There’s this article on ZDNet. It reports that recently, there has been allot of active attacks against Linux systems, using stolen SSH keys.
As the article explains, once inside the machine, the attacker uses local kernel exploits to gain root access so that a rootkit known as phalanx2 gets installed.
This type of attacks are probably related [...]
One thing that is missing in Ubuntu is an easy way for a novice user to turn on and configure the firewall. It’s bad enough to not have the firewall turned off by default. Even if you argue that Ubuntu is secure by default because it has no services listening on the network on first [...]
According to Fedora, some servers from the project were illegally accessed.
Quoting Paul W. Frields from Fedora:
One of the compromised Fedora servers was a system used for signing Fedora packages. However, based on our efforts, we have high confidence that the intruder was not able to capture the passphrase used to secure the Fedora package signing [...]
This is something I missed in the last weeks. I’ve noticed that Gmail now has an option in the settings page, that allows the user to force https (SSL connection). I’ve tested it, and it works just fine.
This saves the effort of having to insert https manually in the URL, because otherwise, Gmail will only [...]
The Matasano Chargen blog has published an entire post talking about the ways to exploit the DNS vulnerability found by Dan Kaminsky. Apparently the author tried to fall back, removing the post, but it was too late. The post was already in everyone’s feed reader (and still is in mine).
Since I’m not going to disclose [...]
I’ve noticed that since Friday there has been allot of scanning activity attempts against my blog. Fortunately, they fail. The IP addresses come from a variety of countries like Denmark, Germany, Ukraine, USA and alike, and all seem to come from compromised machines, running Windows 2000, 98 (go figure) and Solaris.
The scanning methods used are [...]
Há uns tempos atrás escrevi um post sobre como melhorar a segurança do Gmail forçando o modo SSL no URL. Esta prática tem algum efeito pois por omissão o Gmail usa apenas SSL no login, descartando-o depois. Ou seja, as cookies passam a viajar na rede sem qualquer tipo de protecção. Usando antes o endereço [...]
No Internet Explorer, desde o 6 até ao actual 8, é possível correr código javascript ou html através de uma imagem especialmente criada com esse propósito.
Desde o tempos do IE 6 que a Microsoft sabe deste problema, mas nunca o chegou a corrigir por considerar uma “feature” e não um bug.
Aqui fica um exemplo de [...]
Foi ontem anunciada uma grave vulnerabilidade no protocolo DNS que permite que qualquer domínio seja forjado em qualquer servidor DNS através de DNS cache poisoning.
Pelo facto de a falha ser no protocolo, praticamente todas as implementações de servidores DNS são vulneráveis, tal como BIND, Microsoft, Cisco, etc.
Felizmente, a pessoa que anunciou esta vulnerabilidade, Dan Kaminsky, [...]
Só ontem reparei que a firewall do Leopard no modo “Allow specific applications and services” por default dá acesso à maioria dos serviços sem sequer pedir confirmação. Como por exemplo, o MAMP, que na sua versão gratuita vem por default a correr os serviços localmente…
MAMP installs a local server environment in a matter of seconds [...]