Home Tags PXE

Tag: PXE

RHBA-2016:1660-1: grub2 bug fix update

Updated grub2 packages that fix one bug are now available for Red Hat EnterpriseLinux 7.1 Extended Update Support. The grub2 packages provide version 2 of the Grand Unified Bootloader (GRUB), ahighly configurable and customizable bootloader with modular architecture.

Thepackages support a variety of kernel formats, file systems, computerarchitectures, and hardware devices.This update fixes the following bug:* The Simple Network Protocol (SNP) was not handled correctly when it was usedwith the "exclusive" flag.

As a consequence, Pre-Boot Execution Environment(PXE) booting on certain Fujitsu Server PRIMEQUEST systems failed.

This updatefixes the handling of SNP on the affected PRIMEQUEST systems, and they now bootPXE as expected. (BZ#1274183)Users of grub2 are advised to upgrade to these updated packages, which fix thisbug. Before applying this update, make sure all previously released erratarelevant to your system have been applied.For details on how to apply this update, refer to:https://access.redhat.com/articles/11258Red Hat Enterprise Linux HPC Node EUS (v. 7.1) SRPMS: grub2-2.02-0.17.el7_1.6.src.rpm     MD5: 949fa824b04e031c834881394f9d6cd8SHA-256: 75b7df1f37ee41050e89157e85e6f0d3440a2cc7f876f21a2c02ce0de7bfacd1   x86_64: grub2-2.02-0.17.el7_1.6.x86_64.rpm     MD5: 5a83d685bbf5b2a9fee0bc905979b9b4SHA-256: 021befe45fee6269c3fc1cb6d865d74838524d1d04908a2ea00918c901dce165 grub2-debuginfo-2.02-0.17.el7_1.6.x86_64.rpm     MD5: 5f054c3b328ee190483dc810a77d01beSHA-256: 9740a2100dafc58c0df4a98d9761622a06a4676c8ccaaaa112546c14f643d601 grub2-efi-2.02-0.17.el7_1.6.x86_64.rpm     MD5: 69e5d5611ecf1473a8157b24f996ffcdSHA-256: 496e5f586cc76decdb1d6c4500e9138239e10217cefd49f2793a4bb352c1589b grub2-efi-modules-2.02-0.17.el7_1.6.x86_64.rpm     MD5: b228ebbe9deb0575820feabe0bb96af2SHA-256: 26ff51e7045148508729a2cdf02a5ea52e222a802279319f02108b4cb1e87567 grub2-tools-2.02-0.17.el7_1.6.x86_64.rpm     MD5: 7367f5fe005e76895c40d10aaa8f08aaSHA-256: 3a62eada070934ae8a096e2c08227a4650035121901148cba561b44a8056748a   Red Hat Enterprise Linux Server EUS (v. 7.1) SRPMS: grub2-2.02-0.17.ael7b_1.6.src.rpm     MD5: 44172bc03711b925885aa60d825a25c5SHA-256: d309619398ccea1339c34f1f3b346ba82ac657ca4abb345bf66d6dbd6d4fbb49 grub2-2.02-0.17.el7_1.6.src.rpm     MD5: 949fa824b04e031c834881394f9d6cd8SHA-256: 75b7df1f37ee41050e89157e85e6f0d3440a2cc7f876f21a2c02ce0de7bfacd1   PPC: grub2-2.02-0.17.el7_1.6.ppc64.rpm     MD5: a1e8f99f9eb7561d715d527b27ca711bSHA-256: 9b9016e9c095580d170abb30df13819f5bb4d12e54ad2a7ff9dd2bb2cde52a60 grub2-debuginfo-2.02-0.17.el7_1.6.ppc64.rpm     MD5: 7e21c91d884a02101a90e20b6be7ff1fSHA-256: 224c3ac89697bccc976f2f39a4f20fcebd3518b2a54ccade3e853d22a46655b8 grub2-tools-2.02-0.17.el7_1.6.ppc64.rpm     MD5: 20d40843e20058292fcdb7460d9ebb9aSHA-256: 8f675bd05c48b010a18912a23b01691d70d5831858ceb795345d44454cbe802a   PPC64LE: grub2-2.02-0.17.ael7b_1.6.ppc64le.rpm     MD5: 7b94bca6d45321ac0cef61c7bf507cadSHA-256: d3d6b7defd87491d2b23aa1966cc22e6e2f29e4eb451138268de1a649fab40f2 grub2-debuginfo-2.02-0.17.ael7b_1.6.ppc64le.rpm     MD5: fb0fd4cd29dff8752c8b53324b1e55a0SHA-256: d8e4918529a8676c5891f93b721018941a406350e3248ecb1e960493bedca47f grub2-tools-2.02-0.17.ael7b_1.6.ppc64le.rpm     MD5: 7b4d909492ae8404f96405c166140a32SHA-256: d931ec7f369cc5f8b7fe8be234590818615cb4ca90a2fb63d2d2b36262ef5b1f   x86_64: grub2-2.02-0.17.el7_1.6.x86_64.rpm     MD5: 5a83d685bbf5b2a9fee0bc905979b9b4SHA-256: 021befe45fee6269c3fc1cb6d865d74838524d1d04908a2ea00918c901dce165 grub2-debuginfo-2.02-0.17.el7_1.6.x86_64.rpm     MD5: 5f054c3b328ee190483dc810a77d01beSHA-256: 9740a2100dafc58c0df4a98d9761622a06a4676c8ccaaaa112546c14f643d601 grub2-efi-2.02-0.17.el7_1.6.x86_64.rpm     MD5: 69e5d5611ecf1473a8157b24f996ffcdSHA-256: 496e5f586cc76decdb1d6c4500e9138239e10217cefd49f2793a4bb352c1589b grub2-efi-modules-2.02-0.17.el7_1.6.x86_64.rpm     MD5: b228ebbe9deb0575820feabe0bb96af2SHA-256: 26ff51e7045148508729a2cdf02a5ea52e222a802279319f02108b4cb1e87567 grub2-tools-2.02-0.17.el7_1.6.x86_64.rpm     MD5: 7367f5fe005e76895c40d10aaa8f08aaSHA-256: 3a62eada070934ae8a096e2c08227a4650035121901148cba561b44a8056748a   (The unlinked packages above are only available from the Red Hat Network) These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:

BerlinSides …electrifying!

