Who's Online
There are currently, 85 guest(s) and 25 member(s) that are online.
You are Anonymous user. You can register for free by clicking here
Training Classes Calendar
|  |
Fyodor Nmap Network Scanning Book Released!
Posted by boss on Tuesday, 09 December 2008 @ 09:24:46 EST (1866 reads)
Topic Vulnerabilities
NOTE FROM CLEMENT:
Nmap is really the mother of all port scanners. It can help you on the defensive side to identify ports that are currently open, new IP's that have just shown up in your production environment, ports that are either added, deleted, or modified on your hosts. Find what is happening to your servers as soon as changes manifest themselves. This is really a great tool for regular scanning and discovery of port and services that should or should not be on your servers. This book is written by Fyodor the author of Nmap, there is nobody else that knows Nmap better then Fyodor. I highly recommend it to all. See announcement below from Fyodor:
Nmap Hackers:
After promising you a book on Nmap for years, I'm delighted to finally announce the release of Nmap Network Scanning! It contains everything I've learned about network scanning from more than a decade of Nmap development, plus some bad jokes and (over Time Warner's written objections) pictures of Trinity hacking the Matrix :) . Here is the abstract:
Nmap Network Scanning is the official guide to the Nmap Security Scanner, a free and open source utility used by millions of people for network discovery, administration, and security auditing. From explaining port scanning basics for novices to detailing low-level packet crafting methods used by advanced hackers, this book by Nmap's original author suits all levels of security and networking professionals. The reference guide documents every Nmap feature and option, while the remainder demonstrates how to apply them to quickly solve real-world tasks. Examples and diagrams show actual communication on the wire. Topics include subverting firewalls and intrusion detection systems, optimizing Nmap performance, and automating common networking tasks with the Nmap Scripting Engine.
The planned release date was January 1, but Amazon beat the deadline and is now shipping in time for Christmas! Imagine your loved one's surprise when she (or he) finds nearly 500 pages of port scanning
bliss in her stocking!
You can find reviews, sample chapters, and a detailed summary at:
http://nmap.org/book/
Or you can pick the book up at Amazon for $33.71:
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning
It is available on the International Amazon sites too, as well as other online retailers. Your local book store probably doesn't have it yet, but can likely order it for you.
About half of the content is available free online at http://nmap.org/book/toc.html . Chapters exclusive to the print edition include "Detecting and Subverting Firewalls and Intrusion Detection Systems", "Optimizing Nmap Performance", "Port Scanning Techniques and Algorithms", "Host Discovery (Ping Scanning)", and more.
If you enjoy the book, please help spread the word! While my previous books were published by Addison-Wesley and Syngress, this one was self-published. While that allowed me to post half the book online before it was even released, it also means I lose the marketing budget and clout of a major publisher. So if you like the book, please post a review to your blog/site/Amazon or tell your friends about it!
Apparently there was some pent-up demand for the book, as it is currently the 11th best-selling computer book on Amazon. Maybe it will be even higher by the time you read this:
http://www.amazon.com/gp/bestsellers/books/5/ref=pd_zg_hrsr_b_1_2&tag=secbks-20
I'd like to thank the many people who helped make this book possible by reviewing drafts, contributing stories, brainstorming ideas, etc. In particular, I'd like to thank David Fifield, Raven Alder, Matt Baxter, Saurabh Bhasin, Mark Brewis, Ellen Colombo, Patrick Donnelly, Brandon Enright, Brian Hatch, Loren Heal, Lee "MadHat" Heath, Dan Henage, Tor Houghton, Doug Hoyte, Marius Huse Jacobsen, Kris
Katterjohn, Eric Krosnes, Vlad Alexa Mancini, Michael Naef, Bill Pollock, David Pybus, Tyler Reguly, Chuck Sterling, Anders Thulin, Bennett Todd, Diman Todorov, and Catherine Tornabene!
And most importantly, I want to wish you all happy holidays!
