-07:00MOPB full review<blockquote>...<br />--without-iconv<br />--disable-json<br />--disable-mbregex<br />--disable-pdo<br />--disable-posix<br />--disable-reflection<br />--disable-filter<br />--disable-session<br />--disable-spl<br />--without-sqlite<br />--disable-tokenizer<br />--disable-libxml, --disable-xml, --disable-dom, --disable-simplexml, --disable-xmlreader & --disable-xmlwriter<br />...</blockquote>Read the <a href="http://portal.spidynamics.com/blogs/jeff/archive/2007/04/03/The-current-state-of-PHP-security-_2800_w_2F00_-MOPB-full-review_2900_.aspx">full story</a>.Araz Samadihttp://www.blogger.com/profile/13033146382834659071noreply@blogger.com0tag:blogger.com,1999:blog-30237067.post-90437620965835648122007-04-05T12:21:00.000-07:002007-04-05T12:26:06.523-07:00Physical Security in Mission Critical Facilities<blockquote>Technologies are in place, and getting less expensive, to implement broad range solutions based on the identification principles of What you have, What you know, and Who you are. By combining an assessment of risk tolerance with an analysis of access requirements and available technologies, an effective security system can be designed to provide a realistic balance of protection and cost.</blockquote>Download <a href="http://www.apcmedia.com/salestools/SADE-5TNRPL_R1_EN.pdf">the pdf file</a> (25 pages) - through 'netsec.blogspot.com'.Araz Samadihttp://www.blogger.com/profile/13033146382834659071noreply@blogger.com0tag:blogger.com,1999:blog-30237067.post-81831891369741324032007-02-12T04:00:00.000-08:002007-02-12T04:05:11.329-08:00Top Ten Threats for 2007<blockquote>1. 100% growth in revenue for cyber crime<br />2. DDoS in support of phishing attacks<br />3. Successful DDoS attack against a financial services firm<br />4. Attacks against DNS are the threat of the year<br />5. No abatement in identity theft<br />6. More attacks against wireless networks<br />7. MySpace grows up and gets secure<br />8. YouTube abuse threatens site<br />9. Network infrastructure shows signs of overloading<br />10. Spread of Windows Vista will have zero impact on the overall threatscape</blockquote>Read <a href="http://blogs.zdnet.com/threatchaos/?p=443">Richard Stiennon's predictions for 2007</a>.Araz Samadihttp://www.blogger.com/profile/13033146382834659071noreply@blogger.com5tag:blogger.com,1999:blog-30237067.post-44599436838212802162007-02-02T14:43:00.000-08:002007-02-02T14:44:41.254-08:00Stack Overflow IRC Lecture<blockquote>Title: Stack Overflow IRC Lecture<br />Author/Lecturer: Aelphaeis Mangarae<br />Website: http://blackhat-forums.com<br />IRC: IRC.BlueHell.Org #BHF<br />Topic: Win32 Stack Based Buffer Overflow Exploitation</blockquote>You can find it <a href="http://www.milw0rm.com/papers/137">here</a>.Araz Samadihttp://www.blogger.com/profile/13033146382834659071noreply@blogger.com0tag:blogger.com,1999:blog-30237067.post-62155391505040576412007-01-31T02:41:00.000-08:002007-01-31T02:48:51.734-08:00Marcus J Ranum (MJR) and Bruce Schneier on Full Disclosure<blockquote>Marcus J Ranum (MJR) says:<br />- “After 10 years of full disclosure, security has not gotten any better”.<br />Bruce says: <br />- “Bugs exist whether or not they are disclosed in a public forum. Vendors are more responsive when it could cause bad PR. Public disclosure forces vendors to more quickly fix flaws which makes systems more secure”. </blockquote>Haha... See the full battle on <a href="http://blogs.securiteam.com/index.php/archives/796">securiteam blog</a>.Araz Samadihttp://www.blogger.com/profile/13033146382834659071noreply@blogger.com0tag:blogger.com,1999:blog-30237067.post-1169669775315583872007-01-25T12:13:00.000-08:002007-01-25T06:48:06.879-08:00The best practices for network security in 2007<blockquote>Here's my best practice list, in order of importance:<br />1. Roll out