Infosec Ramblings

You may have all seen this already, but I just came across it. It’s been around for a while, but I thought it was interesting. How to Become a Hacker by Eric Steven Raymond.

Howdy, here are some things to take a look at for today.

Dave Aitel writes about automatic exploit generation from patches. According to Dave, it isn’t as easy as it sounds. I agree with him. Go give it a read.

GNUCITIZEN has another good post up that takes a look at resident scripts and cross-domain issues using javascript.

Kees, as usual, has a thought provoking post up which points out that Perception IS Reality (emphasis added). Go read it.

Later folks. Have a great day.

Kevin

We all know and love Nessus. Well today, Tenable made it even better. Nessus now fully supports su and sudo for audit and patch compliance checks. This is very cool.

Next, in response to the ssh key bruhaha this week, there are now a couple of plugins that will check for weak keys in SSH and SSL protected webservers.

Caveat: It appears that you need to be Direct Feed/Professional subscriber to use these features.

Kevin

Man, I just keep falling farther and farther behind on these posts. Anyway, here we go:

Jeremiah has a nifty post up about crossdomain.xml.

Jeff Jones has a short paper available that compares Windows Vista vulnerabilities compared to Windows XP SP2 vulnerabilities in 2007.

Patrick Romero discusses Electronic Medical Records over on Security Catalyst.

Nitesh has an interesting article posted about some issues in Safari and Apple’s response.

Innismir has posted a helpful guide on how to created new ssh system keys for those of us who are susceptible to the openssl issue on Debian based linux distros.

That’s it for today. Have a good one.

Kevin

Hi folks. Good afternoon. Here are a few things to look at today.

There is a post on the nCircle blog about some interesting issues regarding some IPv6 issues we need to be aware of.

Sam Ryder has an interesting post up on alert blogic about SaaS and its impact on the channel.

The May issue of “IT Compliance in Realtime” is available from Rebecca. Go here for a teaser

Frank Cassano has a post up at bloginfosec about building out a framework to structure your information security program around. I have only skimmed it so far, but looks interesting.

As other have noted, there does not appear to be a fee (that’s a link to a pdf) any longer for real-time vulnerability updates for Nessus any longer for home and non-commercial users.

Have great rest of your day!

Kevin

Hi folks. Here are some things to take a look at.

Dave Whiteleggg has written a tutorial for Appscan.

Jeremiah points out three good reads on web application security.

Jeff Jones points us to a missive penned by Dr. Crispin Cowan about User Access Control and whether it is a convenience feature or a security feature. I won’t spoil to suprise. Go give it a gander.

Techdulla has post up about a new hire and there are some tidbits in there that are very good.

Jack has a list of some good Information Security based podcasts that you should check out.

There ya go. Have a great one.

Kevin

First, I changed the title of these posts to be a little more clear. Maybe nobody else cares, but it was bothering me Anyway, on with the show.

Jennifer posted on Friday about a new revision of 8.2.1x being put out. She points out some items that the new -REV is going to have included.

Matthew Hinman has the first post of what will be a very interesting series on malware analysis and reverse engineering. Well worth the read. I look forward to the posts to come.

Another great post by GNUCITIZEN on using plain old telnet and bash to perform portscans. Cool stuff.

Ory’s blog at Watchfire has a pointer to Charles which is a nifty looking tool. It’s a proxy that, among other things, lets you simulate line speeds and act as a man-in-the middle https proxy enabling you to “debug” https sessions.

A list of “hacker tools” is brought to us by Dark Visitor. We should probably be keeping any eye out for any of these tools showing up on our networks/systems.

Have great day folks!

Kevin

Hoff posted yesterday about the hard security costs associated with virtualization. He points out that while there may be cost savings in other areas, there will likely not be any from a security perspective and likely will be additional costs introduced by using virtualization.

Christopher has an entry up that talks about breaking our of Windows remoteapps. Very interesting.

Have a great day.

Kevin

Hello there. Here are today’s interesting bits from the security blogosphere.

Rebecca Herold has post up that talks about how the decisions people make about what they post on public sites can affect their ability to get a job.

Paul’s late-breaking computer attack vectors recording and slides is now available.

I recently pointed to 0×000000’s .htaccess that acts as a web app firewall. Well, it has been revised again and a walk through has been provided to explain what is going on. Good stuff.

Kees has a great post up about understanding what you protect. As he says:

putting information security controls in place is not a goal, but a means to achieve a business goal.

That’s all I’ve got right now. Been a busy day. Have great rest of yours.

Kevin