1 min
Networking
Leveraging Security Risk Intelligence to Improve Your Security Posture
As most of you probably know, attackers routinely target exploitable weaknesses
of security systems rather than pre-identifying victims for their attacks. Also,
most breaches that occur in database security systems are avoidable without
expensive or sophisticated countermeasures.
In its 2012 Data Breach Investigations Report, Verizon
registered 174 million compromised records for 2011, compar
3 min
Nexpose
How to Secure Your Videoconferencing Systems: H.323 Scanning with Rapid7 Nexpose
For my inaugural post on the SecurityStreet blog, I thought it would be
beneficial to highlight the H.323 coverage I recently added to Nexpose. With all
the attention HD Moore's work
in this area
garnered, it seemed that there was a definite need for this functionality, so as
of Nexpose 5.2, users can scan their networks for devices running H.323 services
as well as detect whether those services have the auto-answer functionality
enable
4 min
Metasploit
Weekly Metasploit Update: SCADA, Lab Gem, and Squid Pivoting
This week's update is packed full of
awesome, and I don't use that term lightly.
SCADA Attacks, DigtialBond, and Metasploit
This week sees the addition of six new SCADA modules, targeting a variety of PLC
devices, including two new modules aimed at the Schneider Quantum programmable
logic controller (PLC). In order to give penetration testers the ability to
accurately assess SCADA infrastructure, Tod Beardsley (from Rapid7) and K. Reid
Wightman (from Digit
2 min
Nexpose
Automating Nexpose Discovery Connections through the Java API
Nexpose has long offered APIs allowing for automated workflow operations. The
following examples are intended to help Nexpose users automate the discovery
mechanisms feature through the API. The following code shows how to leverage the
Java API client to create, list,
update and delete discovery mechanisms in Nexpose.
Nexpose supports Discovery connection API starting on version 5.2. The
supported operations on the API with regards to discovery ar
1 min
CVE-2012-0507 - Java Strikes Again
Recently, Microsoft published a blog post regarding a Java exploit that's being
used in the wild. The vulnerability is more of a logical flaw that results in
unsafe operations, which allows any attacker to run arbitrary code under the
context of the user. You may see the blog here:
http://blogs.technet.com/b/mmpc/archive/2012/03/20/an-interesting-case-of-jre-sa
ndbox-breach-cve-2012-0507.aspx
About two days ago, Metasploit obtained a partial sample of that malware thanks
to an anonymous cont
3 min
Metasploit
Weekly Metasploit Update: DNS Payloads, Exploit-DB, and More
This week we've got a nifty new shellcode delivery scheme, we've normalized on
Exploit-DB serial numbers, and a pile of new modules, so if you don't have
Metasploit yet, you can snag it here .
DNS Payloads in TXT Records
To quote RFC 1464 describing DNS TXT
records, "it would be useful to take advantage of the widespread use and
scalability of the DNS to store information that has not been previously
defined." I don't kno
1 min
Metasploit
Identifying IPv6 Security Risks in IPv4 Networks: Tools
This post details some of the tools used in my recent IPv6 security testing
webcast If you have
any specific questions, please open a Discussion
thread.
A minimal IPv6 toolbox:
* A Linux-based operating system with IPv6 support
(BSD variants are great too)
* The IPv6 Attack Toolkit
2 min
Networking
SOC Monkey's Week in Review - 3.23.12
Hello all,
Every Friday I'm going to round up the week with a few of my favorite stories
that we've seen during the week on my app (SOC Monkey, available now, free in
the Apple App Store). Let's dive right in, shall we?
One of the biggest items of the week was the latest word from Facebook on
employers asking job applicants to reveal their passwords. Ars Technica's
article saw a lot of interest: Facebook says it may sue employers who demand
job
applicants' passwords
6 min
Nexpose
Integrating Nexpose Community and Metasploit Community in Backtrack 5 R2
I recently packaged up the new Nexpose release so that Backtrack users can have
an up-to-date version of Nexpose, straight from the Backtrack repos. This seemed
like a great time to also go over installing Nexpose Community and integrating
it with the already-installed Metasploit Community.
1. Getting Started
Before we get started, I would recommend grabbing a copy of Backtrack 5 R2
64-bit. The machine you want to use will need to have at a minimum 2GB of RAM
and at least 5GB space on the hard
4 min
Release Notes
Configuration Assessment and Policy Management in Nexpose 5.2
We love our policy Dashboards. They are new, hot, intuitive, robust and really
useful. In our latest release of Nexpose, version 5.2, we've made two major
enhancements to our configuration assessment capabilities:
* A policy overview dashboard: To understand the current status of compliance
of configurations delivering a summary of the policy itself.A policy rule
dashboard: To provide further details for a particular rule and the current
compliance status for that rule.
What makes th
4 min
Log Management
Nexpose log files - What's changed in v5.2
Introduction
Nexpose logs messages for tasks that the system has performed as well as events
that occurred as a result of those tasks. The messages vary with respect to the
features in the product such as users logging into Nexpose successfully,
launching a scan for a site, or generating a report. The log files are helpful
in understanding what Nexpose has already done. In the latest release, Nexpose
5.2, we have introduced a number of enhancements to the log files such as
reducing disk usage an
4 min
Vulnerability and Threat Data Export Leveraging "XML Export 2.0" format
A vulnerability management solution like Nexpose is often used by organizations
to provide risk-based insight for potential and real threats. Nexpose provides
product reporting capabilities that help organizations clearly prioritize their
risk based on such aspects as exploitability, availability of malware kits and
weighted and temporal risk scores. Frequently, organizations leverage this rich
threat data in XML format in conjunction with other enterprise security tools
such as SIEM, GRC, IPS,
3 min
Metasploit
Weekly Metasploit Update: Spiceworks, AFP, RDP, and a New HTTP Downloader
After a couple of relatively light weeks (blame SXSW, I guess), this week's
update has quite a few neat new additions. As always, if you don't already have
Metasploit, what are you waiting for
? For the rest of us,
here's what's new.
Importapalooza
This week's update has support for importing asset lists exported from
Spiceworks, courtesy of Rapid7's Brandon Perry. Spiceworks is a free asset
management application used by tons of IT pros and
1 min
Release Notes
SOC Monkey - FREE and in the App Store Now!
The name's Monkey. SOC Monkey.
I'm here to provide you with a new free app for the iPhone/iPad/iPod Touch that
will search through infosec topics that are trending on the social web. I'll
also rank them based on what the biggest news items and hottest topics are, so
you can make sure to get your banana's worth.
Now, I'm not going to just barrage you with links. I'm going to use my
incredibly advanced simian brain to curate these news items, so you can focus
more on what you need to get don
3 min
Metasploit
Weekly Metasploit Update: Session Smarts and GitHub
It's another Metasploit update, and it's headed straight for us!
Session Smarts
This week, Metasploit session management got a whole lot smarter. Here's the
scenario: As a penetration tester, you rook a bunch of people into clicking on
your browser-embedded Flash exploit , sit back, and
watch the sessions rolling in. However, they're all behind a single NAT point,
so all your sessions appear to be terminating at a single IP address, and you
quickly lose track of who's