corporate security policies<br />2. Deliver corporate security awareness and training<br />3. Run frequent information security self-assessments<br />4. Perform regulatory compliance self-assessments<br />5. Deploy corporate-wide encryption<br />6. Value, protect, track and manage all corporate assets<br />7. Test business continuity and disaster recovery planning</blockquote>Read <a href="http://www.computerworld.com.au/index.php/id;1327256501;fp;16;fpid;1;pf;1">the article</a> (by Gary S. Miliefsky)Araz Samadihttp://www.blogger.com/profile/13033146382834659071noreply@blogger.com2tag:blogger.com,1999:blog-30237067.post-1169669606258284372007-01-24T12:11:00.000-08:002007-01-24T12:13:26.446-08:00INTERNET RESOURCES FOR COMPUTER FORENSICSIt is <a href="http://faculty.ncwc.edu/toconnor/426/426links.htm">Great</a>!Araz Samadihttp://www.blogger.com/profile/13033146382834659071noreply@blogger.com0tag:blogger.com,1999:blog-30237067.post-1169401917106636382007-01-21T09:43:00.000-08:002007-01-22T07:31:59.710-08:00Chinese Prof Cracks SHA-1 Data Encryption Scheme (OR) SHA-1 added to list of "accomplishments"<blockquote>The reason for this change is that 41-years old associate professor Wang Xiaoyun of Beijing's Tsinghua University and Shandong University of Technology has already cracked SHA-1... Professor Wang Xiaoyun, a graduate of Shandong University of Technology's mathematics department, and her research team obtained results by using ordinary personal computers... Wang's method of cracking the encryptions differs from all others. Although encryption analysis usually cannot be done without the use of computers, according to Wang, the computer only assisted in cracking the algorithm. Most of the time, she calculated manually, and manually designed the methods.</blockquote>Read <a href="http://en.epochtimes.com/news/7-1-11/50336.html">the article</a> and <a href="http://it.slashdot.org/article.pl?sid=07/01/20/1936257">slashdot discussion</a>.Araz Samadihttp://www.blogger.com/profile/13033146382834659071noreply@blogger.com1tag:blogger.com,1999:blog-30237067.post-1168698093186529222007-01-13T06:18:00.000-08:002007-01-16T01:13:20.890-08:00Open-Source Spying<img src="http://graphics10.nytimes.com/images/2006/11/29/magazine/03spy.1.600.jpg" width=300 height=110><br clear=all><blockquote>Top-secret information is becoming less useful than it used to be. “The intelligence business was initially, if not inherently, about secrets — running risks and expending a lot of money to acquire secrets,” he said, with the idea that “if you limit how many people see it, it will be more secure, and you will be able to get more of it. But that’s now appropriate for a small and shrinking percentage of information.” The time is past for analysts to act like “monastic scholars in a cave someplace,” he added, laboring for weeks or months in isolation to produce a report...</blockquote>Read the article in <a href="http://www.nytimes.com/2006/12/03/magazine/03intelligence.html?ex=1322802000&en=46027e63d79046ce&ei=5090">nytimes</a>.Araz Samadihttp://www.blogger.com/profile/13033146382834659071noreply@blogger.com1tag:blogger.com,1999:blog-30237067.post-1168437662474805292007-01-10T05:54:00.000-08:002007-01-10T06:01:03.533-08:00"Teaching an Old Dog New Tricks" or "The Problem is Complexity"<blockquote>First off, it gave me a much-needed booster-shot of humility about my code. Having a piece of software instantly point out a dozen glaring holes in your code is never fun - but it's an important sensation to savour... More importantly, it showed me that tools like Fortify really do work, and that they find vulnerabilities faster and better than a human... <span style="font-weight:bold;">The "many eyes" theory of software quality doesn't appear to hold true</span>, either. FTWK was widely used for almost ten years, and only one of the problems I found with Fortify was a problem I already knew about.