Hello and welcome to the Wednesday, February 1st, 2003 edition of the Sansonet Storm Center's Stormcast.

My name is Johannes Ulrich and I'm recording from Jacksonville, Florida.

Turns out one of the hardest things to actually get working if you're installing our honeypot is to get it exposed to

the internet the problem here is that there are so many different routers firewalls and such that

people are using it's hard to document them all one of the more popular ones is pFSense, the open source firewall.

And today we do have a nice walkthrough by Jesse about how to configure PFSense to expose

your honeypot.

So if you're interested, take a look.

Oath is a real neat authentication and access control technique that technically is

pretty secure but has some significant usability shortcomings. You probably used it many times

before where you go to a website and that website then redirects you to another website in order

to allow you to delegate some access to the first site. This is typically done via Oath,

and the problem here, of course, is that it's not very transparent to the average user,

what's exactly sort of happening behind the scenes,

and that has often been abused by malicious actors.

Now, Microsoft introduced a new concept a while ago

called verified publishers,

where if you want to participate and want to have your app have access to some

Microsoft resources based on your customer's credentials, then well, you can get yourself verified

by Microsoft and the simple sort of famous blue checkmark idea, where Microsoft will verify who you are,

so your customers can trust these redirects.

The problem is that apparently attackers now manage to get a hold of some existing accounts

...