R-fx Networks
Linux Software & Blog
I am Back: Signature Updates
Jun 24th
I am back, fresh off a trip home to Montreal, which I must say was an absolutely amazing time. It has left me reflecting on allot of things, most importantly that there really is no place like home — I miss Montreal more than I can even describe. That said though, time to get back into the mix of things — there is a mountain of malware submissions to review, 91 to be exact. Today I really could not find the energy or time to go through them all but I did process the edge IPS data to extract some More >
Facebook Inbox Message Disclosure Vulnerability
Jun 23rd
Title: Facebook Inbox Message Disclosure Vulnerability Published: June 24th 2010 Credit: Ryan MacDonald Severity: Information/Privacy Disclosure Vulnerable: Facebook Messaging System BigPipe Performance Pipelining Summary: A vulnerability exists in facebooks messaging system that allows an attacker to view the addressed users, subject and inbox preview text (120 characters) of message contents for recently sent/received messages (last 6) on a users account. Technical Details: BigPipe Pipeling java script code embedded into the source code of ALL PAGES under the “messages” section on facebook, preloads message data that can be arbitrarily read through malicious client side java script or other client side objects. The offending java script specifically is the More >
rfxn.com In Numbers
May 27th
Yup, nothing to see here except numbers…
2,018: Downloads of the newest project, Linux Malware Detect, month to date. 2,294: Signatures for Linux Malware Detect. 6,207: Downloads for all projects for the month to date. 14,176: Google results with link backs to rfxn.com or related domains (i.e: r-fx.org, rfxn.org etc..). 30,061: Active APF installations relative to unique IP’s fetching the reserved.networks file daily. 70,826: Project downloads for the last 12 months, May 2009 – April 2010. 133,931: Total visitor session to rfxn.com, month to date. 258,154: The number of web sites protected by APF (passed unique install IP’s to domainsbyip.com). 1,231,604: Total hits to rfxn.com, month to date.
More >Linux Malware Detect v1.3.6: Loose Ends
May 24th
In LMD 1.3.3 there was allot of changes, 29 to be exact, that made LMD much more robust and especially the monitoring component, much more usable. If that release was about making good things better, then this release is about bringing loose ends together. I spent a couple of days running LMD through its paces along with having many people help me test it and during that process, we brought allot of little things to the surface that needed fixing or revising.
In total, there has been 31 changes, fixes or new additions to LMD since that 1.3.3 release on the More >
Let The Rewrites Begin: New Life For PRM
May 24th
In my last post, I reflected on the last 7-8 years of projects here at rfxn.com, in doing so I also dug up some statistics on project downloads. I not only did this for my own curiosity but to prioritize the mile long to do list I have for the projects, based on downloads. One of the revealing things was just exactly what people are downloading, in particular that projects like LES , PRM & SIM are still very popular download destinations on the site.
Although a new incarnation of APF & BFD are on the agenda, I thought I would More >
