When you miss two days of links they start to pile up in the, well, pile-o-links! Lots of good info in the security space for this week so we'll get right to it.
First up is all about ignorance. It seems, as reported by Larry Walsh, that security VARs do well when their customers are willing to take the look-the-other-way approach when it comes to security. Not surprisingly when events do happen it gives the particular VAR called in an opportunity to upsell services.
[Survey Shows Ignorance Works in Security VARs' Favor]
Quine, who now runs the Security Twits group, got some XSS fixed in SimpleID's login page.
[Simple ID XSS vuln -- FIXED]
A new (as of yesterday) proof of concept for hijacking lightweight Cisco APs has been dubbed "skyjacking". There's only a few thousand words that sound cool in front of "jacking", so hurry to get your exploit registered so you too can "jack" something!
[Cisco WLANs at Risk of Skyjacking]
Why Jon Green is trying to breath life into NAC is beyond me. It's been beaten to a pulp as tech centric NAC vendors are fading left and right, but then again it's just a new elevator pitch for Aruba's wireless spread. If you're interested in his pitch you can read it over on SC.
[Wi-Fi + NAC = BFF]
Maybe I'm not understanding this correctly but all the buzz around "cracking GSM" doesn't really have me worried. Maybe the encryption schemes are the same but GSM != UMTS and all 3G phones generally have UMTS air interfaces today (iPhone, etc). So, yes, theoretically you can eavesdrop on an iPhone users call, but only when operating using GSM. Since GSM uses time division multiplexing it's not really all that astonishing that this can be done trivially today where as UMTS of most all carriers in the US use frequency division for multiplexing. But, if you'd like to proclaim the sky is falling continue on soldier.
[iPhone Eavesdropping Coming Soon]
I have waaaaaaaaaaaaay too much knowledge of the FWSM. In fact I know that the FWSM itself is actually missing a chip from production called "Titan" (used for handling multicast traffic which subsequently has to be offloaded to the Sup because it's missing creating a lot of overhead in certain conditions). So I was giddy when I saw this article about the FWSM being prone to a DoS from specially crafted ICMP no less! During my year long stint in getting far too cozy with FWSMs in large production environments we had found two similar bugs. Let's just say I'm not a fan.
[Cisco Warns of FWSM Flaw]
All the cloudtards had much to say today with the announcement of Amazon's latest and greatest edition to it's line up. Get ready for it: VPC boys and girls! Yes, Amazon took their existing AWS architecture, segmented a few boxes, stuck an IPsec VPN in front of it and rebranded this amazing new service! It's a whole new chapter in cloud services I tell you -- or wait, I've been able to offer that same service to my home network for the past ten years. So if you wanted to stay connected to your shiny new VPC all year long you'd have to pay over $400 alone just in VPN connection fees. Sounds like a profitable business model to me considering they probably run a few thousand terminations on one concentrator and split out the traffic on the back into L2 trunks or L3 VRFs.
[Amazon Introduces VPC (and cloud fanatics wet themselves)]
Mr. Peterson has had some interesting posts lately and I was intrigued by the title of his latest: Chuck E. Cheese's Authorization Protocol. Bet Wireshark doesn't have a parser for that!
[Chuck E. Cheese's Authorization Protocol]
That's it for today, we'll leave you with the grab-bag-o-links! First to comment gets a $10 Starbucks gift card, has to be within 24 hours of this post (which posted around 11:05pm Central). Make sure to leave a valid email address!
[Majority of Charges Dropped Against Rogue Admin]
[Testing SNMPv3]
[John Cran's BSides Video]
[Study on the Analysis of Netbot and Design of Detection Framework]
[Ranum vs Nickerson on Penetration Testing]
