Posts Tagged ‘firewall’
MPAA College Toolkit Raises Privacy, Security Concerns
Saturday, November 24th, 2007“The Motion Picture Association of America last month sent letters to the presidents of 25 major universities (pdf), urging them to download and install a ‘university toolkit’ to help identify students who were downloading/sharing movie files. The Washington Post’s Security Fix blog reports that any university that installs the software could be placing a virtual wiretap on their networks for the MPAA (and the rest of the world) to listen in on all of the school’s traffic. From the story: ‘The MPAA also claims that using the tool on a university network presents “no privacy issues — the content of traffic is never examined or displayed.’ That statement, however, is misleading. Here’s why: The toolkit sets up an Apache Web server on the user’s machine. It also automatically configures all of the data and graphs gathered about activity on the local network to be displayed on a Web page, complete with ntop-generated graphics showing not only bandwidth usage generated by each user on the network, but also the Internet address of every Web site each user has visited. Unless a school using the tool has firewalls on the borders of its network designed to block unsolicited Internet traffic — and a great many universities do not — that Web server is going to be visible and accessible by anyone with a Web browser.”
Google as a password cracker
Monday, November 19th, 2007Steven J. Murdoch writes
One of the steps used by the attacker who compromised Light Blue Touchpaper a few weeks ago was to create an account (which he promoted to administrator; more on that in a future post). I quickly disabled the account, but while doing forensics, I thought it would be interesting to find out the account password. Wordpress stores raw MD5 hashes in the user database (despite my recommendation to use salting). As with any respectable hash function, it is believed to be computationally infeasible to discover the input of MD5 from an output. Instead, someone would have to try out all possible inputs until the correct output is discovered.
So, I wrote a trivial Python script which hashed all dictionary words, but that didn’t find the target (I also tried adding numbers to the end). Then, I switched to a Russian dictionary (because the comments in the shell code installed were in Russian) but that didn’t work either. I could have found or written a better password cracker, which varies the case of letters, and does common substitutions (e.g. o → 0, a → 4) but that would have taken more time than I wanted to spend. I could also improve efficiency with a rainbow table, but this needs a large database which I didn’t have.
Vulnerable firewall
Thursday, November 15th, 20074 for 52 writes
ZDNet is reporting that Apple has fessed up to at least three serious design weaknesses in the new application-based firewall that ships with Mac OS X Leopard. The acknowledgment comes less than a month after independent researchers threw cold water on Apple’s claim that Leopard’s firewall can block all incoming connections. The firewall patches come 24 hours after a Mac OS X update that provided cover for at least 41 security vulnerabilities.