Cheers,
Fyodor
Get your copy now:
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning
Used device bought on Ebay allowed full remote VPN access
Posted by boss on Monday, 29 September 2008 @ 21:01:59 EDT (1320 reads)
Topic Vulnerabilities
NOTE FROM CLEMENT:
We do get trained on remnants left of storage devices and how to sanitize them before reusing them for other purposes, however it seems the training should include sanitizing devices as well. See a great story below from the UK below, I am sure we could do just as well in the states:
A security expert discovered a VPN device bought on Ebay automatically connected to a local council's confidential servers.
Andrew Mason bought the Cisco VPN 3002 Concentrator - a device on which he has written a tutorial book - on Ebay for only 99 pence, with the intention of using it at work.
However, when he plugged it in it automatically connected him directly to Kirklees Council's central servers, circumventing security with the login details which had been carelessly left on the device.
"It instantly connected me, and I had full network access," explains Mason. "I understand the law extremely well and at that point disconnected," adds the intrusion-detection professional.
Despite contacting the council about the matter, no action was taken. "They ignored me at first," says Mason, before explaining that following coverage on the BBC website, access from the device has been shut off.
He admits that there could well be more devices out there, from which access is still possible, and exceedingly simple. "The whole selling point of the device was that it was extremely easy to configure. It's pretty horrific really," says Mason.
The council says it is "deeply concerned" by the news, but is confident that "multiple layers of security have prevented access to systems and data."
"In the meantime the disposal process has been suspended until an investigation can be carried out and appropriate action taken," says a council spokesman.
National Vulnerabilties Database and Hardening Checklists
Posted by boss on Saturday, 19 January 2008 @ 14:36:09 EST (1579 reads)
Topic Vulnerabilities
cdupuis writes " All, The National Checklist Repository (NCP) now contains the SCAP checklists previously listed at http://nvd.nist.gov/scapchecklists.cfm. The SCAP checklists are grouped by product category; Each product category has checklist bundles associated with it. Each bundle contains multiple checklists, with each checklist representing different SCAP content (e.g. Configuration Content, Oval Patches, Prose Guide). - The NCP SCAP Checklist page is located at http://nvd.nist.gov/ncp.cfm?scap. - The NCP FDCC Checklist page is located at: http://nvd.nist.gov/ncp.cfm?fdcc_chklst. The legacy page (http://nvd.nist.gov/scapchecklists.cfm ) is still available, however future updates to SCAP content will be made to the NCP pages. Respectfully, Paul Cichonski BELOW YOU WILL FIND MORE INFORMATION AND LINKS FROM THE WEBSITE:
National Vulnerability Database Version 2.0 NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. NVD includes databases of security checklists, security related software flaws, misconfigurations, product names, and impact metrics. NVD supports the Information Security Automation Program (ISAP).
Federal Desktop Core Configuration settings (FDCC)
NVD contains content (and pointers to tools) for performing configuration checking of systems implementing the FDCC using the Security Content Automation Protocol (SCAP).
FDCC Checklists are available here (to be used with SCAP FDCC capable tools).
SCAP FDCC Capable Tools are available here.
