Shorter than a Starbucks Latte Order

Posted in Physical Security Infrastructure, Shouldn't Be Vulnerable on November 30th, 2011 by Rodney

We encountered a security video camera failure recently. Check your computer, this post really is being written in 2011. They parked me at an empty table with a test network and a sample of the failing device. Not knowing how to connect to it, a small bit of network investigation was in order. NMAP, the universal source of network knowledge, was invoked. Nothing fancy, mind you. “nmap -sT” and “nmap -sU” is all I ever do. Keep it simple, let the NMAP elves guide me through what ports and protocols to exercise.

The camera crashed. The security video camera crashed with “nmap -sU”. Not some ninja-cool xml-encoded command line exploit magic. Just the vanilla set of UDP ports. Locked up the device, had to power cycle it.

Come on, folks, this is 2011. Crashing due to weird network input is certainly a problem we all have to worry about, but the nmap command to kill your device should be longer than the average Starbucks latte order.

Could I have a tall dry no-fat decaf udp port scan, followed by a sysDescr.0 SNMP query and response, please?

“Trusted” Vendor Update?

Posted in Shouldn't Be Vulnerable on September 27th, 2010 by Rodney

I like this (from XKCD: “Debian Main” is the title) …
Debian Package, with Locusts
I especially like the fact it works as artwork, in case I ever do a presentation on unauthenticated/untrustworthy package update mechanisms. It reminds me of Skype, when they try to unilaterally update my machine, or Apple, when it tries to claim Safari – the initial installer – is an “upgrade” to iTunes for the Shuffle.