<<< Date Index >>>     <<< Thread Index >>>

Re: Privacy leak in VeriSign's SiteFinder service #2



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, 24 Sep 2003, der Mouse wrote:

> > Bad, verisign.  Very bad.
>
> Well, yes, but we knew _that_ from the day the wildcard went in.

        The concerns expressed thus far are just the canonical tip of the
iceberg, considering the services running on sitefinder-idn.verisign.com.

        PORT    STATE    SERVICE
        23/tcp  filtered telnet
        25/tcp  open     smtp
        79/tcp  filtered finger
        80/tcp  open     http
        161/tcp filtered snmp
        162/tcp filtered snmptrap
        514/tcp filtered shell

        Imagine how much fun one could have if, say, port 23 was suddenly
unfiltered; or if port 22 were opened; or if Verisign got really tricky
and opened up port 443 with a specially-crafted "wildcard" SSL certificate
implementation (maybe a stretch...but Verisign *is* a CA, no?).

        The system as it presently functions is already ripe for abuse.
There is no question of that.  But imagine the quantity and quality of
abuse that will occur when (not if) the system residing on 64.94.110.11
gets 0wn3d by someone who answers to no-one.

        I think now would be a good time to null route all traffic to and
from 64.94.110.0/24 until Verisign grows a conscience and terminates this
abomination.

- -Jay

   (    (                                                        _______
   ))   ))   .-"There's always time for a good cup of coffee"-.   >====<--.
 C|~~|C|~~| (>----- Jay D. Dyson -- jdyson@xxxxxxxxxxxxx -----<) |    = |-'
  `--' `--'  `- Life is hard.  Even harder if you're stupid. -'  `------'

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (TreacherOS)
Comment: See http://www.treachery.net/~jdyson/ for current keys.

iD8DBQE/cgV7Nlg1oZSC9mkRAitrAJsGajN4leAI350REufRCA7AgvI2jwCeIo9y
wpYr5kYx7nRhngA0+YVU2pU=
=/Qvq
-----END PGP SIGNATURE-----