Última actualització: 02/03/2005; 02:21:36
Quands.cat Quands.cat
 
Comentaris relacionats amb la seguretat informàtica. 		Publicitat

dimarts, 1 / febrer / 2005

Entrevista a Jesús Cea (jcea)

[Llista Hack] jcea: el guerrero pacífico. La Mercè Molist entrevista a jcea (Jesús Cea).
M: Eres un hacker muy creativo. No te escondes. Superas las oleadas periódicas de críticas contra tu personaje y sigues vivo. ¿Cómo lo haces?

jcea: Básicamente, tengo una personalidad esquizoide de manual que significa que me da lo mismo la opinión de la gente. Sólo me importa y me afecta la opinión de un pequeño grupo de personas, la gente cercana a mí o la gente que respeto.
 

20:35 (# Enllaç permanent) | Comentaris: | Trackback:

La publicitat falsa de Terra

[Hispasec] Publicidad falsa de Terra en relación a su antivirus. Terra utilitza uns termes molt desafortunats en anunciar el seu antivirus inclòs al kit de seguretat que darrerament han aplicat als seus clients d'ADSL. Fa un parell de dies us explicava com donar-se de baixa.

20:01 (# Enllaç permanent) | Comentaris: | Trackback:

Equivalència dels estàndards de seguretat amb Microsoft Operations Framework

[Microsoft] Mapping International Security Standards to MOF
This white paper maps the requirements of ISO/IEC 17799:2000, an international standard code of practice, to the corresponding processes in the Microsoft Operations Framework (MOF). Its purpose is not to be a prescriptive guide on how to implement MOF and the security requirements, but to provide a checklist of security issues to consider when implementing MOF. Using MOF as the foundation for implementing security controls helps ensure that security is an integral part of each service solution’s life cycle. Organizations preparing for certification of IT security can use this document for guidance on how to prioritize and select appropriate security controls.
 

18:19 (# Enllaç permanent) | Comentaris: | Trackback:

Possible nou atac de força bruta contra servidors FTP

[SANS Internet Storm Center] New FTP Brute Force? L'atac té aquest aspecte:
USER anonymous
331 Guest login ok, type your name as password.
PASS Zgpuser@home.com
230 Guest login ok, access restrictions apply.
CWD /pub/
250 CWD command successful.
MKD 050131161412p
550 050131161412p: Permission denied.
CWD /public/
550 /public/: No such file or directory.
CWD /pub/incoming/
550 /pub/incoming/: No such file or directory.
CWD /incoming/
550 /incoming/: No such file or directory.
CWD /_vti_pvt/
550 /_vti_pvt/: No such file or directory.
CWD /
250 CWD command successful.
MKD 050131161414p
550 050131161414p: Permission denied.
CWD /upload/
550 /upload/: No such file or directory.
CWD /_vti_txt/
550 /_vti_txt/: No such file or directory.
CWD /_vti_cfg/
550 /_vti_cfg/: No such file or directory.
CWD /_vti_log/
550 /_vti_log/: No such file or directory.
CWD /_vti_cnf/
550 /_vti_cnf/: No such file or directory.
CWD /_private/
550 /_private/: No such file or directory.
CWD /public/incoming/
550 /public/incoming/: No such file or directory.
CWD /public_html/
550 /public_html/: No such file or directory.
CWD /wwwroot/
550 /wwwroot/: No such file or directory.
CWD /mailroot/
550 /mailroot/: No such file or directory.
CWD /ftproot/
550 /ftproot/: No such file or directory.
CWD /home/
550 /home/: No such file or directory.
CWD /images/
550 /images/: No such file or directory.
CWD /web/
550 /web/: No such file or directory.
CWD /www/
550 /www/: No such file or directory.
CWD /html/
550 /html/: No such file or directory.
CWD /cgi-bin/
550 /cgi-bin/: No such file or directory.
CWD /usr/
250 CWD command successful.
MKD 050131161417p
550 050131161417p: Permission denied.
CWD /usr/incoming/
550 /usr/incoming/: No such file or directory.
CWD /temp/
550 /temp/: No such file or directory.
CWD /~temp/
550 ~temp: No such file or directory.
CWD /tmp/
550 /tmp/: No such file or directory.
CWD /~tmp/
550 ~tmp: No such file or directory.
CWD /outgoing/
550 /outgoing/: No such file or directory.
CWD /anonymous/
550 /anonymous/: No such file or directory.
CWD /anonymous/_vti_pvt/
550 /anonymous/_vti_pvt/: No such file or directory.
CWD /anonymous/_vti_cnf/
550 /anonymous/_vti_cnf/: No such file or directory.
CWD /anonymous/incoming/
550 /anonymous/incoming/: No such file or directory.
CWD /anonymous/pub/
550 /anonymous/pub/: No such file or directory.
CWD /anonymous/public/
550 /anonymous/public/: No such file or directory.
CWD / /
550 / /: No such file or directory.
CWD / /
550 / /: No such file or directory.
221 You could at least say goodbye.