NVD Primary Resources
"
Do you backup ALL of you data? It could cost you Billions if you don't
Posted by boss on Thursday, 29 March 2007 @ 12:41:41 EDT (1507 reads)
Topic Vulnerabilities
cdupuis writes "Alaskan orphaned server responsible for $38B data loss Jim Damoulakis
March 28, 2007 (Computerworld) Anyone remotely associated with IT has by now read at least one account of the data loss suffered by the state of Alaska relating to their Permanent Fund Dividend. As more details emerge (see "Oil revenue gets baked in Alaska "), I am beginning to feel a bit like Bill Murray in "Ground Hog Day". Or, to quote this Red Sox fan's favorite Yankee, Yogi Berra, "it's déjà vu all over again." This story, or a similar variant, has been repeated numerous times in organizations of all shapes and sizes, albeit usually without the number $38 billion linked to it. I just feel sorry for the poor guys involved - most of the time this type of screw-up isn't covered by Fox News, CNN, and the Associated Press. Giga-dollars aside, identical exposures exist today within many data centers. One particular facet of the story caught my eye. Initial reports suggested that after the primary and secondary disk information was lost, attempts to recover from tape were unsuccessful because the "backup tapes were unreadable." Here we go again - blame tape! If only they had backed up to disk. Wrong. It turns out that the backup tapes were NOT unreadable because there were NO backup tapes. It seems that due to a process glitch, this particular data set was not being backed up. With today's backup reporting tools, there is no excuse for repeated failed backups being undetected. However, there still remains a major gap in many data protection strategies: unknown or orphan systems. For a backup to "fail," it has to at least have been scheduled to run. If a system is brought online and never entered into the backup pool, or additional volumes are allocated to a system, but never added to the backup "include" list, there is technically no failure from the backup application's perspective. As appears to have been the case here, and we have seen elsewhere, this omission went undetected until it was too late. Accounting for orphan systems is an arduous task. Some reporting applications attempt to provide information through activities such as network probing (often to the chagrin of the network security folks as this looks like an intrusion), but even this requires significant effort to filter out "noise" (i.e. printers and other non-server devices, multiple NIC cards in a given device) and then to manually reconcile what is and isn't being backed up and why. Finding orphan volumes is even harder, which is why, at a minimum, we typically recommend configuring backup applications to include all local volumes. A colleague of mine likes to talk of strategic use of policy and tactical use of technology. All too often organizations, try to make the strategy about the technology. Once again, we see that it is no substitute for well thought out policy and process. Jim Damoulakis is chief technology officer of GlassHouse Technologies Inc., a leading provider of independent storage services. He can be reached at jimd@glasshouse.com
Original article at:
http://cwflyris.computerworld.com/t/1396846/171754/57106/2/
"
DOD bars use of HTML e-mail, Outlook Web Access
Posted by boss on Wednesday, 27 December 2006 @ 12:03:42 EST (1915 reads)
Topic Vulnerabilities
Anonymous writes "Original Article at: http://www.fcw.com/article97178-12-22-06-Web
Due to an increased network threat condition, the Defense Department is blocking all HTML-based e-mail messages and has banned the use of Outlook Web Access e-mail applications, according to a spokesman for the Joint Task Force for Global Network Operations.
An internal message available on the Internet from the Defense Security Service (DSS) states that JTF-GNO raised the network threat condition from Information Condition 5, which indicates normal operating conditions, to Infocon 4 “in the face of continuing and sophisticated threats” against Defense Department networks.
Infocon 4 usually indicates heightened vigilance in preparation for operations or exercises or increased monitoring of networks due to increased risk of attack.
The JTF-GNO mandated use of plain text e-mail because HTML messages pose a threat to DOD because HTML text can be infected with spyware and, in some
cases, executable code that could enable intruders to gain access to DOD networks, the JTF-GNO spokesman said.
In an e-mail to Federal Computer Week, a Navy user said that any HTML messages sent to his account are automatically converted to plain text.
The JTF-GNO spokesman declined to say why the command raised the threat level except to say that Infocon levels are adjusted to reflect worldwide social and political events and activities. He said the current threat level does not bar the use of attachments, including Power Point slides used for briefings.
He also declined to tell FCW what other restrictions on e-mail that JTF-GNO has imposed. But a December 2006 newsletter of the Colorado National Guard said that under Infocon 4, Guard members receiving e-mails from any unknown source, including “mail received from unrecognized Department of Defense accounts,” should be viewed as potentially harmful.
The Colorado Guard newsletter also alerted personnel to be vigilant against e-mail “phishing” attempts to gain personal information.
The ban on use of Outlook Web mail will hit thousands of users at Robins Air Force Base, Ga., according to an internal message available on the Internet. The ban on the use of Outlook Web Access “will significantly impact the way we presently conduct business,” due to the fact that that Web mail is the primary means of e-mail access for 4,500 employees at the base, according to the message.
Robins has developed a work-around for these users to access Outlook directly by logging on to government computers with their common access cards, the internal message said.
