Arhont Ltd.- Information Security
Arhont Advisory by: Konstantin Gavrilenko (http://www.arhont.com)
Advisory: Ph0rum phorum_uriauth replay attack
Class: design bug ?
Version:4.3.7
Model Specific: Other version might have the same bug
Guys,
I am not trying to defend the worm author.
Thierry ([EMAIL PROTECTED]) made a point earlier on that the guy
admitted to writing the source, not spreading (maybe it is an outdated
info, I do not know)
My point is, that the guy innocent until proven otherwise in the court
of law. I am just
Tobias, following your logic, the people who found and disclosed the
vulnerability that Sasser was abusing should be prosecuted together with
the author of the viral code.
What is the next stage? Jalining people who write proof of concept
exploit code? Punish Fyodor for writing nmap or maybe
Tyler, Grayling wrote:
Geqqam69200,
I've seen a few people refer to the lower 6 channels of wireless as
operating in the Ham freq. spectrum. I am a bit confused where this is
coming from as 802.11b operates in the ISM (Industrial Scientific and
Medical) band. This band (~2.4 GHz) is used by
WEP will not help you in this situation, since the same key will be
assigned to every client, making it virtually a protected hub.
What you need to do is to persuade your ISPis to implement per-session
key, possible solution WPA+Radius.
cheers,
kos
--
Respectfully,
Konstantin V. Gavrilenko
there is a russian saying:
If the party gets that mad, cranch the last gurkin
For a less paranoid of you, who still believe that wep is secure enough
solution. We maintain a complimentary site for our book on wireless
hacking, that has a categorised collection of tools for wireless
penetration