</blockquote>Read Marcus J. Ranum's article <a href="http://www.ranum.com/security/computer_security/editorials/codetools/">here</a>. (He is Chief Of Security for Tenable Security.)Araz Samadihttp://www.blogger.com/profile/13033146382834659071noreply@blogger.com0tag:blogger.com,1999:blog-30237067.post-1168086177061028142007-01-06T04:18:00.000-08:002007-01-06T04:22:58.046-08:00Internet Explorer Unsafe for 284 Days in 2006<blockquote>In contrast, Internet Explorer's closest competitor in terms of market share -- Mozilla's Firefox browser -- experienced a single period lasting just nine days last year in which exploit code for a serious security hole was posted online before Mozilla shipped a patch to remedy the problem.</blockquote>Read <a href="http://blog.washingtonpost.com/securityfix/2007/01/internet_explorer_unsafe_for_2.html">this article</a> (by Brian Krebs). It is also <a href="http://it.slashdot.org/article.pl?sid=07/01/04/162238">discussed</a> at slashdot.comAraz Samadihttp://www.blogger.com/profile/13033146382834659071noreply@blogger.com0tag:blogger.com,1999:blog-30237067.post-1167918710379894362007-01-04T05:33:00.000-08:002007-01-10T02:16:27.766-08:00Five Hackers Who Left a Mark on 2006<blockquote><img src="http://common.ziffdavisinternet.com/util_get_image/16/0,1425,i=160812,00.jpg" width=160 height=110 align=left>H.D. Moore has always been a household name—and a bit of a rock star—in hacker circles. As a vulnerability researcher and exploit writer, he built the Metasploit Framework into a must-use penetration testing tool...</blockquote>Read <a href="http://www.eweek.com/article2/0,1895,2078362,00.asp">about them</a>!<br />+ <a href="http://it.slashdot.org/article.pl?sid=07/01/03/1755214">Related discussion</a> in slashdot.Araz Samadihttp://www.blogger.com/profile/13033146382834659071noreply@blogger.com1tag:blogger.com,1999:blog-30237067.post-1167825812290555592007-01-03T04:02:00.000-08:002007-01-03T04:03:37.356-08:00Michal Zalewski on the Wire<blockquote>I show that security problems are inherent to the way we design systems, bound to just about any aspect of modern computing; and that only by understanding it can you follow and mitigate threats efficiently... When users have access to more and more bandwidth and computing power, they can more easily carry out brute-force attacks against protocols and algorithms... </blockquote>Read Federico Biancuzzi's <a href="http://www.onlamp.com/lpt/a/6154">interview with Michal Zalewski</a> about his book. (August 2006)Araz Samadihttp://www.blogger.com/profile/13033146382834659071noreply@blogger.com0tag:blogger.com,1999:blog-30237067.post-1167752844069037902007-01-02T07:30:00.000-08:002007-01-02T07:47:24.410-08:00Top 10 Web Hacks of 2006<blockquote>Attacks always get better, never worse. That’s what probably what I’ll remember most about 2006. What a year it’s been in web hacking! There’s never been such a big leap forward in the industry and frankly it’s really hard to keep up... To look back on what’s been discovered RSnake, Robert Auger, and myself collected as many of the new 2006 web hacks as we could find. We’re using the term "hacks" loosely to describe some of the more creative, useful, and interesting techniques/discoveries/compromises. There were about 60 to choose from making the selection process REALLY difficult. After much email deliberation we believe we created a solid Top 10. Below you’ll find the entire list in no particular order. Enjoy!