Friday, November 23, 2012

#OpIsrael

Overview
#OpIsrael is an Anonymous-led raid to to protest Israel’s Operation Pillar of Defense by taking down Israeli government websites through distributed denial of service (DDoS) attacks.

Background
In early November 2012, the Israel Defense Forces took to Twitter to live-update about the status of the fight in Gaza. On November 14th, IDF killed Ahmed Jabari, the chief of Hamas’ military wing, in an airstrike. Being the highest ranking Hamas official to be killed by the IDF since the 2008 Gaza War, the news of Jabari’s assassination quickly escalated tensions between the two sides.

The IDF has begun a widespread campaign on terror sites & operatives in the #Gaza Strip, chief among them #Hamas & Islamic Jihad targets. — IDF (@IDFSpokesperson) November 14, 2012

Thursday, November 22, 2012

5 Questions Great Job Candidates Ask

Great candidates ask questions they want answered because they're evaluating you, your company--and whether they really want to work for you.

Here are five questions great candidates ask:

What do you expect me to accomplish in the first 60 to 90 days?
Great candidates want to hit the ground running. They don't want to spend weeks or months "getting to know the organization." They want to make a difference--right away.

What are the common attributes of your top performers?
Great candidates also want to be great long-term employees. Every organization is different, and so are the key qualities of top performers in those organizations. Maybe your top performers work longer hours. Maybe creativity is more important than methodology. Maybe constantly landing new customers in new markets is more important than building long-term customer relationships. Maybe it's a willingness to spend the same amount of time educating an entry-level customer as helping an enthusiast who wants high-end equipment. Great candidates want to know, because 1) they want to know if they fit, and 2) if they do fit, they want to be a top performer.

Monday, November 19, 2012

Hackers obtained access to FreeBSD servers

On Sunday 11th of November, an intrusion was detected on two machines within the FreeBSD.org cluster. The affected machines were taken offline for analysis. Additionally, a large portion of the remaining infrastructure machines were also taken offline as a precaution.

We have found no evidence of any modifications that would put any end user at risk. However, we do urge all users to read the report available at http://www.freebsd.org/news/2012-compromise.html and decide on any required actions themselves. We will continue to update that page as further information becomes known. We do not currently believe users have been affected given current forensic analysis, but we will provide updated information if this changes.

As a result of this event, a number of operational security changes are being made at the FreeBSD Project, in order to further improve our resilience to potential attacks. We plan, therefore, to more rapidly deprecate a number of legacy services, such as cvsup distribution of FreeBSD source, in favour of our more robust Subversion, freebsd-update, and portsnap models.

Source: FreeBSD

Thursday, November 8, 2012

Singaporeans get hard token baked into credit card

Two-factor authentication just got a whole lot more convenient for residents of Singapore, after Standard Chartered Bank's local outfit teamed with MasterCard to offer account-holders a credit card that is also a one-time-password-generating hard token.

MasterCard calls the device a 'Display Card' and says it includes “an embedded LCD display and touch-sensitive buttons”.

The hard token functionality seems not to have anything to do with the credit card, as Standard Chartered says it will be used with its online banking products when customers make “ higher-risk transactions such as payments or transfers above a certain amount, adding third party payees, or changing personal details.” If it behaves as other hard tokens do, punters enter a code with the keyboard, read the resulting one-time-password on the screen and then enter that code into the computing device they're using for online banking. Logon credentials for online banking service will still be required.

The card's been doing the rounds of Europe for a couple of years now, scoring a few wins with Turkish, Romanian and Belgian financial institutions.

But the win at Standard Chartered, a British outfit with global footprint, gives the technology useful profile.

Nagra ID security, the Swiss company behind the token-in-a-card, insists the device will sit happily in one's wallet and offers a three year warranty, which we believe makes it safe to sit on. The card is, in all other ways, a completely conventional credit card and can be embossed, branded and carry holographic security devices like any other credit card. ®

Source: TheRegister

Monday, November 5, 2012

SSH Forwarding

Abstract:
When Sun first produced systems, the common way for users to move around a network and to distribute workload was to leverage the Berkeley "r" tools, such as "rsh", "rlogin", "rexec", etc. under Solaris. As academics became professional, security concerns over passwords being passed in the clear were raised and SSH was born. SSH was built with a compatible superset to "rsh", but this was later removed with the second version of the protocol. This document discusses the implementation
of SSH under Solaris.

Global Configurations:
SSH uses several global configuration files, one for the client, and another for the server. Each of these config files document the default compiler flags under Solaris. The "ssh" client global configuration file can be tailored on a per-user basis while the "sshd" server global configuration file is managed at the global level.

SSH Server Daemon
Under Solaris 10, related OS's, and above - SSHD is started through the services infrastructure.

sunserver/user$ svcs ssh
STATE          STIME    FMRI
online         Aug_17   svc:/network/ssh:default
There are built-in compiled defaults and global defaults which are reviewed, upon startup, and connection.

The following error may occur due to incorrect configurations:

channel 5: open failed: administratively prohibited: open failed
Under Solaris 10, forwarding agent is disabled as a compile flag, and is documented in the global configuration file. If one makes a connection via SSH, and proxies a port - an error message will be produced upon the first connection attempt to the proxied port.

To allow for the port forwarding, edit the configuration file "/etc/ssh/sshd_config".

AllowTcpForwarding yes
GatewayPorts yes
X11Forwarding yes
Restart the "sshd" service, the administrative message disappears.

sunserver/root# svcadm restart ssh

Saturday, November 3, 2012

Board of Computing Professionals Malaysia

There are currently an initiative to establish a Board of Computing Professionals Malaysia (BCPM), which will function to accredit ICT academic programmes, as well as to promote, facilitate and regulate the profession (very much like the Board of Engineers for engineering, and the Bar Council for the legal profession, etc.). This initiative is under the purview of the Ministry of Science and Innovation (MOSTI) and led by the National ICT Human Resource Task Force under the Ministry of Higher Education (MOHE) and within the ICT Human Capital Development Framework.

They invited all ICT practitioners and those related to the profession to participate in an on-line survey that will be open for responses from Sunday 28 Oct 2012 to Sunday 4 November 2012 (24:00). The survey aims to solicit feedback from the ICT community to determine the overall suitability and general acceptance to the proposal for the establishment of the BCPM. The survey site is avialable here.

The introduction to the survey and the instructions for filling the questionnaire will be provided at the stated site, as well as a link to another site that provides the general context to the proposal. Although we do not foresee any problem that may occur at the said site, should there be difficulties, an alternative site will be made available here.

Friday, November 2, 2012

udc-hackssh-v3_bajaulaut-v1.2

udc-hackssh_bajaulaut is an openssh backdoor combined with reverse shell capability and part of udc-kolansong rootkit. The idea was to make use of openssh binary to control target and/or victim machines.

If you received something like "ssh_exchange_identification: Connection closed by remote host", this tool may make your life easy. Telnet to target machine and issue 'udc_gamai_magic' string. Once sent, sshd will then execute and connect to your 'client' machine on port 8080.

However, this patch has limitation. It can ONLY execute reverse openssh command to the machine where the telnet command execute from.

Download udc-hackssh-v3_bajaulaut-v1.2 here.