iago-vL - Slashdot User

Submission + - NetBIOS Design Allows Traffic Redirection (skullsecurity.org) 1

Submitted by iago-vL on Thursday December 24, 2009 @12:51PM

iago-vL writes: Security researchers at SkullSecurity released research demonstrating how the NetBIOS protocol allows trivial hijacking due to its design; they have demonstrated this attack in a tool called 'nbpoison' (in the package 'nbtool'). If a DNS lookup fails on Windows, the operating system will broadcast a NetBIOS lookup request that anybody can respond to. One vector of attack is against business workstations on an untrusted network, like a hotel; all DNS requests for internal resources can be redirected (Exchange, proxy, WPAD, etc). Other attack vectors are discussed here. Although similar attacks exist against DHCP, ARP, and many other LAN-based protocols, and we all know that untrusted systems on a LAN means game over, NetBIOS poisoning is much quieter and less likely to break other things.

Submission + - Security-enhanced Linux distro can rebuild itself (openwall.com) 3

Submitted by iago-vL on Tuesday December 01, 2009 @11:49AM

iago-vL writes: Last week, the Openwall Project released the latest build of Openwall GNU/*/Linux (Owl for short) (announcement). This distribution, which has the ability to completely rebuild itself from source, is designed from the ground up to be secure. From source code audits of critical components to advanced privilege separation, secure defaults, and integration of OpenVZ container-based virtualization, Owl makes a great server platform!

Comment Re:Bloat. (Score 5, Informative) 73

by iago-vL on Thursday July 16, 2009 @06:06PM (#28723523) Attached to: Nmap 5.00 Released, With Many Improvements

As the original poster, and the author of a dozen or more Nmap scripts, I agree 100%. If you look at the tool itself, you'll see that everything is fairly separate and independent, even if they share a common codebase -- between the scripting and the "bonus" tools, the core is still fairly tight.

My comment at the end about the bloat + Emacs was intended 100% as humour, not actual commentary. I'm hoping nobody took it as a legitimate stab at Nmap, because it wasn't.

Submission + - Nmap 5.00 Released! (nmap.org)

Submitted by

iago-vL

on Thursday July 16, 2009 @12:12PM

iago-vL writes: "The long-awaited Nmap Security Scanner version 5.00 was just released (download)! This marks the most important release since 1997, and is a huge step in Nmap's evolution from a simple port scanner to an all-around security and networking tool suite. Significant performance improvements were made, and dozens of scripts were added. For example, Nmap can now log into Windows and perform local checks (PDF), including Conficker detection. New tools included in 5.00 are Ncat, a modern reimplementation of Netcat (with IPv6, SSL, NAT traversal, port redirection, and more!), and Ndiff, for quickly comparing scan results. Other tools are in the works for future releases, but we're still waiting for them to add email and ftp clients so we can finally get off Emacs!"

Submission + - Using Conficker's tricks to root out infections (seclists.org)

Submitted by

iago-vL

on Tuesday April 21, 2009 @11:20PM

iago-vL writes: "The folks at Nmap have done it again: despite having their domain blacklisted by Conficker, they released Nmap 4.85BETA8, which promises better detection of the Conficker worm. How? By talking to it on its own peer to peer network! By sending encrypted messages to a suspect host, Conficker.C and higher will reveal itself. This curious case of using Conficker's own tricks to find it is similar to the last trick that Slashdot reported. More info from the author can be found here, and you can download Nmap here (or, if you're a Conficker refugee, try this link instead)."

Comment Re:So... (Score 2, Informative) 288

by iago-vL on Monday March 30, 2009 @02:47PM (#27391785) Attached to: Taming Conficker, the Easy Way

That's correct. I added a 'safe' parameter last night, since the Connficker check is safe, and have been advocating its use in all my posts (you'll see "script-args=safe=1" in everything). Watch out for that.

And for what it's worth, even if 'safe' is missing, it's only going to crash stuff that isn't patched for MS08-067.

Comment Re:So... (Score 0, Troll) 288

by iago-vL on Monday March 30, 2009 @02:20PM (#27391431) Attached to: Taming Conficker, the Easy Way

Glad to hear it! When I wrote the ms08-067 script, I was surprised to see it posted around the Internet -- I wrote it as a demo of what Nmap can do, not as a production-grade scanner, and I guess it ended up being more useful than the other scripts that I've put *far* more work into :)

Comment Re:So... (Score 4, Informative) 288

by iago-vL on Monday March 30, 2009 @01:26PM (#27390643) Attached to: Taming Conficker, the Easy Way

Hey guys,

I'm the author of that script, and that's exactly right. I posted a full explanation on my blog.

Comment Re:Mod parent up (Score 1, Troll) 379

by iago-vL on Friday March 27, 2009 @11:25PM (#27367403) Attached to: Are Long URLs Wasting Bandwidth?

Google and the like don't care what your source IP is, just that you have the proper cookie. Something else is causing your problem.

(If you want proof, drag a laptop to your friends' houses, and you'll still be logged in)

Comment Re:My thoughts exactly (Score 1, Troll) 358

by iago-vL on Thursday March 26, 2009 @10:54PM (#27352395) Attached to: Huge Supernova Baffles Scientists

Based on the context, even if somebody doesn't know the word, it should still be perfectly cromulent.

Comment Re:Alphabetical_list_of_open_source_games (Score 0) 242

by iago-vL on Tuesday January 27, 2009 @03:54PM (#26627673) Attached to: New Open Source FPS <em>Blood Frontier</em> Shows Promise

Can you be more specific? I've played that game a significant amount, and beat a handful of the campaigns, but I've never had any issues that make the game out to be less than professional.

As a disclaimer, I've never played online, so I don't know how their multiplayer gaming is set up.

Comment Re:LOL (Score 0, Troll) 1235

by iago-vL on Monday January 26, 2009 @05:08PM (#26612757) Attached to: New Law Will Require Camera Phones To "Click"

What about a loudener? Speed cocker? An attachment for shooting down police helicopters?

Comment Re:Keep spreading lies (Score 0, Flamebait) 295

by iago-vL on Saturday January 24, 2009 @10:37PM (#26594957) Attached to: Downadup Worm — When Will the Next Shoe Drop?

Actually, Flash provides a write-only clipboard. It can't read the clipboard unless the user gives it permission (short of some vulnerability in Flash, of course).

Comment Re:From the article (Score 1, Troll) 182

by iago-vL on Monday December 22, 2008 @03:07PM (#26203837) Attached to: Security Flaws In Aussie Net Filter Exposed

Don't forget that every security patch that Microsoft releases is a hole that blackhats could already have been exploiting. Patches created now could (and often do) fix vulnerabilities dating back to the release of Windows 2000 or Windows NT. There's no way to guarantee that the holes aren't known and exploited by others.

That being said, any system with proper firewalling mitigates much of the issue. If the only port open to the public network is the one running the proxy software (or whatever it is), then there is very little attack surface.

Submission + - 10 Years of Nmap (net-security.org)

Submitted by J0hn5 on Friday December 14, 2007 @02:58PM

J0hn5 writes: To celebrate the 10th anniversary of this powerful tool, Nmap 4.50 has been released. It is the first stable release in more than a year and the first major release since 4.00 two years ago. Also, here's a quick look at Zenmap, Nmap's official GUI that is a multi-platform free and open source application which aims to make Nmap easy for beginners to use while providing advanced features for experienced Nmap users. Frequently used scans can be saved as profiles to make them easy to run repeatedly.

Slashdot Top Deals