Posted on 01/04/2016 6:12:59 PM PST by Utilizer
Californian tech giant Cisco has released an advisory statement explaining that its chat client Jabbar is currently vulnerable to a man-in-the-middle attack.
Found in the Windows client of Jabbar, the vulnerability could allow an unauthenticated, remote attacker to perform a STARTTLS downgrade attack.
Discovered by Renaud Dubourguais and Sébastien Dudek from Synacktiv, a French cyber-security firm, versions affected include the 10.6.x, 11.0.x, and 11.1.x releases.
Currently the client does not verify that the Extensible Messaging and Presence Protocol (XMPP) connection has been established with Transport Layer Security (TLS).
XMPP enables the near-real-time exchange of structured yet extensible data between any two or more network entities.
(Excerpt) Read more at scmagazine.com ...
I have a feeling Utilizer is getting ready to ping me so I'll thank him in advance!
Oops, “Jabbar” not “Jabber”...
*grin* Welcome, mate!
You are REALLY stressing the old memory sticks on that one, mate. *smile*
I highly doubt that anyone under 40 will remember the Cisco Kid and Pancho, let alone ‘The Caballero’s Way’.
I remember. 40 was a long time ago for me :)
Snooze. Any important, sensitive or proprietary WAN chatting is done using IP bulk encryption or similar. This should not affect government and business networks except for the foolish ones conducting their internal operations via the internet -lol. And when was the last time an organization used Cisco’s built-in TLS encryption? Heh, maybe Cisco.
Geez, nope. I was right the first time. Cisco says so.
SC Magazine misspelled it as well, it would appear.
I’m feeling quite fortunate that this was posted... Last week, after my employer having fired our security administrator about 8 months ago, I (a network admin) was tasked with running a penetration test and security audit of our network.
Although I take network security quite seriously, and do my best to work within “best practices,” when presented with this new addition to my job, I realized that I didn’t have a clue as to where to start.
Luckily, we do have a license for Nessus to do a scan on our public IP addresses, but now that I’ve got some results, I’m not really sure what to do next. I can see that my job is going to be expanded to include quarterly security scans, but I don’t really know what I’m doing, and I REALLY don’t know how to interpret the results!
Can anyone on this list point me towards some good books or tutorials on learning to do penetration tests, and how to interpret the results? For instance, knowing when something is really a risk, versus not so much. Nessus seems to do a good job of this, however, the reporting capabilities are limited in our version (Nessus Professional.) Actually hiring a “real” security administrator, or getting me some real training, both seem to be out of the question.
I did pick up a book on nmap, but that’s even harder to interpret than Nessus in the few simple scans I’ve performed, and it was incredibly slow.
Thanks in advance!
Mark
I believe distrowatch.org has several bootable discs that help you with penetration testing, security, firewalls, and recovery utilities -not necessarily on the same disc. You might try downloading and burning one to try out on a sample machine or network and refer to the ReadMe/Help documentation to learn as you go along.
Also, I believe ShadowAce is one of the noted voices here on FR that seems to have a good grasp of Linux so you might try posting to him to see if he has any ideas.
Good Luck.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.