Suggested Blog Reading – Monday July 16th, 2007

ReadAhhhh Monday……well after a long period of rest (read laziness) I’ve decided to get back on track. This means putting the CISSP exam in my sights, going back to the gym (yes my foot is finally feeling better), eating better, and generally getting more involved in security.

Here’s the list:

The Soft Underbelly? – Database Security – Why won’t people learn? I guess this is the kind of thing that keeps us in business.

It not surprising SQL Injection and database hacking are getting more frequent as people ramp up perimeter security more often than not they forget about interior security, software application security and most of all database security.

The irony is, generally THE most important information is stored in corporate databases. Including credit card details, social security information, corporate figures and all the guts that power the white-collar machine.

Oh Look. An Apple WORM. – It was only a matter of time really.

With a few hours work I have put together a proof of concept worm that works on Mac OS X (Intel). I need to get a hold of an older PPC Mac to test that platform but I suspect it will work just fine.

Before I say anymore, because I know some of you will ask, NO I will not send you the PoC or any related details. I wrote this for my own purposes and it will be demonstrated to those who asked me to engage in this work. Yes, I am being compensated for this (Hi Joanna) and yes, Apple will be shown my work. Eventually.

Internet Search Returns Westminster Student Information – I know I probably shouldn’t be surprised…but I am. Why can’t people understand the importance of protecting sensitive information from the public?

Barb, a Westminster College alumnae, received an unpleasant surprise while searching the Internet for her name. Among the results were two files hosted on the Westminster student web server containing the names and Social Security numbers of 100 current and former Westminster students. According to Laura Murphy, Westminster executive director of communications, the files were removed immediately after Barb notified the college and an investigation is on-going. According to Murphy, the files were placed on the web server through an innocent accident and these files were not easily accessible to non-students. However, Westminster is taking this incident seriously and has launched an investigation to help determine what steps need to be in place to prevent such accidents in the future. Westminster has contacted all 100 students and has agreed to pay for one year of credit monitoring for those affected by this incident.

Know Your Enemy: Fast-Flux Service Networks – Interesting article from The Honeynet Project. Check it out.

One of the most active threats we face today on the Internet is cyber-crime. Increasingly capable criminals are constantly developing more sophisticated means of profiting from online criminal activity. This paper demonstrates a growing, sophisticated technique called fast-flux service networks which we are seeing increasingly used in the wild. Fast-flux service networks are a network of compromised computer systems with public DNS records that are constantly changing, in some cases every few minutes. These constantly changing architectures make it much more difficult to track down criminal activities and shut down their operations.

In this paper we will first provide an overview of what fast-flux service networks are, how they operate, and how the criminal community is leveraging them, including two types which we have designated as single-flux and double-flux service networks. We then provide several examples of fast-flux service networks recently observed in the wild,. Next we detail how fast-flux service network malware operates and present the results of research where a honeypot was purposely infected with a fast-flux agent. Finally we cover how to detect, identify, and mitigate fast-flux service networks, primarily in large networking environments. At the end we supply five appendixes providing additional information for those interested in digging into more technical detail.

For your weekend viewing pleasure – Some botnet videos on YouTube.

Scroll to top