Hi Everybody,
Over the past few weeks I've been working on revising the www.MatthewNeely.com website. In the process I moved my blog, its new home is www.matthewneely.com/blog/. Please update your RSS readers and links so they point at the new site. An RSS feed for the new location can be found here.
Stop by the new site and let me know what you think!
Cheers,
Matt
Most Recent Posts From My New Blog
Sunday, November 30, 2008
Thursday, September 18, 2008
Changing for the Better
Saturday, June 14, 2008
Security Alert - Insecure Hotel Locks
Can Anyone Identify This Lock?
Tuesday, June 3, 2008
M-Commerce Security Tipping Point: SMS Phishing Toolkit in the Wild
Sunday, May 18, 2008
Knitting Project to Protect Your Privacy
Thursday, May 15, 2008
Tool Released to Brute Force Vulnerable SSH Server
Wednesday, May 14, 2008
Let the Brute Forcing Begin - Vulnerable SSH Keys Publicly Released
New Penetration Testing Webcast by Ed Skoudis
Tuesday, May 13, 2008
Critical Ubuntu and Debian Vulnerability
Monday, April 28, 2008
Its official, I am now a Twit!
A week or so ago I gave in and joined Twitter. After being on it for a week I must admit I am hooked. As cheesy as it sounds I do have a better connection with my friends but I also have a better connection with the security subculture that is starting to us Twitter. That is the real value I see in Twitter.
At Notacon I talked with a bunch of folks regarding how they keep up to date on security. A number of them mentioned they use Twitter for this, two folks even said they stopped RSSing blogs all together and just used Twitter to keep up to date. That is actually the main reason I joined, also Tom and I made a pact to join if the other one did.
For those of you on Twitter here is my profile. Here are some of the security Twits I follow: Agent0x0, Pauldotcom, Martin McKeay, McGreySecurity, Window and Spacerog.
If you are already on Twitter follow me. If you aren't on Twitter give it a try! You might be surprised how useful it can be.
Cheers,
Matt
P.S. The Twitter Fan Wiki is an excellent source if you need a hand getting up and running.
A week or so ago I gave in and joined Twitter. After being on it for a week I must admit I am hooked. As cheesy as it sounds I do have a better connection with my friends but I also have a better connection with the security subculture that is starting to us Twitter. That is the real value I see in Twitter.
At Notacon I talked with a bunch of folks regarding how they keep up to date on security. A number of them mentioned they use Twitter for this, two folks even said they stopped RSSing blogs all together and just used Twitter to keep up to date. That is actually the main reason I joined, also Tom and I made a pact to join if the other one did.
For those of you on Twitter here is my profile. Here are some of the security Twits I follow: Agent0x0, Pauldotcom, Martin McKeay, McGreySecurity, Window and Spacerog.
If you are already on Twitter follow me. If you aren't on Twitter give it a try! You might be surprised how useful it can be.
Cheers,
Matt
P.S. The Twitter Fan Wiki is an excellent source if you need a hand getting up and running.
Saturday, April 26, 2008
Thursday, April 24, 2008
Bluetooth Penetration Testing Resources
Today while doing some research on Bluetooth I came across two site which are packed full of information.
The first is Martin Karger's Evilgenius blog. Martin has a number of excellent posts on Bluetooth and other wireless security topics.
The second is the Bluetooth Penetration Testing Framework. This site has a wealth of information on attacking Bluetooth.
If you are interested in Bluetooth security I recommend you check them out.
Cheers,
Matt
The first is Martin Karger's Evilgenius blog. Martin has a number of excellent posts on Bluetooth and other wireless security topics.
The second is the Bluetooth Penetration Testing Framework. This site has a wealth of information on attacking Bluetooth.
If you are interested in Bluetooth security I recommend you check them out.
Cheers,
Matt
Sunday, April 20, 2008
PA Turnpike Making High Energy Weapons!
On my way out to IKEA this weekend I discovered a secret weapons project sponsored by the PA Turnpike Authority. Along the way I passed many large Yagi antennas on the PA Turnpike. All are pointed towards Canada. Give the size of these antenna I think they are high powered energy weapon systems designed to protect us from our encroaching Canadian overlords.
Now that I have posted this story I know my life is in danger so I will be going into hiding inside a specially crafted tin foil cocoon.
