´ë·«°ú ´º½º ´ç½ÅÀÇ Á¦ÀÏ Á¤º¸ Ãâó ±â°è¼³ºñ, BIOS ±×¸®°í ¼ÒÇÁÆ®¿þ¾î ÀÎÅͳݿ¡

ºñ½ºÅ¸ ±â»ç Á¤»ó 50 ºñ½ºÅ¸ ¿µ»ó ¿¬¾àÇÑ ºñ½ºÅ¸ ºñ½ºÅ¸ µµ¿ò

´ëº»À» ¾²±â

´ç½ÅÀº ÇöÀç ±â»ç¸¦¿¡¼­ ã¾Æº¸°í ÀÖ´Ù MS Windows ºñ½ºÅ¸ ȣȯ¼º ¼ÒÇÁÆ®¿þ¾î Á¾·ù ÀÏÄ¡ ´ëº»À» ¾²±â.

½ºÅ¸Æ®¾÷ ½ºÅ©¸³Æ®¸¦ »ç¿ëÇÏ´Â GPP CSEs¸¦ ¼³Ä¡ÇÏ´Â ¹æ¹ý

´ç½ÅÀº ÀÖÀ» ¶§ ±×·ì Á¤Ã¥ ƯÇý (GPP) Ŭ¶óÀ̾ðÆ®Ãø ¿¬Àå (CSE) ±×µéÀÌ¿¡ (¾ÆÁ÷) ´Ù´Â °ÍÀ» ´ç½ÅÀ̶ó°í ´Ù¿î·ÎµåÇÏ´Â ÁÖÀÇÇÒ °ÍÀÌ´Ù .MSI üÀç - ÀÌ·¸°Ô¸¦ »ç¿ëÇÏ´Â ±×·ì Á¤Ã¥ ¼ÒÇÁÆ®¿þ¾î ¼³Ä¡ (GPSI) °¡´ÉÇÏÁö ¾Ê´Ù. ºÎ¶ûÀÚ, ±Ç¸®!?

¿ì¸®´Â ÀÖ´Ù .EXE Windows XP /2003¸¦ À§ÇÑ ÆÄÀÏ .MSU â ºñ½ºÅ¸¸¦ À§ÇÑ ÆÄÀÏ¡¦ ±×·¯³ª Àú°ÍÀº ¿ì¸®°¡ ´ë·« »ý°¢ÇÒ ÇÊ¿ä°¡ ÀÖ´Â À¯ÀÏÇÑ °ÍÀÌ ¾Æ´Ï´Ù. ¿ì¸®°¡ OS¸¦ ¾Ë ÇÊ¿ä°¡ ÀÖ´Â ³×Æ®¿öÅ©¿¡ Ŭ¶óÀ̾ðÆ®¿¡°Ô "Àü¿¡" ÀÌ °ÍÀ» ¹èÄ¡Çϱ⠹öÀü (XP/2003/Vista), OS °ÇÃà¼ú (32 64 Á¶±Ý) ¼­ºñ½º ÆÑ ¼öÁØ¹× ±×·ì Á¤Ã¥ ƯÇý ÀüÁ¦Á¶°Ç (WmlLite - http://support.microsoft.com/kb/914783/en-us) ¼³Ä¡µÈ´Ù.

ÀÌ ¸Å¿ì ½¬¿î ÀüºÎ ³ª´Â ½ÃÅ°±â À§ÇÏ¿©´Â âÁ¶Çß´Ù "¹ÎÁÖ´ç¿ø"¸¦ ¿øº» ½ºÅ¸Æ®¾÷ ½ºÅ©¸³Æ®¸¦ »ç¿ëÇÏ¿© GPP CSEs ¹èÄ¡¸¦ À§ÇØ - ¶Ç´Â ¼öµ¿ ¹ß»ç (admin ¹®¸Æ¿¡¼­). ³ªÀÇ ÁÁÀº Ä£±¸ Jeremy Moskowitz ÀÌ°ÍÀ» ÇÏ´Â Àú¸¦ ¿ä±¸ÇØ - ÀÌ·¸°Ô, ³ªÁß¿¡ 2 ½Ã°£ "¹ÎÁÖ´ç¿ø" - ¶Ç´Â"beta"- ¿øº»Àº °øÁß ÀÌ´Ù (¾Æ·¡¿¡ ´Ù¿î·Îµå)¡¦

ÁÖ: ³ª´Â ¸ðµç ´ëº» ¾ÆÁ÷ ½ÃÇèÇÒ ¼ö ÀÖÁö ¾Ê´Ù, ¾Æ´Ï¶ó °è¼Ó I¿¡¼­ *»ý°¢ÇϽʽÿÀ* ±×µéÀº ÀüºÎ Áö±ÝÂëÀº ÀÌ¹Ì ¸Å¿ì Àß µ¤´Â´Ù. º¸°í µÚ ´ç½ÅÀÌ ¾Æ¹« ¹®Á¦³ª - ¹«¾ùÀ̵ç ã¾Æ³»´Â °æ¿ì¿¡´Â ÀÇ°ß È¯¿µ¹Þ´Ù!

