Comments for Bill's Security Blog

Comment on What needs to be put in place to protect web servers from DOS attacks? by Orlando Stevenson

Orlando Stevenson — Sat, 26 Dec 2009 08:00:59 +0000

It’s worth noting that one particularly nasty DOS attack is SockStress. It doesnt require much in the way of resources, just a stateful TCP connection to the target. Migitations center on just not letting communication take place - i.e. filtering or blocking the attacking system.

More: CERT-FI Advisory on the Outpost24 TCP Issues provide a number of vendor responses to this issue.

Comment on Setting up a pen-testing lab-in-a-box by Bill Gross

Bill Gross — Thu, 03 Dec 2009 21:10:47 +0000

True,

Since I ran through and did the install of BT4, I simply recompiled with LibSSH support.

I don’t remember the exact steps, but here’s a link to how to rebuild Hydra with support for LibSSH:
http://forums.remote-exploit.org/backtrack-4-package-feature-requests/23874-hydra-compiled-without-libssh-support.html

Bill

Comment on Setting up a pen-testing lab-in-a-box by n00bsys0p

n00bsys0p — Thu, 26 Nov 2009 16:51:27 +0000

Hi Bill,

Thanks for the guide, it helped hugely in setting up these machines as VMs… I have a notable point, though…

I got to a certain point in the disc, and it became obvious that one of the main tools used in the the cracking of the very first disc is Hydra… My point being that the version which comes with BT4 Beta/PreRel isn’t compiled against libssh.

This means that the stated tool for cracking disc 1.100 is unusable. No doubt there are other tools in the colossal BT4 suite which will make up for it, I just thought it was a useful point to note.

Comment on This week in Infosec - 2008-09-01 by markez linda

markez linda — Mon, 13 Apr 2009 03:53:36 +0000

Just grabbed the feed… thanks for posting this.

Comment on OpenBSD - Episode 4 - Apache, MySQL, PHP by fcgoo

fcgoo — Thu, 26 Mar 2009 03:14:25 +0000

hello, i installed openbsd4.4+mysql(pkg_add),but there are some error appeared in log accidently. then i write a test perl script:
=== script start ===
use DBI;
$dsn = “DBI:mysql:database=test;host=127.0.0.1;port=3306″;
for ($i = 0; $i connect($dsn, ‘root’, ”);
if (!$dbh) { exit 1; }
print $i, ‘ ‘, $dbh, “\n”;
}
=== script end ===
to run it ,and show following error:
…
231 DBI::db=HASH(0×877f9084)
232 DBI::db=HASH(0×877f9bb8)
233 DBI::db=HASH(0×877f9b34)
234 DBI::db=HASH(0×877f9dc8)
235 DBI::db=HASH(0×863f915c)
DBI connect(’database=test;host=127.0.0.1;port=3306′,’root’,…) failed: Can’t connect to MySQL server on ‘127.0.0.1′ (65) at 2.pl line 4

if you connect mysql through socket , the error is disappear any time. however, if you connect mysql through ip(127.0.0.1), the error appear again, how to workaround it ?

forum discussed such problem :
http://www.openbsdonly.org/viewtopic.php?f=17&t=640

sorry for my poor english

Comment on Cyber security issues with Smart Grid go way beyond metering devices by Rob A

Rob A — Tue, 24 Mar 2009 13:13:46 +0000

There are a number of factors and significant depate. Google for “wind baseload generation”.

A Stanford study determined that if you have geographically dispersed, electrically interconnected windfarms, a reasonable number to use is 35% of their measured output (not nameplate) as reliable base load.

I interpret this to mean that if you have 1000MW of load to meet, you would have to have ~3x the output active (3000 MW).

And based on wind industries own reliability numbers, you need 3x that for 24×7 operations because of forced outages and maintenance, or 9000MW

Because of this, most jurisdictions are setting up wind farm contracts as “generate all you can, whenever you can, unless we dispatch you off”.

Wind has already been the key factor in a number of large scale blackouts/near blackouts:

http://www.flat-group.co.uk/information/blackout-report-hints-at-wind-turbines-cause.html
http://www.highbeam.com/doc/1P3-1478197501.html

Obviously, our grid infrastructure isn’t ready for wind baseload here in North America.

-Rob A>

Comment on DNSstuff.com - schweet by Dave Nedved

Dave Nedved — Mon, 22 Dec 2008 03:05:47 +0000

Hi Bill,
Another website you may want to check out is http://w3dt.net It has lots of the same sort of tools that dnsstuff has, and they are all free!

Comment on Linux - Extract all tar files in a directory by Bill Gross

Bill Gross — Mon, 06 Oct 2008 13:31:29 +0000

Tamon;

Make sure you have the correct apostrophy marks. They must be the “backward” apostrophy. On my MB it’s above the tab key, on my Dell it’s also above the tab key.

Bill

Comment on Linux - Extract all tar files in a directory by tamon

tamon — Mon, 06 Oct 2008 10:07:22 +0000

Hello there,

After running the above command, I get the following errors:

ls: No match.
for: Command not found.
a: Undefined variable.

Comment on Wireless and remote access in the infrastructure space by Motti

Motti — Mon, 06 Oct 2008 01:33:42 +0000

Dear Bill, I have read your comments regarding U.C.ME. You claim you have contacted us regardng this subject. Could you please advise me when did you contact our office? Best Regards, Motti Gill, Manager.