Building
by Enno Rey

Some Notes on the “Drop IPv6 Fragments” vs. “This Will Break DNS[SEC]” Debate

Some readers will probably be aware that we are amongst the proponents of a quite strict stance when it comes to filtering IPv6 packets with (certain) Extension Headers and/or fragmentation, because those can be the source of many security problems (as laid out here, here or here). Actually I still think it was a very good idea of, amongst others, Randy Bush and Ron Bonica to suggest the deprecation of IPv6 fragmentation in the IETF.
On the other hand there are voices arguing that fragmented IPv6 packets will be needed in some cases, namely DNS[SEC]-related ones.
In this post I will discuss some details of this debate (taking place in many circles, incl. this thread on the ipv6-hackers mailing list which, btw, you should subscribe to). Continue reading “Some Notes on the “Drop IPv6 Fragments” vs. “This Will Break DNS[SEC]” Debate”

Continue reading
Building
by Timo Schmid

Social Coding – Simple Things to Keep in Mind (updated)

The current trend of social coding finally arrived at ERNW! From now on, you will find our public released tools and scripts commonly on https://github.com/ernw. Therefore I would like to share some thoughts/guidelines which you have to keep in mind if you want to be a social coder: Continue reading “Social Coding – Simple Things to Keep in Mind (updated)”

Continue reading
Events
by Oliver Gebhard

hardwear.io: Applied Physical Attacks on x86 Systems

stolen off the internet

On Monday the 28th of September 2015 a rather rare event occurred. At around 4 a.m. the moon changed its colour into a dim of red, luckily the sky was clear enough to see something.

[ picture stolen from NASA ]

If you missed that event your next chance will be in about 15 years or so.

The reason for being awake this early wasn’t the moon in the first place but what followed afterwards – my trip to the hardwear.io Security Conference in The Hague. Continue reading “hardwear.io: Applied Physical Attacks on x86 Systems”

Continue reading
Building
by Enno Rey

The Strange Case of $SOME_SOFTWARE Adding an IPv6 Extension Header, and an Internet Router Dropping Them

Last week Christopher and I were the instructors of an IPv6 workshop. In this one we usually build a lab with the participants incl. a variety of routed segments and native IPv6 Internet access. Once the latter part is implemented people start poking around and surfing the Internet from their laptops, not least to find out which sites they can actually reach from an v6-only network (please note that actually there are many).

Continue reading “The Strange Case of $SOME_SOFTWARE Adding an IPv6 Extension Header, and an Internet Router Dropping Them”

Continue reading
Events
by Dominik Phillips

Being at VB2015…

I am currently at the 25th Virus Bulletin International Conference in Prague. The VB2015 is hosted by the Virus Bulletin portal and provides three full days of learning opportunities and networking.

VB2015 focuses on the key themes:

  • Malware & botnets

  • Anti-malware tools & techniques

  • Mobile devices

  • Hacking & vulnerabilities

  • Spam & social networks

  • Network security

Continue reading “Being at VB2015…”

Continue reading
Breaking
by Matthias Luft

VMware did it again: vCenter Remote Code Execution

Yesterday 7Elements released the description of a Remote Code Execution vulnerability in VMware vCenter. The information came in at a good point as I’m at the moment drafting a follow-up blogpost for this one which will summarize some of our approaches to virtualization security. The vCenter vulnerability is both quite critical and particularly interesting in several ways:

Continue reading “VMware did it again: vCenter Remote Code Execution”

Continue reading