</blockquote>Read <a href="http://jeremiahgrossman.blogspot.com/2006/12/top-10-web-hacks-of-2006.html">this Top10</a> in Jeremiah Grossman's blog.Araz Samadihttp://www.blogger.com/profile/13033146382834659071noreply@blogger.com0tag:blogger.com,1999:blog-30237067.post-1167585087585852482007-01-01T00:00:00.000-08:002007-01-19T01:37:42.973-08:00Cookie Stealing Upgrade: Ajax Style<blockquote>For those of you that have been living under a good and solid rock lately, AJAX is revolutionizing the way the web works in the fact that it brings desktop-like functionality straight to the web in the form of Javascript and XML (For this tutorial, a working knowledge of XML is not needed.) In other words, AJAX (Asynchronous Javascript and XML) gets rid of pesky page refreshes and coupled with DHTML effects, can lead to quite interesting desktop-like web apps... The property that is much sought after with AJAX is its ability to send arbitrary requests to a server in the form of an XMLHttpRequest...</blockquote>Read <a href="http://www.milw0rm.com/papers/130">this article</a> in milw0rm.com.Araz Samadihttp://www.blogger.com/profile/13033146382834659071noreply@blogger.com2tag:blogger.com,1999:blog-30237067.post-1164877839228765512006-11-30T01:08:00.000-08:002007-01-04T12:42:35.680-08:00BusyToo busy to update...<br />I will be back in January 1st.Araz Samadihttp://www.blogger.com/profile/13033146382834659071noreply@blogger.com0tag:blogger.com,1999:blog-30237067.post-1163662147879614332006-11-17T23:28:00.000-08:002006-11-29T12:28:59.440-08:00Kevin Mitnick's Security Advice<blockquote>Here's my Top 10 list of steps you should take to protect your information and your computing resources from the bad boys and girls of cyberspace:<br />- Back up everything<br />- Choose passwords that are reasonably hard to guess <br />- Use an antivirus product<br />- Update your OS religiously<br />- Avoid hacker-bait apps<br />- Use encryption software<br />- Install a spyware detection app <br />- Use a personal firewall<br />- Disable any system services you're not using<br />- Secure your wireless networks</blockquote>Read <a href="http://www.wired.com/news/technology/0,72116-0.html">this</a> in wired.com.Araz Samadihttp://www.blogger.com/profile/13033146382834659071noreply@blogger.com6tag:blogger.com,1999:blog-30237067.post-1163662069680588732006-11-16T23:27:00.000-08:002006-11-17T00:42:03.173-08:00Miniature Computers That Can Break Your Network Wide Open<blockquote>One aspect of information security that is often under looked is physical security... Assuming a network has implemented end to end security in the form of 802.1x or a network access control (NAC) solution they all make one major assumption: that a man in the middle attack can’t be executed once the end point has authenticated. For example 802.1x addresses this directly, if the network port detects that the connection is dropped it requires the end point to re-authenticate before it’s allowed to have network access again. If the network hasn’t implemented such a scheme then it becomes trivial to execute a man in the middle attack by physically inserting another computer in between the network equipment and the end machine...</blockquote>Read <a href="http://www.riskbloggers.com/kurtseifried/2006/11/draft-surveillance-devices-miniature-computers-that-can-break-your-network-wide-open/">this post</a> in riskbloggers by Kurt Seifried.Araz Samadihttp://www.blogger.com/profile/13033146382834659071noreply@blogger.com0tag:blogger.com,1999:blog-30237067.post-1163661856441399342006-11-15T23:23:00.000-08:002006-11-15T23:24:16.530-08:00The A to Z of security - 27 pages<blockquote>Antivirus, Botnets, CMA, DDoS, Extradition, Federated identity, Google, Hackers, IM, Jaschan (Sven), Kids, Love Bug, Microsoft, Neologisms, Orange, Passwords, Questions, Rootkits, Spyware, Two-factor authentication, USB sticks/devices, Virus variants, Wi-fi, OS X, You and Zero-day!