Thursday, August 12, 2004

RSS Feeds, Bmonday Comments, and Airpwn

Thanks to an email from Jim O'Gorman, I learned of a way to publish a RSS feed, even though Blogger only supports Atom. Try feeding this to your RSS reader. I've been using the Firefox plug-in Sage since Chris Reining's Blog told me about it. Sage supports RSS and Atom in a Firefox sidebar.

Speaking of reading other people's Blogs, I was happy to see positive feedback on my book at My thoughts on logging packets allowed through the firewall, rather than logging packets dropped by the firewall, helped Beau identify someone trying to brute force his SQL server.

If you haven't thought about the use of airpwn at DefCon 12, consider the following. Airpwn is a traffic injection tool for 802.11 networks, released to last week. Essentially an intruder sniffs for outbound Web image requests, then tries to craft and transmit a response faster than the legitimate server can reply. In most cases the legitimate server loses the race. Combine this capability with the libpng vulnerability and unpatched browsers (like older versions of Mozilla and friends) and you have a wireless exploit system on your hands. One way to avoid becoming a victim on unencrypted wireless links is to tunnel your Web traffic to a safer connection, as I mentioned earlier.

No comments: