Verizon New York area issues
A number of readers in the last 20 minutes have been indicating that there has been an outage with Verizon in the New York area. Service appears to be recovering, and some internet health monitoring sites are showing latency entering and exiting the Verizon hub in Boston.
Nanog are reporting a few people experiencing connectivity issues in the NY US area.
If you have any information on what happened, let us know and we'll update this diary with the news.
Update: Verizon have indicated via Twitter that:
"a router responsible for peering in the Northeast failed. It was reset and traffic should be coming back."
Update 2:
Verizon have now posted a blog detailing the event in addition to their continuing updates on Twitter
Steve Hall
Cyber Security Awareness Month - Day 2 - Port 0
The second day of Cybersecurity Awareness Month is dedicated to the strange, and anomalous port number, 0.
Decimal Description
------- -----------
0/tcp Reserved
0/udp Reserved
It is possible to specify a socket only partially by setting the PORT
identifier to zero or setting both the TCP and PORT identifiers to
zero. A socket of all zero is called UNSPECIFIED. The purpose behind
unspecified sockets is to provide a sort of "general delivery"
facility [useful for logger type processes with well known sockets].
"alert tcp $EXTERNAL_NET any <> $HOME_NET 0 (msg:"BAD-TRAFFIC tcp port 0 traffic"; flow:stateless; classtype:misc-activity; sid:524; rev:8;)"
VMware Fusion updates to fixes a couple of bugs
VMWare have informed us that an update is available for their Apple Mac version of their VMWare environment, VMWare Fusion.
The update fixes a vulnerability found in all versions of VMWare Fusion, so if you use this product, it is time to update. A vulnerability for one of the issues has been published.
The published vulnerability apparently produces a remote shell with root privileges but I have not tested it at this time.
The exploit writer comments:
"The vmx86 kext ioctl handler permits an unprivileged userland program to initialize several function pointers via the 0x802E564A ioctl code. These function pointers are later used from several reachable locations within the driver, one of which is called immediately after initialization."
New SysInternal fun for the weekend
A whole raft of new SysInternal goodness has been released just before the weekend so we have new versions of our toys to play with over the weekend.
The SysInternal blog has all the news but in summary, there are updates to LiveKd, BgInfo, ProcDump, and Autoruns.
Mark also blogs about a couple of interesting issues.
Thanks to Roseman for the heads up, and the follow-up e-mail.
New version of OpenSSH released
The guys and gals over at OpenSSH have announced that a new version has been released. This is version 5.3, and its also the 10th Birthday version of the stalwart of secure communication over TCP port 22.
Details of the release can be found in the release note and should be on the mirror servers soon.
The release note shows a couple of general bugs, and a few platform specific ones.
Enjoy, and remember to test your deployment!
Comments
www
Nov 17th 2022
6 months ago
EEW
Nov 17th 2022
6 months ago
qwq
Nov 17th 2022
6 months ago
mashood
Nov 17th 2022
6 months ago
isc.sans.edu
Nov 23rd 2022
6 months ago
isc.sans.edu
Nov 23rd 2022
6 months ago
isc.sans.edu
Dec 3rd 2022
6 months ago
isc.sans.edu
Dec 3rd 2022
6 months ago
<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.
<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission
isc.sans.edu
Dec 26th 2022
5 months ago
isc.sans.edu
Dec 26th 2022
5 months ago