Insinuator.net – Page 69 – Bold Statements

July 26, 2013 by Enno Rey

IPv6 Hackers Meeting @ IETF 87, Berlin

Next to IETF 87 going on in Berlin in a few days there will be an informal meeting of the “IPv6 Hackers” on Tuesday. We really look forward to personally meet a number of people who we (so far) only know from the associated mailing list or similar machine-enhanced exchange. We hope to contribute as well. Based on the stuff of this workshop from the IPv6 Security Summit at Troopers13 we might give a short project presentation along the lines of “Some Notes on Testing the Real-World IPv6 Capabilities of Commercial Security Products”, providing an overview of some testing done on commercial gear, together with a discussion of testing approaches, tools and key aspects.

I currently discuss this potential input with the guy who gratefully organized the meeting. In any case I encourage everybody interested in IPv6 security to show up there (you don’t have to be registered to IETF 87) as there’s not much that can substitute meeting in person to discuss how to make the IPv6 world a safer place.

best

Enno

Breaking

July 23, 2013 by Daniel Mende

BlackBerry 10 USB Modes

So we got these shiny new BlackBerry Q10 and Z10 device laying on the desk one morning. It’s my first BlackBerry, I have to admit, but never the less, the hole wushy GUI and touchy glass stuff wasn’t my main concern, instead i took a look at the stuff going on while you connect the phone (do i have to call it blackberry? its a phone, isn’t it?) to your computer.

Continue reading “BlackBerry 10 USB Modes”

Building

July 21, 2013 by Enno Rey

Some Notes on Types of Security Controls & the Way they’re Implemented in Enterprise Environments

Welcome back, Dear Reader,

in this post I’d like to share some reflections on the (potentially inefficient) way some security controls can be observed to be deployed in complex organisations and what this may mean for the future of those controls.

In general the space of security controls can be categorized according to different schemes, such as:

By fundamental principle (preventive, detective, reactive, corrective, deterrent, compensating etc. security controls. see for example this overview or this one or some illustration here).
By “state of matter” (e.g. components, implementation, operations. again, for some supplemental information look at this one).
By type of admission: whitelisting vs. blacklisting (some general discussion here, the respective Schneier-Ranum Face-Off to be found here, and this is only Bruce’s half, but with a number of comments).
Related to the overall architecture of implementation: centralized vs. distributed.

For today’s topic I’ll just focus on the latter two and will introduce those shortly.

Continue reading “Some Notes on Types of Security Controls & the Way they’re Implemented in Enterprise Environments”

Misc

July 14, 2013 by Enno Rey

Ganz Gallien?

“Nein! Ein von unbeugsamen Galliern bevölkertes Dorf hört nicht auf, dem Eindringling Widerstand zu leisten.”

This is a famous quote pretty much every German kid used to know. Not sure if this still applies though, my three haven’t touched Asterix comics so far. Anyhow, you might ask why I cite this.

Simple answer: see this recent article from the Guardian on a Utah-based ISP “resisting some pressure”. That’s the spirit…

Have a great Sunday everybody,

Enno

Events

July 11, 2013 by Florian Horsch

Pre-Weekend Goody: TROOPERS13 Video

Enjoy! After seeing this I personally feel like signing up for the TROOPERS14 Enthusiast Package 😉

Carry on
Florian & Team

Breaking

July 8, 2013 by Felix Wilhelm

Reverse Engineering Tools Part 1: BinDiff

When teaching courses on topics like Reverse Engineering or Malware Analysis we always emphasize the need to minimize unneeded work. Because reversing an unknown binary is a time consuming and complex process, tools that simplify the RE process are invaluable when working under time pressure. In this blogpost series I will present multiple tools and techniques that can help to reverse an unknown binary. Please note that these articles do not contain cutting edge research but rather target at newcomers. However, I hope to also provide some useful and interesting information for moreexperienced practitioners.
Continue reading “Reverse Engineering Tools Part 1: BinDiff”

Building

July 1, 2013 by Friedwart Kuhn

EMET v4.0 with New Certificate Trust Feature Released

Microsoft released EMET v4.0 with a new (security) feature that enables protection against fraudulent websites or compromised root certification authorities (do you remember Comodo, DigiNotar, DigiCert, Turktrust et al. ;-)?)

EMET defines via “certificate trust“ a trust chain between the domain name of a website (and its associated website certificate) and a root CA certificate. This is done through so called “pinning rules”. Here is one of the default pinning rules of EMET 4.0 for the domain name login.live.com:

Continue reading “EMET v4.0 with New Certificate Trust Feature Released”

Events

June 30, 2013 by Florian Horsch

TROOPERS14 Registration Open + TROOPERS13 Photos Online

Dear blog followers, TROOPERS speakers & attendees,
we hope you’re doing fine! Today we have a couple of great things to share with you:

TROOPERS14
Let’s start with a date. Get your calendar and mark March 17th – 21st 2014. It’s your TROOPERS14 holidays. One week full of high-end education, workshops, talks, reconnecting with friends, action, delicious food and one or the other party. You know the drill – more details further down.

Continue reading “TROOPERS14 Registration Open + TROOPERS13 Photos Online”

Breaking

June 25, 2013 by Enno Rey

Slides & Scripts from Antonios Atlasis’ “Advanced Attack Techniques against IPv6 Networks” Workshop

After his great presentations on IPv6 Extensions Headers and security problems related to fragmentation we had invited Antonios Atlasis to Heidelberg to give this workshop at ERNW. It was a great experience with many fruitful discussions between the participants (mostly security practitioners from very large organizations planning to have their Internet edge IPv6 enabled within the next 6-12 months) and him/us. Antonios thankfully decided to make his slides and scripts available for those interested in further research on the topics (it should be noted that the scripts have not been tested thoroughly and he’s happy to receive feedback of any kind at antoniosDOTatlasisDOTgmailDOTcom). Today Marc (Heuse) gives his workshop on pentesting in the IPv6 age. Hopefully such events help to move things into the right direction in the IPv6 security space…

Best

Enno

Building

June 5, 2013 by Enno Rey

Microsoft Doc “Best Practices for Securing Active Directory”

Hi,

MS just released a new guide on securing Active Directory. At the first glance seems a fairly comprehensive document to me.

At this occasion I may furthermore draw your attention to our (German language) newsletter no. 40 covering hardening MS Windows Server 2008 + AD.

have a good one,

Enno