Unpatched Flaw in Internet Explorer Allows Remote Code Execution

Just hours after Microsoft announced yet-another flaw in Internet Explorer we receive word of that flaw being detected in the wild by McAffee. Just as quickly, we receive word that it has already been integrated into the MetaSploit framework, so admins using MetaSploit for IDS signatures can at least defend their networks.

To avoid this problem, Microsoft’s [...]

March 11th, 2010 | Tags: , , | Category: Security & Privacy | One comment

Question Convention: VLAN 1 Vulnerability to VLAN Hopping

Packet Life has a great reminder why we shouldn’t automatically accept “conventional wisdom” and “best practices” in our work, using the long-held conventional nugget that VLAN 1 and user traffic don’t mix because it leaves the network vulnerable to VLAN hopping attacks as a prime example.

Specifically, network engineers have been preaching for years that allowing user [...]

March 2nd, 2010 | Tags: , , | Category: Networking | One comment