Cheers,
Matt
P.S. I am not responsible for any actions taken by individuals who do not understand humor.
Now that I have posted this story I know my life is in danger so I will be going into hiding inside a specially crafted tin foil cocoon.
Cheers,
Matt
P.S. I am not responsible for any actions taken by individuals who do not understand humor.
Sunday, April 13, 2008
NEO InfoSec Forum Meeting This Wednesday!
This month's NEO InfoSec Forum meeting is this Wednesday. We have three talks lined up on Nagios, FreeRADIUS and Notacon. Everyone is welcome to attend. Meetings are free and include free pizza! More information on the meeting can be found here.
Cheers,
Matt
Cheers,
Matt
Friday, April 4, 2008
Bugtraq Post - Slowly Closing Door Race Condition
I'm not sure if this is an April Fools joke or not given the orginal release date. Either way on April 1st I)ruid from Computer Academic Underground released an interesting and entertaining security alert on a race condition that can exist with slow closing doors. I especially love the section explaining how to exploit the race condition.
It is always interesting to see what computer security folks come up with when they analyze physical security systems. Matt Blaze has a number of fascinating articles along these lines focusing on the mechanical security features used in locks and safes. I suspect we'll see more alerts like this as the convergence between physical and logical security continues to evolve.
Below is the advisory (original source):
It is always interesting to see what computer security folks come up with when they analyze physical security systems. Matt Blaze has a number of fascinating articles along these lines focusing on the mechanical security features used in locks and safes. I suspect we'll see more alerts like this as the convergence between physical and logical security continues to evolve.
Below is the advisory (original source):
____ ____ __ __
/ \ / \ | | | |
----====####/ /\__\##/ /\ \##| |##| |####====----
| | | |__| | | | | |
| | ___ | __ | | | | |
------======######\ \/ /#| |##| |#| |##| |######======------
\____/ |__| |__| \______/
Computer Academic Underground
http://www.caughq.org
Security Advisory
===============/========================================================
Advisory ID: CAU-2008-0001
Release Date: 04/01/2008
Title: Slowly Closing Door Race Condition
Application/OS: Physical Structures
Topic: Physical structures employing exit doors with locks
are vulnerable to a race condition.
Vendor Status: Not Notified
Attributes: Physical, Race Condition
Advisory URL: http://www.caughq.org/advisories/CAU-2008-0001.txt
Author/Email: CAU
===============/========================================================
Overview
========
Physical structures which employ automatically locking doors to secure
exit points expose a race condition which may allow unauthorized entry.
Impact
======
Malicious outsiders may be able to enter a structure via an exit point.
Exit points may additionally provide an exit from a secure area of the
structure, allowing an outsider entering through the exit point to gain
direct access to the secure area.
Affected Systems
================
Physical structures which employ automatically locking doors at exit
points of the structure.
Technical Explanation
=====================
An exit's lock[1] generally converts a two-way door into a one-way
door, allowing a person to traverse the door's threshold in one
direction but not in the other. These types of locks are used to
secure exit points of structures so that people may exit via the door
but not re-enter without disabling the lock through force or
authentication.
When a person exits the structure through an exit point which is
secured by such a mechanism, a race condition exists wherein a
malicious outsider may be able to reach the door and enter through it
before it closes and locks itself.
Many doors, especially heavier ones, also employ closing mechanisms[2]
which are designed to cause the door to close slowly so as not to slam
the door shut and damage the door frame, or damage any human appendage
which may be in between the door and it's frame. Such closing
mechanisms can greatly increase the amount of time that the race
condition exists.
Solution & Recommendations
==========================
1) Always ensure that personnel exiting an exit door wait outside the
door until it has completely closed and locked before walking
away.
2) Employ a double door system such as is used in an air-lock where
the interior door must be secured prior to the exterior door being
allowed to open.
Exploitation
============
First identify the exit point that you want to exploit. Stand at a
safe distance during a high-traffic time and watch for people to use
the exit point. Time how long it takes for the door to close and
lock itself when someone traverses the exit point.
Next, identify a safe hiding place near the exit point, preferably
in a direction that would be behind a person exiting the door, but
which is within a distance to the exit point which you could traverse
in under the door's closing time at a brisk pace or run.