JTF-GNO raised the DOD network threat level to Infocon 4 in mid-November after an attack on the networks at the Naval War College (NWC) required NWC to take its systems offline. The JTF-GNO spokesman said at the time that the increase in threat conditions had no relation to the attack against NWC"
Interesting tool to fight bugs such as the WMF bug
Posted by boss on Wednesday, 04 January 2006 @ 13:02:24 EST (1518 reads)
Topic Vulnerabilities
Anonymous writes "For those interested, Core FORCE its a free endpoint security software currently in Beta stage. With it users can configure access control permissions to file system objects independently of the operating System's ACLs and security policy enforcement mechanisms.
The default security profiles of IE and FireFox included the package distribution prevented exploitation of the WMF bug through those vectors. Simply because they denied execution of rundll32.exe from within IE or Firefox. The same applies to the MSN Messenger profile submitted to the profiles repository site.
Furthermore you can explicitly configure permissions to deny & log read/exec access to shimgvw.dll system wide or on per application basis.
This is functionally equivalent to Microsoft's suggested workaround of unregistering the DLL but the advantage is that it does not matter if some program registers it back or if somehow a program tries to load and execute the DLL in anyway.
Core Force is available at http://force.coresecurity.com
As I said, it is still beta make sure you read the software compatibility and known issues list and the docs.
-ivan"
NIST SP 800-68 Guidance for Securing Microsoft Windows XP Systems
Posted by boss on Monday, 07 November 2005 @ 14:08:54 EST (2375 reads)
Topic Vulnerabilities
Anonymous writes "A NIST Security Configuration Checklist has just been released.
NIST is pleased to announce the release of Special Publication 800-68, Guidance for Securing Microsoft Windows XP Systems for IT Professionals: A NIST Security Configuration Checklist. The guide has been created to assist IT professionals, in particular Windows XP system administrators and information security personnel, in effectively securing Windows XP Professional SP2 systems.
For a description see: http://csrc.nist.gov/itsec/guidance_WinXP.html
"
IDC paper on Penetration Testing
Posted by cdupuis on Friday, 15 July 2005 @ 09:59:40 EDT (1712 reads)
Topic Vulnerabilities
Learn the five worst security practices in organizations
Posted by cdupuis on Tuesday, 05 April 2005 @ 09:04:53 EDT (1624 reads)
Topic Vulnerabilities
A great article was published at TechRepublic (http://techrepublic.com.com/5100-10595-5649211.html?tag=nl.e119).? See a synopsys below:
Regardless of an organization's size, they all face the same security?challenges?keeping intruders away from their private information. However, most companies have a tendency to make the same mistakes. John McCormick details the five worst security practices found in businesses both large and small.
An individual using a single workstation, a small business with two or three PCs connected to the Net through a high-speed cable modem, the team responsible for the security of an enterprise network: Regardless of an organization's size, they all face the same security challenges?keeping intruders away from their private information.
Unfortunately, people tasked with security keep making the same basic mistakes. Since it's once again been a relatively quiet week in the security world, I'm taking this opportunity to list the five worst security practices found in businesses both large and small.
1. Failing to enforce policies
2. Ignoring new vulnerabilities
3. Relying too much on technology
4. Failing to thoroughly investigate job candidates
Click on Read More... below to get the full article
Common Vulnerabilities an Exposure White Paper
Posted by cdupuis on Wednesday, 02 February 2005 @ 22:00:32 EST (1532 reads)
Topic Vulnerabilities
NOTE FROM CLEMENT:
Once in a while I come across a product that really get me going and gets me excited again about security.? Lately I ran into such a profuct called PredatorWatch,? it is a great tool to validate your compliance, monitor activities, and become compliant with the CVE.? What is even more interesting is the fact that the CEO is one of the students that I had on one of my CISSP class.? Here is some neat white paper that Gary from PredatorWatch has shared with cccure.org:
A. Proactive Network Security # Do you speak CVE
A nice presentation discussing? what CVE's are all about.??
Synopsys:
The most important information security question you need to answer is ?Do You Speak CVE?? If you do not, then no matter how much you spend on INFOSEC countermeasures, you?ll never fully understand why you are experiencing downtime and successful hacker attacks. Not to mention the regulatory compliance risk you face.
