= Tech Segment: Kismet Drone on OpenWrt Kamikaze Using Madwifi =
Once you've gotten the above installed you will need to install the compiled version of kismet that I did yesterday :)
<pre>ipkg install http://
Now you will need to put your card into monitor mode:
= Stories For Discussion =
[http://christ1an.blogspot.com/2007/07/dns-pinning-explained.html DNS Pinning: What's all the buzz about?] - [
PaulDotCom] - Many have been talking about DNS pinning, and esp Anti DNS Pinning which circumvents browser protections for script code to access web sites it did not originate from. It will be covered at Black Hat in a few people's talks, see [http://www.darkreading.com/document.asp?doc_id=129431 article].
[http://www.darkreading.com/document.asp?doc_id=130101 Data sharing? Sometimes too much!] - [Larry] - Sure, sometimes data sharing between partners can be a great thing for business. However, what happens when your partner doesn't take securing the data as serious as you do? This is why agreements are great. Make sure that agreement gives you the ability to audit their practices, has accountability, and sever-ability on breach...
[http://www.heise-security.co.uk/news/93030/from/atom10 Buffer Overflow Strikes tcpdump] - [
PaulDotCom] - A message to all users of Backtrack and other CD ISOs, you need to update. If there is no patch available, don't use this software. This appears to be a very easy vulnerability to exploit, "Based on an unfiltered integer overflow in the print-bgp.c file, specially crafted border gateway protocol (BGP) packets may cause a buffer overflow in a snprintf() function". How long has that vulnerability been present? Looks like its [http://milw0rm.com/exploits/1037 not the first time the BGP handling code has been exploited]. Yikes...
[http://ddanchev.blogspot.com/2007/07/cyber-jihadists-and-tor.html TOR Jihad!] - [Larry] - We always hear about using hacker tools for good. Keep in mind that it is a two way street, as apparently some Jihadists have some tutorials on using TOR (a tool for good) in order to hide their activities.
[http://www.f-secure.com/weblog/#00001233 Bulletproof Hosting?] - [
PaulDotCom] - Can't Google do something about this? There has to be a way for Google to come up with a SPAM rating, I mean come on, they produce some awesome stuff like Google Maps, but then let silly things like this get through. I'm not saying filter it, but a rating system of some kind or warning would be nice. Then again, false positives would really piss ppl off.
[http://www.hackszine.com/blog/archive/2007/07/howto_spoof_windows_tcpip_stac.html?CMP=OTC-7G2N43923558 Spoofing TCP/IP Fingerprints with Windows] - [Larry] Security Cloak is a tool for changing TCP/IP timestamp and window options for TCP/IP in the windows registry. I can think of a number of times where this may be useful.
[http://software.silicon.com/security/0,39024655,39167922,00.htm Social Networking Sites Leak Data] - [
PaulDotCom] - Well duh, if you but your birthday on MySpace! This is stuff that we as security professionals already know, but its part of our duty to inform everyone else. So the next time your sister or friend talks about how they put their cell phone number on myspace, don't let them!
[http://www.darkreading.com/document.asp?doc_id=130021 Hacking Without Exploits] - [Larry] - HDM's talk at BlackHat and DEFCON. I'm going to try to check it out, so I'll have the skinny. But, in a nutshell, HDM will be talking about a bunch of things that he fells pen-testers miss, and are hard to test with automated tools, given the variations in client site configurations...
[http://www.symantec.com/home_homeoffice/products/features.jsp?pcid=is&pvid=nab1 Anti-Botnet Technology?] - [
PaulDotCom] - The web site claims all sorts of good stuff, but how does it work? Where is the research to back this up? Sometimes I believe products do more to give people a false sense of security than they to do actually protecting people from threats. How does this protect you any better than Spybot, Ad-Aware, and Free-AVG combination?
[http://www.cisco.com/en/US/products/products_security_advisory09186a008088ab28.shtml Wireless Arp Storm Vulns for Cisco] - [Larry] - Instead of pwning the iPhone, the iPhone pwns j00! Wow, what a stupid bug for DoS. You'd think that Cisco's engineers would have thought about and tested this functionality...given the nature of the bug, and the nature of wireless clients.
[http://feeds.feedburner.com/~r/techtarget/Searchsecurity/SecurityWire/~3/136995138/0,289142,sid14_gci1265462,00.html BIND vulnerabilities, time to upgrade!] - [
PaulDotCom] BIND vulnerabilities releated to cache poisoning attacks. A good time to talk about recursive queries too!
[http://blog.metasploit.com/2007/07/pwnie-awards-nominate-your-favorites.html Its the Pwnie Awards!] - [
PaulDotCom] - Nominees for awards that include " Best Client-Side Bug" "Most Over-hyped Bug" and "best song"?