Tool Time: Secunia Online Software Inspector (OSI) | hakin9.org

Mervyn Heng, CISSP – May 2013

The beauty of running Ubuntu Linux is the ease of maintaining your Operating System (OS) and software using the apt command or Update Manager. Both tools offer a single mechanism of keeping your system patched and up to date. The same cannot be said of Windows because the built-in update program only caters to Microsoft proprietary software such as the OS and Microsoft Office for examples.

Microsoft has enterprise tools like System Center Configuration Manager (SCCM) to install patches and upgrades to servers as well as endpoints but there are still standalone systems that require manual patching.

Besides Microsoft components, there are a host of other software (eg. Reader, Flash, Java) that are require to support business operations but highly susceptible to compromise. Maintaining them can be tedious, time consuming and insecure as an administrator may not apply a patch or upgrade in a timely manner.

There is a simple solution to this predicament. Secunia hosts a free tool called Online Software Inspector (OSI). Click Start Scanner to initiate a check on your system.

Kali Linux Tutorial - Websploit Framework | eHacking.net

Websploit is an automatic vulnerability assessment, web crawler and exploiter tool. It is an open source command line utility that composed on modular structure. At the time of writing, there are 16 modules are available on Websploit, it can be downloaded from sourceforge project website but it is available on Kali Linux by default.

Websploit can be synchronize with Metasploit WMAP project for web vulnerability scanning, there are four categories of modular are available and they are:

Web Modules
Network Modules
Exploit Modules
Wireless Modules

Read more @ http://www.ehacking.net/2013/05/kali-linux-tutorial-websploit-framework.html

Installing Windows Server 2008 Using Flash Drive

Windows 2008 comes only on DVD and today you’d think every computer has a DVD drive by default, unfortunately most servers are ordered without them and that causes a problem obviously. Your choices would be to break the DVD into CD-ROMs (not fun) install over the network (a little more work than I wanted to do) or find another means to get it up. My solution, USB Thumb drive

Since Vista and Windows 2008 share the same code base, I figured someone must have found a way to boot vista off a thumb drive so I looked and found just that. Kurt Shintaku has a how-to on how to install Windows Vista from a high speed USB 2.0 Flash Drive.

Before you begin though, if your thumbdrive has U3 installed on it, you’ll probably want to remove that (I did just to be certain), here’s instructions on how to do that:http://www.u3.com/uninstall/


Using Kurt’s instructions this is all it took:
Format the thumb drive  from a DOS prompt execute:

• diskpart 
• list disk 
• select disk 1 (assuming disk 1 was your thumb drive in the above list disk command) 
• clean 
• create partition primary 
• select partition 1 
• active 
• format fs=fat32 
• assign 
• exit 

Copy the Win2008 install files

xcopy d:\*.* /s/e/f e:\ (assumes your dvd is drive D: and your thumb drive is drive E:\, adjust accordingly)

That’s all it took other than verifying the server BIOS was set to boot off of the USB device. But hey, don’t stop there! Check out the Windows Cloud Servers at www.appliedi.net and get your own Windows 2008 Server in the cloud in just 30 minutes, no USB device required!

Your Facebook Account Hacked? Protect it Now! | eHacking.net

Facebook has become a popular platform not only for social networking but also for business promotion. You will find many brand exposure on Facebook these days. But how will you feel when such an important account gets hacked? In the present scenario, hacking a Facebook account is quite alike hacking the email account or the bank account. It’s true that your life seems to get ruined when your Facebook account gets hacked.

Many users spend hours after hours staying online on these sites and hence, such a breach of act can affect them adversely. When your account gets hacked, all your personal details are hijacked and spam mails are sent to a number of high grade professionals. Want to safeguard yourself from getting hacked?
Follow these steps and protect yourself.

Microsoft Security Toolkit delivers new defensive technology | Microsoft

Microsoft's Trustworthy Computing Group today released the Enhanced Mitigation Experience Toolkit (EMET) 3.5 Technology Preview, which includes new Return Oriented Programming (ROP) defenses inspired by BlueHat Prize contest finalist Ivan Fratric.

