Welcome to duststar theory
- random, casual, stray thoughts -
"Only a life lived for others is a life worth while." - Albert Einstein
Adobe Reader v9.2 and below. PATCH!
Author duststar | 13.01.2010 | Category Cyber Security
Taken from: http://www.adobe.com/support/security/bulletins/apsb10-02.html
Critical vulnerabilities have been identified in Adobe Reader 9.2 and Acrobat 9.2 for Windows, Macintosh and UNIX, and Adobe Reader 8.1.7 and Acrobat 8.1.7 for Windows and Macintosh. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.
If you do not patch your Adobe Acrobat Reader, your system will get infected with a malware such as keylogger or trojan horse when you open an infected PDF document.
Another way is to use other PDF reader such as Foxit rather than the popular Adobe Acrobat Reader. However, because it is less popular does not mean it is not vulnerable to other forms of attack. Most probably the truth is that nobody has discovered any new vulnerabilities for it yet, or they are keeping it for private use.
.duststar
Twitter got hacked, so is Baidu
Author duststar | 12.01.2010 | Category Cyber Security
Breaking news from Internet Storm Center.
Twitter got hacked on 17th Dec 2009. That is not new. Baidu got hacked today. Not shocking …
Both sites were defaced using “legitimate” DNS modified entries which was caused by compromised DNS server. Thus, we can say that there is no real defacement occurring here. However, during these “hours” of compromised situation, users who are trying to login to twitter may have already given out their passwords to the hackers already. (So Twitter users please remember to change your passwords!)
DNS attacks has been an increasing trend since the time when Dan Kaminsky made multiple discoveries in DNS infrastructure weaknesses. We can expect the trend to continue to climb, and see more web defacement through such DNS man-in-the-middle (MITM) attack.
So as an organisation how can you defend yourselves?
Prevent
1. Do away with shared DNS hosting if possible.
2. Run and managed your own DNS servers.
3. Secure them.
Detect
1. Monitor any attacks against your DNS infrastructure.
2. Monitor all DNS zone transfers and your domains for sudden “IP change”.
Response
1. Establish response plan and procedures to deal with detected events.
The crucial point here is how fast can you detect an intrusion and respond to them. So, managed security services (MSS), internal computer emergency response team (CERT), or a system/network admin running on steroids (basically one person covers everything). You decide.
.duststar
Maplestory (MapleSEA) Network Status Monitoring – Update 1
Author duststar | 11.01.2010 | Category Cyber Security, MapleSEA
Continuing from this post.
Today evening managed to meddle with jpGraph‘s powerful graphing ability. Added new RRD-style graphs to show past 24 hours network latency and uptime for all monitored services!
So let us go through how to interpret the graphs. (If you cannot wait to see them, just go here!)
The 1st graph sample shows us “www.maplesea.com – past 24hr network uptime status”. We have the timestamp and network latency in milliseconds on the x and y axis scale respectively. Currently we are looking at data from yesterday night 23:01 hrs to current time 22:38 hrs. Average network latency was around 300 ms (From US to SG/MY takes about such timing). At about today 00:30 hrs, high network latency spikes were observed.
For 2nd graph sample, the results are pretty much the same as the 1st graph sample. From this we could conclude that there might be a small network maintenance carried out during the period of high network latency spikes.
Next we have the 3rd graph sample of forums.asiasoftsea.net. The graph shows a near constant (good) network performance for forums.asiasoftsea.net. However, there were 2 network disruptions (network unreachable) after midnight 00:15 hrs and today evening 17:10 hrs. This might be due to the forums performing automated self maintenance. The timing at 00:15 hrs coincides with what seems to be the maintenance timing for www.maplesea.com and maple.playpark.net as well.
This 4th graph sample showed us a stable network connectivity for Singapore gateway (the MapleSEA’s in-game login server) constant around 280 ms.
The last graph sample showed us network connectivity for Malaysia gateway which has 2 high network latency spikes occurring around last night 23:30 hrs and after midnight 00:25 hrs.
Hope you like what has been going on at duststar.net. There will be more surprises coming soon!
.duststar
Maplestory (MapleSEA) Network Status Monitoring
Author duststar | 10.01.2010 | Category Cyber Security, MapleSEA
Remember last month I did a research on MapleSEA’s IP addresses and ports?
Since last week, I have been working on developing a monitoring daemon to monitor the network connectivity status of the IP addresses and ports. The daemon is ready now for beta use. It will check on the status for major services such as gateway, forum, passport, main website etc every 5 minutes, and every 30 minutes for all channels, cash shop and MTS in all worlds. You can view various servers’ network status from this project page!
.duststar
Maplestory Cyber Security Series – Part 4 of 4
Author duststar | 09.01.2010 | Category Cyber Security, MapleSEA
Continuing from this post.
Part 4 – Protecting your identity
1. Your presence on the Internet
a. Social websites
- Have 1 account to that caters to your private needs e.g. to find back your old friends, make new friends etc
- Have another account just for Maplestory if you are so serious about adding who you knew in the game to this social network
b. Forums, Blogs
- Have different accounts for different purposes e.g. 1 for private e-mails, 1 for engaging with unknown strangers (useful when in game people ask you for e-mail to send you things)
- If you want to go around forums, blogs etc and paste your e-mail address, be prepared to get spam. So, use a separate e-mail for such purposes.
2. Information control
a. Avoid sharing too much personal information.
b. Trust no one online unless you SEE them in person (Not through web cam). EVERYTHING can be impersonated.
c. Check your own presence on the Internet. See how much are you exposed. See if anyone else is impersonating you on social websites.
Thanks for reading. This is the end of the 4-part “Maplestory Cyber Security Series”. Hope it helps you in one way or another.
.duststar
Categories
- blog (2)
- Cyber Security (16)
- MapleGlobal (2)
- MapleSEA (21)
Archives
Calendar
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Feb | ||||||
| 1 | ||||||
| 2 | 3 | 4 | 5 | 6 | 7 | 8 |
| 9 | 10 | 11 | 12 | 13 | 14 | 15 |
| 16 | 17 | 18 | 19 | 20 | 21 | 22 |
| 23 | 24 | 25 | 26 | 27 | 28 | 29 |
| 30 | 31 | |||||