Monday, September 06, 2004

Complete rewrite of nmap (version 3.70)

Rush to your friendly neightbourhood insecure.org and pick up a copy of the new nmap 3.70. As fyodor himself puts it:
"This release includes dozens of major changes, and all users are advised to update. "

nmap is now much faster and supports parallel scanning of hosts ! This allows you to distribute a scan better, and is lighter on the target systems as well. There is also a fix for using it on systems with Windows SP2 (which broke raw sockets).

From whatever testing I've done with the new version, it seems really good. The increase in speed is really awesome. This has all happened because the main port scanning engine has been rewritten from scratch.

Go ahead and download

Thursday, August 05, 2004

The New Job.....

Well, about that work related scenario.. I'm now working for MIEL e-Security Pvt Ltd. I'm working as a penetration-tester (what they call 'Attack & Penetration').

The blog updates have slowed down temporarily as I've been over-burdened with a whole lot of stuff. However here's the good news. The portknocking code will be up very shortly, as will another tool I've written to discover systems with common hostnames.. very useful when you don't get an AXFR from a DNS server. Pops up some interesting results ;)

I'm back in action at firewall.cx again, so get in touch with me there.

If any of the guys from the training in Mauritius are reading this, drop me a private message there and we can discuss some of the training topics etc.

Tuesday, May 18, 2004

Back From The Dead

Yes I know its been awhile.. I've been busy appearing on the front page of newspapers (ok so only one newspaper.. the Mid-Day). The article covered the work I'm doing at the Mumbai Police Cyber Lab (the website is incomplete) and was rather spiced up IMHO. Anyway, scans of that will come up later once I figure out how to make myself look like less of a hardened criminal in the photograph.

So the Cisco IOS 12.3 source has been stolen. Coming after Microsoft's great Win2k source expose, this is giving the term 'open source' a new meaning ;). Still you've gotta feel for Cisco, they make the best damn hardware bar none (the fact that I'm a proud card carrying member of the CCNA family does not make me biased !).

Watched an incredible biography on Beethoven on the History Channel this evening. If you're a musician you'll really understand how he must have driven himself crazy after going deaf. Anyway, in deference to genius I've traded in the progressive rock for the Moonlight Sonata and Tchaikovsky's violin concertos (Kyung-Wha Chung on violin).

My port knocking implementation is almost complete. You'll be able to grab it here the second I finish commenting the code for you hackers. Then you admins / crackers can enjoy the goodness of backdoor shell access that is undetectable to portscans !

More on an interesting work related scenario soon..

Saturday, February 28, 2004

Firewall.cx ties up with Searchnetworking.com, a new Nmap, Winamp plugins and prog rock !

Good news everyone, firewall.cx has tied up with Searchnetworking. Searchnetworking is one of the heavyweight networking sites in the techtarget group. It gets a tremendous amount of traffic everyday and under the new deal, Searchnetworking gets to use firewall.cx's exclusive articles and other content. This way searchnetworking benefits from getting really quality original articles and we get a load more traffic. I suggest you check out searchnetworking and sign-up there, there is a whole lot of really top-notch information on that site.. and now if you browse through their administrator academy you'll see a few of our firewall.cx articles up their already.

In other news, Nmap 3.50 has been officially released. The improvements include a remote OS identification database that has doubled since its last incarnation as well as cosmetic changes to how the output is displayed. It is also supposedly faster. So go grab the Rolls-Royce of portscanners !

I've also added a neat little thing called Blogamp to the bottom left of the page (in the sidebar below the virus information). This niftly little thing shows you the last five songs I've been playing in Winamp (and yes I own the CDs). Thanks Chris for letting me host it at firewall.cx :)

As you can see I've just discovered the incredible progressive-rock band called Shadow Gallery. If you like prog rock, you owe it to yourself to check this band out.

Sunday, February 15, 2004

Vulnerability Database Added

I've just added the search code to the ICAT CVE Vulnerability Database. This useful tool lets you search for vulnerabilities in any software by keyword or vendor. Its completely up-to-date and provides further information on any vulnerabilities it finds.

Wednesday, January 28, 2004

Atom enabled news feeds !

In addition to the RSS news feed we already have from InstantRSS, I've now added Bloggers own Atom news feeds. Not all newsreaders currently aggregate Atom content, but you have both options. Here is a list of newsreaders that will handle the Atom feeds.

Here is the feed (or you can access it from the sidebar)
Atom Site Feed

Antivirus engines triggering on IE URL spoofing vulnerability while we wait for Microsoft to issue a patch

I received word from Cheetah, a firewall.cx member that the IE URL spoofing vulnerability demonstrated on this blog (a few posts below this) is now being recognised by some anti virus scanners as a 'URL spoofing exploit'. This is a good thing, since we're still waiting for Microsoft to issue a patch for the exploit. I have moved the actual demonstration link to a separate page so that anti virus products don't run around telling you that TFTFOTW is trying to do something evil. Rest assured that there is no malicious content on this site. It just goes to show that trust is a hard asset to win, and an even harder one to hold on to these days.

Once again, thanks to Cheetah for bringing this to my attention.

Monday, January 05, 2004

Security predictions for 2004

Well after you've read the post below this for IT predictions, you can have a look at some security predictions for 2004. I had also predicted the growth of personal firewalls in the enterprise, lets see how that comes about by the end of this year.

Security Predictions for 2004

The last paragraph really stands out. It makes three very pointed observations about how the IT industry and users have been dealing with security for the longest time, and why that has to change.

This page is powered by Blogger. Isn't yours? instantRSS Get Firefox