Alternative to dumb port scanning, leveraging reverse DNS to discover a subnet’s IPv6 hosts. Supposes that reverse DNS is correctly configured… http://www.reddit.com/r/netsec/comments/1bfu76/how_are_we_going_to_port_scan_for_open_hosts_on/c96p936
« From March to December 2012 we used [...] a distributed port scanner to scan all IPv4 addresses. These scans include service probes for the most common ports, ICMP ping, reverse DNS and SYN scans. We analyzed some of the data to get an estimation of the IP address usage. »
« All data gathered during our research is released into the public domain for further study. The full 9 TB dataset has been compressed to 565GB using ZPAQ and is available via BitTorrent. »
Do note that the machines which scanned were cracked machines and so the entire operation was probably illegal in most countries.
DNSChef is a highly configurable #DNS proxy for Penetration Testers and Malware Analysts. A DNS proxy (aka “Fake DNS”) is a tool used for application network traffic analysis among other uses. For example, a DNS proxy can be used to fake requests for “badguy.com” to point to a local machine for termination or interception instead of a real host somewhere on the Internet.
AFNIC International College Fund launches its 2013 #callforproposals
Don’t use #PHP libraries with known #security issues - Fabien Potencier
One of the goal of good security issues management is transparency. That’s why the Symfony project has a simple way of reporting security issues (via the security [at] symfony.com email address), an easily accessible list of security advisories, and a well defined blog post template to announce security issues. Recently, we have also enforced the need to have a #CVE identifier
ouais bonne idée ... pour la prochaine refonte de spip.net ? ;)
When It Comes to Security, We’re Back to Feudalism | Wired.com
In this new world of computing, we give up a certain amount of control, and in exchange we trust that our lords will both treat us well and protect us from harm. Not only will our software be continually updated with the newest and coolest functionality, but we trust it will happen without our being overtaxed by fees and required upgrades. We trust that our data and devices won’t be exposed to hackers, criminals, and malware. We trust that governments won’t be allowed to illegally spy on us.
Trust is our only option. In this system, we have no control over the security provided by our feudal lords. We don’t know what sort of security methods they’re using, or how they’re configured. We mostly can’t install our own security products on iPhones or Android phones; we certainly can’t install them on Facebook, Gmail, or Twitter. Sometimes we have control over whether or not to accept the automatically flagged updates – iPhone, for example – but we rarely know what they’re about or whether they’ll break anything else. (On the Kindle, we don’t even have that freedom.)
The Good, the Bad, and the Ugly
I’m not saying that feudal security is all bad. For the average user, giving up control is largely a good thing. These software vendors and cloud providers do a lot better job of security than the average computer user would. Automatic cloud backup saves a lot of data; automatic updates prevent a lot of malware. The network security at any of these providers is better than that of most home users.
“DNSSIG is a simple and efficient way for authenticating responses sent by an upstream DNS resolver to a client. [...] This is not a replacement for DNSSEC. The purpose is to sign the ‘last mile’. For unsigned zones, this is better than nothing.”
I wonder why they do not use the standard way, SIG(0) (RFC 2931)
Resist: Security culture
The first step in recognizing security risks in a community is working towards creating a security culture. Below we have compiled some relevant materials and links that should be used in conducting security workshops and educating activists that you work with.
As our direct action movement becomes more effective, government harassment will only increase. To minimize the destructiveness of this government harassment, it is imperative that we create a “security culture” within our movement. Violations of security culture include behavior is inappropriate because it intensifies government harassment, jeopardizes the freedom of other activists, and destroys the trust within the movement.
OWASP Xelenium Project - OWASP
“Xelenium is an automation testing tool that can be used to identify the security vulnerabilities present in the web application. Xelenium uses ‘Selenium - Webdriver’ as its engine and has been developed using Java swing.”
Un outil java pour scanner un site à la recherche de failles XSS.
Authentication #security tip of the day: do ’echo -n your_password | sha1sum’ and search result in Google. Got a hit ? Change your password ! Repeat test with ’echo -n your_password | md5sum’. Yes, your favorite password is probably already in a rainbow table somewhere...
On Twitter, four proposals to improve security (because the command you mention leaves the password in the history).
Michel Leunen says « And do ’history -c’ at the end to erase your password from the terminal history ! »
And François Revol : « read p; echo -n “$p” | sha1sum # would avoid leaking it to history (but still briefly to ’ps’ output) » Colm MacCárthaigh suggests to solve this last proble with « tr -d ’\n’ | sha1sum »
Or Changaco, more radical : « don’t put it in the history at all (see HISTCONTROL in bash, HIST_IGNORE_SPACE in zsh) »
Bekenntnisse eines Botnetz-Betreibers | heise Security
Comment gagner de l’argent en gérant son propre #botnet
(et comment protéger sa machine)
Cette brève sur heise #security contient des liens vers une page où un #codeur criminel explique comment il fait pour gagner de l’argent. En lisant on tombe sur des explications comment se protéger contre des #malware et comment en fabriquer des plus ou moins efficaces.
J’arrive à la conclusion qu’il est plus facile de se protéger qu’on le pense d’habitude, mais qu’il ne faut pas faire confiance aux logiciels #antivirus : Leurs auteurs font exprès de laisser systématiquement des trous, afin de ne pas ruiner leur propres affaires.
Le « #linker » (éditeur de liens, dit Wikipédia) est un logiciel indispensable à la création de programmes mais souvent méprisé et certainement bien moins connu que le compilateur (un peu de pub au passage : tout programmeur devrait avoir lu « Linkers and Loaders » de John Levine http://linker.iecc.com ). Cet excellent article de 2010 détaille la sécurité du « linker » et les attaques possibles.
Breaking the links : Exploiting the linker
de Tim Brown
Researchers’ Typosquatting Stole 20 GB of E-Mail From Fortune 500
Two researchers who set up doppelganger domains to mimic legitimate domains belonging to Fortune 500 companies say they managed to vacuum up 20 gigabytes of misaddressed e-mail over six months.
The intercepted correspondence included employee usernames and passwords, sensitive security information about the configuration of corporate network architecture that would be useful to hackers, affidavits and other documents related to litigation in which the companies were embroiled, and trade secrets, such as contracts for business transactions.
#Dropbox Lied to Users About #Data #Security, Complaint to FTC Alleges | Threat Level | Wired.com
Dropbox, which has more than 25 million users, revised its website claims about its data security April 13, from:
— All files stored on Dropbox servers are encrypted (AES256) and are inaccessible without your account password.
— All files stored on Dropbox servers are encrypted (AES 256).
25 Years of Digital Vandalism - NYTimes.com
Should the lights go out in our online bus shelters one day, or some critical control system go spectacularly awry, it may in a sense, however distantly, be because Israel found a way to shut down Iran’s centrifuges. But in another way it will be the result of a bright idea two brothers once had, in the vicinity of Lahore Railway Station, to innocently clamp a digital pirate’s wheel.