|
 |
dimarts, 31 / octubre / 2006 |
|
|
[NetworkWorld] New Windows attack can kill firewall
Hackers have published code that could let an attacker disable the Windows Firewall on certain Windows XP machines.
The code, which was posted on the Internet early Sunday morning, could be used to disable the Windows Firewall on a fully patched Windows XP PC that was running Windows' Internet Connection Service (ICS). This service allows Windows users to essentially turn their PC into a router and share their Internet connection with other computers on the local area network (LAN.) It is typically used by home and small-business users.
The attacker could send a malicious data packet to another PC using ICS that would cause the service to terminate. Because this service is connected to the Windows firewall, this packet would also cause the firewall to stop working, said Tyler Reguly, a research engineer at nCircle Network Security Inc., who has blogged about the issue.
De la FAQ sobre aquesta vulnerabilitat:
Am I vulnerable Checklist:
1) Are you running Windows XP
2) Are you sharing your internet connection?
If the answer is yes to both of those, then you are vulnerable.
Mitigation:
1) Disable Internet Connection Sharing.
2) Block UDP port 53 (DNS) on the computer that is sharing the internet, manually set the DNS Server to your ISPs DNS address.
|
18:03 (# Enllaç permanent) | Comentaris: | Trackback:
|
|
 Una d'aquelles coses que, de vegades, costa d'entendre: una vulnerabilitat, coneguda des de juny, però sense pegat específic públic; els desenvolupadors de Mozilla van dir que la versió 1.5.0.5 soluciona el problema.
Però, vés per on, la versió 2.0 no inclou la solució per a aquest problema.
Hi ha una prova de concepte de la vulnerabilitat, suficient per demostrar com el Firefox es mor.
La bona notícia és que aquest bug sembla no explotable al nivell de comprometre l'ordinador de l'usuari de Firefox. Només produeix un DoS.
|
10:00 (# Enllaç permanent) | Comentaris: | Trackback:
|
|
[zmanda] How to setup and verify a backup solution for MySQL in 15 minutes - all using open source software. Zmanda Recovery Manager és un sistema per a la realització de còpies de seguretat de bases de dades MySQL de codi obert. Una característica ben destacable és la capacitat de realitzar còpies de seguretat en calent de la base de dades (no cal aturar el motor).
We have a fairly representative MySQL database being managed by a DBA. The DBA doesn't have the time to write backup/recovery scripts nor does the DBA want to manually backup the database every 12 hours. We are running one MySQL database using the InnoDB Storage Engine. We will be performing a logical backup of our database. A logical backup 1) contains SQL statements that can reconstruct the database table schema and contents, 2) can be performed while the database is still running (hot backup), and 3) can be restored to another platform or another database.
|
09:52 (# Enllaç permanent) | Comentaris: | Trackback:
|
|
© Copyright 2003-2006 Xavier Caballe.  . Si no s'indica expressament el contrari, el material publicat en aquest weblog es distribueix d'acord amb la llicència Creative Commons. El contingut és responsabilitat única i exclusivament del seu autor i no té cap relació amb les seves activitats professionals.
|
|
