There are still a TON of unprotected networks, default SSIDs and WEP networks out there. It appears that WPA(x) and WPS have been slower to be adopted than I had expected. I don’t know if that is consumer apathy, ignorance or just a continued use of legacy hardware before the ease of push button WPS. Either way, it was quickly clear that we still have a long way to go to deprive criminals of consumer-based wireless network access.
This device presents a telnet prompt on the standard port (23/tcp). This instance of telnet allows local users to login without authenticating. This gives the user access to the file system where they are able to manipulate files or grab the administrator password for the web interface. A fix is in development.
First, a couple of new tools are available specifically geared at cracking Oracle 11g password hashes. These are specifically aimed at attacking the newest features that 11g introduces to better protect the passwords. They also have some short cuts for those folks still making the old style DES passwords available (likely for backwards compatibility with older apps or uses). Essentially, these new mechanisms are slower than old hash attacks, but are still effective. In today’s world of computational power and bot-net distributed password cracking capability, it is pretty darn safe to assume that if the attacker can get the hash – they can get the password.
Another issue that is likely to be an annoyance for some folks is that a new remote Denial of Service attack has been identified in Ubuntu 6.06 DHCP server. While the attacker can’t really gain access to the system using it, they can replace the dead DHCP server with their own, which could include malicious entries and other annoyances. This DHCP server is popular in many cyber cafes I have visited – particularly outside of the US. Just another reminder that you have to pay attention to network connectivity. It might seem like ubiquitous wireless access is a boon, but without the capability to trust the network you use, you have little reason to trust the content you receive! — Just a reminder!