It was the last weekend of May and just like every year, hackers, forensic experts and pentesters met at the University Hall in Berlin for the BerlinSides conference. ‘A con from hacker for hacker’.

This years motto is ‘electrifying’ and the badges and shirts show the picture of Nikola Tesla. BerlinSides is the successor of the PH-Neutral conference held by FX, who once said he’s going to host his conference for ten years.

After that, Aluc stepped in and now runs the BerlinSides conference since 2010. Start was right after the PXE conference ends on Friday 27th of May and it lasts for four days.

As usual, the last day got labeled “OpSec 4 Nerds” and held in a Dojo.
It’s about “hand to hand combat” and optional to all attendees who have a good health insurance.

Today is the last day of the conference and the exercises in the Dojo are going on right now. The schedule of the conference can be found here: http://berlinsides.org/?page_id=1911 In contrast to the Chaos Computer Congress, this conference is by invitation only and just like in Las Vegas, what’s happening inside of BerlinSides stays inside. No journalists, cameras or any recording devices are allowed.
Speakers can go into details and give some unique insights in projects, incidents and new vulnerabilities. 0x100 people attended the conference this year and beside the talks I also enjoyed the networking, music and party.
I met people I haven’t seen for a while, some I never met before and we had some good discussions. Kaspersky Lab is the premium sponsor of this years’ conference and we are happy to see such great events and to support the community. My colleague Stefan Ortloff held the opening talk named “Cross-Platform Malware To Attack The Bitcoin-Sphere” and gave some insights in an ongoing investigation conducted by himself. (Host Aluc on the right, me on the left side) Due to the nature of this conference, there aren’t any further details I can add to this blog, but I’d like to thank Aluc for his commitment and I look forward attending next year again!

Trivial path for DDoS amplification attacks found by infosec bods

600,000 servers are vulnerable to this little-known protocol Security researchers have discovered a new vector for DDoS amplification attacks – and it's quite literally trivial. Improperly configured services such as DNS or Network Time Protocol (NTP) have been exploited to launch a string of DDoS attacks over the last couple of years. Researchers at Edinburgh Napier University have discovered that the TFTP protocol (Trivial File Transfer Protocol) might be abused in a similar way. Unlike DNS and NTP, TFTP has no business being exposed on internet-facing systems. Yet port scanning research indicated that there about 599,600 publicly open TFTP servers. That’s bad in itself but the situation gets worse: the researchers discovered that TFTP offers a higher amplification factor than other internet protocols. “The discovered vulnerability could allow hackers to use these publicly open servers to amplify their traffic, similarly to other DDoS amplification attacks like DNS amplification.
If all specific conditions are met this traffic can be applied up to 60 times the original amount,” researcher Boris Sieklik told El Reg. “I also studied effects of this attack on different TFTP software implementations and found that most implementations automatically retransmit the same message up to six times, which also contributes to the amplification.” TFTP protocol (Trivial File Transfer Protocol) is a simplified version of FTP (File Transfer Protocol).
It is generally used in internal networks and in environments where OS image transfers are required regularly.

For instance, Cisco uses TFTP to send OS images to the VoIP phones and they can also be used by all Cisco equipment to update firmware or to transfer files as part of schemes to provide centralised storage of these images.

The technology is also widely used during PXE booting of machines. Essentially, any file can be transferred by TFTP. Attackers could use this vulnerability to perform large amplification attacks to both external and internal targets, Sieklik warns.
Sieklik worked together with Richard Macfarlane and Prof. William Buchanan, both of Edinburgh Napier University, in putting together the research, which also looked at ways to mitigate potential attacks and possible countermeasures. DDoS reflection/amplification attacks in general allow an attacker to magnify the amount of traffic they can generate.
Sending a dodgy request with a forged return address in the name of an intended target can generate a response, much bigger in size than the original request, hence the amplification terminology. The trick ultimately relies on using misconfigured services at third-party sites in order to flood targeted websites with junk responses to forged web requests.
Improperly configured services such as DNS or Network Time Protocol (NTP) have been exploited to launch a string of DDoS attacks over the last couple of years, the most high profile of which battered Spamhaus and buffeted internet exchanges back in March 2013. Something along the same lines might be possible, at least in theory, when it comes to TFTP, the researchers warn.

The computer scientists are unable to point to specific examples of DDoS attacks based on TFTP. More details of the research were published in the March edition of publisher Elsevier’s Computers & Security journal (synopsis here). ® Sponsored: DevOps for Dummies 2nd edition

RHBA-2016:0284-1: Red Hat Enterprise Linux OpenStack Platform Installer update

Details Updated Red Hat Enterprise Linux OpenStack Platform Installer packages that fixseveral bugs are now available for Red Hat Enterprise Linux OpenStack Platform6.0. Red Hat Enterprise OpenStack Platform Installer is a deployment management tool.It provides a web user interface for managing the installation and configurationof remote systems.

Deployment of changes is performed using Puppet.Additionally, Dynamic Host Configuration Protocol (DHCP), Domain Name System(DNS), Preboot Execution Environment (PXE), and Trivial File Transfer Protocol(TFTP) services can be provided.

