Episode46

From Paul's Security Weekly
Jump to: navigation, search

Episode Media

mp3

Tool Of The Week

Umit - A really cool front end for Nmap from the Google summer of code. Its written in Python and very slick. I got it running on OS X. You will need python. Under OS X you can install just about everything using port, from the Darwin Ports Project, except for pysqlite, which you will need to install from source. You will also need X to be installed in OS X. Then you are off an running! Fire up a terminal and as root type:

/opt/local/Library/Frameworks/Python.framework/Versions/2.4/bin/umit

Make certain that the nmap binary is in your $PATH (I had to run export PATH=$PATH:/usr/local/bin).

Screenshot


TCP/IP Corner

How traceroute works

http://securityweekly.com/traceroute.swf

Stories for Discussion

Zero-Day Response Team Launches with Emergency IE Patch- [Joe] - "It is clear that we are dealing with an underground group of people who are writing exploits for profits. They are waiting for Patch Tuesday to pass, then it becomes Exploit Wednesday"... maybe it's time to rethink the scheduled patch cycle, eh Microsoft? [Larry] - ZERT has also released a paper on thier findings of the VML exploit, thier patch process, and source code here. M$ has also released the aptch out of cycle, only to be hit with "splitslice" YAIEV!

Hack-In-The-Box Conference Slides have been posted - [Paul] - Cool stuff, managed to read one on VoIP, a new tool called SIPhalis.

The check is in the mail... - [Larry] - New Zealander notifies bank and Teclo about the possibility of intercepting calls, after performing an unanounced, no permission "audit". Submits a bill and wonders why the cops show up at his door.

Online Book: How to crack DES - Looks like a pretty cool read, esp. for the price.

Network Patching? - [Larry] - I'm still trying to wrap my head around this one. Looks like an IPS, but lets the traffic pass after it has been sanitized. How is this better then tradidtional IPS?

Third Party Patches - [Paul] - Good thing or a bad thing? I fail to see how something that fixes a security hole can be truly a bad thing, but in some cases it would not make sense.

Hack.LU coming soon - [Paul] - Cool papers, including what looks like an interesting one on bluetooth.

MS sues over code theft - [Larry] - I think MS might be naieve here. They are suing hte createrso of FairUse4WM, a DRM removal tool, stating the only way they could have figured it out was bu stealing source code. Umm, M$, it is called reverse enginering...

New 0day in Powerpoint, exploit on the loose - [Paul] - what a month its been for M$, are people becoming desensatized? Who opens PPT extensions from ppl that you don't even know? Or, do people get tricked into downloading it from the web?

Skype to release enterprise friendly version? - [Larry] - Ties nicely to the discussion about VOIP security that we had this week with the SRT folks. Paul and Larry should be able to sitir some debate here.

US dept of commerce looses 1100 laptops - [Larry] - Sure it was over a long period of time, but what, where they parting gifts? Clearly that asset management is a needed part of a good security posture.

MSN Worm Explained - [Paul] - Good article from the F-Secure folks on how the MSN exploits are working.

Taking passwords to the afterlife - [Larry] - Passwords are implortant, but if you want people to access our information stored with third parties after your death or injury, consider documenting them securely in a will or living will.

HD Moore Interview - [Paul]

Protecting Wireless clients and how probing is bad - [Larry] - in 500 words or less, by Mike Kershaw. Ive got a lot of respect for these guys taking these heavy subjects and speaking intelligently on so few words. In short, turn off your wireless when not in use.

Matasano Six - [Paul] - Very cool stuff!

Free Rainbow Tables - [Paul] - Cool! I love free rainbow tables, yeahhh!!

A DoS for OpenSSH written in sh - [Paul] - This particular exploit does call some perl commands, however it brings up an interesting point, exploits written in bash or similar shell commands are very portable.