Podcasts

While the bug allows remote code execution several versions of Windows, including Vista and Server 2008, its impact on Windows 2000 is limited to causing a denial of service.

Let's hope it's not one of those Denial of Service bugs that turns out to be quite serious later.

The bug appears to be some sort of TCP/IP stack problem -- discovered by the late Jack C. Louis -- which allows attackers with the ability to connect to any port to run code or DoS the target, depending on the version of Windows.

It's a bad one.

It's especially bad if you're running legacy applications on Windows 2000. The only mitigation for this thing is a properly configured firewall that cleans TCP window sizes (cleans Windows' windows, hur hur) in front of the Windows 2000 host.

Here's the relevant bit of the advisory:

"The architecture to properly support TCP/IP protection does not exist on Microsoft Windows 2000 systems, making it infeasible to build the fix for Microsoft Windows 2000 Service Pack 4 to eliminate the vulnerability. To do so would require rearchitecting a very significant amount of the Microsoft Windows 2000 Service Pack 4 operating system, not just the affected component. The product of such a rearchitecture effort would be sufficiently incompatible with Microsoft Windows 2000 Service Pack 4 that there would be no assurance that applications designed to run on Microsoft Windows 2000 Service Pack 4 would continue to operate on the updated system."

Windows 2000 support was to continue until July next year.

This week's episode is sponsored by Check Point software.

On this week's show we're chatting to Alastair MacGibbon of Surete Group. He was the Australian Federal Police Agent who established the multi-jurisdictional Australian High Tech Crime Centre back in 2003. He was with the AFP for 15 years and spent the majority of his policing career working in drug enforcement. That included investigating criminal drug syndicates.

He'll be along this week to dispel some of the current theories doing the rounds about online criminal activity.

We'll also be joined by Check Point's Fred Borjesson to discuss hardcore, customised malware: memory scrapers, rootkits and other stuff the hardcore bad guys use to exfiltrate card data from compromised organisations. It's virtually impossible to detect because, well, it's not widely distributed like most malware -- this is hardcore stuff for hardcore people. That's this week's sponsor interview.

We also discuss the week's news with Adam Boileau.

Risky Business two is brought to you exclusively by Symantec, so big thanks to the team over there for making this podcast possible!

In this week's special interview you'll hear Paul Craig discussing Web application vulnerability chaining with Mark "Pipes" Piper. Chaining is basically combining a whole bunch of trivial bugs into something quite critical.

Paul did this interview at New Zealand's OWASP day.

It makes for pretty interesting reading. There are 211 exploits on the list, with 117 of them described as confirmed 0day.

You can find the list here.

As far as Risky.Biz is aware, these guys do not contact vendors and give them details on 0day they acquire. While to most that would seem the right thing to do, it's directly opposed to InteVyDis' commercial interests.

A fixed bug is a dead bug. Why slash the value of your own product?

We would love to hear from readers on this in the forums. Do you think a business model that involves selling 0day without notifying vendors is inherently immoral?

This week's show is sponsored by Microsoft and hosted by Vigabyte virtual hosting.

On this week's show we chat with Jose Nazario, the manager of security research for Arbor Networks. Jose is joining us to talk about the latest trends in botnet C&C. Apparently, using IRC is sooooo 2005 these days...

We also talk to Stuart Strathdee from Microsoft in this week's sponsor segment. In it, we discuss alleged criminal mastermind and all round badass Albert "The SoupNazi" Gonzalez. Will his capture and prosecution be a deterrent or an inspiration to fraudsters?

And of course the show wouldn't be complete without Adam "Metlstorm" Boileau jumping on board for a look at the week's news headlines.

This week's edition of Risky Business is brought to you by Sophos and hosted by Vigabyte virtual hosting.

On this week's show we chat with Professor Gernot Heiser. He's the chief Technology Officer of OK-Labs, or Open Kernel Labs. The company makes software for embedded systems, and recently NICTA -- that's a government funded technology R&D lab -- has claimed to have mathematically verified one of the OK-labs kernels as being mathematically perfect. No buffer overflows. No null pointer dereferences. No divide by zeros.

The Prof stops by to explain what this all means.

We also chat with Sean Richmond from Sophos in this week's sponsor interview. We quiz Sean on this virus doing the rounds that affects Delphi development environments. Interesting stuff!

And of course Adam Boileau pops by with the week's news headlines.

In this special interview you'll hear our New Zealand correspondent Paul Craig interviewing Security-Assessment.com's Roberto Suggi Liverani and Nick Freeman discuss their research into exploiting Firefox extensions.

These guys were doing a review of a large web application and evaluation of a related firefox extension was in scope.

Skype extensions, search toolbars -- all those extensions that people routinely install into their browsers, well, it turns out a lot of them are buggy as hell and these two have figured out how to exploit these little suckers, and at best guess, there's around 30 million boxes out there vulnerable to the extension bugs they've identified.

On this week's show we're chatting with CEO of Australia's Internet Industry Association, Peter Coroneos. Peter led the charge for a National 2FA scheme many years ago... it hasn't quite gotten off the ground yet, but Peter joins us shortly to discuss the scheme, how it got started and why it hasn't really gone anywhere yet.

We're also joined by a special guest in our sponsor segment this week, Paul Asadoorian, the host of the PaulDotCom Security Weekly podcast. Paul's dayjob is as Tenable's "Evangelist". He won't be evangelising anything this week though, he's popping by to talk about training. Paul did work for SANS, and we'll be asking Paul what he thinks training and certification are good for.

And we'll be checking the week's news with Adam "metlstorm" Boileau!

In this month's sponsored podcast here on Risky Business 2 we're chatting with Symantec's Senior Director of Global Security Response Operations Group, Kevin Hogan, about quite a few things.

We'll be talking about the standardisation of many forms of malware, weaknesses in the packers the bad guys are using -- that's interesting -- and heaps of other stuff around online threats.

Sydney's inaugural eCrime Symposium kicked off on Tuesday, and Risky Business was there with an audio recorder.

We recorded this panel discussion while we were there and decided it'd make a good podcast. The speakers are Rachel Dixon, who's a technology executive here in Australia for online media group Viocorp, as well as being the deputy chair of consumer group Choice, Phil Argy, the head of the Technology Dispute Centre, and Sean Richmond from Sophos.

The panel was hosted by Nigel Phair.

I've basically cut it down to focus on the comments of Rachel Dixon. She was the best speaker on the day, and her riffs make for interesting listening.

There is no news segment this week due to a nasty bit of chicken making me quite ill on Wednesday and Thursday. I'll spare you the details. I'm also moving house tomorrow, so things this week have just got a little crazy.

But RB will be back next week with a bit of a wrap from all the shenanigans in Vegas and a proper news update.

In this week's sponsor interview we're trying something different. We're having a chat to Tim Smith of Bridgepoint, a Check Point Gold Partner. Tim's at the coalface of the Australian security industry, so we took this opportunity to get a commercial perspective on what's happening out there in the market, and in particular, with PCI.

As you'll hear, Tim says all sorts of organisations -- from online retailers to corner stores -- are being roped into the regime, which obviously makes life interesting.