[ISN] 'We have your water supply, and printers' - Brumcon report

From: InfoSec News (isn@private)
Date: Tue Oct 21 2003 - 03:11:17 PDT

  • Next message: InfoSec News: "[ISN] Linux Security Week - October 20th 2003"

    http://www.theregister.co.uk/content/6/33479.html
    
    By Our special correspondent
    Posted: 20/10/2003 
    
    Brumcon this year was held at the Brittania hotel in Birmingham, the
    agenda was as varied as one can expect when h4xors, Phreeks, geeks and
    assorted wannabes get together to discuss the interweb thing and how
    abusing computers is more phun than abusing yourself, writes Arthur
    Barnes.
    
    The whole thing kicked off with a demonstration of phone tapping,
    there was of course a lab set up at the Brittania so no animals were
    harmed during the course of the film and no laws were broken. The
    demonstration included a variety of tips, hints and tricks for the
    amateur interceptor.
    
    After a beer break, we gathered together to discuss the merits of
    various encrypted file systems under Linux. The consensus reached was
    that the free stuff was difficult to use and we should all go down the
    Stego route if we were going to keep "the man" away from our porn,
    mp3s and tools.
    
    Things started to get a little more interesting when semi sober we
    reconvened to investigate the security surrounding the UKs water
    management system. The talk was titled "how safe is a glass of water?"  
    It was a detailed breakdown of the RF systems that are used by water
    management authorities in the UK and how these systems can be abused,
    interfered with and generally messed.
    
    The live demonstration included how to monitor the un-encrypted water
    management systems and create a denial of service attack. It was also
    made clear that additional communication channels using dial up
    connections would kick in automatically in the event of such an
    attack.
    
    Moving on Alex Delarge gave an amusing and informative presentation
    around more traditional h4xor themes. This included the unveiling of a
    tool that if released out to the wider community would cause hilarity
    and consternation in equal amounts ? more on that later.
    
    The first component of Al's discussion focused on Cisco's access
    control system and offered those present a detailed "how to" on
    defeating this product. The methodology outlined used a privilege
    escalation on the current version, but the older version of Cisco's
    product used a simple obvious compromise that showed a remarkable lack
    of consideration for security by the global leader in networking tin.
    
    We moved on to a demonstration of HP printer security (or lack
    thereof). There are of course already tools in the public domain that
    take advantage of known vulns in the PJL implementation but Al has
    written a tool that takes these already understood issues to the next
    level. The tool allows a user to lock users out of the printer's
    console and set the default number of prints to 999 ? so far so dull,
    but unlike other tools that enable an unscrupulous user to perform
    this action on a printer by printer basis, this innovation allows the
    hacker to take control of all the printers in an organisation at once.
    
    Al then moved on to the eeyes secure IIS product; the content of this
    session is largely unrepeatable due the libel laws and limitations on
    the use of profanity, but to sum up, "Secure IIS is not a significant
    barrier to the activities of those individuals with an enquiring mind
    and the skill to investigate the content of a webserver"
    
    Al then interviewed a member of the London 2600 on recent legal
    difficulties; this led to a free flowing discussion on the CMU and its
    validity as a piece of legislation.
    
    Dr K then gave an informative talk entitled "Fuck computers lets
    hack", which was an analysis of the methods utilised by hackers, and
    how these methods might be employed in a non-technological environment
    (politics, religion and science).
    
    In summary a pretty good con, some of the stuff I haven?t covered
    includes the panel at the end of the day and the great giveaways.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomo@private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Tue Oct 21 2003 - 10:43:35 PDT