I’ve been spending a lot of time lately working with packet captures. I’ve been stringing together a long list of silly one-liners to make a very rough pcap vulnerability scanner of sorts. This is one of those one-liners. One of the main things I first hunt for in network traffic is sensitive data leaving the network. Depending on the client, this could range anywhere from Social Security Numbers to Player Tracking Numbers on gaming networks. I usually use grep and … →
I wrote about this a while back, but it seems like others are taking note: “The U.S. Federal Trade Commission (FTC) on Thursday (Feb. 25) screamed “the Emperor has no clothes” by reporting to consumers that one of the largest firms issuing “Verified Secure Breach Protection” seals doesn’t really verify much at all. The practical impact of the ruling for E-Commerce sites is unclear, both because the FTC has little authority to enforce its rulings and because consumers have typically … →
Here is an interesting recap of some of the top web incidents of 2009, along with some projections for 2010. It’s done by one of the guys at Breach Security. It includes a recap and some technical details on the TJX hack, Time’s ‘Most Influential Person’ poll abuse, fun with Twitter, and more. A good read and some good perspective. You need to disclose some info to download – but its worth it. http://www.breach.com/resources/whitepapers/top-web-incidents-2009.html
I need to express my love for OWASP’s Live CD (aka OWASP Web Testing Environment). Its backtrack-like philosophy of piling in the web-security tools is simple, but the end result is a wonderful testing environment. Firefox comes action-packed with web testing addons, a pile of proxies (burp, paros, rat), a multitude of scanners (grendel,w3af), and an array of other tools. While the forums and tutorials on the site are a bit slim at the moment, its a great start to … →
A few days ago, I was talking about spinning up a new VM to take on some random task, and a fellow Redspin geek jokingly asked if I had ever heard of virtualization sprawl. I took a second to think about the population of Debian VM’s I had built in the past year; I had more than doubled the headcount in our server block. The geek in me says “Spin em up! Disk space is cheap! Cacti loves to make … →
Apache is a fantastic web server. It’s easily installable on pretty much every modern operating system, it has gobs and gobs of community support, documentation and howto’s, and is very robust. What I don’t like about Apache is its kitchen sink approach to functionality. By default, lots of modules and extra configuration directives are enabled. Needless to say, the majority of these aren’t needed for a simple web server. Even with a more advanced web application, it’s best to start … →
There are many choices out there when it comes down to validating the security of your external network. The range of services and skill levels available are almost overwhelming when you first set out on your search. You’ll find high school students who charge you for Nmap ouput, veterans of the security industry who write shellcode in assembly as a hobby, and everything in between. You want to make sure your website and mail server aren’t easy pickings for hackers….but … →
You’d think that checking your email in a web browser is a simple task. Open up Firefox, plunk in your username and password, and start sending things to the SPAM folder. The truth is, when you load up your web mail in a browser, a flurry of activity takes place behind the scenes. One of the most interesting things that happens is how your web browser interacts with your web mail server (or any SSL-enabled service) to select a encryption … →
ActiveX seems to be getting some bad press once again, as its the target of recent exploits. From SANS: “Microsoft mentions that they are aware of active exploits against this vulnerability, although we at the SANS Internet Storm Center haven’t seen it used or mentioned in public as of yet. Which may tend to indicate it has been used in targeted rather than broad based attacks. At the moment there is no patch, there is a workaround, and it can … →
