ISC StormCast for Thursday, February 9th 2017
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Handlers
4.9 • 754 Ratings
🗓️ 9 February 2017
⏱️ 6 minutes
🧾️ Download transcript
Summary
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hello, welcome to the Thursday, February 9th, 2017 edition of the Sands and it's Stormsenders Stormcast. My name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida. There's also the eighth anniversary of this podcast, so if you like it, if you listen to this regularly, then please let your friends know and also I appreciate |
| 0:23.7 | good reviews left on iTunes or whatever other service you're using to listen to this. |
| 0:31.0 | Today we got a guest diary by Remko Verhof about metadata URLs that you calmly find in cloud servers. They exist in pretty much all of |
| 0:41.4 | the big cloud providers and are URLs that are accessible via 169254 IP addresses. So really, |
| 0:51.0 | they're only accessible from the system itself because these are non-routable IP addresses. |
| 0:57.6 | But once on the system or connecting from the system you will have access to a number of details |
| 1:05.0 | about the infrastructure the cloud server is hosted on. |
| 1:09.7 | It's a little bit like system utilities like PS or NetStat and the like that allow you to |
| 1:15.1 | interrogate the system state. |
| 1:17.8 | Now, the reason we have this diary is really just to foster some awareness about these metadata |
| 1:24.1 | URLs that exist and how to block access to them from your server. |
| 1:30.1 | With IP tables, you can actually limit access to root, so only root is allowed to access |
| 1:37.0 | this URL. |
| 1:38.7 | And that way, if for whatever reason an attacker is able to relay connections through your system, this particular |
| 1:46.7 | URL is protected. And earlier this week I talked about the Cisco Meraki recall of their switches |
| 1:54.4 | and security appliances. It turns out that this problem may actually be more widespread and not be limited to Cisco. |
| 2:03.6 | The root cause, according to an article in the register, appears to be Intel's Adam C-2000 processor line. |
| 2:11.6 | There are a number of different processors that are part of that family, and the clock in these chips apparently wears out. |
| 2:20.7 | And after about two years or less of continuous use, the chip just stops working. |
| 2:28.2 | Now, Synology, their disk storage devices, is another product that has reported failures that are linked to this |
| 2:36.2 | particular issue, but it's not limited to this at all. There's a long list of companies that |
| 2:41.6 | use this particular processor. You often find them sort of in somewhat laurent kind of servers |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.