[funsec] This sounds like a security disaster just waiting to happen...

Jason Ross algorythm at gmail.com
Wed Apr 29 15:05:47 CDT 2009


On Wed, Apr 29, 2009 at 15:27, Steve Pirk <orion at pirk.com> wrote:
> On Wed, 29 Apr 2009, Larry Seltzer wrote:
>
> ...
>> When IT enables BranchCache, a copy of
>> data accessed from an intranet web site or a file server is cached
>> locally within the branch office. When another user on the same network
>> requests the file, the user gets access to the content almost
>> immediately as it is downloaded from the local cache rather than over a
>> limited bandwidth connection back to headquarters.
>> Flexible Architecture
> ...
>
> So, Microsoft has implemented a squid like server as part of their gateway
> solution for office connections to the net. If done correctly, sould be
> safe enough, no?


Not exactly squid like. The more interesting bit is further down:

"In the second mode, called Distributed Cache, a branch server is not
required, as copies of files are directly cached on PCs in the branch
and sent to other Windows 7 clients as needed"

P2P squid. Now what happens when a user decides to inject malicious
code into the cached files...

It'd be interesting to see what steps were taken to prevent that from
occurring.

--
jason


More information about the funsec mailing list