Enjoy.]]> Mon, 19 May 2008 02:36:31 +0000 nemesis nemesis-ip nemesis-rip nemesis-igmp nemesis-icmp nemesis-arp nemesis-tcp ettercap plugins ettercap BackTrack Beta 3 Man Pages http://securityratty.com/article/40186d92f5cac8291c8e4722ba6916a4 http://securityratty.com/article/40186d92f5cac8291c8e4722ba6916a4 aircrack-ng, airdecap-ng, airdriver-ng, aireplay-ng, airmon-ng, airodump-ng, airolib-ng, airpwn, airsev-ng, airsnort, airtun-ng, amap, ascii-xfr, atftp, bison, bsqldb, buddy-ng, cabextract, catdoc, catppt, datacopy, dcfldd, decrypt, defncopy, dhcpdump, dmitry, dos2unix, dupemap, easside-ng, etherape, flex, foremost, freebcp, gencases, getattach.pl, hexedit, httpcapture, ike-scan, ivstools, kstats, mac2unix, macchanger, magicrescue, magicsort, makeivs-ng, mboxgrep, minicom, nemesis-arp, nemesis-dns, nemesis-ethernet, nemesis-icmp, nemesis-igmp, nemesis-ip, nemesis-ospf, nemesis-rip, nemesis-tcp, nemesis-udp, nemesis, netcat, nmap, nmapfe, obexftp, obexftpd, p0f, packetforge-ng, psk-crack, rain, runscript, scrollkeeper-config, scrollkeeper-gen-seriesid, sipsak, socat, tcptraceroute, truecrypt, tsql, unicornscan, vomit, wesside-ng, wordview, xls2csv, xminicom, xnmap, gdbm, etter.conf, scrollkeeper.conf, sudoers, scrollkeeper,  80211debug, 80211stats, arpspoof, atftpd, athchans, athctrl, athdebug, athkey, athstats, ath_info, dnsspoof, dnstracer, dsniff, ettercap, ettercap_curses, ettercap_plugins, etterfilter, etterlog, filesnarf, fping, fragroute, fragtest, hping2, hping3, in.tftpd, macof, mailsnarf, msgsnarf, netdiscover, packit, scrollkeeper-preinstall, scrollkeeper-rebuilddb, scrollkeeper-update, sing, sshmitm, sshow, sudo, sudoedit, tcpick, tcpick_italian, tcpkill, tcpnice, tinyproxy, urlsnarf, visudo, webmitm, webspy, wlanconfig

Enjoy.

hackme1.irongeek.com
hackme2.irongeek.com
dosme1.irongeek.com

    Try out Nmap, Nessus, Metasploit and other tools on these boxes. Please let me know your findings. Thanks to my hosting provider Dreamhost. If you want to know more about Dreamhost check out my review (and coupon codes), they have been pretty good to me.

]]> Mon, 31 Mar 2008 21:00:00 +0000 irongeek wargame servers computer security skills provider dreamhost coupon codes dreamhost check host names review metasploit Irongeek's Infosec Wargame Servers http://securityratty.com/article/47daa82533884710695a7627cc311389 http://securityratty.com/article/47daa82533884710695a7627cc311389

I guess maybe if you sell to the .edu crowd a lot, after a while you start thinking that all of your users are juvenile.  As a result you start thinking in terms of your product protecting against adolescents who are not smart, mature or capable enough of taking care of themselves.  You start thinking of yourself and the people who use your product as the grown ups, here to be the custodians of these addled brained users of the network. Or so it seems reading Gord Boyce's advertorial in Enterprise Networks and Servers titled "Are your users smarter than a 5th grader". 

You know what I mean by advertorial right? A piece in a magazine or e-zine that comes across looking like a real piece of journalism and is really a thinly veiled advertisement for your company's products.  Some people say my blog could be put in the same boat. If that is how you feel, so be it, I am not going to waste time arguing about it with you.

Gord's gist seems to be that users need parenting and that security and network administrators can administer the proper discipline or love in one of two personas.  You can be the Beaver's mom, Mrs. Cleaver or you can be Nurse Diesel (from High Anxiety for those too young to remember).  Frankly I find this view of network users arrogant and condescending.  For most enterprises their users are not some ill behaved child exhibiting bad manners.  They are legitimate users who have to access the network in order to get their work done.  And here is a lesson for all of you who subscribe to the "parenting approach" to network security, if those same users we are trying to discipline or raise into responsible adults don't get on the network and do their work, you may not have a paycheck!  So spare us the analogies to children accessing the network unless you are selling to schools.  Its time we treat our network users and legitimate guests as the adults they are. Adults who we are counting on to do their work and make our companies profitable and put food on our tables.

This same "teach the kids to mind their manners" approach to NAC is what has caused too many to think of NAC as being all about the quarantine.  It is not and should not be.  Quarantine should be something you do as a last resort. If someone has a legitimate right to be on the network, it should be the job of the NAC product to make sure they are on securely, in compliance and safely.  If they are deficient in some configuration lets get it fixed.  They should be allowed to go where they are allowed to go, not more or not less.  But I think we can spare the user the finger wagging and lectures. 

