390609
submission
leto writes:
Dan Kaminsky and Paul Wouters both presented DNS security talks at the new Canadian security conference SecTor in Toronto. Kaminsky showed a DNS binding attack using javascript and flash, allowing him to penetrate any firewall and start scanning the internal network of any user that visited his website. Wouters gave a presentation on the Theory and current worldwide operational experiences of DNSSEC that included a fancy google map overlay showing all TLD's deploying or testing DNSSEC. For those not convinced about the need for DNSSEC, he showed "15 ways of using the DNS to capture your clicks". Other speakers included Rohit Sethi and Nish Bhalla demonstrating their new Opensource Exploit-Me series of Firefox plugins to perform automated penetration testing, Johnny Long with a hilarious talk on Hacking Hollywood, and the mandatory presentations about wifi and
bluetooth insecurities. No presentors were denied entry into Canada.
353625
submission
cycoj writes:
German IT magazine Heise takes a look at the new OS X Leopard firewall. They find it flawed. When setting access to specific services and programs for example to only allow SSH access, they found that a manually started service was still accessible. From the article:
"So the first step after starting Leopard should be to activate the firewall. The obvious choice to do so is the option to "Set access to specific services and programs", which promises more control over network traffic. Mac OS X automatically enters all shared resources set up by the user, such as "Remote login" for SSH servers, into the list of accessable resources.
However, initial functional testing quickly dispels any feeling of improved security. A service started for testing purposes was able to be addressed from outside without any difficulty. The firewall records this occurrence."
Even with the firewall set to "Block all incoming connections" ports to netbios, ntp and other services were still open.
"Specifically these results mean that users can't rely on the firewall. Even if users select "Block all incoming connections," potential attackers can continue to communicate with system services such as the time server and possibly with the NetBIOS name server."
353581
submission
rpp3po writes:
German tech magazine Heise analyzed Leopard's new firewall and made some shocking discoveries. Even when you set it to "block all incoming connections" at least 4 ports are left wide open (ntpd, netbios, mdns). Additionally "Apple uses ntpd 4.2.2, the current version is 4.2.4. It is not clear whether any of the bug fixes are relevant in this scenario and if Apple back-ported fixes from more recent versions."