Re: [Full-disclosure] Chinese backdoors "hidden in router firmware"

[Times Enemy]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Greetings.

I agree, that the threat does not stop at firmware for routers and
switches.  Even with open source, or dare i type, even more so with open
source, the threat for maliciously modified code exists.  This is not a
new threat, per se, however, it is a growing threat which is fed by more
and more hardware being built/assembled/manufactured/what-have-you in
questionable countries/locations.

This is not isolated to the far east, though the far east is a perfectly
legitimate location for western users to NOT trust.  I would venture to
state that eastern users have already accepted that their products may
have gone 1984 on them.  It does not give me warm fuzzies that the way
the vast majority of production appears, at least one part of most
gizmos comes through the far east.

Without question, a security concern.

.te


quispiam lepidus wrote:
| Why stop at routers & switches? You could own far more devices by
| backdooring BIOS', HDD's, etc, all of which are often produced in "Far
East
| countries".
|
|
| On Thu, Mar 6, 2008 at 12:47 PM, Times Enemy <[EMAIL PROTECTED]> wrote:
|
| Greets.
|
| It does not matter so much if there is no hard proof about the router
| firmware containing backdoors set in place by Chinese manufacturers.
| ~From a security perspective, it is a potential threat which should be
| addressed, especially for western networks and those they trust.
|
| It is not too far fetched of an idea.  Google yielded the following
| fairly quick: http://slashdot.org/articles/08/02/29/1642221.shtml
|
| If you want to be inundated with reading material on the matter, be
| creative, or not too creative, with Google searches having to do with
| China and western powers and businesses, specific to information warfare.
|
| .te
|
|
| Larry Seltzer wrote:
| |>> Next we'll be seeing "Japanese tactical nukes "Hidden in Toyota
| | trunks"
| |
| | And who knows what the French are putting in that cheese.
| | Larry Seltzer
| | eWEEK.com Security Center Editor
| | http://security.eweek.com/ <http://security.eweek.com/>
| | <http://blogs.pcmag.com/securitywatch/>
| | http://blogs.pcmag.com/securitywatch/
| | <http://blogs.pcmag.com/securitywatch/Contributing>
| | Contributing Editor, PC Magazine
| | [EMAIL PROTECTED]
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.8 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkfPXWkACgkQVuM8PD1UnspGaACeIRRRYubyJOSXuWSwQdoLyqlJ
A1EAnAtBAlGyGIXOMk3OyEcHhpRi+hdN
=jaFt
-END PGP SIGNATURE-

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Chinese backdoors "hidden in router firmware"

[Times Enemy]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Greets.

It does not matter so much if there is no hard proof about the router
firmware containing backdoors set in place by Chinese manufacturers.
~From a security perspective, it is a potential threat which should be
addressed, especially for western networks and those they trust.

It is not too far fetched of an idea.  Google yielded the following
fairly quick: http://slashdot.org/articles/08/02/29/1642221.shtml

If you want to be inundated with reading material on the matter, be
creative, or not too creative, with Google searches having to do with
China and western powers and businesses, specific to information warfare.

.te


Larry Seltzer wrote:
|>> Next we'll be seeing "Japanese tactical nukes "Hidden in Toyota
| trunks"
|
| And who knows what the French are putting in that cheese.
| Larry Seltzer
| eWEEK.com Security Center Editor
| http://security.eweek.com/ 
| 
| http://blogs.pcmag.com/securitywatch/
| 
| Contributing Editor, PC Magazine
| [EMAIL PROTECTED]
|
|
|
|
| 
|
| ___
| Full-Disclosure - We believe in it.
| Charter: http://lists.grok.org.uk/full-disclosure-charter.html
| Hosted and sponsored by Secunia - http://secunia.com/
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.8 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkfPTUAACgkQVuM8PD1UnspxGwCfWA2YAcAk31lPkOeFUkOZm4ko
a64AniF5C+KgjpfrAuxEkkW45BM+xpGZ
=RwKm
-END PGP SIGNATURE-

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Goolag Perk and Annoyance

[Times Enemy]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Greetings.

I preface that this is not a discovery, but rather a simple observation.

http://www.goolag.org

I am finding that it takes only a few seconds for Google to block query
requests, BY IP!  With this in mind, Goolag Scanner is actually an
effective annoyance tool against large networks.  Simply conduct a
Goolag Scan from a heavily populated network, with a couple hundred
Dorks, and anyone who uses the same public IP address which was used for
the Goolag Scan will have to go through an extra CAPTCHA step to finish
their Google queries.  If they use a Google toolbar of some sort, Google
may not even offer them a CAPTCHA option to continue with the search query.

Within "most" corporate networks, what effective methods can be used,
from the network's perspective, to block mass Google queries?

.te
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.8 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkfOskEACgkQVuM8PD1Unspb8QCbBLYgUYKvp7CxnlA3RhLo5ec9
+wAAn35WpzMIvnyaLT4qmho/0O8QbtNN
=bYe4
-END PGP SIGNATURE-

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/