The Common Vulnerabilities and Exposures (CVE) is a list or dictionary that provides common names for publicly known information security vulnerabilities and exposures. Using a common name makes it easier to share data across separate databases and tools that until now were not easily integrated. This makes CVE the key to information sharing. If a report from one of your security tools incorporates CVE names, you may then quickly and accurately access fix information in one or more separate CVE-compatible databases to remediate the problem.? The CVE is an industry standard funded by the department of Homeland Security and operated by MITRE.
Read it at: http://www.cccure.org/Documents/predatorwatch/Do-You-Speak-CVE-WhitePaper.pdf?,? also look at: http://www.cccure.org/Documents/predatorwatch/Proactive-Network-Security-Do-You-Speak-CVE.pptB. How to achieve true proactive network securityThis paper present a view of todays security complexity and where the real threats are.?? A nice overview. Read it at: http://www.cccure.org/Documents/predatorwatch/HowToAchieveTrueProactiveNetSecurity.pdfYou can visit the?PredatorWatch web site at:? ? http://www.predatorwatch.com/? Do take a look at their appliance, they are really amazing and also offered at a price that is affordable for all.?? If you have questions, contact?Gary ( garym@predatorwatch.com)?and he will be very happy to get you the information that you need. Enjoy! Clement
Is the insider threat real # A look at the banking industry
Posted by cdupuis on Friday, 10 September 2004 @ 12:27:03 EDT (1464 reads)
Topic Vulnerabilities
I llicit Cyber Activity in the Banking and Finance Sector
Quote from the report: "In a recent study of 23 financial services cybercrimes, 87 percent were accomplished without sophisticated programming trickery, and in 78 percent of those events, the attackers were authorized financial institution users, often employees, seeking financial gain through known flaws in the systems. In other words, writes Robert Vamosi, it's not always some script kiddie in Romania breaking into our banks. Another interesting finding: in 61 percent of the cases, insiders were caught through classic auditing methods, not automated security software. The study, conducted jointly by the U.S. Secret Service and CERT, offers an interesting profile of the offending insiders, and some important lessons for all businesses about the threat of inside attacks."
Here is an extract of?the report on Insider Threat produce by Carnegie Mellon University and the US Secret service:
For several months, beginning in the fall of 1996, two credit union employees worked together to alter credit reports in exchange for financial payment. As part of their normal responsibilities, the employees were permitted to alter credit reports based on updated? information the company received. However, the employees intentionally misused their authorized access to remove negative credit indicators and add fictitious indicators of positive credit to specific credit histories in exchange for money. The total amount of fraud loss from their activities exceeded $215,000. The risk exposure to the credit union was incalculable.
From 1997 until his detection in early 2002, a foreign currency trader with an investment bank used a range of tactics, including changing data in various trading systems, so it appeared he was one of the bank?s star producers. In actuality, he lost the bank over $600 million.
In March 2002, a ?logic bomb? 1 deleted 10 billion files in the computer systems of an international financial services company. The incident affected over 1300 of the company?s servers?throughout the United States. The company sustained losses of approximately $3 million, the amount required to repair damage and reconstruct deleted files. Investigations by law enforcement professionals and computer forensic professionals revealed the logic bomb had been planted by a?disgruntled employee who had recently quit the company because of a dispute over the amount of his annual bonus.
These incidents were all committed by ?insiders?: individuals who were, or previously had been, authorized to use the information systems they eventually employed to perpetrate harm. Efforts to estimate how often companies face attacks from within are difficult to make. Many believe that insider attacks are under-reported to law enforcement agencies or prosecutors. Companies may fear the negative publicity or increased liability that may arise as a result of the incidents. Or, they may believe that the harm suffered would not be sufficient to warrant criminal charges.
