lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 28 Apr 2011 17:05:16 +0100
From: "corpus.defero" <corpus.defero@...et.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Barracuda backdoor

On Thu, 2011-04-28 at 08:29 -0700, ichib0d crane wrote:
(snipped)
> but that doesn't
> change the fact that Barracuda has done something likely bad here. A
> vendor should make it explicitly clear when they have the capability
> to disable remote products that have already been purchased. Maybe
> their ToS allows it, maybe not. Either way it is highly unethical.
> 
They can't. All they can do is disable updating of the virus and spam
definitions. It will still work without a subscription to 'energize
updates'.

There was once an obvious and open back door on these units redirecting
port 25 (naturally open on a firewall) to a listening SSH daemon for
IP's belonging to Barracuda. It was not very sophisticated, just an
IPTABLES rule.

Here is the rub with Barracuda - and forgive me for being rude but my
observations of them over the last few years has made them a bit of chew
toy. The majority of their core team are either clueless retards or high
on drugs. Honestly, just tug apart some of the code in one of these
boxes and it is seriously lame to the point anyone who has progressed
past schoolboy BASIC will usually cry laughing.

Seriously, anyone who pays $£40k for one of these really needs to be put
into an institution as it is money very poorly spent. That's the end of
my contribution and now I must sleep until I see that name spring up
again somewhere else.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