Almost a year and a half ago, I wrote a program called PyLoris. Inspired by a proof of concept tool written by RSnake, PyLoris demonstrated the efficacy of connection exhaustion as a vehicle for a denial of service attack. While the initial release of the tool was buggy and featureless, I began to imagine new ways to augment the attack, improving its ability to work unimpeded. SOCKS support was one of the improvements. By coupling PyLoris with SOCKS, the attack signature could become obfuscated, split across many different machines in geographically disparate locations, making mitigation a nightmare.
PyLoris is a scriptable tool for testing a service's level of vulnerability to a particular class of Denial of Service (DoS) attack. Any service that places restrictions on the total number of simultaneous TCP connections has the potential for vulnerability to PyLoris. Additionally, services that handle connections in independent threads, services that poorly manage concurrent connections, and services that have high memory footprint per connection are prone to this form of vulnerability.
I came across a wonderful idea on Hack a Day recently: a Denial of Service attack that overwhelms only the service under attack. After reading through RSnake's two writeups, I decided to take a swing at the code. Thus PyLoris was born.
I recently discovered a post on Hack a Day linking to a proof of concept how-to on setting up a software RAID on FTP servers. While the guide is a simple approach to running a network based RAID 5 configuration, a number of tools the original developer used are less than optimal. First, the set up requires both Windows and Linux, meaning you will either need two physical machines, or a virtualized machine in your configuration. The second, and larger problem is that it is restricted to RAID 5 and FTP servers. This article is my attempt to alleviate both of these issues.
All too often, while running the PHP forum on The Scripts, I see students working who are completely ignorant of the security concerns prevalent with the systems that they build. Worse, when alerted to the potential dangers associated with poor programming practices, these coders let loose a variety of excuses why their application doesn't need to implement a security policy. Ranging from "this is a low traffic/internal site" to "I'm doing this as a project for school, so security really isn't an issue." In my eyes all explanations are equally irrelevant. As leaders of the forums, my colleagues and I daily battle assertions about the validity of these concerns.
While stomping around the cDc blog, I came across the Eve. Eve is a network traffic analyzer which gifts its users with a 3D visual representation of the network traffic as it is happening. To be honest the moment I read this a little part of me screamed for joy. I rushed through the site and downloaded the trial version.
Ever wanted to access files on your home computer from work? Wish you could host a online game with your buddies, but hate the hassle of dealing with routers and firewalls? Desire a little more security in your web-browsing?
LogMeIn Hamachi is a robust tool for establishing VPNs on the go. It provides a simple interface for intermediate and advanced users to build fully encrypted VPNs across the Internet. Available in both free and professional versions, it is easy to use and it looks good too.
The installation was a snap. After following the 5-minute walk through, I had a VPN up and running, allowing me to access my Windows File Sharing and RDP connections immediately.