search for: countermeasur

Displaying 20 results from an estimated 88 matches for "countermeasur".

Did you mean: countermeasure
2019 Feb 04
5
security implications of caching with virtio pmem (was Re: [PATCH v3 0/5] kvm "virtio pmem" device)
...g information into a VM. Leaks within VM: Right now pmem seems to bypass the guest page cache completely. Whether pmem memory is then resident in a page cache would be up to the device/host. Assuming that it is, the "Preventing Efficient Eviction while Increasing the System Performance" countermeasure for the page cache side channel attack would appear to become ineffective with pmem. What is suggested is a per-process management of the page cache, and host does not have visibility of processes within a VM. Another possible countermeasure - not discussed in the paper - could be modify the appli...
2019 Feb 06
0
security implications of caching with virtio pmem (was Re: [PATCH v3 0/5] kvm "virtio pmem" device)
...> Leaks within VM: Right now pmem seems to bypass the guest page cache > completely. Whether pmem memory is then resident in a page cache would > be up to the device/host. Assuming that it is, the "Preventing > Efficient Eviction while Increasing the System Performance" > countermeasure for the page cache side channel attack would appear to > become ineffective with pmem. What is suggested is a per-process > management of the page cache, and host does not have visibility of > processes within a VM. Another possible countermeasure - not discussed > in the paper - could...
2019 Feb 11
1
[Qemu-devel] security implications of caching with virtio pmem (was Re: [PATCH v3 0/5] kvm "virtio pmem" device)
...> Leaks within VM: Right now pmem seems to bypass the guest page cache > completely. Whether pmem memory is then resident in a page cache would > be up to the device/host. Assuming that it is, the "Preventing > Efficient Eviction while Increasing the System Performance" > countermeasure for the page cache side channel attack would appear to > become ineffective with pmem. What is suggested is a per-process > management of the page cache, and host does not have visibility of > processes within a VM. Another possible countermeasure - not discussed > in the paper - could...
2016 Aug 30
3
Publication of an llvm-based tool that protects against fault injection attacks
...y published an LLVM-based tool at “Cryptography and Security in Computing Systems 2016” (CS2), and we would like to add it on the list of LLVM related publications. The goal of our tool is to automatically protect the code being compiled against fault injection attacks *Title:* Compilation of a Countermeasure Against Instruction-Skip Fault Attacks Available at the ACM Digital Library: http://dl.acm.org/citation.cfm?id=2858931 And also here: http://thiernobarry.fr/publications/preprint/T-Barry.pdf Abstract: ======== Physical attacks especially fault attacks represent one of the major threats agains...
2013 Jan 22
2
Rails 4: Should a HEAD request not be handled like a GET for CSRF protection?
I am running a Rails 4 app in semi-production and I constantly get exceptions from crawler bots that use a HEAD HTTP method, which causes the CSRF protection to kick in. Shouldn''t HEAD requests normally be handled like GET requests? I am not sure if I''m just being stupid or that hit is a bug somewhere. Michiel -- You received this message because you are subscribed to the
2001 Mar 22
9
Portable OpenSSH-2.5.2p2
Portable OpenSSH 2.5.2p2 is now available from the mirror sites listed at http://www.openssh.com/portable.html Security related changes: Improved countermeasure against "Passive Analysis of SSH (Secure Shell) Traffic" http://openwall.com/advisories/OW-003-ssh-traffic-analysis.txt The countermeasures introduced in earlier OpenSSH-2.5.x versions caused interoperability problems with some other implementations. Improved countermeasure agains...
2001 Mar 22
9
Portable OpenSSH-2.5.2p2
Portable OpenSSH 2.5.2p2 is now available from the mirror sites listed at http://www.openssh.com/portable.html Security related changes: Improved countermeasure against "Passive Analysis of SSH (Secure Shell) Traffic" http://openwall.com/advisories/OW-003-ssh-traffic-analysis.txt The countermeasures introduced in earlier OpenSSH-2.5.x versions caused interoperability problems with some other implementations. Improved countermeasure agains...
2024 Jan 23
1
SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795) on Red Hat Enterprise Linux release 8.7 (Ootpa)
...errapin. This can allow a remote, man-in-the-middle attacker to bypass integrity checks and downgrade the connection's security. Note that this plugin only checks for remote SSH servers that support either ChaCha20-Poly1305 or CBC with Encrypt-then-MAC and do not support the strict key exchange countermeasures. It does not check for vulnerable software versions. See Also https://terrapin-attack.com/ Solution Contact the vendor for an update with the strict key exchange countermeasures or disable the affected algorithms. Risk Factor Medium CVSS v3.0 Base Score 5.9 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/...
2024 Jan 23
1
SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795) on Red Hat Enterprise Linux release 8.7 (Ootpa)
...te, man-in-the-middle attacker to bypass integrity > checks and downgrade the > connection's security. > Note that this plugin only checks for remote SSH servers that support > either ChaCha20-Poly1305 or CBC > with Encrypt-then-MAC and do not support the strict key exchange > countermeasures. It does not check for > vulnerable software versions. > See Also > https://terrapin-attack.com/ > > Solution > Contact the vendor for an update with the strict key exchange > countermeasures or disable the affected > algorithms. > Risk Factor > Medium > CVSS v3.0...
