Wednesday, October 14, 2009
Computer World Article
Using the new solid state memory instead of hard drives saves more than 99% of the power used by the servers, but solid state memory only has a limited number of write cycles, somewhere between 1,000 and 100,000 depending on the type. Then the disks are fried.
Someone write a program to constantly update and upload information to their my space account.
Thursday, April 23, 2009
The thing is, the packet was in plain-text and not validated so I decided to do some research to see whether STP in conjunction with MAC spoofing could be used to DOS a network.
Spanning Tree Protocol works by creating a minimum spanning tree of the network switches so no loops are established. The packet flow created is not the minimum spanning tree of the entire network, but a minimum spanning tree from a given node elected to be the root node.
STP is designed to help elect a root node.
This is exploitable because an attacker can disrupt a minimum spanning tree and force a new election. By creating packets from a fake switch and getting elected root node by setting the ID to 1, an attacker can send the networks switches into a constant state of re-election. A more detailed explanation can be found as well as proof of concept code at http://lucastomicki.net/attacking.stp.php.
I also got a bunch of free boxes from USPS. Of course they are all for mailing stuff. Doing otherwise could be a felony. But there are a bunch of cool youtube videos of things to do with free USPS or DHL boxes.
Tuesday, February 17, 2009
Turning to the web for answers, we realized that these machines that we had stumbled upon, 5 to be exact, were most likely a part of the storm botnet. After collecting a few more pieces of data we decided to leave the machines alone.
Today I was reading a little more about the botnet on the web when I came across a webpage on which Microsoft takes credit for dismantling the storm botnet.First of all the storm botnet is hardly dismantled. Second, its Microsoft's fault the botnet got as large as it did in the first place. Even if they did reduce it in number, thats nothing to brag about. Their product is hosting something with enough power to mess up the Internet across the globe. Its not the time for bragging.
Proprietary software makes me ill.
Monday, February 9, 2009
After uploading a sample webpage, I navigated and veiwed its source. After re-uploading, a few slightly modified versions of that page I noticed that the hosting service was appending the code for all of its ads right after the first <body> tag. I experimented with comments, trying things like <body <!-- but whenever I placed the last > the ad code would escape the comment.
I decided to bend the rules of HTML. To solve the problem I made the first <body <!-- tag and then another <body> after it. The ad code generated by the HTML parser ended the comment and my second body tag worked perfectly. Wa-lah, no ads. Mark one loss for HTML parsers. Mark one win for me.
Sunday, February 8, 2009
For example, root access on a Unix machine with Grub can be as simple as restarting the machine, waiting for the grub bootloader to run, highlighting the operating system to boot and pressing 'e' to edit the bootloader settings for that entry. Administrative access is granted on Unix machines in single user mode, or run level 1. This mode can be accessed by adding the word 'single' to the end of the kernel line. After booting to single user mode, an attacker can drop to a root terminal and create a new user with administrative access or install another backdoor. System compromised.
My older laptop is a Toshiba Satellite M105 with a Phoenix Trusted Core BIOS. One day as part of an experiment, I set a BIOS password on the computer. A week passed before I returned to thus particular project, and I could no longer remember the BIOS password. I thought it was no big deal, and looked up the Phoenix backdoor passwords which included BIOS, CMOS, phoenix, and PHOENIX. After trying the first three, my computer shut off, and after the last I was still locked out. An hour later I had disassembled my laptop and taken a soldering iron to the BIOS battery. A few hours later I hoped the BIOS would forget the password. I got a bad checksum error, but when I tried to continue I was again prompted for the password. I understand the backdoor passwords not existing, because thats just stupid, but there is no way for me to recover this password short of reprogramming part of the BIOS and replacing a chip. There is a plausible possibility that I might not get to use that computer ever again.$700 down the drain to good security.