Hey Paddy,
I've been doing wireless security ever since Cisco acquired the Aironet
Product line. I was working for Cisco at the time. I was also there when
they developed the LEAP architecture and it was my team that implemented the
first large-scale roll-out of it for the Chicago Board of Trade
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
=
FreeBSD-SA-03:19.bind Security Advisory
The FreeBSD Project
Topic: b
be possible or practical all of the time. Although policy could
dictate that when a wireless card is given out, the MAC address in
added to the AP, however if you have multiple APs in different areas
of building, being administered by different IT depts then this could
soon become be a problem.
What´s the (disclosed/non-disclosed) security status for SIP protocol based
applications in UMTS MMS (MultiMedia System)?
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
If you are truly interested in security, you won't use C as the programming
language. It is security unfriendly by design (so it can get closer to the
actual box for efficiency's sake. So what you want to build is a checker
that ensures that the code does not use
Pointers or pointer arithmetic, C
Who is this "Darren Warren" guy? Never heard of him...
;)
--
iNt27~
--- Morning Wood <[EMAIL PROTECTED]> wrote:
> *cough*
>
>
http://timesofindia.indiatimes.com/articleshow/320561.cms
>
> D.W
>
>
_
> Gift-shop online from the co
*cough*
http://timesofindia.indiatimes.com/articleshow/320561.cms
D.W
_
Gift-shop online from the comfort of home at MSN Shopping! No crowds, free
parking. http://shopping.msn.com
___
A hacker group just posted an exploit for this bug to bugtraq.
Niels
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Hey guys,
please excuse me for bringing this topic up again, but i was kinda disappointed
with the feedback from before...
i'd like some input from the programming community regarding thoughts on static
vulnerability analysis, not specifically on the products that are already out
there (kinda lim
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandrake Linux Security Update Advisory
___
Package name: gnupg
Advisory ID:
It's an interesting topic, thanks to all your replies.
Have a good weekend
Paddy
-Original Message-
From: Jonathan A. Zdziarski [mailto:[EMAIL PROTECTED]
Sent: 28 November 2003 16:46
To: [EMAIL PROTECTED]
Cc: Simon Hailstone; Patrick Doyle; [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure
> You should be aware that MAC addresses can be forged as well.
I believe this also works (at least in Linux)
ifconfig wlan0 hw ether [new mac]
Tools like kismet make it all too easy to find a valid MAC address to
spoof on the network.
Application-Layer encryption is definitely the most secure
> > of the time. Although policy could dictate that when a wireless
> > card is given out, the MAC address in added to the AP, however if
> > you have multiple APs in different areas of building, being
> > administered by different IT depts then this could soon become be
> > a problem.
You shoul
Well put Paul - though it is alarming to see that this starting to happen
more and more as people are advised, really *advised*, to follow this
avenue, and suffer the consequences. I think to a certain extent until the
"architecture of computing" and/or computers as we know changes somewhat,
this i
I sent this recently on the fw-wizards list. You might find it useful.
There's a whole thread there if you want to dig up the archives somewhere.
Note that the LEAP flaw was originally published here on FD, AFAIK, so you
can dig it up in these archives too.
The bottom line is: "Best" solution is t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The NIST wireless STIG has some good reference information on deploying
and securing wireless networks.
http://csrc.nist.gov/pcig/STIGs/wirelessstig-v2r1-071003.zip
Regarding registration of MAC addresses, many APs support Radius for
MAC address aut
> wireless being used for meeting rooms etc, so the users would be
> random which would mean the constant addition / removal of MACs
> to the AP which would probably not be possible or practical all
> of the time. Although policy could dictate that when a wireless
> card is given out, the MAC
--On Friday, November 28, 2003 12:20 PM +1100 Paul Szabo
<[EMAIL PROTECTED]> wrote:
Do not use "traditional" AV at all (as that would never protect you from
the latest virus). Rather, set up your email gateway to "defang" all
suspicious emails (e.g. containing EXE or SCR or PIF, or ZIP,
attachment
-BEGIN PGP SIGNED MESSAGE-
__
SUSE Security Announcement
Package:bind8
Announcement-ID:SuSE-SA:2003:047
Date: Friday, Nov
Hope this question isn't off topic,
I am currently looking at securing wireless networks using Cisco hardware and wanted
to check what peoples thoughts are on security.
