Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×
The Internet

Nmap Developers Release a Picture of the Web 125

Posted by Soulskill from the pretty-pictures dept.
iago-vL writes "The Nmap Project recently posted an awesome visualization of the top million site icons (favicons) on the Web, sized by relative popularity of sites. This project used the Nmap Scripting Engine, which is capable of performing discovery, vulnerability detection, and anything else you can imagine with lightning speed. We saw last month how an Nmap developer downloaded 170 million Facebook names, and this month it's a million favicons; I wonder what they'll do next?"

Comment New Nmap 5.30BETA1 Release (Score 5, Informative) 55

by fv (#31663170) Attached to: Taking Apart the Energizer Trojan
We just today released Nmap 5.30BETA1, which contains the version detection signature described in this post for detecting the Energizer trojan. It also includes a detection and exploitation script for a major Mac OS X vulnerability which Nmap developer Patrik Karlsson found last month and Apple finally patched this morning. There are about 100 other changes as well, including 37 new NSE scripts. You can download it free here.

Pardon the Nmap promotion, but it seemed on-topic for the story.
Security

Submission + - Detecting critical Apple vulnerability with Nmap (cqure.net) 1

Submitted by iago-vL
iago-vL writes: Patrik Karlsson, an Nmap developer, released a script today to detect a vulnerability in the Apple Filing Protocol (afp), CVS-2010-0533. This vulnerability is trivial to exploit and allows users to view files outside of public shares. He describes this vulnerability, which he discovered inadvertently while working on the Nmap Scripting Engine (NSE), as "strikingly similar to the famous Windows SMB filesharing vulnerability from 1995." Instructions on how to detect vulnerable systems using Nmap can be found in the post linked above.
Security

Submission + - Nmap 5.00 Released! (nmap.org)

Submitted by
iago-vL
iago-vL writes: "The long-awaited Nmap Security Scanner version 5.00 was just released (download)! This marks the most important release since 1997, and is a huge step in Nmap's evolution from a simple port scanner to an all-around security and networking tool suite. Significant performance improvements were made, and dozens of scripts were added. For example, Nmap can now log into Windows and perform local checks (PDF), including Conficker detection. New tools included in 5.00 are Ncat, a modern reimplementation of Netcat (with IPv6, SSL, NAT traversal, port redirection, and more!), and Ndiff, for quickly comparing scan results. Other tools are in the works for future releases, but we're still waiting for them to add email and ftp clients so we can finally get off Emacs!"

Comment Open Source Competitors (Score 5, Informative) 120

by fv (#28150767) Attached to: L0phtCrack (v6) Rises Again

When the submitter referenced "open source alternatives that go by similar names", he was referring to ophcrack. Similar features are also available from Cain and Abel, and John the Ripper.

I maintain a list of top password crackers and sniffers as part of my SecTools.Org site.

While the submitter is correct that they have much more competition now, I still wish to congratulate the former L0pht guys on the new release!
Security

Submission + - Nmap 4.50 Released in its 10th Birthday (insecure.org)

Submitted by
buanzo
buanzo writes: "After nearly two years of work since the 4.00 release, Insecure.Org is pleased to announce the immediate, free availability of the Nmap Security Scanner version 4.50 from http://insecure.org/nmap/ . Nmap was first released in 1997, so this release celebrates our 10th anniversary! Major new features since 4.00 include the Zenmap cross-platform GUI, 2nd Generation OS Detection, the Nmap Scripting Engine, a rewritten host discovery system, performance optimization, advanced traceroute functionality, TCP and IP options support, and nearly 1,500 new version detection signatures. Dozens of other important changes — and future plans for Nmap — are listed in the release announcement. We recommend that all current Nmap users upgrade."
Networking

Submission + - NMap 10th anniversary and 4.50 release!

Submitted by JTD121
JTD121 writes: This is the 10th anniversary of Nmaps' release, and the release of 4.50 after quite some development.

