A security Leakage??
Page 1 of 2 12 LastLast
Results 1 to 10 of 17

Thread: A security Leakage??

  1. #1
    Senior Member
    Join Date
    Aug 2006
    Location
    India
    Posts
    289

    A security Leakage??

    I was just trying to find out more about how to connect my phone on linux on my ISP website...then I started using google when I didn't see any results there...and I got this from the google's cache:

    http://72.14.235.104/search?q=cache:...n&ct=clnk&cd=1

    Later I tried to find out the OS on the offcial MAIN site. Nmap said that it might be Windows system but it was not sure about it!! So isn't it a leakage in the security of system coz it revals such an Important info about the system??? I know it is minimal amount of info but then it revals it to even normal people who know what a google-cache is!!

    Thanks.
    "Everything should be made as simple as possible, but not simpler."

    - Albert Einstein

  2. #2
    Junior Member
    Join Date
    Sep 2005
    Posts
    17
    thats cache, that could be history. and more over I dont think that is a web server generated error or something.
    it could be a windows 2000 box asked to echo "windows 2003"
    although I dont believe airtel would do that.

  3. #3
    Senior Member
    Join Date
    Aug 2006
    Location
    India
    Posts
    289
    And hey.... that website has been removed ... it no longer exists...I tried open it through many ways but it wont open. It is deleted!! So I dont care about that.
    "Everything should be made as simple as possible, but not simpler."

    - Albert Einstein

  4. #4
    Junior Member rock_bill's Avatar
    Join Date
    Jul 2006
    Posts
    20
    that website has been removed
    Well Jockey I too was trying on that but finally I agree with webDEViL, it its cache.........

  5. #5
    Senior Member
    Join Date
    Aug 2006
    Location
    India
    Posts
    289
    hmmm... rock... I know its cache...and ONLY cache. What I wanted to tell is that...if someone does something like that in real life...what could be the consequenbces...I mean displaying the OS along with version in case of errors is a deadly mistake in configuration.
    "Everything should be made as simple as possible, but not simpler."

    - Albert Einstein

  6. #6
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,178
    I mean displaying the OS along with version in case of errors is a deadly mistake in configuration.
    Why?
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  7. #7
    Senior Member
    Join Date
    Aug 2006
    Location
    India
    Posts
    289
    Well it might happen that an attacker will be able to find out vulnerability in the system in case the system is set to hide its idenetitiy at other points by changiung the daemon banners, error messages and the TTL value of course. In these cases, attackers usually get confused...but telling them the OS is of course a mistake....and that too when its WINDOWS.....eh!!??

    Anyway to some extent itmight not be that much of important because the system of course gonna be protected at other points and well!!!!

    Thanks
    "Everything should be made as simple as possible, but not simpler."

    - Albert Einstein

  8. #8
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,178
    Well, I can see what you are saying, but I tend to look at this subject from the bad guys' viewpoint

    If you look at most attacks these days, they are automatic or robotic. This is largely why "security through obscurity" seems to work to an extent. Its main drawback is that it is unpredictable and unreliable. If someone actually knows that there is a computer there they will be able to attack it. It is effective against trivial preliminary probing of a block of IP addresses, as these might well be legitimately not in use, so the bot moves on.

    Having decided to attack a particular IP address, the next step is to find out if there are any vulnerable services running for which the bad guy has an exploit. In the automated attack environment of today, the simplest method would be to run them and see what happens?

    If nothing happens, the bad guy will usually assume that the system has been secured in some way and will move on. He doesn't really care why the attack failed.

    We get a lot of wildlife films on UK television so I tend to use the analogy of the herd of antelope being attacked by a predator. The fast and the strong survive, and the weak and slow get killed and eaten. Well, there are a lot of "slow and weak antelope" connected to the internet, and that tends to dictate predators' tactics?

    Another point to consider, is the nature of the exploits and malware that have been discovered in the past few years. Most will run on any unpatched flavour of Windows from 9x upwards................ so the actual version is pretty irrelevant information to the attacker. What I am saying is that non-Windows systems and secured systems get attacked as much as vulnerable Windows ones, it is just that the attacks don't work on that platform or in that environment.

    Also remember that attacks can be directed at applications as well as operating systems..............
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  9. #9
    Super Moderator
    Know-it-All Master Beaver

    Join Date
    Jan 2003
    Posts
    3,914
    Originally posted here by nihil
    Well, I can see what you are saying, but I tend to look at this subject from the bad guys' viewpoint

    If you look at most attacks these days, they are automatic or robotic. This is largely why "security through obscurity" seems to work to an extent. Its main drawback is that it is unpredictable and unreliable. If someone actually knows that there is a computer there they will be able to attack it. It is effective against trivial preliminary probing of a block of IP addresses, as these might well be legitimately not in use, so the bot moves on.

    Having decided to attack a particular IP address, the next step is to find out if there are any vulnerable services running for which the bad guy has an exploit. In the automated attack environment of today, the simplest method would be to run them and see what happens?

    If nothing happens, the bad guy will usually assume that the system has been secured in some way and will move on. He doesn't really care why the attack failed.

    We get a lot of wildlife films on UK television so I tend to use the analogy of the herd of antelope being attacked by a predator. The fast and the strong survive, and the weak and slow get killed and eaten. Well, there are a lot of "slow and weak antelope" connected to the internet, and that tends to dictate predators' tactics?

    Another point to consider, is the nature of the exploits and malware that have been discovered in the past few years. Most will run on any unpatched flavour of Windows from 9x upwards................ so the actual version is pretty irrelevant information to the attacker. What I am saying is that non-Windows systems and secured systems get attacked as much as vulnerable Windows ones, it is just that the attacks don't work on that platform or in that environment.

    Also remember that attacks can be directed at applications as well as operating systems..............
    So I have to disagree with you here (big surprise eh)...

    Revealing data on a system is a mistake... You don't want me to remotely know what operating system your running.. You don't want me to remotely know what software you are running.. What version of BIND your DNS server is running or what version of postfix your mail server is running..

    That's why people change their apache and iis banners, take ServerMask for Example. Sure it's security through obscurity... but it's enough to confuse automatic fingerprinting software.

    Sure... some attacks will just run the attacks and they'll work.. but there are others that will fingerprint (even if they run nmap -sV at an entire /24) and this can be enough to discourage them...

    There are times when programmers miswrite code and display too much info... It shouldn't happen... There's no reason that say DB2 for example should tell me the exact details of the installed database with any credentials... but it will...

    So while it may not be beneficial to hide the information... there's zero benefit to openly displaying the information.

    Peace,
    HT
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  10. #10
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,178
    Hmmmm,

    It is really a question of degrees, is it not?.................... after all, you can safely assume that 80% or more of computers on the net are running some flavour of Windows, and that this will be 98SE or later.

    You don't want me to remotely know what operating system your running
    Windows 2000 Pro SP4, fully patched as of August 2006

    Does that help you?................not really

    What would potentially be of use would be what services and applications I am running?

    However, I still maintain that the majority of attacks these days are of a robotic nature, at least at their inception. Consequently, information on my OS is irrelevant, as it is never gathered. The bot only wants to know if the exploit works......................it really does not care why
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides