Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - Phlooding newest marketing phabrication; Call for ph-words InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Phlooding newest marketing phabrication; Call for ph-words

Published: 2005-07-18
Last Updated: 2005-07-18 21:09:15 UTC
by Joshua Wright (Version: 1)
0 comment(s)

Phlooding newest marketing phabrication



has published a press release describing a new zero-day attack they have discovered that targets wireless networks. The press release describes an attack where several geographically disperse systems launch a flood of authentication attempts against an IEEE 802.1x authentication server (using an EAP type such as PEAP or TTLS). This may cause the authentication server to experience performance degradation, and may cause valid user accounts to be locked out from multiple failed login attempts.



While I question the motives behind coining another cutesy "ph" name to describe this attack, it does accurately describe a vulnerability in 802.1x wireless network authentication. Since anyone can authenticate to the wireless network, it is possible to generate enough traffic such that it is detrimental to the authentication server. Further, a smart attacker can monitor for plain-text username transmissions used in PEAP/MS-CHAPv2 when users connect to the network, and then attempt to mount a brute-force attack as that username. In the case where account locking after multiple failed login attempts is enabled, this will amount to an effective DoS attack against the network.



Links:







Call for ph-words


In a pre-emptive strike to marketing bodies everywhere, we're seeking ph-word submissions phrom out phine readers. We'll publish a list of phine words later tonight. Submit your words using the
.



Rules:
Submissions have to be a word that starts with "f". There is
one phour-letter word that would become a phive letter word that won't be on
the list.

We've been getting lots of submissions surrounding "phlatulence". This really isn't necessary. :)



Update: 4:56pm EDT - Last round of words


Thanks to all who submitted words today! I know the handlers enjoyed reading the (ahem) "phlood" of messages, and I hope our readers enjoyed them as well.



Joel Katzman

phortune - what the phishers have after they empty out the bank accounts

phork - what phishers use instead of chop-sticks




David

Phorgetful - What users are when asked if they clicked yes on the security warning to install that program from that really cool game site



Musky

Phorensics - The set of predefined and accepted procedures for pretending to analyze the phony bank email forwarded to you by your friends and/or coworkers. ISC Note: This is not what Handlers do!


Ben

Pheature - An undocumented program perk or bug easily taken advantage of usually by someone half-way across the world


Scott

Philler - the extra words in a SPAM email to convince the SPAM filters that this is a legitimate message, but make absolutely no sense when read by a human ("Classic coffee baby Venezuela doubles dock joined disk sunny verification bloating.")


Update: 1:19pm EDT - More ph-words!


Andy, Danny and Bruno

phorthcoming - what companies are who helpfully store customer data and SSNs on externally accessible databases

phedexed - what sometimes happens to backup tapes with highly sensitive data on it

phlabbergasted - state of the CEO of a company to which happened either or both of the above

pheds - those called in to investigate




Nick Nuessle

Phashionable - security by fad (as opposed to vulnerablities/protections)

Phat - bloat in code, useless documentation (like those disclaimers), code notable for being cute (and marginally functional), a brainstorming session mostly involved with marketing

Philter - An irrelevant barrier

Phunk - Residual attitude after a useless meeting

Phuzzbuster - An early warning system the manager in heading by

Phamily - a collection of related products that do not interface

Phlake - someone totally taken-in by marketing literature, one with no tech-skill who has to have the newest/greatest

Phiction - pre-release literature, time cards

Phortress - a superficially secure site

Pherret - research-in-earnest, troubleshooting with intent to discover-&-solve




Dr. Neal Krawetz

Phifo - garbage in, useful stuff out

Fipho - good stuff in, garbage out

Philter - using a computer to sort data

Phil - The guy who made PGP

Phlush - A DoS by sending a bunch of the same data

Filanthropic - (converting ph to f) Hackers donating hacked systems to less phortunate hackers




