Privacy, Security Archive

Here is an article explaining how shellcodes work: "This article is not a guide on writing exploits, nor an overview of popular vulnerabilities. This is a step-by-step guide on developing a shellcode, a crucial point of any exploit software. Hopefully, learning how they work will help conscientious and respectable developers and system administrators to understand how malefactors think and to defend their systems against them."

Trusted operating systems have been used for some time to lock down the most sensitive of information in the most sensitive of organizations. But with security concerns rising and changing by the hour, it's now a matter of trust for any organization looking to tighten its computing ship. Several vendors, including Red Hat, Sun Microsystems and Novell, are responding by adding and/or improving trusted elements in their operating system offerings.

"Security and validation are critical issues in computing, and the next fifty years will be harder than the last. There are a number of proven programming techniques and design approaches which are already helping to harden our modern systems, but each of these must be carefully balanced with usability in order to be effective. In this talk, Alan Cox, fellow at Red Hat Linux, explores the future of what may be the biggest threat facing software engineers, the unverified user."

"Windows has grown so complicated that it is harder to secure. Well, these images make the point very well. Both images are a complete map of the system calls that occur when a web server serves up a single page of html with a single picture. The same page and picture. A system call is an opportunity to address memory. A hacker investigates each memory access to see if it is vulnerable to a buffer overflow attack. The developer must do QA on each of these entry points. The more system calls, the greater potential for vulnerability, the more effort needed to create secure applications."

In a rare discussion on the severity of the Windows malware scourge, a Microsoft security official said businesses should consider investing in an automated process to wipe hard drives and reinstall operating systems as a practical way to recover from malware infestation. "When you are dealing with rootkits and some advanced spyware programs, the only solution is to rebuild from scratch. In some cases, there really is no way to recover without nuking the systems from orbit."

Microsoft at the 11th hour has extended support for a popular tool that lets users scan Windows computers for unpatched programs and other security flaws. They originally planned to end support for version 1.2 of the Microsoft Baseline Security Analyzer on Friday. However, following user feedback, the company has now extended support until an undetermined date.

As crazy as it sounds, a member of Microsoft's security team has blasted Apple for failing to coordinate its security efforts and to issue proper security advice. Stephen Toulouse, communications manager for Microsoft's security response team, has blogged that Apple needs a "security czar" to batten down the hatches against an growing number of attacks on the company's OS X.

Lab rats at Microsoft Research and the University of Michigan have teamed up to create prototypes for virtual machine-based rootkits that significantly push the envelope for hiding malware and that can maintain control of a target operating system. The proof-of-concept rootkit, called SubVirt, exploits known security flaws and drops a VMM (virtual machine monitor) underneath a Windows or Linux installation. Once the target operating system is hoisted into a virtual machine, the rootkit becomes impossible to detect because its state cannot be accessed by security software running in the target system.

It's official, boys and girls: it's easier to kick in a door when it's open. "A test has revealed that a Linux server is far less likely to be compromised. In fact, unpatched Red Hat and SuSE servers were not breached at all during a six-week trial, while the equivalent Windows systems were compromised within hours. However, patching does make a difference. Patched versions of Windows fared far better, remaining untouched throughout the test, as did the Red Hat and Suse deployments."

"Internet Security Systems has published a report which shows that hackers and cyber criminals are developing malicious codes to exploit known vulnerabilities much faster than before. The X-Force Threat Insight Quarterly highlights that the number of vulnerabilities in 2005 has increased by over 33% over 2004. Analysts from X-Force, the research and development team at ISS evaluated 4472 vulnerabilities in both hardware and software during 2005. From the public announcement of the vulnerability on the internet, the report highlights that 3.13% of threats discovered had malicious code that surfaced within 24 hours, whereas 9.38% had code that surfaced within 48 hours."

"In this HowTo I will show how to install and configure DenyHosts. DenyHosts is a tool that observes login attempts to SSH, and if it finds failed login attempts again and again from the same IP address, DenyHosts blocks further login attempts from that IP address by putting it into /etc/hosts.deny. DenyHosts can be run by cron or as a daemon. In this tutorial I will run DenyHosts as a daemon."

"Last month, I looked at how long it took Microsoft to issue security updates for known software flaws in the Windows software that powers most of today's computers. Last week, I conducted the same analysis on free software produced by the Mozilla Foundation, perhaps best known for its Firefox Web browser. Over the past year, Mozilla averaged about 21 days before it issued fixes for flaws in Firefox, compared with the 135 days it took for Microsoft to address problems."

"This tutorial describes how to install and configure OpenSSH so that it will allow chrooted sessions for users. With this setup, you can give your users shell access without having to fear that they can see your whole system. Your users will be jailed in a specific directory which they will not be able to break out of."

Open source experts have hit back at a study published by the United States Computer Emergency Readiness Team that said more vulnerabilities were found in Linux/Unix than in Windows in 2005, labelling the report misleading and confusing. The report has attracted criticism from the open source community. Linux vendor Red Hat said the vulnerabilities had been miscategorised, and so could not be used to compare the relative security of Windows and Linux/Unix platforms.