Dragan on Security

Very interesting article at SecurityFocus - This article explores measures to attack those malicious attackers who seek to harm our legitimate systems. The proactive use of exploits and bot networks that fight other bot networks, along with social engineering and attacker techniques are all discussed in an ethical manner.

Read article here.

The VML exploit is growing quickly and a mass email attack could be just days away, warn security experts who are tracking the problem.

The exploit was first discovered early this week by Sunbelt Software. The exploit is a buffer overflow in the Vector Markup Language (VML) library that allows for remote code execution.

However, the real danger is that it could infect a computer without the user doing anything. All you had to do was have the preview pane turned on in Microsoft Outlook and that would be enough to launch the exploit. The preview pane would render the script in an email, and a script could be written to cause the buffer overflow.

VeriSign iDefense has been watching for VML attacks and saw some light traffic, but on Thursday morning, “our board lit up like a Christmas tree,” said Ken Dunham, director of the rapid response team at VeriSign.

Read more here.

Microsoft advisory is here.

Symantec security response is here.

Security researchers are alleging that a zero-day exploit for Microsoft’s Internet Explorer is in the wild.

The vulnerability stems from a buffer overflow condition in IE for an XML component called Vector Markup Language (VML). VML handles vector images that are specified via XML inside of an HTML page…

Click here to read full article.

The United States is not prepared to effectively coordinate a public/private recovery from a major attack on the Internet, cyber security officials told Congress …

Click here to read more.

Microsoft is developing a new language to improve the security of grid environments through features such as decentralized authorization policies, according to the company’s Blair Dillaway. The Security Policy Assertion Language (SecPAL) is a product of an ongoing Microsoft initiative to develop solutions for access control in large-scale grid environments. The need for tight control over trust relationships and delegated access rights has become more important than ever with the development of broad-based, decentralized distributed computing. The SecPAL prototype mimics a multidomain grid environment, incorporating existing Microsoft products and industry standards such as XML. The need for a new language to express security policies comes from the difficulty of describing the multitude of entities and relationships in large-scale grid environments. In addition to access control, SecPAL is also a tool “for expressing trust relationships, authorization policies, delegation policies, identity and attribute assertions, capability assertions, revocations, and audit requirements,” Dillaway said in a white paper. The language also lessens the reconciliation requirements for disparate security technologies and the need for semantic translation. SecPAL enables a grid user to temporarily delegate a subset of access rights to another user who needs them for a particular job while keeping the rest of the rights restricted. Dillaway claims that SecPAL is more efficient and usable than existing technologies. In the future, SecPAL could be applied to automated access delegation, job management rights, and constrained trust management, Dillaway said. (Source: ACM TechNews; Friday, September 15, 2006).

Click Here to View Full Article

You can download my free book from http://www.conwex.info/draganp/books_OS_Unix_Linux.html. Book is written in Serbian language.

Researchers at Central Missouri State University have used a stable of 850 computers to find the world’s largest prime number. With 9.8 million digits, the number found by math and computer science professor Curtis Cooper and chemistry professor Steven Boone tops their discovery last December of a prime number with 9.15 million digits. “It’s another great discovery,” said Richard Crandall, a Reed University professor who developed the algorithm behind the software that the researchers are using. “The are to be commended for their good luck,” he added. The Electronic Frontier Foundation is offering a $100,000 prize to anyone who can find a prime number with 10 million digits. With only 850 computers dedicated to the search for prime numbers, of which there are an infinite number, the researchers would only be expected to produce a breakthrough finding roughly once a decade, Crandall said. The software is available for free and can run on anyone’s computer. The program runs whenever the computers are on, but it is a low priority so it does not interfere with the computer’s other operations. Each computer receives an untested number from a server in San Diego. Each computer takes about 30 to 40 days to test a number on the order of 9 million digits. Before Cooper and Boone made their breakthrough last December, just eight out of the thousands of people around the world running the software had come up with record prime numbers. Some 44,000 groups throughout the world are using the software on 71,000 computers. While Cooper and Boone have clearly had luck on their side, they also are the group with the largest number of computers, and they have limited their search to numbers in the 9-million digit range, while other groups chasing the prize money could be searching in the 10-million digit range, the researchers say (Source: ACM TechNews; Friday, September 15, 2006).

Click Here to View Full Article