Just a quick news update. Nmap 5.00 was released today!
In case you’re not aware, Nmap’s a free/open-source network scanner, and this is the first major release in quite some time. I’m installing it now and will update when I get a chance to try some of the new features out
Head over to their website for a detailed list of the changes, but here’s the top 5 improvements(as listed by them) :
The new Ncat tool aims to be your Swiss Army Knife for data transfer, redirection, and debugging. We released a whole users’ guide detailing security testing and network administration tasks made easy with Ncat.
The Nmap Scripting Engine (NSE) is one of Nmap’s most powerful and flexible features. It allows users to write (and share) simple scripts to automate a wide variety of networking tasks. Those scripts are then executed in parallel with the speed and efficiency you expect from Nmap. All existing scripts have been improved, and 32 new ones added. New scripts include a whole bunch of MSRPC/NetBIOS attacks, queries, and vulnerability probes; open proxy detection; whois and AS number lookup queries; brute force attack scripts against the SNMP and POP3 protocols; and many more. All NSE scripts and modules are described in the new NSE documentation portal.
We released Nmap Network Scanning, the official Nmap guide to network discovery and security scanning. From explaining port scanning basics for novices to detailing low-level packet crafting methods used by advanced hackers, this book suits all levels of security and networking professionals. A 42-page reference guide documents every Nmap feature and option, while the rest of the book demonstrates how to apply those features to quickly solve real-world tasks. More than half the book is available in the free online edition.
The addition of the Ndiff scan comparison tool completes Nmap’s growth into a whole suite of applications which work together to serve network administrators and security practitioners. Ndiff makes it easy to automatically scan your network daily and report on any changes (systems coming up or going down or changes to the software services they are running). The other two tools now packaged with Nmap itself are Ncat and the much improved Zenmap GUI and results viewer.
Nmap performance has improved dramatically. We spent last summer scanning much of the Internet and merging that data with internal enterprise scan logs to determine the most commonly open ports. This allows Nmap to scan fewer ports by default while finding more open ports. We also added a fixed-rate scan engine so you can bypass Nmap’s congestion control algorithms and scan at exactly the rate (packets per second) you specify.
Do you use Microsoft Window’s Bitlocker? TrueCrypt? DMCrypt? Or whatever the hell Apple calls their disk encryption?
If you do. Here’s something for you to think about. That encryption key is more vulnerable than you probably realize. It’s always going to be sitting somewhere in your ram while you’re logged onto your system. If you put your machine to sleep, it’s going to be there. Even if you completely power off your laptop/computer, it will still be sitting in that ram chip for at least a little while.
This video demonstrates an attack against Bitlocker:
Want to feel safe again?
Always shutdown your computer. Not sleep,hibernate, or any other lowpower state.
Find a program to scramble your ram on shutdown.
Don’t use liquid nitrogen to cool your ram.
Reevaluate your encryption needs, because most likely you don’t need to encrypt the WHOLE disk. If you’re using linux; look into setting up encryption per user per their home folder.
I’m not entirely sure I’d call it a worm since it doesn’t really spread automatically and on its own, but anyway. I saw this on gHacks and thought it was cool.
Basically this guy discovered seven vulnerabilities in the latest version of Wordpress and decided to write a worm that will go into your site and patch the problems. All you have to do is login as an admin, post a comment containing a link to http://mybeni.rootzilla.de/mybeNi/ and click on it from the Moderate Comments admin panel. This will take you to his site where you then would have to click “Secure my blog” to continue. It’ll go back to your admin panel and guide you through the process of patching 3 files to stop this kind of XSS/ Cross-site-scripting vulnerability.
Of course you’ll have to trust that this won’t do any harm to your wp installation
If you don’t want to do it this way and can wait. This is all fixed in the next update; which you can get off of the SVN repo right now.
The number of the day is 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
Digg got told by HD DVD to remove a story about hd-dvd’s processing key from doom9’s forums and now the internet’s basically pissed at them for choosing a sponsor over their users. Digg users are revolting by digging only stories with the key to the front page of digg.
There’s t-shirts, songs, videos, domains, and lots of other creative things containing the key now. ThePirateBay is embracing the numbers.
I’ll wait til andy watches the next episode of diggnation and see if they say anything about it.
They want to give this guy 60 years in prison for doing nothing really.. He didn’t break anything. I love how the reporter tries to act like he knows something about what he’s talking about, but doesn’t really.
“ In 2002, Gary McKinnon was arrested by the UK’s national high-tech crime unit, after hacking into NASA, and the US military. He says he spent two years looking for photographic evidence of alien spacecraft and advanced power technology. America now wants him on trial, and if tried there he could face 60 years behind bars. Gary’s been banned from using the Internet. We asked for his side of the story ahead of his extradition hearing on Wednesday,”
