Large-scale analysis of style injection by relative path overwrite

Large-scale analysis of style injection by relative path overwrite Arshad et al., WWW’18

(If you don’t have ACM Digital Library access, the paper can be accessed either by following the link above directly from The Morning Paper blog site, or from the WWW 2018 proceedings page).

We’ve all been fairly well trained to have good awareness of cross-site scripting (XSS) attacks. Less obvious, and also less well known, is that a similar attack is possible using style sheet injection. A good name for these attacks might be SSS: same-site style attacks.

Even though style injection may appear less serious a threat than script injection, it has been shown that it enables a range of attacks, including secret exfiltration… Our work shows that around 9% of the sites in the Alexa top 10,000 contain at least one vulnerable page, out of which more than one third can be exploited.

I’m going to break today’s write-up down into four parts:

  1. How on earth do you do secret exfiltration with a stylesheet?
  2. Injecting stylesheet content using Relative Path Overwite (RPO)
  3. Finding RPO vulnerabilities in the wild
  4. How can you defend against RPO attacks?

Secret exfiltration via stylesheets

Style sheet injection Continue reading

On Why I’m Shifting my Career Focus to Software

For the past few months I've been involved in a case study project with some colleagues at Cisco where we've been researching what the most relevant software skills are that Cisco's pre-sales engineers could benefit from. We're all freaking experts at Outlook of course (that's a joke ?) but we were interested in the areas of programming, automation, orchestration, databases, analytics, and so on. The end goal of the project was to identify what those relevant skills are, have a plan to identify the current skillset in the field, do that gap analysis and then put forward recommendations on how to close the gap.

This probably sounds really boring and dry, and I don't blame you for thinking that, but I actually chose this case study topic from a list of 8 or so. My motivation was largely selfish: I wanted to see first-hand the outcome of this project because I wanted to know how best to align my own training, study, and career in the software arena. I already believed that to stay relevant as my career moves along that software skills would be essential. It was just a question of what type of skills and in which specific Continue reading

Network Detective Ride-Along: Troubleshooting Multicast

Grab your Network Detective badge!  It’s time for another Network Detective ride-along.  ?   Multicast this time.

We need to solve the case of the missing Multicast streams.  ONLY 2 multicast streams (232.2.1.1 and 239.2.1.1) are getting thru to the hosts who requested them. The other 4 streams the same hosts requested are NOT getting thru.  Let’s go to the crime scene and review the facts.

Fact #1 – Host off of Cat9K-40 is sending IGMPv2 membership reports to join ASM groups 239.1.1.1, 239.2.1.1 and 239.129.1.1
Fact #2 – Host off of Cat9K-50 is sending IGMPv3 membership reports to join SSM groups 232.1.1.1, 232.2.1.1 and 232.129.1.1
Fact #3 – All multicast sources are off of Cat9k-10 in subnet 10.1.2.0/24. They are sending the mcast for all 3 SSM groups and all 3 ASM groups
Fact #4 – Cat9K-20 is the Rendezvous Point (RP) for all 3 ASM groups

Any thoughts at first glance?  Time to go to the YouTube ride-along ~11 minute video!  Good luck!  Have fun!

Raspberry Pi and AWS IOT – First steps

Hi All,

I have slightly changed this to networking, but the intention and my current use is to measure the water level of a sump, since that deviates from the network blog writing, i have extended the same to a Router.

Purpose – Have a Router and also a Syslog Server which monitors my internal network (This can easily be extended to a Car / Moisture Sensor or a Temperature/Humidity Sensor), what we want to do is to make sure if any anomaly is seen in Log Messages, it logs to IOT service. We can then take this up as a Part-2 writing to perform a specific action / automated on what action can be taken to mitigate

Discussion about configuring a Linux device is out of scope, so lets think that we all have that setup. What happens next ?

Lets quickly see our python script, which parses for a anomaly, in this lets say when someone runs a ping command, well its not a anomaly but will do for our use-case.

 

 

logparse.py is our program, so i have imported it into the readily available sample program provided by AWSIOT Kit, so you dont have to know Continue reading

Recover a RAID5 Array on Linux with healthy disks

Intel Atom failures I know the title sounds a bit weird and you may ask why would you need to recover a RAID5 array when all your disks are healthy, right? To understand what is going on, my DS1515+ has an Intel Atom C2538. (source: Synology CPU / NAS Type). It recently caused a lot of issues in the IT industry. (remember the Cisco clock issue? ? ) The Errata AVR54 of the C2000 Specifications update clearly states the following: “system may experience inability to boot or may cease operation”. My NAS was starting to have regular reboots and it completely crashed before I could back up the last delta of data.  In the first instance, Synology denied any abnormal failure rate on this specific [Read More...]