"This is the first stable release since 4.20 (more than a year ago), and the first major release since 4.00 almost two years ago. Dozens of development releases led up to this. Major new features since 4.00 include the Zenmap cross-platform GUI, 2nd Generation OS Detection, the Nmap Scripting Engine, a rewritten host discovery system, performance optimization, advanced traceroute functionality, TCP and IP options support, and and nearly 1,500 new version detection signatures. More than 300 other improvements were made as well."
Security

Submission + - Nmap hits the Silver Screen (Again)

Submitted by
Devil's BSD
Devil's BSD writes: "Some of you probably remember a few years ago when Nmap was used in Matrix Revolutions to take down a power grid. Now, Nmap has hit the big screen again, this time in the Bourne Ultimatum. Although it probably flashed by too fast for most of us in the theater, it's clearly visible in the DVD releases. Video stills at http://insecure.org! Also, bash is clearly visible as the shell of choice here. Were they trying to make a subtle connection to the Bourne-Again Shell?"
Security

Submission + - Myspace and GoDaddy shut down security archives

Submitted by
Gerald
Gerald writes: "According to a post on the nmap-hackers mailing list early this morning, Myspace had GoDaddy shut down the entire SecLists.org domain. SecLists.org is run by Fyodor of Nmap fame and hosts many important security-related mailing list archives. This is an important service for the security community.

It looks like someone posted a list of Myspace usernames and passwords to one of the lists archived at SecLists.org. Instead of contacting Fyodor directly about the problem, they contacted his DNS provider (GoDaddy) and had them shut down the entire domain."
Windows

Submission + - Pirates crack Vista Activation Server

Submitted by Smithd132
Smithd132 writes: 7th December 2006 — James Bannan of apc magazine — Vista

Pirates have released another ingenious workaround to Vista's copy protection: a hacked copy of Microsoft's yet-to-be-released volume licencing activation server, running in VMware. Volume Activation 2.0 is one of the more controversial features of Vista: it means that every copy of Vista has to be activated, even the Business/Enterprise volume licenced editions. However, to make life easier for administrators, Microsoft worked in a more convenient system of in-house for en masse activation of PCs called KMS — Key Management Service.

The idea behind KMS is that you have a single PC running KMS which can then handle activation for all your Vista clients, so that they don't have to connect back to Microsoft every single time. The downside of KMS is that the activation is only good for 180 days, to discourage people bringing in their home systems, activating them and wandering off again. Bearing in mind that KMS wasn't scheduled to be released until next year, pirates have managed to get hold of KMS and produce a standalone, fully-activated KMS server called "Windows Vista Local Activation Server — MelindaGates". Tongue-in-cheek of course...the first "cracked" version of Vista was called Vista BillGates.

The download is a VMWare image, and the idea behind it is that you download and install VMWare Player (a legal free download), boot the image and use some VBS script (supplied with the activation server download) to have the client Vista machine get its activation from the local server. And that's it — no communication back to Microsoft. Of course, in line with the Volume Activation 2.0 model, this only works with Vista Business and Enterprise editions, as they are the only ones which will accept KMS keys. Home and Ultimate editions still use normal single-use activation that calls back to Microsoft for validation of the product ID. On one hand, this is strikes a serious blow to Vista's activation model. Simply possessing the Vista DVD (which was released on the boards about two weeks ago) wasn't enough to get you past the robust activation requirements. But if you can load up a local activation server and activate Vista that way, it sort of makes the whole thing redundant.

There are two caveats though. Vista still has to be installed with a KMS product key, so if that activated system ever goes through the WGA system with a known pirated key, Microsoft will be able to track it down and eventually close the loop. The second is that this is a true KMS server, so the activation is only good for 180 days, then the client needs re-activation. It's also still not a crack. In this instance, as with the Vista BillGates release, it's an activation workaround. Admittedly a very clever one, and one that Microsoft will have a lot more trouble stamping out, but the fact that it's taken the acquisition of a KMS server shows that Vista activation is still holding strong in its own right. But is that of any comfort to Microsoft right now, while its yet-to-be-widely-released OS is being pirated like crazy?

Slashdot Top Deals

Software production is assumed to be a line function, but it is run like a staff function. -- Paul Licker

Close