Unlike Gord, I actually think that time can be better spent in social engineering of NAC. Educating your network users is key.  The more time you spend making them understand why rules are in place and what they can do to help and make everyone more successful, the better off you are going to be.  I think the technology of NAC is only one piece of entire solution.  Security awareness and education are also key.  Also, unlike Gord I don't think that agentless NAC is the only way to test devices.  Especially if like Gord's product, all you are using to do so is nMap and an old version of Nessus (btw, Gord do you include the source code with your use of those open source products?). I think to truly test the full spectrum of devices accessing the network you need a combination of agentless, agent and web delivered testing options. You need a purpose built NAC testing engine.  If you want to provide continuous monitoring, you need to do more than recycling your failed IDS technology.

Here is the bottom line for me. If you think the people accessing your network are like the Beaver and Wally, Gord's product may be just what you are looking for. If you have adults trying to do business and make you and your company succeed perhaps another NAC solution might be best for you.

I guess maybe if you sell to the .edu crowd a lot, after a while you start thinking that all of your users are juvenile.  As a result you start thinking in terms of your product protecting against adolescents who are not smart, mature or capable enough of taking care of themselves.  You start thinking of yourself and the people who use your product as the grown ups, here to be the custodians of these addled brained users of the network. Or so it seems reading Gord Boyce's advertorial in Enterprise Networks and Servers titled "Are your users smarter than a 5th grader". 

You know what I mean by advertorial right? A piece in a magazine or e-zine that comes across looking like a real piece of journalism and is really a thinly veiled advertisement for your company's products.  Some people say my blog could be put in the same boat. If that is how you feel, so be it, I am not going to waste time arguing about it with you.

Gord's gist seems to be that users need parenting and that security and network administrators can administer the proper discipline or love in one of two personas.  You can be the Beaver's mom, Mrs. Cleaver or you can be Nurse Diesel (from High Anxiety for those too young to remember).  Frankly I find this view of network users arrogant and condescending.  For most enterprises their users are not some ill behaved child exhibiting bad manners.  They are legitimate users who have to access the network in order to get their work done.  And here is a lesson for all of you who subscribe to the "parenting approach" to network security, if those same users we are trying to discipline or raise into responsible adults don't get on the network and do their work, you may not have a paycheck!  So spare us the analogies to children accessing the network unless you are selling to schools.  Its time we treat our network users and legitimate guests as the adults they are. Adults who we are counting on to do their work and make our companies profitable and put food on our tables.

This same "teach the kids to mind their manners" approach to NAC is what has caused too many to think of NAC as being all about the quarantine.  It is not and should not be.  Quarantine should be something you do as a last resort. If someone has a legitimate right to be on the network, it should be the job of the NAC product to make sure they are on securely, in compliance and safely.  If they are deficient in some configuration lets get it fixed.  They should be allowed to go where they are allowed to go, not more or not less.  But I think we can spare the user the finger wagging and lectures. 

Unlike Gord, I actually think that time can be better spent in social engineering of NAC. Educating your network users is key.  The more time you spend making them understand why rules are in place and what they can do to help and make everyone more successful, the better off you are going to be.  I think the technology of NAC is only one piece of entire solution.  Security awareness and education are also key.  Also, unlike Gord I don't think that agentless NAC is the only way to test devices.  Especially if like Gord's product, all you are using to do so is nMap and an old version of Nessus (btw, Gord do you include the source code with your use of those open source products?). I think to truly test the full spectrum of devices accessing the network you need a combination of agentless, agent and web delivered testing options. You need a purpose built NAC testing engine.  If you want to provide continuous monitoring, you need to do more than recycling your failed IDS technology.

Here is the bottom line for me. If you think the people accessing your network are like the Beaver and Wally, Gord's product may be just what you are looking for. If you have adults trying to do business and make you and your company succeed perhaps another NAC solution might be best for you.

This “summer” event which can be reported today, is the publication of the Crown Prosecution Service guidance on what should be considered before bringing prosecutions under s3A of the Computer Misuse Act, when amendments to it come into force — probably April 2008 (for reasons that I discussed last July).

What is at issue is so-called hacking tools, and the problem arises because almost every hacking tool you can think of from perl to nmap is dual use — the good guys use it for good purposes, and the bad guys use it for bad. The bad guys are of course committing an offence, and the good guys are not … but the complexity surrounds “distribution”, if a good guy runs a website and a lot of bad people download the tool from it, has the good guy committed an offence?

The actual wording of the offence says "supply or offer to supply, believing that it is likely to be used to commit, or to assist in the commission of [a Computer Misuse Act s1/s3 offence]" and so we need to know what "believing that it is likely" might mean. Whilst the law was going through Parliament the Home Office suggested that “likely” would be a 50% test, and they promised to publish the guidance to prosecutors so we’d all know where we stood.

Anyway, that guidance is now out — and there’s no mention, surprise, surprise, of “50%”. Instead, the tests that the CPS will apply are:

• Has the article been developed primarily, deliberately and for the sole purpose of committing a CMA offence (i.e. unauthorised access to computer material)?
• Is the article available on a wide scale commercial basis and sold through legitimate channels?
• Is the article widely used for legitimate purposes?
• Does it have a substantial installation base?
• What was the context in which the article was used to commit the offence compared with its original intended purpose?

which after a good start using words like “primarily” and “deliberately” (which would have been a sensible law to have in the first place) then goes a bit downhill in that prosecutors don’t know the difference between “i.e” and “e.g.” and seem to think that software is generally sold (!), and rather misses the point of dual use by talking about using the tool in a different “context”.

Still, the “installed base” test should at least allow people to distribute perl without qualms (millions of users) — though do note that these are the tests which will be applied at the “deciding if you ought to be charged with an offence” stage, not the points of law and interpretation that the court will use in deciding your guilt.