System7

Spread the word, information is free.

Archive for category security

NodeZero Linux Live CD

Sep 1

Posted by The Gunslinger in news, security | No Comments

I usually rely on Backtrack as my security Swiss army knife.  However I recently learned of NodeZero Linux (formerly Ubuntu Pentest Edition-PE).  Once I give it a full shake down I’ll post a review of how I think it stacks up against BT.

NodeZero is Ubuntu based linux designed as a complete system which can also be used for penetration testing. NodeZero uses Ubuntu repositories so your system will be always up to date. The system setup is basic and it’s primarily designed for disk installation and customization as you want.

With NodeZero comes around 300 tools for penetration testing and set of basic services which are needed in penetration testing.

Tags: ,

Generating an SSL server report card

Aug 16

Posted by The Gunslinger in news, security | No Comments

The kind folks over at Qualys are running a site which will “grade” an SSL server based on its security configuration.  The site below will generate a report card of a site’s SSL configuration based on factors such as the certificate chain, cipher suites, and protocols allowed.

https://www.ssllabs.com/

I learned of the site by listening to Qualys’ Ivan Ristic, primary author of Apache’s mod_security, on the Eurotrash Security podcast.

Tags: ,

Computer Forensics practice

Aug 14

Posted by The Gunslinger in forensics, news | No Comments

You’ve just finished receiving digital forensics training or acquired a new tool (FTK, Encase, Sleuth).  Now what?  You’re waiting for some real cases to crack.  In the meantime, over on the SANS Forensics blog, Ken Pryor has posted an excellent article which lists most of the freely available forensic exercises, challenges, and practice images: http://blogs.sans.org/computer-forensics/2010/07/27/im-here-now-what/

Remember, I’ve previously posted a list of:

Tags: ,

Truecrypt 7.0 Released

Jul 29

Posted by The Gunslinger in news, security | No Comments

Truecrypt 7.o has been released.  One of the interesting new features is it takes advantage of Intel’s hardware accelerated AES.  The new Intel i5 and i7 core’s include additional x86 instructions for hardware based AES block ciphering and key generation.  If you take advantage of this there should be no performance disadvantage to running full disk encryption.  I don’t think software encryption is as big a performance hit anymore unless you’re running antiquated hardware in which case you probably can’t afford the new Intel cores anyways.

There’s some other cool new features including Favorites and support for new large sector disks (waiting for these to come down in price).  You can read the full Truecrypt change log here.

Tags: ,

SophosLabs Released Free Tool to Validate Microsoft Shortcut

Jul 27

Posted by The Gunslinger in news, security | No Comments

I read this on the Internet Storm Center yesterdaySophos has released a tool that will provide detection against the Windows shortcut exploit announced last week (originally being used to exploit Siemens SCADA machines).  Be careful, this is a nasty vulnerability with a large scope — the entire Windows family of OS going back to NT as far I’m aware.  If you want to play with the vulnerability yourself it has to be added to Metasploit — thanks hd!

SophosLabs has made a video available on what is the exploit and how the tool works here and the tool is available for downloaded here.

Tags: , ,

REMnux: Distro for Reversers

Jul 26

Posted by The Gunslinger in forensics, malware, news, security | No Comments

Lenny Zeltser, SANS Instructor, has released a customized distribution targeted at malware reverse engineers.  From the REMnux page:

REMnux is designed for running services that are useful to emulate within an isolated laboratory environment when performing behavioral malware analysis. As part of this process, the analyst typically infects another laboratory system with the malware sample and directs potentially-malicious connections to the REMnux system that’s listening on the appropriate ports.

REMnux is also useful for analyzing web-based malware, such as malicious JavaScript, Java programs, and Flash files. It also has tools for analyzing malicious documents, such as Microsoft Office and Adobe PDF files, and utilities for reversing malware through memory forensics. In these cases, malware may be loaded onto REMnux and analyzed directly on the REMnux system without requiring other systems to be present in the lab.

Tags: , ,

LastPass: My new favorite password manager

Jul 23

Posted by The Gunslinger in news, privacy, security | No Comments

LastPass is a cloud based password manager.  There’s no worries as your master password is used to symmetrically encrypt your information before it it sent to LastPass.  You don’t have to worry about passwords lying around unencrypted on your disk. The really great thing about LastPass is they support just about every known device: BlackBerry, iPhone, Android, Mac, Windows, Linux, Firefox, IE, Chrome, etc……..

LastPass is free!

LastPass Premium (no ads, mobile support) is only $1 a month!

LastPass imports from over 20 password managers

Go check it out now.  I’ve already switched from KeePassX and Firefox Password Manager.  I’ll be getting the rest of my family moved on to it this weekend.  If you still need more convincing Episode 256 of Security Now, Steve Gibson walks listeners through the LastPass architecture.  Also don’t forget to run the LastPass Security Challenge — it will score you based on your average password strength, use of two factor authentication, blank passwords, duplicate passwords, etc.

Tags:

Maltego 3 creators interviewed

Jul 21

Posted by The Gunslinger in hardware & software, news, security | No Comments

In a recent Exotic Liability podcast (not PG13) Chris and Ryan interview folks from Paterva, the makers of Maltego.  You should definitely try Maltego if you’ve never used it.  They have a free version and it runs on both Windows and Linux.  The software allows you to create a visual mapping of gathered intel.  The tool is a must have for penetration testing as well as gathering intel on persons of interest, a la dossier.  Maltego includes a powerful feature called transforms which allow you to rapidly pivot from one piece of valuable information to another.

FYI:  Chris and Ryan hosted TruTV’s Tiger Team show which had a shorter life then the Microsoft Kin.

Tags:

VoIP Security

Jul 17

Posted by The Gunslinger in news, security | No Comments

The latest edition of free online magazine Hakin9 has a great article about VoIP security.  I learned that NIST has a paper on VoIP security, 800-58 ‘Security Considerations for Voice over IP Systems’.  I’m still in the process of reviewing this information so stay tuned for a review.

HTCIA’s 2010 Report on Cyber Crime Investigation

Jun 26

Posted by The Gunslinger in news, security | No Comments

The High Tech Crime Investigation Association (HTCIA) has released their 2010 Report on Cyber Crime Investigation.  Nothing earth shattering here.  Security professionals report:

  • Increase in criminal use of digital technology
  • Lack of dedicated personnel
  • Need for better training at multiple levels
  • Need for improvements in information sharing and collaboration
  • Need for better reporting, strategy and policy

Tags: ,