Cyber Cyber Cyber!?!

November 1st, 2011 by peter.bassill

Caution – Rant within

Cyber

Well the press have gone mad for “Cyber” now. Everywhere is awash with news on massive Cyber attacks being conducted against the UK’s infrastructure and enterprise, but it leaves a burning question in my head; Why are all these systems susceptible to attack? If these systems are that important, air gap that shit. Don’t have it connected to the public Internet in the first place.

 

Read the rest of this entry »

A Weekends Experiment

April 1st, 2011 by peter.bassill

So, lets start with the question posed over a couple of ales today.

“How much malware would get installed on a server with a basic ‘IT Admin’ style configuration over a weekend?”

With a question like that being posed, an answer is needed, and this is the start of the journey for the weekend. At 1930 on the 1st of April we put live our nepenthes node looking like what can only be described as a moderatly configured server. It is certainly not to the standard I would allow anywhere near a corporate environment, but it is representative of many servers I encounter on the ‘net’.

Read the rest of this entry »

Nessus 4.2

January 11th, 2010 by peter.bassill

Having just migrated my current Nessus server up to the latest thread on 4.2.0, I must say I am impressed. A very neat and slick web front end making it a much more user friendly solution.

Oracle’s Upcoming Patches

January 9th, 2010 by peter.bassill

Tuesday will see the usual scheduled release of Oracles patch update’s containing 24 security fixes for its database, application server and other products.

Ten of the patches directly affect the database, and two of the vulnerabilities addressed can be remotely exploited over a network without the need for a username and password, according to Oracle.

Affected database components include Application Express Application Builder, Listener, Data Pump, OLAP, Secure Backup, Spatial and Universal Installer. Both 11g and 10g database releases are affected.

The update also includes three fixes for Oracle’s application server. All three address vulnerabilities that can be exploited without a username or password. They affect the server’s Access Manager Identity Server and Oracle Containers for J2EE components.

Full details of the latest update are available on Oracle’s Web site.