Gordon Lyon, better known by his online alias of Fyodor and as the creator of the very popular (and awesome) tool Nmap has released the results of the Nmap 2010 User Survey which he performs every couple of years. The survey is filled out by members of the Nmap-Hackers mailing list, one of several mailing lists that Fyodor maintains which is made up of many smart minds in the security world. The 2010 survey had more than 3000 participants throw … →
Want a quick way to see what GPO’s are applied to your local system, just using built in utilities? Using the GUI to manually view what settings are applied is awkward and slow. Use the following commands to see what policies are being handed down to the system you’re on and what they’re enforcing. This info can be incredibly handy during a pentest in order to find out the limitations being imposed on a specific system you’ve compromised. It can … →
I haven’t seen a Windows worm in the wild in a long time. The last time a major worm infestation took place was in 2003 in the days of Blaster which spread via an unpatched flaw in RPC. That same year was Slammer, and Code Red a few years before in 2001. This new worm code named ‘Morto’ has been seen in the wild and is accounting for a spike in RDP traffic on 3389/tcp as it spreads. Users are … →
As security guys (and Linux/GNU fanboys), we tend to do absolutely everything possible via the commandline. This is pretty easy in Linux/Unix OS’s, but unfortunately we deal with a lot of Windows boxen in our line of work, where it is less than easy at times. One common scenario we need to undertake is exporting all the GPO’s in a certain domain or forest for later analysis. For a small place this isn’t a big deal as there may only … →
Today Apple released OSX 10.7 Lion the latest version of their desktop and server OS. A number of new security features have been introduced with Lion which are very welcome, as well as a bunch of new usability tweaks and other generally cool things. I upgraded my i7 Macbook Pro to it a few hours ago and have a few quick observations: It’s only available as a download via the App store. No going to the Apple store and picking up … →
Over the weekend the Lulz Security guys called it quits. Their last release came on the 50th day since they started their escapades. It isn’t clear if they had intended from the start to only exist for 50 days, but after DDOS’ing cia.gov they had escalated their wanted status to critical and it was likely only a matter of time before they were going to be caught. They leave in their wake a trail of destruction which includes some huge … →
