Jul 30, 2008

Out of Cycle Security Update from Oracle

Tags: , , ,
For the first time since the introduction of its quarterly Critical Patch Update process in 2005, Oracle has released an emergency alert to offer mitigation for a zero-day vulnerability that's been published on the Internet.

The emergency workaround, available here, addresses an unpatched vulnerability that's remotely exploitable without authentication (no username and password required to exploit over the network) and can result in compromising the confidentiality, integrity, and availability of the targeted system.

Oracle's Eric Maurice says the vulnerability carries a CVSS Base Score of 10.0, the maximum severity rating.

This IBM ISS alert provides some technical details:

Oracle WebLogic Server (formerly known as BEA WebLogic Server) is vulnerable to a buffer overflow, caused by improper bounds checking by the Apache Connector. By sending a specially-crafted HTTP POST request, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash.

Attributes in NTFS

Tags:
How many attributes do you know in NTFS?

Normally we will used to a few common attributes: Readonly, Archive, System, and Hidden. There are more than these actually. According to the documentation, we can have the following attributes for a file in NTFS: RASHCNETO.
  • Readonly:
  • For a file, applications can read the file, but cannot write to it or delete it.Applications can read the file but cannot write to it or delete it. For a directory, applications cannot delete it. * See here for more detail.
  • Archive:
  • The file or directory is an archive file. Applications use this attribute to mark files for backup or removal.
  • System:
  • The file or directory is part of the operating system, or is used exclusively by the operating system.
  • Hidden:
  • The file or directory is hidden. It is not included in an ordinary directory listing.
  • Compress:
  • The file or directory is compressed. For a file, this means that all of the data in the file is compressed. For a directory, this means that compression is the default for newly created files and subdirectories.
  • Not content indexed:
  • The file or directory is not to be indexed by the content indexing service.
  • Encrypted:
  • The file or directory is encrypted. For a file, this means that all data in the file is encrypted.For a directory, this means that encryption is the default for newly created files and subdirectories.
  • Temporary:
  • The file is being used for temporary storage. File systems avoid writing data back to mass storage if sufficient cache memory is available, because often the application deletes the temporary file shortly after the handle is closed. In that case, the system can entirely avoid writing the data. Otherwise, the data is written after the handle is closed.
  • Offline:
  • The data of the file is not immediately available. This attribute indicates that the file data has been physically moved to offline storage. This attribute is used by Remote Storage, the hierarchical storage management software. Applications should not arbitrarily change this attribute.
You can check all these from here and here. See also Potential issues involved in updating Windows NT IFS drivers to Windows 2000.
FILE_ATTRIBUTE_OFFLINE

When this new attribute is set on a file, the network timeout on the file is extended from 45 seconds to 1000 seconds. (This new default value can in turn be changed via the registry setting System\CurrentControlSet\Services\LanmanWorkStation\Parameters\ OffLineFileTimeoutInterval.) This new attribute is supported in the Windows 2000 redirector (RDR). It may also be backported to a Windows NT 4.0 service pack at some point (it is not in SP4), and possibly a Windows 98 service pack. It is intended for use by devices with high latencies, such as tape or optical disk libraries.

Use and interpretation of FILE_ATTRIBUTE_OFFLINE is optional, except for filter drivers that perform volume scans. Such drivers should ignore offline files by default, although they may offer advanced users the option of including offline files in the scan.

Jul 28, 2008

Security Engineering - The Book

Tags:
A book called Security Engineering (1st Ed.), by Ross Anderson, is free for download at here (41MB). You can also download the each of the chapter below from his site. Here's the table of content:

The foreword, preface and other front matter
  1. What is Security Engineering?
  2. Protocols
  3. Passwords
  4. Access Control
  5. Cryptography
  6. Distributed Systems
  7. Multilevel Security
  8. Multilateral Security
  9. Banking and Bookkeeping
  10. Monitoring Systems
  11. Nuclear Command and Control
  12. Security Printing and Seals
  13. Biometrics
  14. Physical Tamper Resistance
  15. Emission Security
  16. Electronic and Information Warfare
  17. Telecom System Security
  18. Network Attack and Defense
  19. Protecting E-Commerce Systems
  20. Copyright and Privacy Protection
  21. E-Policy
  22. Management Issues
  23. System Evaluation and Assurance
  24. Conclusions
  25. Bibliography

Six sample chapters from his 2nd ed. can be downloaded for free too. The 2nd ed. of his book is available at Amazon. Have a look at his homepage for more information.
  • Table of contents
  • Preface
  • Acknowledgements
  • Chapter 2: Usability and Psychology
  • Chapter 10: Banking and Bookkeeping
  • Chapter 11: Physical Protection
  • Chapter 18: API Security
  • Chapter 23: The Bleeding Edge
  • Chapter 24: Terror, Justice and Freedom
  • Bibliography
  • Index

Jul 25, 2008

The New iGoogle

Tags:
The new version of iGoogle, currently available for a small number of randomly-selected users and for developers (called sandbox), will bring together all the Google services in a single fluid interface. At some point, iGoogle was a part of an initiative called Fusion that allowed users to combine content from across the web. The next major iteration of iGoogle goes further and it lets you actually access the full content, monitor the updates and share them with your friends.

See Access GMail with Google Sandbox.

Quick tip to switch between the new iGoogle, first goto http://ww.google.com/ig
  • To switch to the new version, paste this in the address bar: javascript:_dlsetp('v2=1');
  • To switch back to the old version, paste in the address bar: javascript:_dlsetp('v2=0');

System Administrator Appreciation Day

Tags:
Do you know that today is the 9th Annual of System Administrator Appreciation Day (Last Friday Of July)?

If you can read this, thanks to your sysadmin. If you want to know more what have your System Administrator do, click here.

Subscribe to: Posts (Atom)