</blockquote>Read <a href="http://software.silicon.com/security/0,39024655,39164025,00.htm">this article</a> by Natasha Lomas.Araz Samadihttp://www.blogger.com/profile/13033146382834659071noreply@blogger.com0tag:blogger.com,1999:blog-30237067.post-1163661684706069532006-11-14T23:20:00.000-08:002006-11-15T23:26:57.936-08:00Computerworld's Smart Salary Tool 2006 (Online)<blockquote><img src="http://www.computerworld.com/common/images/2006_salarysurvey_logo.gif" width=120 height=155 align=left>Is your salary on par with what your peers are making? Use our Smart Salary Tool to compare your pay with IT workers in similar jobs, from around the country. Our 2006 survey reports on salaries from nearly 15,000 IT professionals...</blockquote>See <a href="http://www.computerworld.com/action/usertools.do?command=getSalaryInformation&yr=2006">the page</a>.Araz Samadihttp://www.blogger.com/profile/13033146382834659071noreply@blogger.com0tag:blogger.com,1999:blog-30237067.post-1163246498102976862006-11-13T04:00:00.000-08:002006-11-13T07:12:05.406-08:00New Web Application Security Survey<blockquote>- Do you use commercial vulnerability scanner products during your assessments?<br />(Acunetix, Cenzic, Fortify, NTOBJECTives, Ounce Labs, Secure Software, SPI Dynamic, Watchfire, etc.)...<br />- Do you use open source tools during your assessments?<br />(Paros, Burp, Live HTTP headers, Web Scarab, CAL9000, Nikto, Wikto, etc.)</blockquote>Read <a href="http://jeremiahgrossman.blogspot.com/2006/11/web-application-security-professionals.html">the original post</a> by Jeremiah Grossman and <a href="http://ha.ckers.org/blog/20061109/new-web-application-security-survey/">an answer</a> in ha.ckers.org blog.Araz Samadihttp://www.blogger.com/profile/13033146382834659071noreply@blogger.com0tag:blogger.com,1999:blog-30237067.post-1163246428767219792006-11-12T03:59:00.000-08:002006-11-12T01:45:41.243-08:00Using Perl/Net::SinFP (sinfp.pl) for OS fingerprinting<blockquote>SinFP is a new approach to OS fingerprinting, which bypasses limitations that nmap has... Nowadays, with the omni-presence of stateful filtering devices, PAT/NAT configurations and emerging packet normalization technologies, Nmap's approach to OS fingerprinting is becoming to be obsolete...<br />SinFP uses the aforementioned limitations as a basis for tests to be obsolutely avoided in used frames to identify accurately the remote operating system...</blockquote>See <a href="http://www.gomor.org/cgi-bin/index.pl?mode=view;page=sinfp">this security tools' webpage</a>.Araz Samadihttp://www.blogger.com/profile/13033146382834659071noreply@blogger.com0tag:blogger.com,1999:blog-30237067.post-1163246091775270142006-11-11T03:53:00.000-08:002006-11-11T03:54:52.676-08:00MS TechNet: Windows Vista Security Guide Overview<blockquote>The Windows Vista Security Guide consists of five chapters, and an appendix that you can use to reference setting descriptions, considerations, and values. The Windows Vista Security Guide Settings.xls file that accompanies this guide provides another resource that you can use to compare the setting values. The following figure shows the guide structure to help inform you how to optimally implement and deploy the prescriptive guidance.</blockquote><center><img src="http://www.microsoft.com/library/media/1033/technet/images/windowsvista/security/VSGOver.gif" width=336 height=433></center><blockquote>Chapter 1: Implementing the Security Baseline<br />Chapter 2: Defend Against Malware<br />Chapter 3: Protect Sensitive Data<br />Chapter 4: Application Compatibility<br />Chapter 5: Specialized Security – Limited Functionality<br />Appendix A: Security Group Policy Settings</blockquote>Read <a href="http://www.microsoft.com/technet/windowsvista/security/guide.mspx">this useful guide</a> in 7 pages (and the <a href="http://www.microsoft.com/technet/security/prodtech/windowsxp/secwinxp/default.mspx">older version</a> for WinXP).Araz Samadihttp://www.blogger.com/profile/13033146382834659071noreply@blogger.com0