Controlling these services also enablesprovisioning of physical systems that do not yet have an operating systeminstalled.This update also addresses multiple bugs, which are documented in the Red HatEnterprise Linux OpenStack Platform Technical Notes, linked to in the Referencessection.All Red Hat Enterprise Linux OpenStack Platform Installer users are advised toupgrade to these updated packages, which correct these issues. Solution Before applying this update, ensure all previously released errata relevant toyour system have been applied.Red Hat Enterprise Linux OpenStack Platform 6 runs on Red Hat Enterprise Linux7.2.This update is available through 'yum update' on systems registered through RedHat Subscription Manager.

For more information about Red Hat SubscriptionManager, see:https://access.redhat.com/documentation/en-US/Red_Hat_Subscription_Management/1/html/RHSM/index.htmlRed Hat Enterprise Linux OpenStack Platform 6 documentation is available at:https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_PlatformThe Red Hat Enterprise Linux OpenStack Platform 6 Release Notes (see theReferences section) contain the following:* Technology Previews, Recommended Practices, and Known Issues.* The channels required for Red Hat Enterprise Linux OpenStack Platform 6,including which channels need to be enabled and disabled. Updated packages Red Hat OpenStack 6.0 Installer for RHEL 7 SRPMS: openstack-foreman-installer-3.0.27-1.el7ost.src.rpm     MD5: 128a80b71b78f7d7b911399c8ce9590fSHA-256: 8d560e641284f838a7a3cb1f8bf30a6b6fd2ebdf56cbbe724e8afff8538156d4 openstack-puppet-modules-2014.2.15-7.el7ost.src.rpm     MD5: 6719f7ddf695fcd8d406d5a1d6e346baSHA-256: ed848e6407a0d145fbf7e69cc467ea9671f40e7c0132651e4f392f768bd04d5e   x86_64: openstack-foreman-installer-3.0.27-1.el7ost.noarch.rpm     MD5: 124093565f3ffb25d73adf90db6c6de4SHA-256: d3032a230f57f2a46ea41bfb21d2af60a4aa2a2df0ffc29930893332b7c59248 openstack-puppet-modules-2014.2.15-7.el7ost.noarch.rpm     MD5: 3dcd46f10dc66c12957bcb6d93721339SHA-256: 139c07a3d31834431e5bc971286d672242991003400e9aace3f7fbfdc4b622ef   (The unlinked packages above are only available from the Red Hat Network) Bugs fixed (see bugzilla for more information) 1290684 - ha-all-in-one-util.erb script is broken, can't evaluate member through crm_node command1292555 - Quickstack pacemaker puppet modules for nova causing deployment failures with rhel-osp-installer References https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform/6/html/Release_Notes/index.htmlhttps://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform/6/html/Technical_Notes/index.html These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:https://www.redhat.com/security/team/key/#package The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/