The post Recover a RAID5 Array on Linux with healthy disks appeared first on VPackets.net.

NetDevOpEd: Disaggregation is key to software vulnerability management

One critical decision that executives need to make when assessing their data center architecture is their approach to software vulnerability management across all network components. Vulnerability management primarily revolves around selecting an efficient and modern software management strategy. There are several ways to execute on a software management strategy, and I believe disaggregation is a critical first step in doing it right.

In this post, I want to take a minute to first share my thoughts on the vulnerability management trends I’ve noticed. I will argue that a) you need to prioritize the network in how you manage vulnerabilities and b) disaggregation is the only way to do it properly. We’ll also take a look at the reasons why I think we never had the right framework to manage software delivery, making vulnerability management a challenge on platforms that are closed in nature.

Operations at the core of vulnerability management

Three weeks ago, I joined 40,000 security professionals in San Francisco to attend the biggest gathering of security conscious professionals — RSA Conference. While there were several presentations and moments from the event that stood out, one that caught my eye was a presentation that discussed challenges in the industry Continue reading

Create Your Own Unique Developer Experience for DockerCon 2018

DockerCon is back and better than ever as we welcome our developer community to this year’s DockerCon in San Francisco (June 12-15, 2018)! It doesn’t matter if you’re new to Docker, or an old hand at Dockerizing your applications. For developers, DockerCon is the best place to learn about bringing Docker to your applications.

This year at DockerCon, you have the opportunity to choose the content and create an agenda that is based on your role and  where you’re at in your containerization journey. We know you’ll want to choose carefully, so here’s some things to consider.

Whether you’re developing modern microservices applications or are looking for ways to modernize your existing applications, DockerCon will teach you about new features and capabilities, container best practices, containerization strategies and innovative ways to use containers such as serverless apps, using a service mesh, and incorporating machine learning.

For many developers, the best way to learn is hands-on. Our Hands-On Labs and workshops will give you practical knowledge. And our breakout sessions will introduce you to new concepts and ideas on how to incorporate Docker into your enterprise workflow.

DockerCon can show you how Docker can solve the most pressing problems, both for Continue reading

Weekend Reads 052518

Without adtech, the EU’s GDPR (General Data Protection Regulation) would never have happened. But the GDPR did happen, and as a result websites all over the world are suddenly posting notices about their changed privacy policies, use of cookies, and opt-in choices for “relevant” or “interest-based” (translation: tracking-based) advertising. Email lists are doing the same kinds of things. @Doc Searl’s Weblog

A newly-uncovered form of DDoS attack takes advantage of a well-known, yet still exploitable, security vulnerability in the Universal Plug and Play (UPnP) networking protocol to allow attackers to bypass common methods for detecting their actions. —Danny Palmer @ZDNet

Today, that’s coming in the form of imperceptible musical signals that can be used to take control of smart devices like Amazon’s Alexa or Apple’s Siri to unlock doors, send money, or any of the other things that we give these wicked machines the authority to do. That’s according to a New York Times report, which says researchers in China and the United States have proven that they’re able to “send hidden commands” to smart devices that are “undetectable to the human ear” simply by playing music. —Sam Barsanti @AVI News

In a paper we recently presented at the Passive Continue reading

Show 391: IXP Peering Security With Cisco (Sponsored)

The Internet is a network of networks. Where do each of these networks meet to form the global Internet? At Internet Exchange Points or IXPs. In North America, these IXPs are also known as network access points, or NAPs.

Over the years, connecting to a NAP has become increasingly crucial for service providers to get right because of the sheer volume of traffic the Internet carries these days (Hello, Netflix!), the complexity of service provider peering agreements, and endless troubles with security threats.

Joining us today to discuss how to better plan, design, operate, and secure peering is our sponsor Cisco. Our guests from Cisco are Phil Bedard, Service Provider TME; and Bruce McDougall, Consulting Systems Engineer.

We discuss the evolution of Internet traffic flow and interconnection, how peering designs among service providers have changed, the role of telemetry and data, and peering security issues.

Show Links:

BGP Monitoring Protocol (BMP) – IETF

Internet Edge Peering – Current Practice – GitHub

BGP Operations and Security – IETF

Observing BGP activity with BGP Monitoring Protocol – Cisco

Streaming Network Analytics System (SNAS) – snas.io

The Death of Transit And Beyond – Geoff Huston (PDF)

Eyeball network – Wikipedia

The Continue reading

1 1,592 1,593 1,594 1,595 1,596 3,841