<< Previous Next >>
network security
They ignore the emails to abuse@google.com)
--
Michael Scheidell, CTO
>|SECNAP Network Security
Winner 2008 Network Products Guide Hot Companies
FreeBSD SpamAssassin Ports maintainer
_________________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
Although it is often difficult to block traffic that transits a
network, it is possible to identify traffic that should never be
allowed to target infrastructure devices and block that traffic
at the border of your network. Infrastructure ACLs are considered
a network security best practice and should be considered as a
long-term addition to good network security as well as a workaround
for this specific vulnerability. The white paper "Protecting
Your Core: Infrastructure Protection Access Control Lists"
(http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a00801afc76.shtml)
presents guidelines and recommended deployment
Because of the size of the copy, an access violation is inevitable, but
in programs (such as Microsoft Office applications) that attempt to
handle the exception, successful exploitation has been demonstrated.
Protection:
Retina Network Security Scanner has been updated to identify this
vulnerability.
Blink Endpoint Vulnerability Prevention preemptively protects from this
vulnerability.
Vendor Status:
Infrastructure Acess Control Lists (iACLs). Although it is often
difficult to block traffic that transits a network, it is possible to
identify traffic that should never be allowed to target
infrastructure devices and block that traffic at the border of
networks. Infrastructure Access Control Lists (iACLs) are a network
security best practice and should be considered as a long-term
addition to good network security.
The white paper entitled "Protecting Your Core: Infrastructure
Protection Access Control Lists" presents guidelines and recommended
deployment techniques for infrastructure protection access lists and
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
LACSEC 2012
7th Network Security Event for Latin America and the Caribbean
May 6-11, 2012, Quito, Ecuador
http://lacnic.net/en/eventos/lacnicxvii/
LACNIC (http://www.lacnic.net) is the international organization based
Using Infrastructure Access Control Lists (iACLs) may help limit the
attack surface of this vulnerability. Although it is often difficult
to block traffic that transits a network, it is possible to identify
traffic that should never be allowed to target infrastructure devices
and block that traffic at the border of networks. iACLs are a network
security best practice and should be considered as a long-term
addition to good network security. Because some packets that may be
used to exploit this vulnerability could utilize UDP as a transport,
an attacker could spoof the sender's IP address, which may defeat
ACLs that permit communication to these ports from trusted IP
addresses. To provide a better mitigation solution, administrators
This is a reminder that online registration for HITBSecConf2008 -
Malaysia, the largest network security conference in Asia and the Middle
East, closes on the 24th of October - walk in registrations are still
accepted thereafter but prices increase to MYR1099. To book your seats
online, please register through:
http://conference.hitb.org/hitbsecconf2008kl/register/
27th & 28th October 2008
========================
+--------------------------------------------
Although it is often difficult to block traffic transiting your
network, it is possible to identify traffic which should never be
allowed to target your infrastructure devices and block that traffic
at the border of your network. iACLs are a network security best
practice and should be considered as a long-term addition to good
network security as well as a workaround for this specific
vulnerability. The iACL example shown below should be included as
part of the deployed infrastructure access-list which will protect
all devices with IP addresses in the infrastructure IP address range:
If you get this (on 5.1, a little different than 5.0) than its patched:
(note the escaped <a>)
--
Michael Scheidell, CTO
>|SECNAP Network Security
Winner 2008 Network Products Guide Hot Companies
FreeBSD SpamAssassin Ports maintainer
Mobility and Security that will be held from 7 to 10 May 2012 in
Istanbul, Turkey.
NTMS'2012 aims at fostering advances in the areas of New Technologies,
Wireless Networks, Mobile Computing, Ad hoc and Ambient Networks, QoS,
Network Security and E-commerce, to mention a few, and provides a
dynamic forum for researchers, students and professionals to present
their state-of-the-art research and development in these interesting
areas.
The event will be combined with tutorial sessions and workshops.
Topics of interest include, but are not limited to the following:
* New Attack and Defense Techniques
* Reverse Code Engineering
* Network Security
* Forensics and Incident Response
* WLAN, GPS, HAM Radio, Satellite, RFID and Bluetooth Security
* Cryptography
* Hardware Hacking
* Malware Analysis
Vulnerability : several
Problem type : local(remote)
Debian-specific: no
CVE Id(s) : CVE-2009-2404 CVE-2009-2408 CVE-2009-2409
Several vulnerabilities have been discovered in the Network Security
Service libraries. The Common Vulnerabilities and Exposures project
identifies the following problems:
CVE-2009-2404
Although it is often difficult to block traffic that transits a
network, it is possible to identify traffic that should never be
allowed to target infrastructure devices and block that traffic at
the border of networks. Infrastructure Access Control Lists (iACLs)
are a network security best practice and should be considered as a
long-term addition to good network security as well as a workaround
for these specific vulnerabilities. The iACL example below should be
included as part of the deployed infrastructure access-list which
will protect all devices with IP addresses in the infrastructure IP
address range:
*** TOPICS ***
Topics are encouraged, but not limited to:
- Intelligent Data Mining for Network Security: Intrusion Detection Systems,
Log Correlation Methods, Adaptive Defense of Network Infrastructures.
