Thursday, July 30, 2009
The device that posed the highest number of threats was NAS, or network-attached storage, units, which were susceptible to all five attack classes considered in the study.
For instance, attackers can sabotage NAS units made by one vendor (The Register agreed not to name any specific manufacturers or models in this article) by doing nothing more than entering javascript commands when trying to log in to the device. From then on, the device will execute XSS, or cross-site scripting, attacks against network admins each time they view a device log that stores the wayward login
attempts.
Similarly, attackers can manipulate SMB, or server message block, commands, to rename files on a NAS device so they contain malicious javascript. The Stanford team has dubbed such exploits cross-channel scripting attacks because they use a non-web-based channel such as the file transfer protocol to store arbitrary scripts that, when viewed in a web browser, can expose the admin to serious threats. Four of the five NAS manufacturers studied in the report were vulnerable to them.
YOU MAY HAVE TO COPY AND PASTE THE LINK SHOWN INTO YOUR BROWSER TO FOLLOW THE LINKS. SOMETHING IS HINKY, LATELY. TRY A RIGHT CLICK ON THE TINY BLUE TEXT..AND open in a new tab FROM THE DROP DOWN MENU.
SEQUIMTECH BLOG - a.k.a. STB
On line since JUNE of 2006.
USE SEARCH TOOL In top of column on the LEFT.
Thursday, July 30, 2009
Blog Archive
-
▼
2009
(1515)
-
▼
July
(185)
- Official Gmail Blog: Send mail from another addres...
- HP debuts 2709m 27-inch 16:9 display
- 3 Sites To Help You Identify Unknown Drugs
- WatchKnow.org
- Change the registered owner of Windows XP the easy...
- Nero - Free Version
- MeeSoft
- BBC NEWS | Technology | 'Rosetta stone' offers dig...
- NAS security susceptibility
- Web Design Checklist
- Network Attached Storage units let PCs share data ...
- Create The Fanciest Dropdown Menu You Ever Saw | W...
- "What is a Whacker or Wannabe?" on Policeposers.com
- How to Create an HDR Image
- Getting Around Internet Blockage
- RFA Home
- Documentary Heaven :: Food For Your Brain
- Grazr - Publish Widgets
- turn Windows Firewall on or off
- Raster to Vector - Free software downloads and rev...
- The Hidden Risks of Cloud Computing - Security - L...
- Oversized Wall Prints, Decals & Posters - LTLprint...
- Welcome to AddATweet!
- Firefox
- Home | Moses Znaimer's ideaCity09: Ideas Change th...
- Big Think — Get to know — Experts and Ideas
- Gel conference: exploring good experience
- Home | Business Innovation Factory
- Pop!Tech - Accelerating the positive impact of wor...
- Guzzle.it - Latest news about stuff you care
- AfterDawn.com: Guides: How to convert AVI files (D...
- Israeli Start-Up Creates Turbine-Powered Hybrid Fr...
- U.S. Raises Security Requirements for ‘Smart Grid...
- A Beginner’s FTP Command Tutorial For Ascii or Bin...
- China drives electric bike, scooter boom - World e...
- Why no one is allergic to Wifi - Telegraph Blogs
- 4 Ways to Edit the Read-only PDF files - UGN
- Insider Smasher smashes problems for DTP - UGN
- PhotoSnack | Photo slideshows
- The animated guide to Building a PC. Learn to buil...
- The Future of Real-Time Torrent Search – Qtorrents
- Free Printable Business Cards - Free Business Cards
- TreeSheets Free Form Data Organization
- Free backup tool
- Free file archiving tool
- Mourning the Death of Handwriting - TIME
- Custom Clothing, Design Your Own Clothes Online wi...
- If It's Hip, It's Here: Typeface by Toyota. The iQ...
- Currie Technologies Hybrid Electric Bicycles | Izi...
- Galleries - 50 Epic Super Nerd Photos - 50 Epic Su...
- Create DVDs Out of AVI or Other Media Files
- Open Library (Open Library)
- Dotted Background Generator
- In the Future, the Cost of Education will be Zero
- Tweeting from the Web? Nine Alternative Web Clients
- Memory upgrades from Crucial.com - How much memory...
- Total Defrag 2009 Special Edition [Now Free for Ho...
- Download SpeedFan - Access temperature sensor in y...
- BookFinder.com: Search for New & Used Books, Textb...
- RoohIt: Instant Web Highlighter. Highlight any par...
- Grazr - Publish Widgets
- SEQUIM final destination t shirts
- Twitter Applications 101, a review of tweet apps b...
- Twitter / Search Widget
- Windows 7 HAX
- To Lower Property Taxes, Property Owners Appeal To...
- How Teens Consume MEDIA
- 6 Winning Ways to Work Wide
- EtherPad: Realtime Collaborative Text Editing
- Google Wave: 'Like Real-Time E-Mail. On Crack.' | ...
- RSS to PDF Newspaper | fivefilters.org
- Gmail Offers to Automatically Unsubscribe You from...
- How to Troubleshoot a Flaky Internet Connection - ...
- Video: Kevin Spacey tries to explain Twitter to Da...
- YouTube - The Machine is (Changing) Us: YouTube an...
- Fujifilm Announces Six New Cameras for Fall - wash...
- LinuxLive USB Creator | Get LinuxLive USB Creator ...
- Plagiarism Checker
- Check for Plagiarism On the Web For Free - Plagiar...
- Do You Have These 11 Traits of Highly Creative Peo...
- HOW TO: Start a Petition on Twitter
- Libraries of the Future documentary released : JISC
- Free Alternatives to Photoshop With All the Bells,...
- Disturbingly Real Replicants from Hanson Robotics ...
- Mozilla Firefox Safe Mode
- LangId - Identify any Language from Text
- Flash Drives - info
- Drive Manager
- File upload and storage system for large files
- Paparazzi! makes screenshots of webpages
- Amazon.com Widgets - Create Quick Linker Widget
- Who Needs The Amazon Kindle When You Have A Netbook?
- Google FeedBurner
- YouCube by Aaron Meyers
- 10 Youtube URL Tricks You Should Know About
- TubeChop - Chop YouTube Videos
- Create Ringtone Online, Convert YouTube To Mp3, Fr...
- ListenToYouTube.com: Youtube to MP3, get mp3 from ...
- Book Publishers - Book Publishing
- Boost Your Wireless Router Signal
-
▼
July
(185)