...
´©¸£½Ê½Ã¿À "Àд °è¼ÓµÇ À§ÇÏ¿© ½ºÅ¸Æ®¾÷ ½ºÅ©¸³Æ®¸¦ »ç¿ëÇÏ¿© GPP CSEs¸¦" ¼³Ä¡ÇÏ´Â ¹æ¹ý

Jakob H.¿¡ ÀÇÇØ ¾²´Â. À§¿¡ ÇÏÀ̵¨º£¸£Å© 2008³â 2¿ù 29 ÄÚ¸àÆ® ¾øÀ½.
±â»ç¸¦ ´õ À§¿¡ ÀÐÀ¸½Ê½Ã¿À ±×·ì Á¤Ã¥ ¿¬Àå ±×¸®°í gp ƯÇý ±×¸®°í ±×·ì Á¤Ã¥ ƯÇý ±×¸®°í otherSoftware ±×¸®°í Ŭ¶óÀ̾ðÆ®Ãø ¿¬Àå ±×¸®°í Jeremy Moskowitz ±×¸®°í ´ëº»À» ¾²±â ±×¸®°í ¸¶ÀÌÅ©·Î¼ÒÇÁÆ® ±×¸®°í Windows XP ±×¸®°í ´Ù¿î·Îµå ±×¸®°í â ¼­¹ö 2003³â ±×¸®°í ±×·ì Á¤Ã¥ ±×¸®°í â ºñ½ºÅ¸.

ISA 2004/2006¸¦ °¡Áø ¹ÙÀ§»ê Á¢±Ù Á¦ÇÑ

´ç½ÅÀÌ "¾çÆÄ ¸µ"·Î º¸´Â °æ¿ì¿¡, ¶Ç´Â ´Ù¸¸"¹ÙÀ§»ê", ´ç½ÅÀº ¾Æ¸¶ À̵鿡¼­ Á¢±ÙÀ» ¸·´Â °ÍÀÌ ÃѸíÇß´øÁö »ý°¢ÇØ º¸¾Ò´Ù ÀÍ¸í ¼­¹ö (¶Ç´Â ¾î¼¸é ´Ù¸¸ Ãⱸ ¸¶µð). I am not gonna talk about how the encrypted Tor network works, as a great deal of info can be found "out there". Main source should be: www.torproject.org - and perhaps WikiPedia.

As a security guy (or ISA administrator maybe), you ask yourself "why do these people want to be anonymous"? In this case "anonymous" means that "they" don¡¯t want targets on the Internet to see the originating IP address (the source). A "target" is typically a web site or some other web service.

The answer? Well, first you gotta ask yourself: "who are they"? And there¡¯s really no good answer to that question I guess - who really knows? All we can do is guess, so let me turn these questions around: if I were to try out a hack, or some new exploit, would I do it directly over my personal WAN IP? Or would I try to "hide" my originating IP? If you look at it in that

¡¦

Click to continue reading "Limiting Tor access with ISA 2004/2006"

Written by Jakob H. Heidelberg on January 30th, 2008 with no comments.
Read more articles on exploit and otherSoftware and scripting and script and Microsoft and Hacking and Security.

Windows Script 5.7 released!

Microsoft just gave us an updated version of the Windows Script engine that we all love so much¡¦ This version brings very few additions, but great many fixes.

From release notes:
This release of Windows Script brings the improvements in scripting made during the Vista development cycle to downlevel platforms. During any release cycle we test with increasingly effective analysis tools designed to expose stability problems, memory leaks, and potential security weaknesses in code. The results from this testing comprise the vast majority of changes. Of course, we also include all the current security updates. This is the fastest, most robust, and secure release of Windows Script available.

Why Version 5.7?
The primary reason for changing the version number from 5.6 to 5.7 is to simplify servicing and support by synchronizing the versioning to a consistent scheme based on Vista build number. The minor version increase does not indicate significant new features. The scripting feature set is substantially the same as 5.6, with only minor additions.

What•âs New
In addition to the general improvements noted above, the following are some of the notable changes in this release.

JScript
• This package includes the improved garbage collector (GC) shipped

¡¦

Click to continue reading "Windows Script 5.7 released!"

Written by Jakob H. Heidelberg on September 2nd, 2007 with no comments.
Read more articles on scripting and script and Download and Windows.