dns

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. A nifty tool pointed too by Agusto that helps dig out those user/password pairs hanging around on shares.
    Very nice tool for pentests | Security Balance
    Tags: ( tools pentesting passwords )
  2. If you live in the UK, you want to read this short post about your health records.
    Light Blue Touchpaper >> Blog Archive >> Opting out of health data collection
    Tags: ( privacy health )
  3. OpenDNS is trying to make your DNS experience safer.
    OpenDNS Blog >> OpenDNS adopts DNSCurve
    Tags: ( dns dnssec dnscurve opendns )
  4. This looks interesting. See how well you are alerting/stopping data leakage in your org.
    Hydra: Data Leakage Vulnerability Test System | Fidelis Security Systems
    Tags: ( dlp data-leakage tools )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Google introduced a new DNS service today.
    Google Code Blog: Introducing Google Public DNS: A new DNS resolver from Google
    Tags: ( google dns )
  2. This is pretty neat. Metasploit now has a built in vulnerability scanner.
    Metasploit Gets New Vulnerabilty Scanning Features - DarkReading
    Tags: ( metasploit vulnerability-scanning )
  3. Very cool. Sourcefire has rolled out a couple of VMWare-based virtual IDS appliances.
    Product Watch: Snort Maker Rolls Out IPSes For Virtual Environments - DarkReading
    Tags: ( snort sourcefire ids virtualization )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Andy poses the question (paraphrased) "You get to build a security program from the ground up. How do you go about it?" Go over and offer your thoughts.
    Building a security program from the ground up >> Andy ITGuy
    Tags: ( infosec-program )
  2. Want to learn how to write exploits. You should really check out Dino's exploitation class. I'll be going through it at my earliest convenience. Oh, and by the way, it's free.
    Penetration Testing and Vulnerability Analysis - Exploitation
    Tags: ( class education explolits )
  3. From the site: A group of PenTesters/Researchers have gotten together with the purpose of posting their useful scripts. Feel free to submit your scripts, we will gladly review them, even post them crediting you. You can submit them at scripts@pentesterscripting.com
    start [PenTester Scripting]
    Tags: ( pentest scripts tools )
  4. Some interesting thoughts that Richard shares from a talk given by Michael Hayden.
    TaoSecurity: Notes from Talk by Michael Hayden
    Tags: ( general )
  5. I agree with the Infosec Cynic. Allowing non-Latin characters is going to open up a whole new way for evil to be propagated.
    International Websites | The Infosec Cynic
    Tags: ( dns )
  6. If you haven't heard yet, there is a worm running around that Rick Rolls iPhones that have been jailbroken. This post isn't really about the worm, but about the individual who wrote, released and then talked about doing it.
    Worm author tells media he initially infected 100 iPhones | Graham Cluley's blog
    Tags: ( general worm iphone )
  7. A nifty use of netcat to image a drive over the network.
    How-to: Cloning a (Laptop) Hard Drive using DD over the network | Roer.com - Kai Roer's Rants on Infosec
    Tags: ( backup imaging )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Dre is reading a lot of the same people as I am when it comes to security programs. This post has some good stuff in it along with some great additional reading for us.
    What makes a solid security program? | tssci security
    Tags: ( security-program )
  2. Another day, another case of people handing over credentials to anybody who asks.
    Another Twitter Scam: Twitviewer -- spylogic.net
    Tags: ( twitter )
  3. Looks like there is a nasty BIND vulnerability being actively exploited. Time to update.
    BIND 9 Issue
    Tags: ( bind dns )
  4. Very nice. I like the way he approached this.
    Tactical Web Application Security: Lessons Learned From Casino Surveillance
    Tags: ( general )
  5. Wim is getting into FAIR. Very cool stuff.
    all is FAIR in love and war. << The Security Kitchen
    Tags: ( fair )
  6. An interesting case of what you read on the internet isn't always true 🙂
    Fake Retweets Lead To Spam - SpywareGuide Greynets Blog
    Tags: ( twitter )
  7. Sometimes high availability doesn't make your life easier. Check out Shrdlu's post and think about your situation a little.
    When 'high availability' isn't good enough.
    Tags: ( general )
  8. If you are an information security professional or want to be, I strongly recommend you carve out the time to attend Mike and Lee's talk at Defcon. They know what they are talking about and you should too!
    Effective Information Security Career Planning at DefCon | Information Security Leaders
    Tags: ( career )
  9. No big surprise here for me.
    Study says SSL-certficate warnings are as good as useless - News - The H Security: News and features
    Tags: ( ssl )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. The videos from Source Boston 2009 are available. Good stuff.
    Source Boston 2009 Videos
    Tags: ( source )
  2. A very nice example of data leakage.
    Firefox 3.5 DNS LEAKS like a waterfall | The Edge of I-Hacked
    Tags: ( firefox dns )
  3. Panda's second challenge is up.
    Panda Challenge: Medium Level - PandaLabs
    Tags: ( challenge )
  4. Keydet89 answers the questions "What is the worst thing an incident response team internally will do?"
    Windows Incident Response: SANS Summit Question
    Tags: ( incident-response )
  5. Not security related, but it's bugged me for a while. I love Firefox, but the molasses slow start time is a real joy killer. Finally an explanation why. Hopefully a fix will come out soon.
    Slow Firefox 3.5 start up time - News - The H Security: News and features
    Tags: ( firefox )
  6. I strongly suggest you read this post before you test out the OpenOwn.c code that is running about. In other words, you will hurt yourself if you don't.
    Secdev - Thierry Zoller: 0pen0wn.c - Shellcode "dissasembled"
    Tags: ( hacker dont-do-that )
  7. As @id084895 says, "wow, just discovered Robtex.com !!! Your src for whois, bgp, AS, RBL checks and lost more: simple & fast => i like ;-)"
    robtex
    Tags: ( tools on-line )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 2 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. The 5 year clock is about to start on Windows XP and Office 2003. They both are going into extended support status.
    Windows XP and Office 2003 Enter a New Phase of Support
    Tags: ( patches winxp office-2003 )
  2. If you want to continue to get updated DCERPC related detection capabilities with snort you are going to have to upgrade soon. Details inside.
    VRT: Snort 2.8.4 is nigh
    Tags: ( ids snort )
  3. Alex has put up his first blog post for Verizon Business. In it, he argues that PCI is not broken. I agree. I have never viewed PCI and a panacea for "securing" card data. Saying that PCI makes card data safe, is like saying that a seat belt makes a car safe. It helps, but doesn't guarantee anything.
    He also points us to another resource that looks interesting, the "Information Security Management Maturity Model "
    Verizon Business Security Blog >> Blog Archive >> There's nothing wrong with the PCI DSS
    Tags: ( pci )
  4. First: This post has a really nice graphical representation of the operational Internet DNS framework (attack surfaces). Second: The final report was released from the The Global DNS Security, Stability and Resiliency Symposium. It is now on my reading pile.
    >> DNS Attack Surface * Security to the Core | Arbor Networks Security
    Tags: ( dns )
  5. You have a couple patches to install if you manage a VMWare ESX installation.
    VMWare Announces New, Critical Security Updates
    Tags: ( vulnerability vmware patches )
  6. A nice list of targets you can use to test your hacking skills. There are more in the comments.
    Hacking Without All the Jailtime ha.ckers.org web application security lab
    Tags: ( hacking targets )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. An update is available for Version 9 of Adobe Acrobat that take care of the recent 0-day. Versions 7 and 8 are still unpatched and will remain so until later this month.
    Acrobat and Reader 9.1 Update Available for Windows and Mac - Security Watch
    Tags: ( exploit vulnerability adobe patches )
  2. Wanna see what binaries are floating about on your network. This'll help you figure out just that thing.
    Pulling binaries from pcaps << SANS Computer Forensics, Investigation, and Response
    Tags: ( sniffer )
  3. This is pretty nifty. Side note: it is also another reason why it is very important to not allow port 53 outbound from your internal network except for your actual DNS servers. Think proxy bypass, data leakage, etc.
    OzymanDNS - Tunneling SSH over DNS | Room362.com
    Tags: ( dns tunneling )
  4. There is some important information you need to be aware of regarding Microsoft patch MS09-008. There are issues not addressed for exploited servers. Read on for details.
    Successful Exploit Renders Microsoft Patch Ineffective (VERT)
    Tags: ( microsoft patches )
  5. These are great resources from Lenny Zeltser. Cheatsheats available: Securty Incident Survey Cheat Sheet for Server Administrators, Initial Security Incident Questionnaire for Responders, Network DDOS Incident Response Cheat Sheet, Revers-Engineering Cheat Sheet, Information Security Assessment RFP Cheat Sheet, and How to Suck at Information Security 🙂
    Lenny Zeltser - IT Security Cheat Sheets
    Tags: ( cheatsheet )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Well the start of a new weeks is here, along with a batch of interesting things to take a look at. Only blogs again this time.