RHBA-2014:0403-1: syslinux bug fix update

Updated syslinux packages that fix one bug are now available for Red HatEnterprise Linux 6. SYSLINUX is a suite of bootloaders, currently supporting DOS FATfile systems, Linux ext2 and ext3 file systems (EXTLINUX), PXE network boots(PXELINUX), or ISO 9660 CD-ROMs (ISOLINUX). It also includes a tool,MEMDISK, which loads legacy operating systems from these media.This update fixes the following bug:* Prior to this update, the pxelinux.0 file incorrectly used a BIOS interruptcall when booting up from a local hard drive through the Pre-Boot ExecutionEnvironment (PXE). As a consequence, the booting process became unresponsive.With this patch, the behavior of pxelinux.0 has been fixed and PXE booting nowfunctions as expected. (BZ#1084547)Users of syslinux are advised to upgrade to these updated packages, which fixthis bug. Red Hat Enterprise Linux Desktop (v. 6) SRPMS: syslinux-4.02-16.el6_5.src.rpm     MD5: 972f335fa0b710712c9e2e5e1c7c8dc9SHA-256: 1e247a2d67618d678d4f48e536251f37de8b1990939728ffdc5e881019b3bc9f   IA-32: syslinux-4.02-16.el6_5.i686.rpm     MD5: 62ab7e6e7d9edd509c182480db1a0e39SHA-256: 902b6b9e33c1d60b2a787b476986cbad779b8d3a77eeba34ba27a3e67335c0e9 syslinux-debuginfo-4.02-16.el6_5.i686.rpm     MD5: 3c1fff3a1c9ec2c92cbc98f8fbee793cSHA-256: 615757b5f56d183f9f97fd4644beb7f18b99804d0c75cc560482cc12bc6bbb4e syslinux-devel-4.02-16.el6_5.i686.rpm     MD5: 1f9dc880f5481675122fac6caf7fbf91SHA-256: dcd0c73330288306f4d798eea9e82be53aeeeb7e544d5f91d4d85c6c73fc0f9f syslinux-extlinux-4.02-16.el6_5.i686.rpm     MD5: fa5ddc2bf6bffa34af59a78d9a9a0dc8SHA-256: cc996fa6119235dc3945ec9844a05e6de7234abc7ba38f7432357b6a31a8ebb9 syslinux-extlinux-nonlinux-4.02-16.el6_5.i686.rpm     MD5: 380d20178a3254785949658ab93ebe0eSHA-256: 32becbbf60d931486b45a8500363baf6a0a948692840eeeca47b2b877f67c569 syslinux-nonlinux-4.02-16.el6_5.i686.rpm     MD5: b28b7b8cc1660267310818f1f2575bd3SHA-256: 78835eae606561175a1e963c522e22939831e58bc488c6470ec662dc64453104 syslinux-perl-4.02-16.el6_5.i686.rpm     MD5: d274e1de1b023c8a6e07e70a42ca2d6cSHA-256: 8f74ab48eab3cfd1b9fbf71e97d0d33385bdb82c0398ce32637f95e5667f9e32 syslinux-tftpboot-4.02-16.el6_5.i686.rpm     MD5: bcb9d35449a7415593d53f08b8ca0055SHA-256: fd2b1e8c14345fb02ff445beeeda380a66eadf199a8081e6ae185bb7fe0cb095   x86_64: syslinux-4.02-16.el6_5.x86_64.rpm     MD5: 15c8a00c409fac8615a91f69546998d4SHA-256: b19ee5a545c68f014cc60666c33da78a4adb38450c9cfc82e8fdab3c1b1e834a syslinux-debuginfo-4.02-16.el6_5.i686.rpm     MD5: 3c1fff3a1c9ec2c92cbc98f8fbee793cSHA-256: 615757b5f56d183f9f97fd4644beb7f18b99804d0c75cc560482cc12bc6bbb4e syslinux-debuginfo-4.02-16.el6_5.x86_64.rpm     MD5: 9606ecefdc865bd9137008c4bbb14e47SHA-256: 7196495eda6871e443e51445c06a8c28a05e71dfebaa1e41c0a133dff95ed1ae syslinux-devel-4.02-16.el6_5.i686.rpm     MD5: 1f9dc880f5481675122fac6caf7fbf91SHA-256: dcd0c73330288306f4d798eea9e82be53aeeeb7e544d5f91d4d85c6c73fc0f9f syslinux-devel-4.02-16.el6_5.x86_64.rpm     MD5: 2400ec2092db2d84eb9529c70009a698SHA-256: 2dc42213535e0e3d42375b6c5a163ed1cafdbcd5d6d958d9cb92462eccb197fe syslinux-extlinux-4.02-16.el6_5.x86_64.rpm     MD5: c151d6650fc4cefeabee4b59befc4813SHA-256: 8e44257c2b9475b1094e338aed23db4e6944714d07cee4e418b6442bb77f7000 syslinux-extlinux-nonlinux-4.02-16.el6_5.i686.rpm     MD5: 380d20178a3254785949658ab93ebe0eSHA-256: 32becbbf60d931486b45a8500363baf6a0a948692840eeeca47b2b877f67c569 syslinux-nonlinux-4.02-16.el6_5.i686.rpm     MD5: b28b7b8cc1660267310818f1f2575bd3SHA-256: 78835eae606561175a1e963c522e22939831e58bc488c6470ec662dc64453104 syslinux-perl-4.02-16.el6_5.x86_64.rpm     MD5: ced7f61f63a67ce8096f770a797285aeSHA-256: 066437b902cac7a3fab664f474d92d95a4532a8211ae3529956e19dd69898326 syslinux-tftpboot-4.02-16.el6_5.i686.rpm     MD5: bcb9d35449a7415593d53f08b8ca0055SHA-256: fd2b1e8c14345fb02ff445beeeda380a66eadf199a8081e6ae185bb7fe0cb095 syslinux-tftpboot-4.02-16.el6_5.x86_64.rpm     MD5: c08b9ac3de4634e25b94dd65d39f3d7eSHA-256: d3292be37f9d11c311f312d73ae6d9eac0ee4328eb81ec211017b8db4100a2fd   Red Hat Enterprise Linux HPC Node (v. 6) SRPMS: syslinux-4.02-16.el6_5.src.rpm     MD5: 972f335fa0b710712c9e2e5e1c7c8dc9SHA-256: 1e247a2d67618d678d4f48e536251f37de8b1990939728ffdc5e881019b3bc9f   x86_64: syslinux-4.02-16.el6_5.x86_64.rpm     MD5: 15c8a00c409fac8615a91f69546998d4SHA-256: b19ee5a545c68f014cc60666c33da78a4adb38450c9cfc82e8fdab3c1b1e834a