Blocking Java Applets at the Firewall

This paper explores the problem of protecting a site on the Internet against hostile external Java applets while allowing trusted internal applets to run. With careful implementation, a site can be made resistant to current Java security weaknesses as well as those yet to be discovered. In addition, we describe a new attack on certain sophisticated firewalls that is most effectively realized as a Java applet

xLED: Covert Data Exfiltration from Air-Gapped Networks via Router LEDs

In this paper we show how attackers can covertly leak data (e.g., encryption keys, passwords and files) from highly secure or air-gapped networks via the row of status LEDs that exists in networking equipment such as LAN switches and routers. Although it is known that some network equipment emanates optical signals correlated with the information being processed by the device ('side-channel'), intentionally controlling the status LEDs to carry any type of data ('covert-channel') has never studied before. A malicious code is executed on the LAN switch or router, allowing full control of the status LEDs. Sensitive data can be encoded and modulated over the blinking of the LEDs. The generated signals can then be recorded by various types of remote cameras and optical sensors. We provide the technical background on the internal architecture of switches and routers (at both the hardware and software level) which enables this type of attack. We also present amplitude and frequency based modulation and encoding schemas, along with a simple transmission protocol. We implement a prototype of an exfiltration malware and discuss its design and implementation. We evaluate this method with a few routers and different types of LEDs. In addition, we tested various receivers including remote cameras, security cameras, smartphone cameras, and optical sensors, and also discuss different detection and prevention countermeasures. Our experiment shows that sensitive data can be covertly leaked via the status LEDs of switches and routers at a bit rates of 10 bit/sec to more than 1Kbit/sec per LED

Performance evaluation of an open distributed platform for realistic traffic generation

Network researchers have dedicated a notable part of their efforts to the area of modeling traffic and to the implementation of efficient traffic generators. We feel that there is a strong demand for traffic generators capable to reproduce realistic traffic patterns according to theoretical models and at the same time with high performance. This work presents an open distributed platform for traffic generation that we called distributed internet traffic generator (D-ITG), capable of producing traffic (network, transport and application layer) at packet level and of accurately replicating appropriate stochastic processes for both inter departure time (IDT) and packet size (PS) random variables. We implemented two different versions of our distributed generator. In the first one, a log server is in charge of recording the information transmitted by senders and receivers and these communications are based either on TCP or UDP. In the other one, senders and receivers make use of the MPI library. In this work a complete performance comparison among the centralized version and the two distributed versions of D-ITG is presented

The EXOSAT medium-energy slew survey catalog

We present a catalog of X-ray sources observed during slew maneuvers by the Medium Energy Detector Array onboard the EXOSAT Observatory. The EXOSAT Medium Energy slew-survey catalog (EXMS) provides a unique record of the 1--8 keV X-ray sky between 1983 and 1986. 98% of the sky was observed, with 85% receiving an exposure of >60 s. 1210 sources were detected. By comparing these source positions with other catalogs, identifications are given for 992 detections (82% of the sample). These identifications consist of 250 distinct objects, including 95 different X-ray binary systems, and 14 different AGN. A further 58 detections have multiple candidates, while 160 detections remain unidentified. Collimator transmission corrected 1-8 keV count rates are given for the identified sources, together with raw count rates for the other detections. The construction of the EXMS and the checks performed to ensure the validity of the derived source properties are discussed. A publically available version of this catalog is maintained on the EXOSAT database and archive system (telnet://[email protected]).Comment: 52 pages. 22 Figures. To be published in A&AS. For more information, see http://astro.estec.esa.nl/SA-general/Projects/Exosat/exmsintro.htm

The SPAN cookbook: A practical guide to accessing SPAN

This is a manual for remote users who wish to send electronic mail messages from the Space Physics Analysis Network (SPAN) to scientific colleagues on other computer networks and vice versa. In several instances more than one gateway has been included for the same network. Users are provided with an introduction to each network listed with helpful details about accessing the system and mail syntax examples. Also included is information on file transfers, remote logins, and help telephone numbers