Comments for Exploits and Security http://www.exploitx.com Technology & Security Tips & Guides Mon, 17 Apr 2006 18:56:17 +0000 http://wordpress.org/?v=2.9 hourly 1 Comment on Blocking Instant Messaging Applications by John http://www.exploitx.com/140/blocking-instant-messaging-applications/comment-page-1/#comment-151 John Mon, 17 Apr 2006 18:56:17 +0000 http://www.exploitx.com/140/blocking-instant-messaging-applications/#comment-151 DNS is your best software/cheap solution to BLOCK these IM's, although it does require periodic maintenance. WebSense or SurfControl is your second best software solution as previously mentioned - although you need a server to run the database on - I think a workstation will work as a server if enough RAM is installed. --- I wouldn't think BLOCKing is allowed at an Educational institution because that restricts learning. I think your best bet is the Packeteer appliance - with this you don't BLOCK (unlawful at an EDU) but limit the bandwidth of these IM apps to a miserable to use level - thereby slowly negating their use because the response is so slow. Unfortunately Packeteer is not FREE. DNS is your best software/cheap solution to BLOCK these IM’s, although it does require periodic maintenance.
WebSense or SurfControl is your second best software solution as previously mentioned – although you need a server to run the database on – I think a workstation will work as a server if enough RAM is installed.
— I wouldn’t think BLOCKing is allowed at an Educational institution because that restricts learning.
I think your best bet is the Packeteer appliance – with this you don’t BLOCK (unlawful at an EDU) but limit the bandwidth of these IM apps to a miserable to use level – thereby slowly negating their use because the response is so slow. Unfortunately Packeteer is not FREE.

]]> Comment on A flaw in Google’s G-Mail system allowed anyone access to any mailbox by Peter Holloway http://www.exploitx.com/151/a-flaw-in-googles-g-mail-system-allowed-anyone-access-to-any-mailbox/comment-page-1/#comment-98 Peter Holloway Tue, 21 Feb 2006 22:33:50 +0000 http://www.exploitx.com/151/a-flaw-in-googles-g-mail-system-allowed-anyone-access-to-any-mailbox/#comment-98 I submitted (the above) Dec 3, 2005 comment. Is there any way to get a technical response to this inquiry? Thank you. I submitted (the above) Dec 3, 2005 comment. Is there any way to get a technical response to this inquiry?

Thank you.

]]> Comment on Blocking Instant Messaging Applications by Jason http://www.exploitx.com/140/blocking-instant-messaging-applications/comment-page-1/#comment-60 Jason Thu, 05 Jan 2006 12:47:01 +0000 http://www.exploitx.com/140/blocking-instant-messaging-applications/#comment-60 Hi, Why don't you use a path rule rather than a hash rule? Just block msnmsgr.exe, ypager.exe and any others you find along the way. Whilst a user could simply rename the file, it seems easier to maintain than a hash list. Jason Hi,

Why don’t you use a path rule rather than a hash rule?

Just block msnmsgr.exe, ypager.exe and any others you find along the way.

Whilst a user could simply rename the file, it seems easier to maintain than a hash list.

Jason

]]> Comment on A flaw in Google’s G-Mail system allowed anyone access to any mailbox by Peter Holloway http://www.exploitx.com/151/a-flaw-in-googles-g-mail-system-allowed-anyone-access-to-any-mailbox/comment-page-1/#comment-55 Peter Holloway Sat, 24 Dec 2005 06:36:01 +0000 http://www.exploitx.com/151/a-flaw-in-googles-g-mail-system-allowed-anyone-access-to-any-mailbox/#comment-55 I discovered I am a "targeted victim". I noticed something funny about my Gmail Login window, which blinked once and auto-filled the login name with another person's name -- a name I recognize as an employee in the company I work for. When I checked the FORMS tab under Page Info, I found a form that posted a Form Action "https://www.google.com/accounts/ServiceLoginAuth". In this form, there is a hidden continue to "http://www.google.com/gmail?", a hidden mail service, a text Email containing the HR persons first and last names, a Passwd field containing "********" (not the real password), a PersistanCookie checkbox marked "yes" and, finally, a null field that submits on "Sign in". It seems that this employee has exploited the Gmail login vulnerability described above and is likely eavesdropping in on my personal Gmails. Isn't this illegal? Seems like interstate wiretapping to me, or a least a violation of the Communications Act of 1986. Is there any way that the "********" Passwd is detectable? How did this form get into an Info Page on my browser? I understand that the original bug reported above allowed someone to access anyone else's Gmail account before it was corrected. Can this person still be hacking me even now? If so, do you think this person has criminal or civil exposure? Does it help to contact "authorities" or even a lawyer? I want to nail this person! Can you help me? I would really appreciate it. I discovered I am a “targeted victim”. I noticed something funny about my Gmail Login window, which blinked once and auto-filled the login name with another person’s name — a name I recognize as an employee in the company I work for.

When I checked the FORMS tab under Page Info, I found a form that posted a Form Action “https://www.google.com/accounts/ServiceLoginAuth”. In this form, there is a hidden continue to “http://www.google.com/gmail?”, a hidden mail service, a text Email containing the HR persons first and last names, a Passwd field containing “********” (not the real password), a PersistanCookie checkbox marked “yes” and, finally, a null field that submits on “Sign in”.

It seems that this employee has exploited the Gmail login vulnerability described above and is likely eavesdropping in on my personal Gmails.

Isn’t this illegal? Seems like interstate wiretapping to me, or a least a violation of the Communications Act of 1986.

Is there any way that the “********” Passwd is detectable? How did this form get into an Info Page on my browser? I understand that the original bug reported above allowed someone to access anyone else’s Gmail account before it was corrected. Can this person still be hacking me even now? If so, do you think this person has criminal or civil exposure? Does it help to contact “authorities” or even a lawyer?

I want to nail this person!

Can you help me? I would really appreciate it.

]]> Comment on Blocking Instant Messaging Applications by Jancis http://www.exploitx.com/140/blocking-instant-messaging-applications/comment-page-1/#comment-34 Jancis Mon, 05 Dec 2005 11:50:37 +0000 http://www.exploitx.com/140/blocking-instant-messaging-applications/#comment-34 I didn't read all postings, but i can suggest one easy step: drop all traffic to messenger central servers - just connect and write down IP's of servers. I didn’t read all postings, but i can suggest one easy step: drop all traffic to messenger central servers – just connect and write down IP’s of servers.

]]>