syslinux-debuginfo-4.02-16.el6_5.i686.rpm     MD5: 3c1fff3a1c9ec2c92cbc98f8fbee793cSHA-256: 615757b5f56d183f9f97fd4644beb7f18b99804d0c75cc560482cc12bc6bbb4e syslinux-debuginfo-4.02-16.el6_5.x86_64.rpm     MD5: 9606ecefdc865bd9137008c4bbb14e47SHA-256: 7196495eda6871e443e51445c06a8c28a05e71dfebaa1e41c0a133dff95ed1ae syslinux-devel-4.02-16.el6_5.i686.rpm     MD5: 1f9dc880f5481675122fac6caf7fbf91SHA-256: dcd0c73330288306f4d798eea9e82be53aeeeb7e544d5f91d4d85c6c73fc0f9f syslinux-devel-4.02-16.el6_5.x86_64.rpm     MD5: 2400ec2092db2d84eb9529c70009a698SHA-256: 2dc42213535e0e3d42375b6c5a163ed1cafdbcd5d6d958d9cb92462eccb197fe syslinux-extlinux-4.02-16.el6_5.x86_64.rpm     MD5: c151d6650fc4cefeabee4b59befc4813SHA-256: 8e44257c2b9475b1094e338aed23db4e6944714d07cee4e418b6442bb77f7000 syslinux-extlinux-nonlinux-4.02-16.el6_5.i686.rpm     MD5: 380d20178a3254785949658ab93ebe0eSHA-256: 32becbbf60d931486b45a8500363baf6a0a948692840eeeca47b2b877f67c569 syslinux-nonlinux-4.02-16.el6_5.i686.rpm     MD5: b28b7b8cc1660267310818f1f2575bd3SHA-256: 78835eae606561175a1e963c522e22939831e58bc488c6470ec662dc64453104 syslinux-perl-4.02-16.el6_5.x86_64.rpm     MD5: ced7f61f63a67ce8096f770a797285aeSHA-256: 066437b902cac7a3fab664f474d92d95a4532a8211ae3529956e19dd69898326 syslinux-tftpboot-4.02-16.el6_5.i686.rpm     MD5: bcb9d35449a7415593d53f08b8ca0055SHA-256: fd2b1e8c14345fb02ff445beeeda380a66eadf199a8081e6ae185bb7fe0cb095 syslinux-tftpboot-4.02-16.el6_5.x86_64.rpm     MD5: c08b9ac3de4634e25b94dd65d39f3d7eSHA-256: d3292be37f9d11c311f312d73ae6d9eac0ee4328eb81ec211017b8db4100a2fd   Red Hat Enterprise Linux Server (v. 6) SRPMS: syslinux-4.02-16.el6_5.src.rpm     MD5: 972f335fa0b710712c9e2e5e1c7c8dc9SHA-256: 1e247a2d67618d678d4f48e536251f37de8b1990939728ffdc5e881019b3bc9f   IA-32: syslinux-4.02-16.el6_5.i686.rpm     MD5: 62ab7e6e7d9edd509c182480db1a0e39SHA-256: 902b6b9e33c1d60b2a787b476986cbad779b8d3a77eeba34ba27a3e67335c0e9 syslinux-debuginfo-4.02-16.el6_5.i686.rpm     MD5: 3c1fff3a1c9ec2c92cbc98f8fbee793cSHA-256: 615757b5f56d183f9f97fd4644beb7f18b99804d0c75cc560482cc12bc6bbb4e syslinux-devel-4.02-16.el6_5.i686.rpm     MD5: 1f9dc880f5481675122fac6caf7fbf91SHA-256: dcd0c73330288306f4d798eea9e82be53aeeeb7e544d5f91d4d85c6c73fc0f9f syslinux-extlinux-4.02-16.el6_5.i686.rpm     MD5: fa5ddc2bf6bffa34af59a78d9a9a0dc8SHA-256: cc996fa6119235dc3945ec9844a05e6de7234abc7ba38f7432357b6a31a8ebb9 syslinux-extlinux-nonlinux-4.02-16.el6_5.i686.rpm     MD5: 380d20178a3254785949658ab93ebe0eSHA-256: 32becbbf60d931486b45a8500363baf6a0a948692840eeeca47b2b877f67c569 syslinux-nonlinux-4.02-16.el6_5.i686.rpm     MD5: b28b7b8cc1660267310818f1f2575bd3SHA-256: 78835eae606561175a1e963c522e22939831e58bc488c6470ec662dc64453104 syslinux-perl-4.02-16.el6_5.i686.rpm     MD5: d274e1de1b023c8a6e07e70a42ca2d6cSHA-256: 8f74ab48eab3cfd1b9fbf71e97d0d33385bdb82c0398ce32637f95e5667f9e32 syslinux-tftpboot-4.02-16.el6_5.i686.rpm     MD5: bcb9d35449a7415593d53f08b8ca0055SHA-256: fd2b1e8c14345fb02ff445beeeda380a66eadf199a8081e6ae185bb7fe0cb095   x86_64: syslinux-4.02-16.el6_5.x86_64.rpm     MD5: 15c8a00c409fac8615a91f69546998d4SHA-256: b19ee5a545c68f014cc60666c33da78a4adb38450c9cfc82e8fdab3c1b1e834a syslinux-debuginfo-4.02-16.el6_5.i686.rpm     MD5: 3c1fff3a1c9ec2c92cbc98f8fbee793cSHA-256: 615757b5f56d183f9f97fd4644beb7f18b99804d0c75cc560482cc12bc6bbb4e syslinux-debuginfo-4.02-16.el6_5.x86_64.rpm     MD5: 9606ecefdc865bd9137008c4bbb14e47SHA-256: 7196495eda6871e443e51445c06a8c28a05e71dfebaa1e41c0a133dff95ed1ae syslinux-devel-4.02-16.el6_5.i686.rpm     MD5: 1f9dc880f5481675122fac6caf7fbf91SHA-256: dcd0c73330288306f4d798eea9e82be53aeeeb7e544d5f91d4d85c6c73fc0f9f syslinux-devel-4.02-16.el6_5.x86_64.rpm     MD5: 2400ec2092db2d84eb9529c70009a698SHA-256: 2dc42213535e0e3d42375b6c5a163ed1cafdbcd5d6d958d9cb92462eccb197fe syslinux-extlinux-4.02-16.el6_5.x86_64.rpm     MD5: c151d6650fc4cefeabee4b59befc4813SHA-256: 8e44257c2b9475b1094e338aed23db4e6944714d07cee4e418b6442bb77f7000 syslinux-extlinux-nonlinux-4.02-16.el6_5.i686.rpm     MD5: 380d20178a3254785949658ab93ebe0eSHA-256: 32becbbf60d931486b45a8500363baf6a0a948692840eeeca47b2b877f67c569 syslinux-nonlinux-4.02-16.el6_5.i686.rpm     MD5: b28b7b8cc1660267310818f1f2575bd3SHA-256: 78835eae606561175a1e963c522e22939831e58bc488c6470ec662dc64453104 syslinux-perl-4.02-16.el6_5.x86_64.rpm     MD5: ced7f61f63a67ce8096f770a797285aeSHA-256: 