Simon Edwards • User • The Register Forums

Spotted in the wild: Home router attack serves up counterfeit pages

Thursday 24th January 2008 12:12 GMT Simon Edwards

It's not uPNP

Just to clarify, although uPNP may (or may not) provide a vulnerability that attackers could use in this type of attack, the real-world attack in question used a design flaw in the 2Wire router. This did not involve uPNP and neither did it require a cracked password.

More details at http://www.computershopper.co.uk/news/159414/hackers-attack-broadband-routers.html

0 0

Kaspersky false alarm quarantines Windows Explorer

Thursday 20th December 2007 17:59 GMT Simon Edwards

@ Tawakalna

Windows Explorer is not the same as Internet Explorer.

0 0

Interpol launches worldwide hunt for abuse pics man

Monday 8th October 2007 20:09 GMT Simon Edwards

Is it just my connection..?

Or has Interpol's site been down all day?

0 0

Tor at heart of embassy passwords leak

Monday 10th September 2007 10:50 GMT Simon Edwards

Overkill

It seems to me a bit odd that someone would go to the trouble of using Tor (to avoid traffic analysis, presumably) and then fail to use both encryption and a decent password (or either, for that matter). From what I can remember about the original story, some of the passwords were ridiculously simple.

I guess my question would be, how sure can we be that Tor was used to capture this data? Just an observation...

0 0

Are you serious about security?

Wednesday 29th August 2007 14:33 GMT Simon Edwards

@ Robert Grant

You said, "rootkits are bloody difficult to deploy compared to how easy Windows exploits have always been." Exploits are usually the path via which rootkits and other resident malware is introduced to a system, regardless of the OS. Just check your Unix-based system's SSH logs and you'll see a lot of automated attempts to log in. These are, in my experience, part of an attack that will attempt to drop a rootkit onto the system. In light of that, "you have to do so much to deploy a rootkit you may as well go create a Windows virus" does not make much sense.

Regarding the 'root' account: as we are playing with words here (root -> rootkit), it's only fair to point out that Windows does not have a default account called root. The administrator account is probably what you are thinking of. Mr Miles' point about the etymology of the word 'rootkit' still stands, to my mind, and further support can be found on the net. For example:

"The term rootkit (also written as root kit) originally referred to a set of precompiled Unix tools such as ps, netstat, w and passwd that would carefully hide any trace of the intruder that those commands would normally display, thus allowing the intruders to maintain root access (highest privilege) on the system without the system administrator even seeing them." [Wikipedia]

0 0

Wednesday 29th August 2007 13:19 GMT Simon Edwards

Rootin' tootin'

chkroot is a Linux tool used to detect rootkits on, well, Linux. These threats existed long before the Windows rootkits became prevalent. Not that long ago an alpha version of a proof of concept rootkit for NT was available. That was the first, AFAIK.

0 0

Torture and '24' - because it hurts us less than the real thing?

Friday 23rd February 2007 13:06 GMT Simon Edwards

Months of torture

It is worth bearing in mind that one reason why the show "24" doesn't show months of interrogation is that one entire series is supposed to represent just "24" hours. A single month of interrogation would span 12 series, which would amount to a rather slow-paced show.

0 0

Topics

Special Features

Vendor Voice

Resources

User topics

Article topics

Posts by Simon Edwards