AAA  AAA 

Archive for 'Development Tools'

Automatic Patch-Based Exploit Generation

Reversing patches to create exploits is nothing new, and it tends to occupy the time of a lot of security researchers around the 2nd Tuesday of every month, but an interesting research paper was published recently from a few graduate students at CMU, Berkeley, and Pittsburgh that offers a new twist on an old topic. […]

S4 Keynote - Steve Lipner of Microsoft

I’m very pleased to announce that Steve Lipner, Microsoft’s Senior Director of Security Engineering Strategy in Trustworthy Computing, is the Day One Keynote at our SCADA Security Scientific Symposium (S4). All physical attendees will also receive a copy of his book, The Security Development Lifecycle. See the full agenda and register.
Steve’s keynote is titled […]

Software Quality Varies in OPC Servers

The headline on this blog is hardly shocking, but software quality does not get enough attention in the control system community. We now have three strong data points that show all OPC servers are not created equal.
1. The latest is Landon’s work to verify configuration recommendations in Part III of the OPC Security whitepaper series. […]

‘Unraveling SCADA Protocols’ at Defcon15

Not like it’s a topic that needs any more attention, but I thought I would share some opinions from some attendees who gave me a call right after the talk was over with. Within the first two minutes Ganesh and Tipping Point/3Com revealed that they would not be releasing the tool as it would “make […]

LLDP Fuzzer Released

If you pay close attention to the pen-test mailing list you’re probably aware of the LLDP fuzzer that was released a few days ago. The fuzzer is accompanied by a very nice white paper explaining the protocol and the individual test cases.
I looked around for different SCADA devices that support LLDP and only ran […]

Achilles Controller Certification

Digital Bond is a small, I like to say boutique, SCADA security research and consulting practice. We try to focus on projects that will have a significant and near term positive impact on the SCADA security community. I believe we have a pretty good track record with our SCADA IDS signatures, Nessus plugins, S4 […]

Microsoft Vista Blog Answers Gutmann

Dale previously blogged about Peter Gutmann’s whitepaper on Vista. Peter’s paper is constantly updated with information regarding Vista and it’s new “features”.
I was wondering if Microsoft would answer to Peter’s whitepaper and maybe comment or correct him on any misnomers. Some of the Microsoft Vista Development team decided to fill in the blanks and do […]

wanted: lightweight, cross-platform, non-libpcap based pcap file reader!

So I know that there are various wrappers for Perl/Ruby/Python (and even Java) for accessing the pcap files created by tcpdump, Ethereal/Wireshark, Snort, and pretty much every sensible out network packet capture tool out there, but having to install just the right version of libpcap on your Windows/OSX/Linux box and hope your distribution, package management […]

Application vs Network Security Assessments: Dale’s Take

This is an interesting topic, and I want to throw in my less technical take.
Network security assessments are appropriate for owners and operators of control systems. Methodologies vary slightly by firm, but network security assessments will typically:

scan the operating systems, common IT applications, and infrastructure systems for known vulnerabilities and missing patches. Most assessors use […]

Embedded Appserver Complexity/Power/Vulnerability Example

So last month I blogged on J2EE Application stack complexity and the Protego/CS-MARS advisory yesterday provides a graphic example these issues in a commercial security product:
From the exploit comments (I’ll let you find it yourself)
# Unfortunately, little or no effort was put in to securing the JBoss # installation as per the JBoss community’s recommended […]