Tuesday, June 30

Blackhat Economics - Are you feeling safe today?

Just want to point people over to a great blog post over at TaoSecurity - Black hat budgeting. This is an excellent article which starts to examine the economic factors related to attacking and protecting information. Thinking in this way really puts some perspective on the security budget that people spend on attempting to protect information. Long story short - if you don't think or don't know if bad guys are targeting you - find out (what information are you protecting and why?), and if the bad guys are targeting you - you should be thinking this way.

Wednesday, June 17

New HTTP Flooding Tool - Apache Default Configuration

As application layer vulnerability research keeps driving forward, the guys over at ha.ckers.org keep blasting out lots of good stuff. This time its slowloris which is essentially an HTTP denial of service attack on certain types of web servers (very popular ones too!). At a high-level the attack creates a large number of partial HTTP connections very similar to TCP flood attacks of old, but of course at the application layer not the network layer.

Wednesday, June 10

New Research on RFC1918 Describes Vulnerabilities

Some new research published by Robert Hansen (aka RSnake) released a new paper on June 8th describing vulnerabilities associated with the way that browsers use caching and this can be abused when a client accesses content on different networks with matching internal non-routable IP addressing schemes.

The paper provides a description of the limitations of the attacks and the specific conditions which would make it possible. It would be prudent to review the paper and see if this applies to you.