066437b902cac7a3fab664f474d92d95a4532a8211ae3529956e19dd69898326 syslinux-tftpboot-4.02-16.el6_5.i686.rpm     MD5: bcb9d35449a7415593d53f08b8ca0055SHA-256: fd2b1e8c14345fb02ff445beeeda380a66eadf199a8081e6ae185bb7fe0cb095 syslinux-tftpboot-4.02-16.el6_5.x86_64.rpm     MD5: c08b9ac3de4634e25b94dd65d39f3d7eSHA-256: d3292be37f9d11c311f312d73ae6d9eac0ee4328eb81ec211017b8db4100a2fd   Red Hat Enterprise Linux Server AUS (v. 6.5) SRPMS: syslinux-4.02-16.el6_5.src.rpm     MD5: 972f335fa0b710712c9e2e5e1c7c8dc9SHA-256: 1e247a2d67618d678d4f48e536251f37de8b1990939728ffdc5e881019b3bc9f   x86_64: syslinux-4.02-16.el6_5.x86_64.rpm     MD5: 15c8a00c409fac8615a91f69546998d4SHA-256: b19ee5a545c68f014cc60666c33da78a4adb38450c9cfc82e8fdab3c1b1e834a syslinux-debuginfo-4.02-16.el6_5.i686.rpm     MD5: 3c1fff3a1c9ec2c92cbc98f8fbee793cSHA-256: 615757b5f56d183f9f97fd4644beb7f18b99804d0c75cc560482cc12bc6bbb4e syslinux-debuginfo-4.02-16.el6_5.x86_64.rpm     MD5: 9606ecefdc865bd9137008c4bbb14e47SHA-256: 7196495eda6871e443e51445c06a8c28a05e71dfebaa1e41c0a133dff95ed1ae syslinux-devel-4.02-16.el6_5.i686.rpm     MD5: 1f9dc880f5481675122fac6caf7fbf91SHA-256: dcd0c73330288306f4d798eea9e82be53aeeeb7e544d5f91d4d85c6c73fc0f9f syslinux-devel-4.02-16.el6_5.x86_64.rpm     MD5: 2400ec2092db2d84eb9529c70009a698SHA-256: 2dc42213535e0e3d42375b6c5a163ed1cafdbcd5d6d958d9cb92462eccb197fe syslinux-extlinux-4.02-16.el6_5.x86_64.rpm     MD5: c151d6650fc4cefeabee4b59befc4813SHA-256: 8e44257c2b9475b1094e338aed23db4e6944714d07cee4e418b6442bb77f7000 syslinux-extlinux-nonlinux-4.02-16.el6_5.i686.rpm     MD5: 380d20178a3254785949658ab93ebe0eSHA-256: 32becbbf60d931486b45a8500363baf6a0a948692840eeeca47b2b877f67c569 syslinux-nonlinux-4.02-16.el6_5.i686.rpm     MD5: b28b7b8cc1660267310818f1f2575bd3SHA-256: 78835eae606561175a1e963c522e22939831e58bc488c6470ec662dc64453104 syslinux-perl-4.02-16.el6_5.x86_64.rpm     MD5: ced7f61f63a67ce8096f770a797285aeSHA-256: 066437b902cac7a3fab664f474d92d95a4532a8211ae3529956e19dd69898326 syslinux-tftpboot-4.02-16.el6_5.i686.rpm     MD5: bcb9d35449a7415593d53f08b8ca0055SHA-256: fd2b1e8c14345fb02ff445beeeda380a66eadf199a8081e6ae185bb7fe0cb095 syslinux-tftpboot-4.02-16.el6_5.x86_64.rpm     MD5: c08b9ac3de4634e25b94dd65d39f3d7eSHA-256: d3292be37f9d11c311f312d73ae6d9eac0ee4328eb81ec211017b8db4100a2fd   Red Hat Enterprise Linux Server EUS (v. 6.5.z) SRPMS: syslinux-4.02-16.el6_5.src.rpm     MD5: 972f335fa0b710712c9e2e5e1c7c8dc9SHA-256: 1e247a2d67618d678d4f48e536251f37de8b1990939728ffdc5e881019b3bc9f   IA-32: syslinux-4.02-16.el6_5.i686.rpm     MD5: 62ab7e6e7d9edd509c182480db1a0e39SHA-256: 902b6b9e33c1d60b2a787b476986cbad779b8d3a77eeba34ba27a3e67335c0e9 syslinux-debuginfo-4.02-16.el6_5.i686.rpm     MD5: 3c1fff3a1c9ec2c92cbc98f8fbee793cSHA-256: 615757b5f56d183f9f97fd4644beb7f18b99804d0c75cc560482cc12bc6bbb4e syslinux-devel-4.02-16.el6_5.i686.rpm     MD5: 1f9dc880f5481675122fac6caf7fbf91SHA-256: dcd0c73330288306f4d798eea9e82be53aeeeb7e544d5f91d4d85c6c73fc0f9f syslinux-extlinux-4.02-16.el6_5.i686.rpm     MD5: fa5ddc2bf6bffa34af59a78d9a9a0dc8SHA-256: cc996fa6119235dc3945ec9844a05e6de7234abc7ba38f7432357b6a31a8ebb9 syslinux-extlinux-nonlinux-4.02-16.el6_5.i686.rpm     MD5: 380d20178a3254785949658ab93ebe0eSHA-256: 32becbbf60d931486b45a8500363baf6a0a948692840eeeca47b2b877f67c569 syslinux-nonlinux-4.02-16.el6_5.i686.rpm     MD5: b28b7b8cc1660267310818f1f2575bd3SHA-256: 78835eae606561175a1e963c522e22939831e58bc488c6470ec662dc64453104 syslinux-perl-4.02-16.el6_5.i686.rpm     MD5: d274e1de1b023c8a6e07e70a42ca2d6cSHA-256: 8f74ab48eab3cfd1b9fbf71e97d0d33385bdb82c0398ce32637f95e5667f9e32 syslinux-tftpboot-4.02-16.el6_5.i686.rpm     MD5: bcb9d35449a7415593d53f08b8ca0055SHA-256: fd2b1e8c14345fb02ff445beeeda380a66eadf199a8081e6ae185bb7fe0cb095   x86_64: syslinux-4.02-16.el6_5.x86_64.rpm     MD5: 15c8a00c409fac8615a91f69546998d4SHA-256: b19ee5a545c68f014cc60666c33da78a4adb38450c9cfc82e8fdab3c1b1e834a syslinux-debuginfo-4.02-16.el6_5.i686.rpm     MD5: 3c1fff3a1c9ec2c92cbc98f8fbee793cSHA-256: 615757b5f56d183f9f97fd4644beb7f18b99804d0c75cc560482cc12bc6bbb4e syslinux-debuginfo-4.02-16.el6_5.x86_64.rpm     MD5: 9606ecefdc865bd9137008c4bbb14e47SHA-256: 7196495eda6871e443e51445c06a8c28a05e71dfebaa1e41c0a133dff95ed1ae syslinux-devel-4.02-16.el6_5.i686.rpm     MD5: 1f9dc880f5481675122fac6caf7fbf91SHA-256: dcd0c73330288306f4d798eea9e82be53aeeeb7e544d5f91d4d85c6c73fc0f9f syslinux-devel-4.02-16.el6_5.x86_64.rpm     