Yet again another on-line attack by a group from Russia. This time a triple whammy on the Microsoft front.
It starts with an unknown IIS (The microsoft web server) security hole that allowed the group into a ton of internet sites to add code to the sites web pages. This added code downloads a trojan program onto your machine if you are using Internet Explorer (the Microsoft web browser) and this Trojan is so new none of the virus checkers catch it yet.
So advice people, move away from IIS if you are hosting web pages because this is a zero hour attack on you If you are just someone browsing the web move to a browser that is not based on the Microsoft browser or better yet to a non Microsoft Operating System.
This will not guarantee that in the future you will not be attacked again just that right now the bad guys are only paying attention to the Microsoft world.
ysrd
Saturday, June 26, 2004
Sunday, June 13, 2004
Day after fest 2k4
Well it was a blowout, and YSRD is again the world champ.
We had everytool you can think of and all major firewalls and OS combos you can imagine and Every root password of the target servers and all contestants falling to the champ.
the contest is based on the hacker being able to get into the system without getting caught by any honey traps and IDS software and get the holy grail of hacking, the root password. This involves finding and exploiting any hole in the system and then cracking the native mode root or administrator password and ten announcing their ability by changing a file or web page on the server and doing so while the owner is on the machine and possibly seeing you do the damage.
Secondary is protecting your own system while you do this to every other machine on the network. With 6 native servers on the network (the targets) and from 4 to 20 people connected at once trying to do the same thing to you. Winner take all, getting all root passwords is an automatic win.
This year we added wireless and Bluetooth segments to the network and had people using Mac, Intel, Palm and PPC systems. It was a ball and one of the only safe hacking forums left with all contestants and participants signing wavers to allow hack attacks while connected to the network. (All legal and fun.) The main goal is to show that no system is completely secure and to show the participants (mostly 500's employees and administrators) how they can be attacked and to possibly show them how to defend themselves and protect their IP.
Even Ysrd learned a trick or two and everyone went away with something they could apply back at base.
I had a lot of fun as did everyone who attended.
Best newcomer was a 13 year old girl (accompanied but not helped by her dad) and she shows a lot of promise as well as an enthusiasm and focus that many of her older peers could learn from.
Best firewall is a new comer that is not yet released, brought by it's creator in an attempt to stop the champ. Watch for him to incorporate what he learned and make a remarkable firewall that can stop anything thrown at it. Running on a new OS that will be released at the same time keep an eye out for "the Moat(tm)" to be released in early fall.
New Ideas for next year (or earlier if we can get together again) are tunnel and VPN hacking.
Happy hacking but keep your white hats on,
YSRD
We had everytool you can think of and all major firewalls and OS combos you can imagine and Every root password of the target servers and all contestants falling to the champ.
the contest is based on the hacker being able to get into the system without getting caught by any honey traps and IDS software and get the holy grail of hacking, the root password. This involves finding and exploiting any hole in the system and then cracking the native mode root or administrator password and ten announcing their ability by changing a file or web page on the server and doing so while the owner is on the machine and possibly seeing you do the damage.
Secondary is protecting your own system while you do this to every other machine on the network. With 6 native servers on the network (the targets) and from 4 to 20 people connected at once trying to do the same thing to you. Winner take all, getting all root passwords is an automatic win.
This year we added wireless and Bluetooth segments to the network and had people using Mac, Intel, Palm and PPC systems. It was a ball and one of the only safe hacking forums left with all contestants and participants signing wavers to allow hack attacks while connected to the network. (All legal and fun.) The main goal is to show that no system is completely secure and to show the participants (mostly 500's employees and administrators) how they can be attacked and to possibly show them how to defend themselves and protect their IP.
Even Ysrd learned a trick or two and everyone went away with something they could apply back at base.
I had a lot of fun as did everyone who attended.
Best newcomer was a 13 year old girl (accompanied but not helped by her dad) and she shows a lot of promise as well as an enthusiasm and focus that many of her older peers could learn from.
Best firewall is a new comer that is not yet released, brought by it's creator in an attempt to stop the champ. Watch for him to incorporate what he learned and make a remarkable firewall that can stop anything thrown at it. Running on a new OS that will be released at the same time keep an eye out for "the Moat(tm)" to be released in early fall.
New Ideas for next year (or earlier if we can get together again) are tunnel and VPN hacking.
Happy hacking but keep your white hats on,
YSRD
Thursday, June 10, 2004
Hackfest 2K4
It's that time of year again, and we are setting up the newest and greatest of Windows, Linux and Macintosh firewalls, ids and day after pills to see how fast they will fall, it hackfest 2k4.
Hey isn't this what having your own network is all about?
You thought it was to keep people out of your machine. Hell no, you want to keep someone out you don't connect (that's what we do, all the important stuff is never connected.)