- Learning Methods for Text Mining in Intelligence and Security:
Document Classification and Processing, Ontologies and Conceptual
Information
Reported By:
Anonymous researcher working with the iDefense VCP (CVE-2007-5325)
Dyon Balding of Secunia Research (CVE-2007-5326)
Cocoruder of Fortinet Security Research Team (CVE-2007-5327)
Tenable Network Security (CVE-2007-5328)
Pedram Amini of DV Labs (dvlabs.tippingpoint.com) (CVE-2007-5329)
Dyon Balding of Secunia Research (CVE-2007-5330)
eEye Digital Security (CVE-2007-5331)
shirkdog (CVE-2007-5332)
Although it is often difficult to block traffic transiting your
network, it is possible to identify traffic that should never be
allowed to target your infrastructure devices and block that traffic
at the border of your network. Infrastructure ACLs are considered a
network security best practice and should be considered as a
long-term addition to good network security as well as a workaround
for this specific vulnerability. The ACL example shown below should
be included as part of the deployed infrastructure access-list, which
will protect all devices with IP addresses in the infrastructure IP
address range.
+--------------------------------------------
Although it is often difficult to block traffic transiting your
network, it is possible to identify traffic which should never be
allowed to target your infrastructure devices and block that traffic
at the border of your network. iACLs are a network security best
practice and should be considered as a long-term addition to good
network security as well as a workaround for this specific
vulnerability. The iACL example shown below should be included as
part of the deployed infrastructure access-list which will protect
all devices with IP addresses in the infrastructure IP address range:
CA Advisory Date: 2009-01-07
Reported By:
Michel Arboi of Tenable Network Security
Impact: A remote attacker can execute arbitrary commands.
+--------------------------------------------
Although it is often difficult to block traffic transiting your
network, it is possible to identify traffic that should never be
allowed to target your infrastructure devices and block that traffic
at the border of your network. iACLs are a network security best
practice and should be considered as a long-term addition to good
network security as well as a workaround for this specific
vulnerability. The iACL example shown below should be included as
part of the deployed infrastructure access-list that will protect all
devices with IP addresses in the infrastructure IP address range. If
Although it is often difficult to block traffic that transits a
network, it is possible to identify traffic that should never be
allowed to target infrastructure devices and block that traffic at
the border of networks. Infrastructure ACLs (iACLs) are a network
security best practice and should be considered as a long-term
addition to good network security as well as a workaround for this
specific vulnerability. The iACL example below should be included as
part of the deployed infrastructure access-list, which will help
protect all devices with IP addresses in the infrastructure IP
address range:
* Infrastructure Access Control Lists
Although it is often difficult to block traffic that transits a
network, it is possible to identify traffic that should never be
allowed to target infrastructure devices and block that traffic
at the border of networks. Infrastructure Access Control Lists
(iACLs) are a network security best practice and should be
considered as a long-term addition to good network security as
well as a workaround for these specific vulnerabilities. The iACL
example below should be included as part of the deployed
infrastructure access-list which will protect all devices with IP
addresses in the infrastructure IP address range:
> In this article by Robert McMillan, some details are shared in English:
>
> ----------
> Discovered by Czech researchers, the botnet has been spreading by taking
> advantage of poorly configured routers and DSL modems, according to Jan
> Vykopal, the head of the network security department with Masaryk
> University's Institute of Computer Science in Brno, Czech Republic.
>
> The malware got the Chuck Norris moniker from a programmer's Italian comment
> in its source code: "in nome di Chuck Norris," which means "in the name of
> Chuck Norris." Norris is a U.S. actor best known for his martial arts films
immediately update the latest software version.
Download: http://www.bigace.de/BIGACE-2.7.2.html
4. About Bkis
Bkis is Vietnamese leading Company in researching, deploying network
security software and solutions.
Official website: http://www.bkis.com
Blog: http://blog.bkis.com and http://security.bkis.com
--
Michael Scheidell, CTO
Phone: 561-999-5000, x 1259
> *| *SECNAP Network Security Corporation
* Certified SNORT Integrator
* 2008-9 Hot Company Award Winner, World Executive Alliance
* Five-Star Partner Program 2009, VARBusiness
* Best Anti-Spam Product 2008, Network Products Guide
-- Disclosure Timeline:
2007.01.12 - Vulnerability reported to vendor
2007.11.26 - Coordinated public release of advisory
-- Credit:
This vulnerability was discovered by Tenable Network Security.
-- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.
CVE-2010-4113 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 10.0
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
The Hewlett-Packard Company thanks Tenable Network Security, SilentSignal, and an Anonymous researcher working with TippingPoint's Zero Day initiative for reporting this vulnerability to security-alert@hp.com.
Note: The affected product is HP Power Manager (HPPM).
HP Power Manager (HPPM) is software that enables users to monitor, manage, and control power environments through comprehensive control of individual HP Uninterruptible Power Systems (UPSs).
HPPM should not be confused with another product with a similar name: HP Insight Power Manager (IPM)
===================================================
--
Victor Ribeiro Hora <victor@tempest.com.br>
Network Security Analyst & Security Baselines development
Tempest Security Intelligence
www.tempest.com.br
> Reference Service *might* be able to provide some guidance as well.
>
>
> --
> Michael McDonnell, GCIA
> Network Security Analyst
> University of Alberta Libraries
> Information Technology Services
> michael.mcdonnell@ualberta.ca
>
>
caused by the use or misuse of this information.
XIII. ABOUT
-------------------------
Internet Security Auditors is a Spain based leader in web application
testing, network security, penetration testing, security compliance
implementation and assessing. Our clients include some of the largest
companies in areas such as finance, telecommunications, insurance,
ITC, etc. We are vendor independent provider with a deep expertise
since 2001. Our efforts in R&D include vulnerability research, open
security project collaboration and whitepapers, presentations and
contact information
* A brief but informative description about your talk
* Short biography of the presenter, including organization, company
and affiliations
* Estimated time-length of presentation
* General topic of the speech (eg.: network security, secure
programming, computer forensics, etc.)
* Any other technical requirements for your lecture
* Whether you need visa to enter Brazil or not
Speakers will be allocated 50 minutes of presentation time, although, if
<<Previous Next>>
|