MD5: 2400ec2092db2d84eb9529c70009a698SHA-256: 2dc42213535e0e3d42375b6c5a163ed1cafdbcd5d6d958d9cb92462eccb197fe syslinux-extlinux-4.02-16.el6_5.x86_64.rpm     MD5: c151d6650fc4cefeabee4b59befc4813SHA-256: 8e44257c2b9475b1094e338aed23db4e6944714d07cee4e418b6442bb77f7000 syslinux-extlinux-nonlinux-4.02-16.el6_5.i686.rpm     MD5: 380d20178a3254785949658ab93ebe0eSHA-256: 32becbbf60d931486b45a8500363baf6a0a948692840eeeca47b2b877f67c569 syslinux-nonlinux-4.02-16.el6_5.i686.rpm     MD5: b28b7b8cc1660267310818f1f2575bd3SHA-256: 78835eae606561175a1e963c522e22939831e58bc488c6470ec662dc64453104 syslinux-perl-4.02-16.el6_5.x86_64.rpm     MD5: ced7f61f63a67ce8096f770a797285aeSHA-256: 066437b902cac7a3fab664f474d92d95a4532a8211ae3529956e19dd69898326 syslinux-tftpboot-4.02-16.el6_5.i686.rpm     MD5: bcb9d35449a7415593d53f08b8ca0055SHA-256: fd2b1e8c14345fb02ff445beeeda380a66eadf199a8081e6ae185bb7fe0cb095 syslinux-tftpboot-4.02-16.el6_5.x86_64.rpm     MD5: c08b9ac3de4634e25b94dd65d39f3d7eSHA-256: d3292be37f9d11c311f312d73ae6d9eac0ee4328eb81ec211017b8db4100a2fd   Red Hat Enterprise Linux Workstation (v. 6) SRPMS: syslinux-4.02-16.el6_5.src.rpm     MD5: 972f335fa0b710712c9e2e5e1c7c8dc9SHA-256: 1e247a2d67618d678d4f48e536251f37de8b1990939728ffdc5e881019b3bc9f   IA-32: syslinux-4.02-16.el6_5.i686.rpm     MD5: 62ab7e6e7d9edd509c182480db1a0e39SHA-256: 902b6b9e33c1d60b2a787b476986cbad779b8d3a77eeba34ba27a3e67335c0e9 syslinux-debuginfo-4.02-16.el6_5.i686.rpm     MD5: 3c1fff3a1c9ec2c92cbc98f8fbee793cSHA-256: 615757b5f56d183f9f97fd4644beb7f18b99804d0c75cc560482cc12bc6bbb4e syslinux-devel-4.02-16.el6_5.i686.rpm     MD5: 1f9dc880f5481675122fac6caf7fbf91SHA-256: dcd0c73330288306f4d798eea9e82be53aeeeb7e544d5f91d4d85c6c73fc0f9f syslinux-extlinux-4.02-16.el6_5.i686.rpm     MD5: fa5ddc2bf6bffa34af59a78d9a9a0dc8SHA-256: cc996fa6119235dc3945ec9844a05e6de7234abc7ba38f7432357b6a31a8ebb9 syslinux-extlinux-nonlinux-4.02-16.el6_5.i686.rpm     MD5: 380d20178a3254785949658ab93ebe0eSHA-256: 32becbbf60d931486b45a8500363baf6a0a948692840eeeca47b2b877f67c569 syslinux-nonlinux-4.02-16.el6_5.i686.rpm     MD5: b28b7b8cc1660267310818f1f2575bd3SHA-256: 78835eae606561175a1e963c522e22939831e58bc488c6470ec662dc64453104 syslinux-perl-4.02-16.el6_5.i686.rpm     MD5: d274e1de1b023c8a6e07e70a42ca2d6cSHA-256: 8f74ab48eab3cfd1b9fbf71e97d0d33385bdb82c0398ce32637f95e5667f9e32 syslinux-tftpboot-4.02-16.el6_5.i686.rpm     MD5: bcb9d35449a7415593d53f08b8ca0055SHA-256: fd2b1e8c14345fb02ff445beeeda380a66eadf199a8081e6ae185bb7fe0cb095   x86_64: syslinux-4.02-16.el6_5.x86_64.rpm     MD5: 15c8a00c409fac8615a91f69546998d4SHA-256: b19ee5a545c68f014cc60666c33da78a4adb38450c9cfc82e8fdab3c1b1e834a syslinux-debuginfo-4.02-16.el6_5.i686.rpm     MD5: 3c1fff3a1c9ec2c92cbc98f8fbee793cSHA-256: 615757b5f56d183f9f97fd4644beb7f18b99804d0c75cc560482cc12bc6bbb4e syslinux-debuginfo-4.02-16.el6_5.x86_64.rpm     MD5: 9606ecefdc865bd9137008c4bbb14e47SHA-256: 7196495eda6871e443e51445c06a8c28a05e71dfebaa1e41c0a133dff95ed1ae syslinux-devel-4.02-16.el6_5.i686.rpm     MD5: 1f9dc880f5481675122fac6caf7fbf91SHA-256: dcd0c73330288306f4d798eea9e82be53aeeeb7e544d5f91d4d85c6c73fc0f9f syslinux-devel-4.02-16.el6_5.x86_64.rpm     MD5: 2400ec2092db2d84eb9529c70009a698SHA-256: 2dc42213535e0e3d42375b6c5a163ed1cafdbcd5d6d958d9cb92462eccb197fe syslinux-extlinux-4.02-16.el6_5.x86_64.rpm     MD5: c151d6650fc4cefeabee4b59befc4813SHA-256: 8e44257c2b9475b1094e338aed23db4e6944714d07cee4e418b6442bb77f7000 syslinux-extlinux-nonlinux-4.02-16.el6_5.i686.rpm     MD5: 380d20178a3254785949658ab93ebe0eSHA-256: 32becbbf60d931486b45a8500363baf6a0a948692840eeeca47b2b877f67c569 syslinux-nonlinux-4.02-16.el6_5.i686.rpm     MD5: b28b7b8cc1660267310818f1f2575bd3SHA-256: 78835eae606561175a1e963c522e22939831e58bc488c6470ec662dc64453104 syslinux-perl-4.02-16.el6_5.x86_64.rpm     MD5: ced7f61f63a67ce8096f770a797285aeSHA-256: 066437b902cac7a3fab664f474d92d95a4532a8211ae3529956e19dd69898326 syslinux-tftpboot-4.02-16.el6_5.i686.rpm     MD5: bcb9d35449a7415593d53f08b8ca0055SHA-256: fd2b1e8c14345fb02ff445beeeda380a66eadf199a8081e6ae185bb7fe0cb095 syslinux-tftpboot-4.02-16.el6_5.x86_64.rpm     MD5: c08b9ac3de4634e25b94dd65d39f3d7eSHA-256: d3292be37f9d11c311f312d73ae6d9eac0ee4328eb81ec211017b8db4100a2fd   (The unlinked packages above are only available from the Red Hat Network) These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:

