For years, IPv4 was the only proxy type that really mattered for anyone running automation off a Linux box. IPv6 was the protocol everyone said they’d migrate to, but almost nobody actually did. In 2026, that’s finally starting to shift.
...
Future worms could evade a network of early-warning sensors hidden across the Internet unless countermeasures are taken, according to new research.
In a pair of papers presented at the Usenix Security Symposium here Thursday, computer scientists said would-be attackers can locate such sensors, which act as trip wires that detect unusual activity. That would permit nefarious activities to take place without detection.
There's some new information on last week's Lynn/Cisco/ISS story: Mike Lynn gave an interesting interview to Wired. Here's some news about the FBI's investigation. And here's a video of Cisco/ISS ripping pages out of the BlackHat conference proceedings.
Hundreds of thousands of Internet servers are at risk of an attack that would redirect unknowing Web surfers from legitimate sites to malicious ones.
In a scan of 2.5 million so-called Domain Name System machines, which act as the White Pages of the Internet, security researcher Dan Kaminsky found that about 230,000 are potentially vulnerable to a threat known as DNS cache poisoning.
Last week, former Internet Security Systems researcher Michael Lynn presented at the Black Hat USA 2005 conference a reliable process that could be used to exploit Cisco routers running the Internetworking Operating System (IOS.)
Even though the exact exploit demonstrated during his presentation was not disclosed, Lynn showed enough details to prove that the exploit is real and that previous misconceptions that routers and switches are not exploitable are false.
Although security software can identify when an attacker is performing reconnaissance work on a company's network, attackers can find network topology information on Google instead of snooping for it on the network they're studying, he said. This makes it harder for the network's administrators to block the attacker. "The target does not see us crawling their sites and getting information," he said.
It's Saturday night, a time for blowout parties at the annual DEF CON hacker convention, including the Goth-flavored Black and White Ball. But a half dozen researchers in the nondescript room quietly drink, stare at the screens of their laptops, and in low voices, discuss how to compromise two flat metal boxes sitting on a sofa side table: Cisco routers.
Cisco Systems Inc. on Friday confirmed that a security hole in its Internetwork Operating System could be exploited by remote attackers to execute arbitrary code.
One can only imagine what raced through Michael Lynn's mind the penultimate moment before he saved or sacrificed our nation's critical infrastructure, depending on your take of the researcher's Black Hat Briefings presentation this week.
"There are many research reports that try to compare the number of vulnerabilities between Linux and other operating systems but none take into account the severity of the issues." said Mark Cox head of the Red Hat security response team, "This report shows there are relatively few critical issues affecting users of Linux based operating systems. However, we believe even one is unsatisfactory, and our strategy is to rapidly respond to fix these issues whilst innovating new technology to reduce the risk of future issues."
Kerberos, the popular authentication protocol developed by the Massachusetts Institute of Technology, is vulnerable to three serious flaws that could allow an attacker to gain access to protected corporate networks, MIT researchers disclosed late on Tuesday.
Forty-five percent of corporate chief security officers believe a "digital Pearl Harbor" will take place eventually, with 13 percent anticipating such an attack within a year, according to a survey by CSO Magazine.
This is a review of the new release of LANguard Network Security Scanner (GFI LANguard NSS) from GFI. NSS will scan computers for known vulnerabilities and common misconfigurations and other potential security issues. It produces reports that can be used to assist in the tracking and mitigation of security issues that have been identified. Furthermore, NSS provides patch management capabilities that allow you to centrally download and push out patches to systems with identified vulnerabilities.
Constant monitoring and troubleshooting are key to maintaining a network's availability. With ngrep, you can analyze network traffic in a manner similar to that of other network sniffers. However, unlike its brethern, ngrep can match regular expressions within the network packet payloads. By using its advanced string matching capabilities, ngrep can look for packets on specified ports and assist in tracking the usernames and passwords zipping off the network, as well as all Telnet attempts to the server.
Web sites both big and small face the risk of having their Web addresses stolen because of flaws in the way domain names are registered, transferred and tracked, a report released this week found.
A Korea-UK team (contact Myungshik Kim, Queen's University, Belfast, This email address is being protected from spambots. You need JavaScript enabled to view it., or Chilmin Kim, Paichai University) has introduced a method for preventing several clever attacks against quantum cryptography, a form of message transmission that uses the laws of quantum physics to make sure an eavesdropper does not covertly intercept the transmission. Making the message sender and receiver a little blind to each other's actions, the researchers have shown, can bolster their success against potential eavesdroppers.
You've got to hand it to the IT security industry for its ability to coin new and impressive sounding terms for security threats. Hot on the hells of WiPhishing and Evil Twins comes the latest buzz word for wireless Lan security: phlooding.
A U.K.-based security firm is touting a new service that scours corporate networks for zombies -- PCs that have been hijacked without the owner's knowledge and turned into spam-spewing engines.
Software maker Opera's decision to support BitTorrent has added to some security experts' worries that applications which require open connections through firewalls are becoming increasingly popular.
Representatives from 37 e-mail technology companies used a one-day Summit in New York on Tuesday to exhort private sector administrators and online marketers to adopt e-mail sender authentication technology that helps block spam and phishing attacks.
What is the secret to network security? In the wake of recent high-profile security breaches like at LexisNexis and MasterCard, it's worth asking what it takes to nail down network security --- and what are the secrets not everyone knows?
