Fatma Bazargan’s blog


Podslurping
February 2, 2009, 9:21 am
Filed under: Security
Podslurping

Podslurping

As my high interest to read about what’s new with everything related to the autorun.inf, I stumbled today upon something called as Podslurping which is titled as the new endpoint security threat (Data Theft): where access is gained while the computer is rendered unattended.

 

As per the Wikipedia, Podslurping is the act of using a portable data storage device such as an iPod, USB, etc. to illicitly download large quantities of confidential data by directly plugging it into a computer where the data is held.

 

Why is Podslurping becoming an endpoint security threat? Because you don’t need to login to the computer in order to copy confidential data! All you need is as USB Hacks mentioned a few lines of .bat file (batch file) and a reasonable copy program and you are good to go. (Plug it in and then come after an hour to fetch it out!)

 

Now, do you recall one of the solutions I talked about previously in one of my blog entries on how to disable the Autorun feature via the registry? Exactly that solution can impede against Podslurping. Do test it in your labs. 

 

Interesting Reads:

http://www.pik-potsdam.de/members/gibietz/security-management/protecting-windows-computers-against-attacks-that-are-based-on-usb-sticks

 

http://nick.brown.free.fr/blog/2007/10/memory-stick-worms.html

 

Enjoy!

FB.



Various # 09-102
February 1, 2009, 9:03 pm
Filed under: Security
Information

Information

wow, it has been a loooooong time since I updated this place, just been so packed with different stuff lately! *whola! Isn’t this stretchable any more than 24 hours a day!*

 

It’s going to be *wickedly* technical post today..

 

  • One of the greatest tools than any InfoSec expert should have in their toolset is the NMAP. Raul Siles way back had a great list of questions he asked titled “Mastering Network Monitoring and Scanning” it was all about NMAP. Recently he published the answers to it and you can have a great read about it here or on his website here or in the ISC here.  
  • For all those Penetration Testing Challenge Fans, Ed Skoudis published the Part 5 of the Santa Claus is Hacking the Town Challenge go and feed your beast J .. Once you solved it out then you can check the answers. Now, to that Raul Siles released the second version of the challenge you can find it here, so you have now two challenges to enjoy. J 
  • Ed Skoudis released recently an interesting paper titled “Secret’s of America’s Top Pentesters”, for all those interested meeting and being taught by Ed, you can attend the SANS Orlando 2009 that will be held from 01 March – 09 March. At least I know for sure I’m going to enjoy SANS Orlando this March. J  
  • For all those interested in reading the top web hacking techniques of 2008, you can read the interesting Jeremiah’s List here. Wow the list just goes on now doesn’t it! 
  • One of the news I read recently was Microsoft fixes clickjacking in IE8. For all of those out there clickjacking is a relatively new technique that was found by Jeremiah and Hansen in mid 08. Using widely available vulnerabilities to take over an end user’s browser. “The idea of clickjacking is that simply by tricking a visitor into arriving at an infected URL, an attacker can manipulate the affected end users’ browser session to get them to do just about anything the hackers desires, such as downloading malware, and at the time it was first reported publicly, there were clickjacking vulnerabilities available in just about every major browser, including IE7.”

That’s all for now.

 

Enjoy!

Fatma.