 

18:08 (# Enllaç permanent) | Comentaris: | Trackback:

Llista negra d'spammers

Bad IP addresses/Bob's Block List (LBL). A mi mai m'han agradat les llistes negres per tal de bloquejar de forma indiscriminada determinats rangs d'adreces o dominis d'Internet (tot i que, de forma molt reduïda, les faig servir, especialment per evitar el correu brossa)... La LBL és la més completa relació de rangs d'adreces IP utilitzades per spammers i servidors d'espionatge (com DoubleClick.net) així com dominis habitualment utilitzats per l'enviament de correu brossa.

17:59 (# Enllaç permanent) | Comentaris: | Trackback:

Nova evolució del phishing: el pharming

[The Register] Phishing morphs into pharming. Consisteix en el segrest de dominis (o l'emmetzinament del DNS) per tal de redireccionar els usuaris cap a servidors fraudulents.
The trick - dubbed pharming - is potentially more sinister than phishing because it avoids the need to coax users into responding to junk email alerts. The attacks also occur across a broader front, potentially misdirecting all email and web traffic away from victims.

(...)

Both experts agree that pharming is simply a new application of well-known security weaknesses. It highlights security loopholes that can only be partly addressed by better browser security. Improved browser security to prevent address spoofing or crypto plug-in to verify the digital certificates of sites might help. Banking sites could adopt two-factor authentication as a comprehensive defence. More fundamentally, the nascent threat of pharming re-emphasises the need to revamp DNS systems and domain registration that critics argue is long overdue.
 

17:54 (# Enllaç permanent) | Comentaris: | Trackback:

© Copyright 2003-2005 Xavier Caballe. . Si no s'indica expressament el contrari, el material publicat en aquest weblog es distribueix d'acord amb la llicència Creative Commons. El contingut és responsabilitat única i exclusivament del seu autor i no té cap relació amb les seves activitats professionals.

350

Wishlist
Febrer 2005
Diu Dil Dim Dim Dij Div Dis
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28          
Gen   Mar
Click to see the XML version of this web page.



Una imatge anomenada a_wiccac-logo.gif Creative Commons License
Webs d'amics
jcea
Vicent Partal
Jordi Mas
Toni Hermoso
Mercè Molist
Mina Nabona-Jassans

Gurus
Scripting News
Jon Udell
Bruce Sterling
Bruce Schneier
Howard Rheingold
Reflexiones e irreflexiones
Atalaya
Cuaderno de bitácora
Linotipo
Pedro Jorge Romero

Seguretat
reversing.org
Seguridad de la información
Somiatruites, Ciberderechos
     en la red
eN Espiral ~> Juanma Merino
Navega seguro

PDA
CosesPalm
PalmCat
CanalPDA.com

Cultura
El Llibreter