Threat Level: green Handler on Duty: Manuel Pelaez

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

The ISC has a Twitter Feed.

Published: 2008-11-06
Last Updated: 2008-11-06 18:01:29 UTC
by Joel Esler (Version: 1)
0 comment(s)

Now, I know alot of people that use Twitter out there (myself included), just to keep up with what's going on and stay in touch with others.  Heck, I have a friend of mine who delivers all of his RSS feeds into Twitter via TwitterFeed, then reads his RSS from there.  But I digress.

Just to let you all know, the ISC has a Twitter Feed.  http://www.twitter.com/sans_isc feel free to follow us to get all the up-to-the-minute news.

-- Joel Esler http://www.joelesler.net

Keywords:
0 comment(s)

Wireless Poll

Published: 2008-11-06
Last Updated: 2008-11-06 17:34:33 UTC
by Joel Esler (Version: 1)
0 comment(s)

As you may notice over there on the right, (and for those of you reading via RSS, click here.)

We have a new poll, please if you get a chance, answer the question for us?  Thanks.

-- Joel Esler http://www.joelesler.net

Keywords: Wireless
0 comment(s)

WPA Wi-fi Cracked (but it's not as bad as you think... yet)

Published: 2008-11-06
Last Updated: 2008-11-06 17:34:24 UTC
by Joel Esler (Version: 4)
4 comment(s)

I saw this on a couple news sites this morning, and it's security related, so I think it's important to throw it up on the Diary for today. 

Looks like WPA (one of the methods of encrypting Wi-Fi sessions, oh yes, and I *did* just link to Wikipedia.) has been compromised. TKIP keys have been hackable via Dictionary attack for a little while now, but this attack is NOT a dictionary attack. Oh yeah, and it's pretty quick too. (12-15 minutes according to the article I read).

Why do I say that it's not as bad as you think?  The researchers (named in the above article) still haven't gotten access to the actual data that is being transferred.  They just cracked the TKIP key.  But that's step 1.

So, we all know that WEP isn't really the best thing in the world (read: don't use it), WPA apparently isn't much better.  WPA2 is still uncracked as of now (as far as I know!), so ensure you are using it, if you are running Wireless networks.

Not only do you want a pre-shared key in between your computer and the access point, but you also want after-connection verification of some type if possible.  Perhaps a splash page where you have to enter your username and password to authenticate?  Perhaps some kind of 3rd party token, a la, RSA key?  How about a VPN connection?

So, the take away from this is, if you are using WEP (wow, you are?) or WPA, please move to WPA2. 

(Interesting fact -- You know what doesn't support WPA2?  Xbox360.  So what?  It's just a game console right?  How about what you enter in on the Xbox360 in order to buy an Xboxlive subscription?  How about, your credit card number?  I am sure there are plenty more devices that don't support WPA2, it was just an interesting observation.  Windows does, why doesn't the Xbox360?)

-- Joel Esler http://www.joelesler.net

Keywords: Wireless
4 comment(s)

More Adobe Updates

Published: 2008-11-06
Last Updated: 2008-11-06 17:22:02 UTC
by Joel Esler (Version: 2)
0 comment(s)

Submitted today by a reader (thanks roseman), it looks like Adobe has posted a couple updates.

1. Potential ColdFusion 8 privilege escalation

2. Flash Player update for security vulnerabilities

You know, the more and more I think about it, and I hate to admit it (being a non-Microsoft guy myself), but I think Microsoft has a good thing going on with the "second Tuesday of every month" patch cycle.  Except for the most important patches that are out of cycle, (aka MS08-067).  I really like how Microsoft is doing it, and I wish more vendors would hop on that train.

(I know I am going to catch some reader email for that diary entry!)

-- Joel Esler http://www.joelesler.net

Keywords: adobe
0 comment(s)
Diary Archives