Security Stallions Blog "Musings of all things infosec…"

Daily Digs – 09.08.2009

Good evening ladies and gentlemen!  I almost inadvertently said it was Monday and it feels like forever since the last digs.  I've been out of pocket and/or busy unfortunately and digs usually takes a little time to get together.  But they're back and for our Labor Day week we started out with a lot of great articles.  On to the show...

First up is the SMB vulnerability.  Ahhhh, flashback to the early 90s when BSODs were all the rage and ripe for the picking.  Microsoft has handed us a blast from the past - providing this undocumented feature in Vista and Windows 7!  I'm sure you've already read about this one today, but if not here's the original source:
[Windows Vista/7 : SMB2.0 NEGOTIATE PROTOCOL REQUEST Remote B.S.O.D]

As a strong proponent for great OSS I noticed today that OSSEC v2.2 is out.  Now sporting some fabulous WordPress plugin functionality and some other extra bells and whistles.  Check the changelog for all the dirt.
[OSSEC v2.2 Released]

Are you a web dev that happens to be working with Flash?  Sucks to be you.  I mean HP has just the thing to help make sure your code doesn't completely suck!  HP SWFScan to the rescue.  (Disclaimer: I haven't tried this software so I'm not vouching / recommending this in any way)
[HP SWFScan]

Apparently beer and pizza can is some great brainstorming food because 'cktricky' and 'jack_mannino' came up with how to use Burp through TOR to maintain your anonymity.  Mubix is the voice for the screencast if you're a fan.  Yeah, there's vid for all ya'll #lazyweb folk.  No reading required.
[Obfuscating your IP using a Burp/TOR/Privoxy Combo]

I'm not sure where some of these organizations come from but here's a new one for me: ITIPA (Industry Trust for IP Awareness).  Yeah, not overly obvious but these guys came up with the all-clever 'Generation Y-Pay' label that they've given to the bulk of 16 to 34 year olds.  I fit this age range and gladly pay for all of my digital media.  Well, not always gladly, but I see the value and effort required to produce.  We're not all leechers ITIPA, maybe it's just those Brit youngsters.
[Generation Y-Pay]

Bored on your morning commute?  There's plenty of people out there that'll yammer their perspective on just about anything related to security these days.  Chris John Riley's compiled a great list.  Some of them are great and some of them sound like a broken record of Core Impact / Nessus advertisements, let's be honest.  Either way you can't beat the price!
[Filling Your iPod]

Ars has a fabulously more-in-depth-than-I-probably-needed article on the status of IPv4.  I don't agree with the general FUD laced throughout, but it's something to keep in mind.  Dust off those IPv6 books you bought from the last round of "OMG-THE-INTARWEBZ-IZ-ENDING-OH-HAI-IPV6", you'll need it - eventually.
[2010 Could be the Last Year of IPv4]

Not exactly the typical security relation here, but security in a different way.  More like security of interoperability when venturing into uncharted waters with regards to new tech.  Enter TomTom's OpenLR.  OpenLR will enhance your once boring drive to the grocery store through whizbang location based services that you'll wonder how you lived without.  OK, maybe not, but it's never a bad idea to be the first to open things up a bit - especially when it can be rather costly to build proprietary data stores that constantly repeated and generally lack optimum updates when it comes to the GPS market.  The times they are a-changin'.
[TomTom Launches Open Source Navigation Product]

Apparently DHS wants to be accountable to PCI these days.  Philosecurity brings us the info on what was retrieved from the ATS system in a real copy of an American citizen's record.  Scary scary.  Scary.
[What does DHS Know About You]

FUN STUFF - I just had to throw this in because apparently one of the largest games of Monopoly starts tomorrow.  Best be stayin' away from 4th Ave N in the 612 - all mine.
[Google Maps Giant Game of Monopoly]

I remember the days gone by when I used to rent a Nintendo on a Saturday morning and play non-stop until I had to return it the next day (my parents allowed computers but not consoles).  Now you can rent a botnet by the day!  Who'd have thunk?
[Want to Rent and 80-120k DDoS Botnet]

And here we go with some new trials and tribulations.  Some favorited tweets of the day:
--------------------------------------------------------------------------------------------------------

• SecBarbie FICO Credit scores are changing (finally) http://bit.ly/1XI27d
• etdsoft Dradis Framework OSVDB import plugin ready to go! http://bit.ly/1yqJxo
• robert_e_lee The TCP stuff is finally getting out there. -- See that last URL (MS09-048) for the MS specific report. http://is.gd/32FBW
• alexhutton WordPress goes RSSCloud - Push it like it's 1997! http://is.gd/32G0l
• backtracklinux New blog post: Metasploit Unleashed - Information Security Training at its best. http://tinyurl.com/kko9q4