Threat Level: green Handler on Duty: Pedro Bueno

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Cisco Security Advisories - 29FEB2011

Published: 2012-02-29
Last Updated: 2012-03-01 05:10:08 UTC
by Russ McRee (Version: 1)
1 comment(s)

 Cisco has issued five security advisories today, including:

 

Adverse conditions include DoS, directory traversal, command injection, unauthenticated upload, privilege escalation, and protocol manipulation. Test and update as appropriate.

[Update (JBU) ] The "Skinny" vulnerability sounds interesting as it does allow the execution of SQL code on the device. SQL injection via Skinny is certainly an interesting attack vector. Another more serious vulnerability is the configuration access problem and access control bypass in wireless LAN controllers.

 

Russ McRee @holisticinfosec

 

1 comment(s)

ISC Feature of the Week: 404Project Reports

Published: 2012-02-29
Last Updated: 2012-02-29 21:28:53 UTC
by Adam Swanger (Version: 1)
0 comment(s)

Overview

Previously we featured the 404Project https://isc.sans.edu/diary/ISC+Feature+of+the+Week+The+404Project/12415 As we mentioned, the main purpose of this project is to trend the web pages crawlers and automated bots are trying to access.

We've had a good number of submitters add this script to their error page and have been collecting data for a while now. We made a few summary reports to get started trending the information. The project has been moved to its own space but the old pages should still get you to https://isc.sans.edu/404project/.

Report Information

The summary reports can be viewed at https://isc.sans.edu/404project/reports.html. The page is generated once a day for the previous day's data. The tables have descriptions for each field so I will just list them and summarize here.

Daily Totals

  • Complete summary totals for the given date

Top 10 Submitted URLs

  • Note the percentage is based on the max a particular URL has been submitted meaning if the submissions that particular day have been the most ever, the graphic will be out at 100%

Top 10 User Agents Submitting

  • User Agents with counts and unique submitters and URLs


API Information

We've also added a couple API interfaces if you'd like to view previous data.

https://isc.sans.edu/api/#daily404summary

  • Each days totals. Accepts date and limit.


https://isc.sans.edu/api/#daily404detail

  • Each days details. Accepts date and limit. (Look for more fields output in the future)



Let us know in the section below if you have suggestion or feedback about these preliminary reports or send us any questions or comments in the contact form at https://isc.sans.edu/contact.html

--
Adam Swanger, Web Developer (GWEB)
Internet Storm Center (http://isc.sans.edu)

Keywords: ISC feature
0 comment(s)

COX Network Outage

Published: 2012-02-29
Last Updated: 2012-02-29 17:56:22 UTC
by Johannes Ullrich (Version: 1)
1 comment(s)

Based on submissions from users, and reports posted on twitter, COX appears to experience a major outage affecting it's data services. For VoIP customers, voice service appears to be affected as well.

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

Keywords: cox outage
1 comment(s)
ISC StormCast for Wednesday, February 29th 2012 http://isc.sans.edu/podcastdetail.html?id=2359
Diary Archives