|
 |
dijous, 21 / abril / 2005 |
[NetworkWorldFusion] Microsoft set to release patching tool, service in June. Microsoft té prevista la publicació, el proper juny, un nou servei d'actualitzacions, Microsoft Update i una nova eina per a la centralització de les actualitzacions dins d'una xarxa, Windows Server Update Services.
Both MU and WSUS were originally due in the first half of 2004, but were delayed several times. Microsoft has blamed the delays partly on work it had to do on Windows XP Service Pack 2, a security-focused upgrade to Windows XP released last August. Most recently the company has said it would deliver MU and WSUS in the first half of 2005, a target it expects to make.
(...)
MU is the successor to the current Windows Update service. It is a single service for users to get patches for a number of Microsoft products, not just Windows. The service will be aimed mostly at consumers and small businesses, as Windows Update is today.
(...)
WSUS succeeds the existing Software Update Services (SUS) tool, Microsoft's no-charge patch management tool for business users. The new version includes improvements in patch delivery, status reporting, network usage and improved implementation and administration flexibility, according to a Microsoft presentation Tuesday.
|
23:12 (# Enllaç permanent) | Comentaris: | Trackback:
|
|
[NetworkWorldFusion] Cyber attack early warning center begins pilot project. S'inicia la prova pilot d'un projecte per a detectar possibles atacs informàtics.
A fledgling nonprofit group working to develop an automated cyber-attack early warning system, the Cyber Incident Detection Data Analysis Center (CIDDAC), is about to begin a pilot project to collect data on network intrusions from a group of companies in national-infrastructure industries.
|
23:06 (# Enllaç permanent) | Comentaris: | Trackback:
|
|
Using the Fluhrer, Mantin, and Shamir Attack to Break WEP
We implemented an attack against WEP, the link-layer security protocol for 802.11 networks. The attack was described in a recent paper by Fluhrer, Mantin, and Shamir. With our implementation, and permission of the network administrator, we were able to recover the 128 bit secret key used in a production network, with a passive attack. The WEP standard uses RC4 IVs improperly, and the attack exploits this design failure. This paper describes the attack, how we implemented it, and some optimizations to make the attack more efficient. We conclude that 802.11 WEP is totally insecure, and we provide some recommendations.
L'atac al que fa referència està descrit a Weaknesses in the Key Scheduling Algorithm of RC4.
|
10:48 (# Enllaç permanent) | Comentaris: | Trackback:
|
|
© Copyright 2003-2005 Xavier Caballe.  . Si no s'indica expressament el contrari, el material publicat en aquest weblog es distribueix d'acord amb la llicència Creative Commons. El contingut és responsabilitat única i exclusivament del seu autor i no té cap relació amb les seves activitats professionals.
|
|