Finally, hide in this location during a lower traffic time and wait
for someone to utilize the exit point. After they have exited the
door and are walking away, run to the door and enter before it has
closed and locked. Extra points are awarded for a spectacular dive
and/or roll to catch the door at the very last second.
References
==========
[1] http://en.wikipedia.org/wiki/Lock_%28device%29
[2] http://en.wikipedia.org/wiki/Door_closer
Credits & Gr33ts
================
Theodor Geisel, AHA!, NMRC, Uninformed Journal, dc214
Thursday, April 3, 2008
Notacon This Weekend
Tomorrow I'll be heading off the Notacon for the weekend. If anyone else is going to be there and wants to meet up drop me an email or leave a comment.
Cheers,
Matt
Cheers,
Matt
Monday, March 31, 2008
Wireless Vulnerabilities and Exploits (WVE) Database
The Wireless Vulnerabilities and Exploit (WVE) database is a wonderful wireless security resource. The WVE is basically a clearing house for wireless vulnerabilities and exploits. It is similar to the Common Vulnerabilities and Exposure (CVE) database however the WVE focuses on wireless technology. Also the CVE database only tracks vulnerabilities where the WVE database tracks vulnerabilities and the exploits that can be used to attack those vulnerabilities.
When assessing the security of a wireless device this is one of the research tools I use to determine if there are any known weaknesses in that device.
If you have any interest in wireless security I highly recommend you explore the site and monitor it for updates. They even offer an RSS feed of the recent entries.
Cheers,
Matt
When assessing the security of a wireless device this is one of the research tools I use to determine if there are any known weaknesses in that device.
If you have any interest in wireless security I highly recommend you explore the site and monitor it for updates. They even offer an RSS feed of the recent entries.
Cheers,
Matt
Wednesday, March 19, 2008
The Biggest Paradigm Shift in Mobile Security is...
Tuesday, March 18, 2008
OWASP Meeting This Thurseday
The February OWASP meeting that got canceled has been reschedule to Thursday March 20th. It will be held at the Winking Lizard in Bedford Hts. More information and details on how to register can be found here.
Note: Last I checked the link had not been updated to include the new meeting time. However all the other information is still valid.
Cheers,
Matt
Note: Last I checked the link had not been updated to include the new meeting time. However all the other information is still valid.
Cheers,
Matt
Saturday, March 15, 2008
Been Speaking, Looking for Feedback
I've been doing a lot of public speaking recently. The past two Wednesdays I gave workshops on how to use NetStumbler and Kismet to find wireless networks, and last Friday I gave a talk covering the risks related to m-commerce. If any of my readers attended these talks and have comments on ways to improve them please let me know by posting suggestions in the comments section, you can even post them anonymously if you like. I am always interested in improving my presentations so any feedback is greatly appreciated!
Cheers,
Matt
Cheers,
Matt
Thursday, February 28, 2008
Free Wireless Security Training In Cleveland
In March I will be holding a free lecture and lab on locating and securing wireless networks. During this lab participants will learn basic information about 802.11 networks, how to find wireless access points using NetStumbler and Kismet and tips on securing 802.11 network. This is a two hour class that will include both a lecture and hands-on lab.
Thanks to Baldwin-Wallace's generous donation of their networking and computer lab this class is FREE to all NEO Info Sec Forum members!
There is a catch. Seating is limited and only open to NEO Info Sec Forum members. So if you are not a NEO Info Sec Forum member go over to the site and register. Once your registration has been confirmed let the person who activated your account know you want to take the wireless class.
Cheers,
Matt
Thanks to Baldwin-Wallace's generous donation of their networking and computer lab this class is FREE to all NEO Info Sec Forum members!
There is a catch. Seating is limited and only open to NEO Info Sec Forum members. So if you are not a NEO Info Sec Forum member go over to the site and register. Once your registration has been confirmed let the person who activated your account know you want to take the wireless class.
Cheers,
Matt
Wednesday, February 27, 2008
Tonight's OWASP Meeting Has Been Canceled
I just got word that tonight's OWASP meeting has been canceled. Rumor has it the meeting will be rescheduled to a future date.