2010 Dec 27
3
openssh and keystroke timing attacks (again)
...ext, and openssh users expect their communications to be kept entirely secret. Despite some excellent ideas and patches, such as Jason Coit's http://marc.info/?l=openssh-unix-dev&m=100326089315915&w=2 there has been little done to address this problem. As far as I can tell, the only countermeasure implemented in OpenSSH is that the server will echo back dummy messages (rather than nothing) when users enter passwords. But users expect all of their communication to be secret... not just their passwords! (There is no project called "SecurePasswordShell"!) I think Jason's appro...
2010 Dec 07
2
[LLVMdev] own source transformation
Hi, I'm a student who is going to make a countermeasure for dangling pointers in c for his thesis. I need to make my source transformation using llvm. Nobody in my university already used LLVM. I already read a some documentation about llvm but i'm still lost. Do there exist some " examples/Tutorials" for making small source transforma...
2024 Jun 24
1
An Analysis of the DHEat DoS Against SSH in Cloud Environments
...x v. dheater) > > Thanks for this. However, much more extensive testing would be needed > to show it is a complete solution. In my original research article, I > used CPU idle time as the main metric. Also, I showed that very low- > latency network links could bypass the existing countermeasures. > > I suppose in the next few days, I'll try reproducing my original steps > with the new version and see what happens. You may want to try this on IPv6 where you are frequently changing the attackers MAC address. If the IP is constructed with EUI-64 then it could start to flood...
2003 Aug 28
1
new DoS technique (exploiting TCP retransmission timeouts)
An interesting paper http://www.acm.org/sigcomm/sigcomm2003/papers/p75-kuzmanovic.pdf ---Mike -------------------------------------------------------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet since 1994 www.sentex.net Cambridge, Ontario Canada www.sentex.net/mike
2024 Jun 19
2
An Analysis of the DHEat DoS Against SSH in Cloud Environments
...pshot of portable on linux v. dheater) Thanks for this. However, much more extensive testing would be needed to show it is a complete solution. In my original research article, I used CPU idle time as the main metric. Also, I showed that very low- latency network links could bypass the existing countermeasures. I suppose in the next few days, I'll try reproducing my original steps with the new version and see what happens. - Joe
2004 Aug 06
0
Preventin browsers / wget's / ... from capturing stream?
...? > > Well, you could add nasty user-agent sniffing, but it's pretty > > pointless. > > streamripper can identify itself as any user-agent you want ... As said above: We're not talking about "there is always a way around". I'm just talking about what easy countermeasurements could be taken (and what is needed for icecast2 to actually use these countermeasurements) to give starters (not professionals) at least some feeling of "stream can't be downloaded". Customers are (mostly) not technicians. But if you give them a http- URL to listen and they c...
2020 Sep 11
4
Winbind offline cache and strangeness...
...his seems not the case: users reboot the portable without trouble, it is only after some days of use that 'cache expire' (i suppose). 2) there's some way, supposing to found a way to fire up the VPN, to force a reload of winbind cache? A full samba restart is needed? As a first 'countermeasure' we have created a local user to be able to refresh up the winbind cache, but simply firing up the VPN seems does not suffices. Next week i will be able to put my hand on the portable, so i will look at logs. In the meantime, thanks. -- dott. Marco Gaiarin GNUPG Key ID: 240A3D6...
2004 Aug 06
2
Preventin browsers / wget's / ... from capturing stream?
On Tuesday 02 March 2004 02:23, Michael Smith wrote: > Shoutcast just does user-agent sniffing. This makes it look like you can't > download the stream easily, but that's just misleading you - it's > completely trivial to do so. Yes , i'd say the same . > > The most clean solution in my eyes would be to implement mms:// or > > rtp:// for mp3/ogg-streams in
2023 Dec 18
1
Announce: OpenSSH 9.6 released
...SH 9.5 ========================= This release contains a number of security fixes, some small features and bugfixes. Security ======== This release contains fixes for a newly-discovered weakness in the SSH transport protocol, a logic error relating to constrained PKCS#11 keys in ssh-agent(1) and countermeasures for programs that invoke ssh(1) with user or hostnames containing invalid characters. * ssh(1), sshd(8): implement protocol extensions to thwart the so-called "Terrapin attack" discovered by Fabian B??umer, Marcus Brinkmann and J??rg Schwenk. This attack allows a MITM to effect...
2012 Oct 02
0
[LLVMdev] [PROPOSAL] Adding support for -fstack-protector-strong
...d with buffer overread attacks, I'm not even sure if they do that very well). Even if they work against stack buffer overflows, stack protectors don't protect the application from heap overflows, invalid free attacks, dangling pointer attacks, and non-control data attacks. The fastest countermeasure that I think is worth looking at is Control Flow Integrity (CFI); CFI adds checks to return instructions and indirect jumps to ensure that they're jumping to a valid target address. As far as I know, there's no control-hijack attack that works against it, although non-control data att...
2019 Feb 15
2
Can we disable diffie-hellman-group-exchange-sha1 by default?
On Fri, 2019-02-15 at 15:57 +1100, Darren Tucker wrote: > That was the original intent (and it's mentioned in RFC4419) however > each moduli file we ship (70-80 instances of 6 sizes) takes about 1 > cpu-month to generate on a lowish-power x86-64 machine. Most of it > is > parallelizable, but even then it'd likely take a few hours to > generate > one of each size. I