Short for Remote Authentication Dial-In User Service, RADIUS harkens back to the days of dial-in Internet and network access through public switched telephone networks. It has remained the de facto standard for lightweight authentication ever since and is supported in virtually all switches, routers, access points, and VPN concentrators shipped in the past two decades.
Source: New Blast-RADIUS attack breaks 30-year-old protocol used in networks everywhere | Ars Technica
A registry could abuse these powers to do significant harm to the global NGO sector, intentionally or not. We cannot afford to put them into the hands of a private equity firm that has not earned the trust of the NGO community. .ORG must be managed by a leader that puts the needs of NGOs over profits.
Source: Save .ORG | SaveDotOrg.org
Colosseum may look like a data center, but in reality, it’s a massive radio-frequency emulation testbed that DARPA built for its Spectrum Collaboration Challenge (SC2). SC2 has been a three-year competition to demonstrate the validity of using artificial intelligences to work together in order to use wireless spectrum more efficiently than operating on pre-allocated bands would be.
Widespread adoption of DoH would limit ISPs’ ability to both monitor and modify customer queries. It wouldn’t necessarily eliminate this ability, since ISPs could still use these techniques for customers who use the ISP’s own DNS servers. But if customers switched to third-party DNS servers—either from Google or one of its various competitors—then ISPs would no longer have an easy way to tell which sites customers were accessing.
Source: Why big ISPs aren’t happy about Google’s plans for encrypted DNS | Ars Technica
The switching module sent these malformed packets “as network management instructions to a line module,” and the packets “were delivered to all connected nodes,” the FCC said. Each node that received the packet then “retransmitted the packet to all its connected nodes.”
Source: How malformed packets caused CenturyLink’s 37-hour, nationwide outage | Ars Technica
But the outage continued because “the malformed packets continued to replicate and transit the network, generating more packets as they echoed from node to node,” the FCC wrote. Just after midnight, at least 20 hours after the problem began, CenturyLink engineers “began instructing nodes to no longer acknowledge the malformed packets.” They also “disabled the proprietary management channel, preventing it from further transmitting the malformed packets.”
Initially, the mesh network was powered by a single “Supernode” antenna and hardware array located at 375 Pearl Street in Manhattan. This gigabit fiber-fed antenna connects 300 buildings, where members have mounted routers on a rooftop or near a window. These local “nodes” in turn connect to an internet exchange point—without the need for a traditional ISP.
Source: A DIY Internet Network Has Drastically Expanded Its Coverage in NYC – VICE
This also means Silex will trash Linux servers if they have Telnet ports open and if they’re secured with poor or widely-used credentials.
Source: New Silex malware is bricking IoT devices, has scary plans | ZDNet
Ruh roh!
With CVE-2019-11477, a string of TCP SACK responses will cause the Linux kernel to unexpectedly hit an internal data structure limit, triggering a fatal panic. The others affecting Linux will force the system to consume resources, thus slowing it down, as Red Hat explained in its technical summary today.
A Twitter bot named BGP4-Table, which has also been tracking the size of the global BGP routing table in anticipation of 768K Day, puts the actual size of the file at 767,392, just a hair away from overflowing.
Source: Some internet outages predicted for the coming month as ‘768k Day’ approaches | ZDNet
That’s why this bug is so cool and provides an opportunity to exploit devices literally with zero-click interaction at any state of wireless connection (even when a device isn’t connected to any network). For example, one can do RCE in just powered-on Samsung Chromebook. So just to summarize:
- It doesn’t require any user interaction.
- It can be triggered every 5 minutes in case of GNU/Linux operating system.
- It doesn’t require the knowledge of a Wi-Fi network name or passphrase/key.
- It can be triggered even when a device isn’t connected to any Wi-Fi network, just powered on.
In this research, I used ALFA networks wireless adapter in the monitor mode, which is based on Realtek 8187 wireless chipset. The exploit can be implemented with python Scapy framework. For some reason, Ubuntu GNU/Linux distrubution isn’t good enough to inject Wi-Fi frames fast, so it is better to use Kali.