Hah! So bored.. Yesterday aunty virus and I conducted 2 meetings, today we have another meeting with BJ. Damn!
Just imagine, how in the world should I manage my time to do my actual works? Hmm.. The only thing in the magement guys head are, to make sure their work is done in time! But how to do the works if there's no sufficient time?
Tippingpoint?
Got an email today, regarding Tippingpoint vulnerabilities. A remote user can send specially encoded data to avoid detection by the IPS. Specific Unicode encoding for the forward slash character can be used to cause the request to fail to match IPS signatures.
For example. and attacker request a url (iis unicode attack) : http://[target]/scripts/cmd.exe. This request can be easily detected by Tippingpoint. But, when the attacker request a specially encoded data, Tippingpoint would be bypassed. Example request :
http://[target]/scripts%c0%afcmd.exe
http://[target]/scripts%e0%80%afcmd.exe
http://[target]/scripts%c1%9ccmd.exe
Advisories
So admins who are using Tippingpoint, be sure to check your system, and contact the vendor for further action. Prevention is better then cure!
Just imagine, how in the world should I manage my time to do my actual works? Hmm.. The only thing in the magement guys head are, to make sure their work is done in time! But how to do the works if there's no sufficient time?
Tippingpoint?
Got an email today, regarding Tippingpoint vulnerabilities. A remote user can send specially encoded data to avoid detection by the IPS. Specific Unicode encoding for the forward slash character can be used to cause the request to fail to match IPS signatures.
For example. and attacker request a url (iis unicode attack) : http://[target]/scripts/cmd.exe. This request can be easily detected by Tippingpoint. But, when the attacker request a specially encoded data, Tippingpoint would be bypassed. Example request :
http://[target]/scripts%c0%afcmd.exe
http://[target]/scripts%e0%80%afcmd.exe
http://[target]/scripts%c1%9ccmd.exe
Advisories
So admins who are using Tippingpoint, be sure to check your system, and contact the vendor for further action. Prevention is better then cure!
7 comments:
adehhh...
mmg penat meeting nih
lalalala...
tp best jugak ek meeting nih... huhuhu
malasnya.. malasnya.. malasnya..
ehh.. korang..biaselehh..tu baru ckit.sobar jolahh..buat cam kite x suke ape lg cuti lahh..
cool la.. meeting sekali sekala..
ia dapat merapatkan jurang antara sesama pekerja.
dan bleh gak mengejek sesama sendiri atau orang lain lepas abih meeting..
aku suka g meeting.. huaaaaa..
apsal tak hajak haku.. takde la bosan...
Kalau tak meeting tak ingat dunia.. bilanya masa nak buat kej lain..
ya aku sokong en hakes.. aku walaupun tak masuk meeting.. tp pasal training, smua kejer2 yg sepatutnya tak dpt buat waaaaaaa...