But for the duration of the fest the network will not be connected to the internet to keep prying eyes away from the festivities. Nope we are not even leaving a beacon up if you want in you have to be here by 9:00 am and BYOB.
We have 5 servers up and running on the network already and we are setting up more. Guests are to bring their own computers and cables. Don't bring anything you can't afford to lose guests computers are open targets as are the servers.
Points awarded for speed and finesse; anyone getting all root passwords scores an automatic win. Judges decision final, prizes as always: the admiration and acclaim of the best of the best of your peers.
\\//_ LLAP
.||.
Hey isn't this what having your own network is all about?
You thought it was to keep people out of your machine. Hell no, you want to keep someone out you don't connect (that's what we do, all the important stuff is never connected.)
But for the duration of the fest the network will not be connected to the internet to keep prying eyes away from the festivities. Nope we are not even leaving a beacon up if you want in you have to be here by 9:00 am and BYOB.
We have 5 servers up and running on the network already and we are setting up more. Guests are to bring their own computers and cables. Don't bring anything you can't afford to lose guests computers are open targets as are the servers.
Points awarded for speed and finesse; anyone getting all root passwords scores an automatic win. Judges decision final, prizes as always: the admiration and acclaim of the best of the best of your peers.
\\//_ LLAP
.||.
Wednesday, June 09, 2004
The day after...
OK you've just got hit by a virus or youv'e been hacked or someone in your company has just deleted all f your files or , well your not sure are you.
Want to be sure?
Today i find on the net a set of tools that can help you answer those questions (and more) and they all come on a single cd that you don't need to install to use. pretty good eh?
Yup another Knoppix disk is out and thids time it's the security tools distribution.
If you have to watch over a file server that might get attacked or if you are a web master or a security firm in the making this is the tools you have been looking for.
There are all kinds of tools from intrusion detection (IDS) to forensic analysis of a dea hard drive.
And it's all Open Source. Right, GPL mostly and free for anyone to use. Yes people can use these tools to cause trouble but if you now how to use them you can stop them and catch them as well. Each set of tools of a given type is grouped together in the directory structure as well as the menu structre in the windo manager.
Very cool layout and every grouped directoy has an RTFM directory so you can learn how to use the tools included.
Well thought out and based on top of one of the best bootable distributions out there it's one tool I will keep in my tool chest.
ysrd
Want to be sure?
Today i find on the net a set of tools that can help you answer those questions (and more) and they all come on a single cd that you don't need to install to use. pretty good eh?
Yup another Knoppix disk is out and thids time it's the security tools distribution.
If you have to watch over a file server that might get attacked or if you are a web master or a security firm in the making this is the tools you have been looking for.
There are all kinds of tools from intrusion detection (IDS) to forensic analysis of a dea hard drive.
And it's all Open Source. Right, GPL mostly and free for anyone to use. Yes people can use these tools to cause trouble but if you now how to use them you can stop them and catch them as well. Each set of tools of a given type is grouped together in the directory structure as well as the menu structre in the windo manager.
Very cool layout and every grouped directoy has an RTFM directory so you can learn how to use the tools included.
Well thought out and based on top of one of the best bootable distributions out there it's one tool I will keep in my tool chest.
ysrd
Sunday, June 06, 2004
Introducing Malcolm
We sort of lucked out the other day. We went garage saling last week (not sailing, saling) and I picked up some remote Control toys including Malcolm the robot.
Not much really just a motorized base with remote control and a blow up robot balloon on top, but with the addition of the remote controlled car and other parts we have the ability to create something more.
His moving about is handled quit well with his own wheeled base for what we want to do with him but we will have to add a more useful bot on top with more brains then just hot air. (Some of our foliations are getting by with the latter but this is the real world not politic so the blowup is probably going to go away unless we can make it a bit shorter and add stuff to it.
I am looking TA using an old Pentium 133 as his onboard brains with sometype of wireless networking like bluetooth to connect him to the closest network or even my PAN.
Next thing is to figure out what we want him to do so that we can then program him.
I have a robotic arm here from an old project that I will be adding to him. One arm for now, might leave one of the blowup arms in place as well as the head and pat of the body.
ysrd
Not much really just a motorized base with remote control and a blow up robot balloon on top, but with the addition of the remote controlled car and other parts we have the ability to create something more.
His moving about is handled quit well with his own wheeled base for what we want to do with him but we will have to add a more useful bot on top with more brains then just hot air. (Some of our foliations are getting by with the latter but this is the real world not politic so the blowup is probably going to go away unless we can make it a bit shorter and add stuff to it.
I am looking TA using an old Pentium 133 as his onboard brains with sometype of wireless networking like bluetooth to connect him to the closest network or even my PAN.
Next thing is to figure out what we want him to do so that we can then program him.
I have a robotic arm here from an old project that I will be adding to him. One arm for now, might leave one of the blowup arms in place as well as the head and pat of the body.
ysrd
Subscribe to:
Posts (Atom)
