Posts with the tag Security...


passphraseless ssh

I have written articles in the past about ways to use passphraseless SSH keys in a secure manner, by using the the “command” parameter in the authorized_keys file. The one inconvenience with this method is that it only lets you specify one command. What if you want an account to be able to execute, say,…


SSH worm

Bruce Schneier discusses the viability of a SSH worm using the simple fact that ~/.ssh/known_hosts contains visited hostnames and keys, along with the fact that a compromised user/password on one machine will likely work on any of the other machines listed in ~/.ssh/known_hosts.



This is pretty cool — someone has integrated clamAV and snort so that you can alert or drop packets based on clamav signatures!


Hushmail Defaced

Hushmail’s website was defaced, recently, and they are placing the blame for the attack squarely on Network Solutions: Brian Smith, chief technical officer at Hushmail Communications Corp., said in an interview with Ziff Davis Internet News that the attacker or attackers simply called the Network Solutions Inc. support center and gained access to enough customer…


Money Prime – Nashville Spammer

Money Prime – Official Home In a previous article about local spammers, I mentioned that we typically figure out how we ended up on a list and then unsubscribe. This company is a little different – a more unscrupulous bunch. We have no affiliation or contact with them, and their ‘informative’ website provides no contact…


Localized Spammers

As the developer of Swirbo, CentreSource is highly sensitive to receiving spam messages – even when they come from our own backyard. When we do receive the such messages, we do a bit of investigating and try to understand how any of our staff ended up on the ‘newsletter’. Most of the time, we can…


Web attacks soar

Looks like web defacement attacks are way up: Web server attacks and website defacements rose 36 per cent last year, according to an independent report. zone-h, the Estonian security firm best known for its defacement archive, recorded 392,545 web attacks globally in 2004, up from 251,000 in 2003. Mass defacements (322,188) were by far the…



There have been some rumblings about problems created by installing Microsoft’s latest patch for XP, MS05-019. Well, turns out the problem has been identified. Fyodor, of nmap authoring fame, has some choice words on Microsoft’s decision to disable raw sockets. The solution, of course, is to upgrade to a server license.


secure routing

Geoff Huston over at Potaroo has a great article focusing on ways to secure routing transactions with BGP, including using a PKI. Routing protocols are particularly vulnerable to attack, as Geoff notes: It’s an area where the rewards of mounting a successful attack in the routing system can be very high. It is possible to…


malware summary

Alexander Gostev, the senior analyst over at Kaspersky has a comprehensive run-down of the threats facing the internet. It’s a very good read.