How to implement PXE with Synology NAS

 Overview Equipped with TFTP support and Synology's DHCP Server package, DiskStation can serve as an integral part of your Preboot Execution Environment (PXE) setup. With...

ATMs Are Vulnerable to Attackers Looking to Steal Money: SecTor

Researchers claim that automated teller machines are at risk from a number of security flaws, but fixes can be made. TORONTO—Automated teller machines are a common sight in modern society, and they're also obvious targets for attackers looking to steal money. Researchers from security firm Trustwave discussed security issues related to ATMs at the SecTor security conference here, outlining their discoveries of ATM insecurity made during penetration-testing engagements. The flaws are widespread implementation issues that affect nearly all ATM vendors today, John Hoopes, senior consultant at Trustwave, told the audience. Trustwave wasn't going to point fingers at any one particular ATM hardware vendor, he said. One of the first steps in a security penetration-test enumeration is to determine what the operating system is for a given device.

In the case of an ATM, there is no Control-Alt-Delete functionality (for a system reboot), but Hoopes has a simple solution: pull the plug. By simply pulling the plug of an ATM device and then waiting for it to reboot, Hoopes said he was able to determine what the operating system was running. In many cases, that operating system was a version of Microsoft Windows, typically Windows XP. With the versions of Windows running on ATMs that Hoopes and his colleagues tested, many were vulnerable to old Microsoft security flaws. In particular, he said that many ATMs are still vulnerable to the MS08-067 flaw, which is a remote code execution flaw in the Windows Server Service that Microsoft patched five years ago. At least one of the systems Hoopes tested had a dialogue box on reboot that advises the user not to touch the screen during reboot. So what did Hoopes do? He touched the screen and was then able to get access to the core system of the ATM. To add further insult to injury, Hoopes found that the majority of ATMs are already running in administrator mode.

Administrator mode provides a user, or in this case an attacker, with full access to the device. "So it's already game over at that point," Hoopes said. Security by Obscurity Among the root causes for insecurity in ATMs are false design assumptions. "Most ATM software designers figure no one will ever see their code," Hoopes said. "So no code is obfuscated." Obfuscated or hidden, encrypted code is a common best practice for security, making it difficult for an attacker or a reverse engineer to find flaws. Some of the ATMs on the market today boot up by way of a Preboot eXecution Environment (PXE). In a PXE boot, the ATM gets its operating system and instructions over the network at boot time.

As such, if an attacker is able to put a device in between the ATM and the wall where the network connection comes in, there is the potential to manipulate what the ATM is able to do. Even for ATMs that are not PXE booted, all ATMs connect to a network. Trustwave has routinely noticed that the network is not always encrypted, Hoopes said.

If the network isn't encrypted, it means an attacker can potentially intercept and manipulate the data. Going a step further, even in cases where the ATM was using an encrypted Secure Sockets Layer (SSL) connection, the implementations were not always correct, Hoopes said.  SSL requires the use of a Certificate Authority (CA) that validates that an SSL certificate is authentic. Hoopes said that a number of ATMs do not properly validate the SSL certificate, leaving the machine open to potential man-in-the-middle attacks. Defense There are several things that ATM vendors can do to improve the security of their systems.

For one, good locks should be used on the ATM cabinets to prevent any kind of lock picking, Hoopes said. Also important is cable protection so that attackers can't just simply pull the power or networking cables to get access to a device. System monitoring and alarm notifications on ATMs are also necessary.

ATMs should be under constant monitoring so if there is a system reboot or other unexpected system event, an alarm goes off and someone is sent to investigate, Hoopes said. "These are computers that live in hostile environments," Hoopes said. "This is literally where the money is." Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.   ${QSComments.incrementNestedCommentsCounter()} {{if QSComments.checkCommentsDepth()}} {{if _childComments}}