Author: Perry Varanoid

Strange ICMP traffic seen in destination, (Sat, Sep 20th) 0

Strange ICMP traffic seen in destination, (Sat, Sep 20th)

Reader Ronnie provided us today a packet capture with a very interesting situation: Several packets are arriving, all ICMP echo request from unrelated address: All ICMP packets being sent to the destination address does not have data, leaving the packet with the 20 bytes for the IP header and 8 bytes for the ICMP echo request without data All the unrelated address sent 6 packets: One with normal TTL and 5 with incremental TTL: Seems to be those packets are trying to map a route, but in a very particular way. Since there are many unrelated IP addresses trying to do the same, maybe something is trying to map routes to specific address to do something not good.

iOS 8 Security 0

iOS 8 Security

Apple claims that they can no longer unlock iPhones, even if the police show up with a warrant. Of course they still have access to everything in iCloud, but it’s a start.

VU#730964: FortiNet FortiGate and FortiWiFi appliances contain multiple vulnerabilities 0

VU#730964: FortiNet FortiGate and FortiWiFi appliances contain multiple vulnerabilities

Vulnerability Note VU#730964 FortiNet FortiGate and FortiWiFi appliances contain multiple vulnerabilities Original Release date: 19 Sep 2014 | Last revised: 19 Sep 2014 Overview Fortinet FortiGate and FortiWiFi appliances are susceptible to man-in-the-middle attacks ( CWE-300 ) and a heap-based overflow vulnerability ( CWE-122 ). Description Fortinet FortiGate and FortiWiFi 4.00.6 and possibly earlier versions are susceptible to man-in-the-middle attacks ( CWE-300 ) and a heap-based overflow vulnerability ( CWE-122 )

Fake Cell Phone Towers Across the US 0

Fake Cell Phone Towers Across the US

Earlier this month, there were a bunch of stories about fake cell phone towers discovered around the US These seems to be ISMI catchers, like Harris Corporation’s Stingray , and are used to capture location information and potentially phone calls, text messages, and smart-phone Internet traffic. A couple of days ago, the Washington Post ran a story about fake cell phone towers in politically interesting places around Washington DC