Bill Higler

phlattery - one phorm of social engineering, usually a prelude to phishing

phootrest - what your office PC is good for, after some n00b installs the latest P2P*ster client with all its parasitic attachments





Brian

iphrame - an inline frame used to insert malicious code (often obphuscated) into an html document

phool disclosure - the act of disclosing a supposed PoC exploit that is in reality an unrelated malicious piece of code which is easily identifiable

phree loader - marketer who wants phifteen minutes of phame phor coming up with another scary phword





Anonymous (but one bad dude)

phly phishing - "traditional" phishing over wireless

phear - what script kiddies pheel when Im around

phud - the stuff AirMagnet is spreading with this thread

phunky - what Ed Skoudis is

phlame_war - what kiddies d'script do over mailing lists





Brian Krebs

phlaming - conducting a denial-of-service attack using angry insults written in all capital letters with lots of punctuation

philching - using technologoical trickery to steal

phlanking - the use of special exploits to get around a target's defenses

phorking - a Web-based exploit that directs the victim's browser to two locations simultaneously

phorcing - another Web-based exploit that sends a victim to a specific Web page no matter what other addresses they try to visit

phudging - the act of serving misleading online advertisements





Update: 12:23pm EDT - We've received lots and lots of submissions. Here is a sampling of ph-words. Thanks to all who submitted their suggestions. It wouldn't surprise me to see some of these words patented shortly:


Stephen Smoogen

phred - a person who uses ph words in coversation too much

phoo - a variable to be incremented when you play ph-bingo at the next security lecture

phree software - Spyware enabled software that is downloaded by an unwary user. This phree software then is used for pharming attacks

phirewall - a product aimed at stopping phishing attacks



Anonymous

Phraud - Using a computer as the primary mechanism to defraud



Skippy

phibbing - exagerating or outright lying about the severity of a possible vulnerability to gain attention and clout; similar to FUD (phud) but used to refer to the market speak of the discoverer, not the pronouncments of a competitor





Brian King (categorized as "phacetious phabrications")

phubar - a zero day attack in which a computer bursts into phlames such that it is Phudged Up Beyond All Recognition.

phlaking - a network administrators DOS caused by the previous nights drinking binge.

phudging - what the network admin does when his boss asks him why he is sleeping under his desk (see above).





Colin Keith

Phlattering/Phawning - A cross between 419 scam and a phishing scam where the victim is "buttered up" with a "In appreciation for being such a great customer please select which of the following prizes you'd like to win, oh and please enter your CC no/SSN for confirmation"

Pheeding - forcing data to become less random by force "pheeding" entropy sources.

B-Phrending - "Hey Bob, how's it going? I haven't seen you since [classmates.com search]th grade at [classmates.com search] school."





Alex

phlogging - what ought to happen to people that create marketing hype

phorking - a DoS attack where a number of processes are forked on a unix host... or a competition where several phorkers use forks to try to stab olives served on a platter





Dave

Phunny - As in Phunny Money, the kind offered in exchange for your bank details by those nice men in Nigeria.

Phramed - The usual defence offered by those nice men in Nigeria when they are arrested.

Phence - One involved in laundering the ill gotten gains of those nice men from Nigeria

Phriend - That nice man from Nigeria you've been exchanging e-mails with.

Phorehead - The thing that Homer Simpson slaps when he realises he's been taken in by those nice men from Nigeria.

Phaery - As in Phaery Tale, the story told by those nice men from Nigeria.

Phaeces - The stuff that hits the Phan when you use the company bank account to help those nice men from Nigeria.

Phan - The thing hit by the Phaeces when you..... Do I really have to type it out again?

Phacade - The show put on by TNMFN ( got fed up typing it )

Phigment - That big pile of cash in an African bank that TNMFN want you to help move.





Joe Traband

Phixing - Sending out viruses that pose as a patch








-Joshua Wright/handler-on-duty
Keywords:
0 comment(s)
Diary Archives