The EMET 3.5 Technology Preview is a freely available security tool that makes it more difficult for attackers to exploit vulnerabilities and gain system access.

The BlueHat Prize competition, a program aimed at nurturing innovation in exploit mitigations through awarding more than $250,000 in cash and prizes, was launched by Microsoft one year ago at the Black Hat security conference in Las Vegas.

"In less than three months, we successfully integrated one of the BlueHat Prize finalists' technologies with EMET 3.5 Technology Preview to help make software significantly more resistant to exploitation," said Mike Reavey, senior director of the Microsoft Security Response Center at Microsoft.

Wireshark updates fix DoS vulnerabilities | H-Online

The developers at the Wireshark project have releasedversions 1.6.9 and 1.8.1 to close important security holes in their open source network protocol analyser. The updates to the cross-platform tool address two vulnerabilities that could be exploited by remote attackers to cause a denial of service (DoS).

The vulnerabilities are a problem in the Point-to-Point Protocol (PPP) dissector that leads to a crash and a bug in the Network File System (NFS) dissector that could result in excessive consumption of CPU resources; to take advantage of the holes, an attacker must inject a malformed packet onto the wire or convince a victim to read a malformed packet trace file. Versions 1.4.0 to 1.4.13, 1.6.0 to 1.6.8 and 1.8.0 are affected; upgrading to the new 1.6.9 and 1.8.1 releases fixes the problems. According to the project's security advisories, version 1.4.14 should correct these issues on the 1.4.x branch of Wireshark. However, at the time of writing, Wireshark 1.4.14 is not available on the site and release notes for that version have yet to be published.

More details about these updates, including a full list of known issues and changes, can be found in the 1.6.9 and 1.8.1 release notes. Wireshark 1.6.9 and 1.8.1 are available todownload from the project's site and are licensed under the GPLv2.

Article source : http://www.h-online.com/security/news/item/Wireshark-updates-fix-DoS-vulnerabilities-1652207.html

VirusTotal online scanner adds behaviour analysis | H-Online

The developers of the VirusTotal online virus scanner service are currently testing a new sandbox feature to provide users with more meaningful scan results. In a post on the company's blog, software architect and developer Emiliano Martinez says that, for this purpose, samples uploaded to the service are executed in a controlled sandbox environment where their actions can be "recorded in order to give the analyst a high level overview of what the sample is doing".

An analysis of the uploaded file's behaviour is then displayed in a new "Behavioural information" tab as part of the scan results. VirusTotal logs file and registry activities as well as new processes and code injections. The scanner also issues a notification when a file directly sends commands to certain device drivers.

Howto | Flush DNS | mYne-net

Flush DNS
Most operating systems and DNS clients will automatically cache IP Addresses and other DNS results, this is done in order to speed up subsequent requests to the same hostname. Sometimes bad results will be cached and therefore need to be cleared from the cache in order for you to communicate with the host correctly. All major operating systems allow you to force this process, outlined below are the common steps you will need to follow in order to flush your DNS cache.

Review | spt v0.6.0 – Simple Phishing Toolkit Available For Download | mYne-net

Found this tool. What it is the thing?

As simple tool as you can use for evaluate weakest inside the link in any security minded organization.




spt is a simple concept with powerful possibilities. It is what it’s name implies: a simple phishing toolkit.

Reaver-wps WPA/WPA2 Cracking Tutorial | Ethical Hacking-Your Way To The World Of IT Security

Reaver-wps WPA/WPA2 Cracking Tutorial | Ethical Hacking-Your Way To The World Of IT Security

Reaver performs a brute force attack against an access point's WiFi Protected Setup pin number. Once the WPS pin is found, the WPA PSK can be recovered and alternately the AP's wireless settings can be reconfigured. While Reaver does not support reconfiguring the AP, this can be accomplished with wpa_supplicant once the WPS pin is known.