360 Security, along with many other folks, points out that the Apple DNS Patch Fails To Randomize.

Kurt Dobbins over at Arbor Networks has an interesting post up about the Myths and Realities of the Net Neutrality Debate. Good stuff in there.

Bruce Schneier brings to our attention that the U.S. government has published its policy regarding Seizing Laptops at Borders. Basically, we take when we want to and you don't have any say in the matter.

Nifty post up at Neohapsis talking about exploiting hardware vulnerabilities in the Intel CPU. Neat stuff. Kris Kaspersky's talk "Remote Code Execution Through Intel CPU Bugs" to be given at Hack in the Box was the impetus.

Wesley has created his first Metasploit module. It is a nifty tool. You should go take a look if you are interested in pen testing.

CG points to a paper and demo for DHCP script injection. Lots of fun to be had there.

Ha.ckers.org has a nice little bookmarklet that make is easy to use MSN IP Search to find domains on the same IP address as the web page you are reading.

Chris Hayes
continues his discussion of risk in response to Shrdlu's comments on a previous post. Good stuff.

Finally, Gary Warner points us to another story about an insider selling PII.

I will be leaving for Vegas on Thursday so there will be light posting here until next week.

Kevin

Technorati Tags: , , , , , , , ,

{ 1 comment }

Hiya all. I know I have been less than vigilant in my posting here. I am not going to promise I will get better since that hasn't worked so far, but things might get a little more regular around here in the near future. Anywho, on with the show.

From the Blogosphere

Nathan McFeters has penned a nice post about responding to the DNS vulnerability and attacks. He also points to a post on The Frequency X Blog which also talks about the same topic.

Tom points to 0x0e's post that puts forward a list of skills that a good pentesting team should have. It is a good list and worth keeping in mind when both building a team and when contracting for a team to do work.

Rich has written an interesting post about spies and infosec and self-interest. He also asks, Security Operations: Do you CAER? (Collection, Analysis, Escalations and Resolution.) A very intersting read.

Dave Lewis points out that NIST has revised several security guidelines.

Billy explores what can happen when your browser is registered to handle several protocols.

I didn't get a chance to look at the Newsosphere, so this is it for the 29th.

Have a great day.

Kevin

Technorati Tags: , , , , ,

{ 0 comments }