So, CanSecWest hosted Pwn2Own again this year, which is essentially a challenge offered to hackers across the world to come in to a controlled environment, given certain targets to attack, and the first to successfully compromise the target, wins the target computer/phone/whathaveyou and a decent chunk of change. Pwn2Own has been responsible for some major [...]
Archive for March, 2010
Pwn2Own lesson learned – Don’t browse the web.
Posted: 25th March 2010 by Matt in hacks, securityTags: browsers, cansecwest, challenge, charlie miller, contest, hack, owned, pwn2own, web
0
ARP Poisoning and Man in the Middle Attacks [part 1]
Posted: 23rd March 2010 by Matt in hacks, securityTags: arp, hack, man in the middle, MiM, poisoning, WEP, wireless
This is probably going to consist of multiple parts, the first part being the concept and background, the next part being some code to implement, and the third will be about putting it all together and what it looks like in the wild. But, first, we’ll start with some background.
Synflooding and iptables
Posted: 21st March 2010 by Matt in hacks, securityTags: attack, DoS, firewall, iptables, protect, rules, synflood
So, as I stated in my bio, I love playing with and abusing network protocols. Tonight I was going through some of my old scripts and came across one of my old favourites, ‘synk’. I’ve written synk in a few different languages, with various different versions, but all based on the same concept. TCP+SYN flooding. [...]
Port Activity and HoneyPots
Posted: 20th March 2010 by Matt in hacks, securityTags: activity, hackers, honeypot, netcat, ports, probes, tcpdump
I monitor my network heavily, probably beyond what is necessary, and I like to see what’s going on behind the scenes. I have sniffers set up, iptable logging, snort, etc etc etc.. but those only watch ports that are open that I’m expecting to receive data on. But, what I find interesting, is everything else [...]
A Stack Smashing Good Time
Posted: 19th March 2010 by Matt in hacks, securityTags: buffer overflow, exploit, hacking, oldschool, smash, stack
As I was writing the last post regarding spam, I got to thinking about some of the other questions I’m frequently asked. I think the second most frequent has got to be regarding how hacking actually works. So, I’m sitting here on my patio in the beautiful sun throwing the frisbee for my dog and [...]
Handling Spam at the Network Level
Posted: 18th March 2010 by Matt in codeTags: filter, mailscanner, milter, mimedefang, perl, sendmail, spam, spamassassin
One question I’m often asked is how I handle spam at the network level. This means, how do I prevent it from actually ever winding up in the users inbox. Dealing with spam is kind of a game of cat and mouse. You’ll impliment the latest and greatest anti-spam filter and a few days later, [...]
Evil Sports Sites (courtesy of ISC)
Posted: 18th March 2010 by Matt in securityTags: botnet, bots, infections, malware, virus
I’m just going to copy and paste this from the ISC handlers diary. I have a lot of friends that are really in to sports, so this might wind up to be beneficial. Also, I HIGHLY suggest not following the Google link that is pasted in this article if you’re running Windows, or Internet Explorer. [...]
Spamassassin Milter vulnerability
Posted: 17th March 2010 by Matt in hacksTags: code, hacking, sendmail, spamassassin
So, on Sunday I got an email indicating that there’s a remote root vulnerability in the Spamassassin Sendmail milter. This immediately got my attention because I run both Sendmail and Spamassassin on my servers. I found the proof of concept and began testing my servers. Thankfully, I wasn’t vulnerable, but I’ll bet there are a [...]