I have read about using LEAP and also IPSEC, my concerns about using LEAP would be
that although the client and access point
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenPKG Security AdvisoryThe OpenPKG Project
http://www.openpkg.org/security.html http://www.openpkg.org
[EMAIL PROTECTED]
Wojciech Purczynski wrote:
> Your "current" linux doesn't seem to be stable yet ;) I haven't seen
> pids wider than 15 bits on any production system :)
/usr/include/asm/posix_types.h: typedef int __kernel_pid_t;
/usr/include/linux/types.h: typedef __kernel_pid_t pid_t;
The reason
On Thu, 2003-11-27 at 17:48, IndianZ wrote:
> Does anybody know more about MPLS Vulnerabilities and what to/how to
> pentest in a MPLS architecture? Any input about tools, hints and tricks is
> welcome...
You may find this useful :
http://www.securite.org/presentations/ripe46/COLT-RIPE46-NF-MPLS
From: "V.O." <[EMAIL PROTECTED]>
> Recently I've got to listen to a marketing pitch by an ISS guy. He was
> going
> along the lines of "our X-force reverse-engineered Microsoft RPC libraries
> and created signatures..." and "we use protocol decoding, so we
> reverse-engineered various closed-sourc
OpenCA Security Advisory [28 November 2003]
Vulnerabilities in signature validation
===
Multiple flaws in OpenCA before version 0.9.1.4 could cause OpenCA to
use an incorrect certificate in the chain to determine the serial being
checked which could lead to cert
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
This is an announcement only email list for the x86 architecture.
Turbolinux Security Announcement 28/Nov/2003
The following page
- Original Message -
From: "Enno Rey" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, November 28, 2003 13:51
Subject: Re: [Full-Disclosure] MPLS Security
> Hi,
>
> On Fri, Nov 28, 2003 at 09:57:31AM +0100, Magnus Eriksson wrote:
> > IndianZ wrote:
> >
> > >After deep-searching
> current linux kernels provide more than 15bit pids ( I think its 30 or
> 31bits). Not much more, but it makes it slightly more difficult.
Your "current" linux doesn't seem to be stable yet ;) I haven't seen pids
wider than 15 bits on any production system :)
Cheers,
wp
--
Wojciech Purczyns
Hi,
On Fri, Nov 28, 2003 at 09:57:31AM +0100, Magnus Eriksson wrote:
> IndianZ wrote:
>
> >After deep-searching Google and other search engines I only found 2
> >articles about MPLS Security (SANS and CISCO). Is that really all (or is
> >this kind of information closed to the public)?
> >
> >Do
Hello,
>question: why is it so damn hard for us to search for info
>on viruses by subject, msg body, or/and symptoms???
Many viruses use a wide range of subjects and have a set of message
body primitives prepared, so they can cheat message filtering.
In order to check the virus sample, you coul
IndianZ wrote:
After deep-searching Google and other search engines I only found 2
articles about MPLS Security (SANS and CISCO). Is that really all (or is
this kind of information closed to the public)?
Does anybody know more about MPLS Vulnerabilities and what to/how to
pentest in a MPLS arc
On Fri, 28 Nov 2003, Ng Pheng Siong wrote:
> On Fri, Nov 28, 2003 at 12:50:06AM +0100, H?rnhammar, Ulf wrote:
> > [whatever]
> > That's an incorrect usage of the open source term. I quote the Open Source
> > Definition ( http://www.opensource.org/docs/definition.php ):
>
> The term "open source" h
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Red Hat Security Advisory
Synopsis: Updated Perl packages fix security issues.
Advisory ID: RHSA-2003:256-01
Issue date:2003-09-22
Update
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Red Hat Security Advisory
Synopsis: Updated Apache and mod_ssl packages fix security vulnerabilities
Advisory ID: RHSA-2003:243-01
Issue date:
It's come to my attention that some group is claiming to have broken
into a Sourcefire server and backdoored the Snort source code. First
things first, there is no backdoor in Snort nor has there ever been,
everyone can relax.
A shell server got compromised well over a year ago, but what thes
35 matches
Mail list logo