Cheers,
Matt
Cheers,
Matt
Tuesday, February 26, 2008
Presenting at the Next Northern Ohio Infragard Meeting
I'm happy to announce that I will be presenting "An Overview of Risks Related to M-Commerce" at the March 14th Infragard meeting in Cleveland. This talk will give a highlevel overview of various m-commerce solutions, discuss the associated risks and examine ways to mitigate these risks.
This meeting is free and open to the public. Anyone interested in attending can learn more and register at this link.
Cheers,
Matt
This meeting is free and open to the public. Anyone interested in attending can learn more and register at this link.
Cheers,
Matt
Friday, February 22, 2008
Cleveland OWASP Meeting Wednesday February 27th
UPDATE: This meeting has been canceled and will be rescheduled to a future date.
Looks like the Cleveland chapter of OWASP is getting back on track! The next meeting is going to be at the Winking Lizard in Bedford Hts this coming Wednesday, February 27th. Meetings are free and open to anyone interested in web application security.
This meeting will cover:
Are you ready for D-Day?
Web App Review or Firewall?
What is a Web App Firewall?
OWASP #3 - Malicious File Execution
Did I mention FREE BEER and food (thanks to the folks at Applicure and SecureState)?
Location:
Winking Lizard
25380 Miles Road, Bedford, OH 44128
If you are interested in attending, please send an email with the subject "I'm there" and the body "I'll be there!" to dkennedy@securestate.com.
Cheers,
Matt
Looks like the Cleveland chapter of OWASP is getting back on track! The next meeting is going to be at the Winking Lizard in Bedford Hts this coming Wednesday, February 27th. Meetings are free and open to anyone interested in web application security.
This meeting will cover:
Are you ready for D-Day?
Web App Review or Firewall?
What is a Web App Firewall?
OWASP #3 - Malicious File Execution
Did I mention FREE BEER and food (thanks to the folks at Applicure and SecureState)?
Location:
Winking Lizard
25380 Miles Road, Bedford, OH 44128
If you are interested in attending, please send an email with the subject "I'm there" and the body "I'll be there!" to dkennedy@securestate.com.
Cheers,
Matt
Thursday, February 14, 2008
ShmooCon Bound!
Bright and early tomorrow morning Meagan and I are heading off to ShmooCon! If anyone else is going to be there and wants to meet up drop me an email or leave a comment.
Cheers,
Matt
Cheers,
Matt
Monday, February 11, 2008
How Secure Are Your Wireless Headset and Other Wireless Device?
Sunday, February 10, 2008
Verizon Dropping CDMA for GSM?
Thursday, February 7, 2008
A Chinese Cross Key Lock
Wednesday, January 30, 2008
AMPS Network Decommission Could Impact Alarm Monitoring
What Does a Port Scan Look Like?
Monday, January 28, 2008
Have a Humorous Security Story to Share?
Saturday, January 26, 2008
The Problem with SIM Dependent M-Commerce in the U.S.
Wednesday, January 23, 2008
New Cellphone Worm in the Wild – SymbOS/Beselo
Tuesday, January 22, 2008
Cleveland Security Groups
Thursday, January 17, 2008
NEO InfoSec M-Commerce Talk
Saturday, January 12, 2008
24C3 Videos Posted
Giving an M-Commerce Presentation This Wednesday in Cleveland
Tuesday, January 8, 2008
Welcome!
Actually this is no longer my "new blog". This blog has moved here.
------------------------------------------------------------------------------------------------------
Hello everybody and welcome to my blog!
I created this blog as a brainstorming area for me to share and flush out idea related to my current research projects. Eventually the material posted here will be rolled up into talks, research papers and articles that will be posted on my, not yet completed, website.
I have many areas of interest but recently my research has been focusing on wireless security, security convergence, penetration testing and security data visualization. So stay tuned for posts related these and other security topics.
I plan to post at least every Sunday.
Thank you for visiting.
Cheers,
Matt
------------------------------------------------------------------------------------------------------
Hello everybody and welcome to my blog!
I created this blog as a brainstorming area for me to share and flush out idea related to my current research projects. Eventually the material posted here will be rolled up into talks, research papers and articles that will be posted on my, not yet completed, website.
I have many areas of interest but recently my research has been focusing on wireless security, security convergence, penetration testing and security data visualization. So stay tuned for posts related these and other security topics.
I plan to post at least every Sunday.
Thank you for visiting.
Cheers,
Matt
Subscribe to:
Posts (Atom)