Latest Vulnerability Breakdown – 11/07/08

Posted on November 7, 2008. Filed under: Auditing, Penetration Testing | Tags: , , , , , , , |

Summary of Updates and Vulnerabilities in this Consensus
Platform Number of Updates and Vulnerabilities
- ———————— ————————————-
Third Party Windows Apps [...]

Read Full Post | Make a Comment ( None so far )

Latest Vulnerability Breakdown – 10/24/08

Posted on October 23, 2008. Filed under: Auditing, Penetration Testing | Tags: , , , , , , , |

Ok the big news this week came at the end of the week when Microsoft announced an extra patch to address an RPC problem that affects virtually all of their OS’s.  Virtually millions of millions of systems.  Also there is a major patch for most Linux based mail applications.  Specifically the libspf2 version prior to [...]

Read Full Post | Make a Comment ( None so far )

Now the Tools – Pt.3 Hydra

Posted on October 23, 2008. Filed under: Auditing, Penetration Testing | Tags: , , , , , |

Ok part 3 of the series of tools used for auditors is based around Hydra
Hydra was a software project developed by a German organization called “The Hacker’s Choice” (THC) that uses a dictionary attack to test for weak or simple passwords on one or many remote hosts running a variety of different services. It was [...]

Read Full Post | Make a Comment ( 1 so far )

Now the Tools – Pt.2 Cisco Torch

Posted on October 21, 2008. Filed under: Auditing, Penetration Testing, Training | Tags: , , , |

Cisco Torch is a nice tool off that can be found on the BackTrack distro or as a standalone package. The main feature that makes cisco-torch different from similar tools is the extensive use of forking to launch multiple scanning processes on the background for maximum scanning efficiency. Also, it uses several methods of application [...]

Read Full Post | Make a Comment ( None so far )

Building upon the Insider Threat

Posted on October 14, 2008. Filed under: Auditing, General | Tags: , , , |

In an effort to reinforce my last blog I tracked down another survey in regards to security in the workplace. This was conducted by RSA/EMC’s Security arm. The results of the survey underscore that the risk posed to data by well-meaning insiders. This group is made up of employees, contractors, suppliers, partners, visitors [...]

Read Full Post | Make a Comment ( None so far )

« Previous Entries

    About

    “The soft and the pliable will defeat the hard and strong.” Lao Tzu

    RSS

    Subscribe Via RSS

    • Subscribe with Bloglines
    • Add your feed to Newsburst from CNET News.com
    • Subscribe in Google Reader
    • Add to My Yahoo!
    • Subscribe in NewsGator Online
    • The latest comments to all posts in RSS
    • Subscribe in Rojo

    Meta

Liked it here?
Why not try sites on the blogroll...