Click HERE to download the report
Computer Misuse # Threats and Countermeasures
Posted by cdupuis on Wednesday, 07 July 2004 @ 11:48:04 EDT (1443 reads)
Topic Vulnerabilities
In today?s world, use of information systems has become mandatory for businesses to perform the day to day functions efficiently. Use of Desktop PC?s, Laptops, network connectivity including Internet, email is as essential as telephone at workplace. The employees and networked information systems are most valuable assets for any organization.
The misuse of Information Systems by employees however poses serious challenges to?organizations including loss of productivity, loss of revenue, legal liabilities and other workplace issues. Organizations need effective countermeasures to enforce its appropriate usage policies and minimize its losses & increase productivity. This paper discusses some of the issues related to Information System misuse, resulting threats and countermeasures.? Click on the link below to read this great document.
http://www.cccure.org/modules.php?name=Downloads&d_op=viewdownload&cid=57??
Enjoy!
Clement
Another IIS zero day vulnerability
Posted by cdupuis on Friday, 25 June 2004 @ 10:59:52 EDT (1211 reads)
Topic Vulnerabilities
http://www.pcworld.com/news/article/0,aid,116689,00.asp
By James Niccola
Paul Roberts
Martyn Williams
IDG News Service
June 25, 2004
Internet users visiting some of the most popular sites on the Web may unwittingly be downloading malicious code that compromises their computers and sets up a relay network for a future onslaught of spam, a security services company warns.
NetSec, which provides managed security services for large businesses and government agencies, began detecting suspicious traffic on several of its customers' networks on Thursday morning, says Chief Technology Officer Brent Houlahan.
Examining firewall logs and other data points on those networks, NetSec found that when users visit certain popular Web sites--including an online auction, a search engine, and a comparison shopping site--they unwittingly download a piece of malicious JavaScript code attached to an image or graphics file on the site.
Without the user's knowledge, the code connects their PC to one of two IP addresses in North America and Russia. From those systems they unknowingly download a piece of malicious code that appears to install a keystroke reader and probably some other malicious code on the computer, Houlahan says.
The code may be gathering the addresses of Web sites visited by affected users and the passwords used to access them. In addition, the IP address in Russia is a known source of spam, and the code may be creating a network of infected machines that could be used to relay spam across the Internet at some later date, he says.
Under Investigation
He stressed that NetSec is still examining the code and has yet to determine the exact payload or the intent of the attack. The SANS Institute's Storm Center is also studying the outbreak and has found that the code surreptitiously downloads and installs a Trojan horse program named msits.exe, according to Johannes Ullrich, chief technology officer at The SANS Institute's Internet Storm Center.
Ullrich did not specify what functions are performed by the msits.exe Trojan.
NetSec declines to name the affected Web sites for liability reasons but says they are "big, big sites." It is probably the Web hosting facilities that cache content for those sites that are infected, rather than the "origin servers" at the Internet service providers themselves, Houlahan says.
"The tricks used in this particular attack method are nothing new.
What's significant about this is the fact that it impacts major Web hosting facilities," says Dan Frasnelli, who manages NetSec's technical assistance center.
The attack affects only users running Microsoft's Windows operating system and Internet Explorer browser, he says. It was unclear Thursday how the attack originated, but it may exploit a known vulnerability in Microsoft's IIS (Internet Information Services) Web Server software at the Web hosting facilities, Frasnelli says.
The U.S. Computer Emergency Response Team (CERT) called on system administrators running IIS version 5 to verify to ensure there is no unusual JavaScript appended to the bottom of pages served by their system.
Widespread Problem?
It was also unclear Thursday afternoon how many systems had been compromised and how widespread the problem was. NetSec says it had protected its own customers by writing custom intrusion detection signatures and blocking its customers' PCs from visiting the IP addresses involved in the attack.
"There's a potential for widespread impact because currently the [antivirus] vendors don't have a signature for it," Frasnelli says.
CERT says the attack is another example of why users must exercise caution when JavaScript is enabled on their systems and recommended it be disabled unless it is absolutely necessary. The group warned even Web servers trusted by the user may be affected by this attack and contain malicious code.
The biggest threat
Posted by cdupuis on Monday, 21 October 2002 @ 18:44:01 EDT (1223 reads)
Topic Vulnerabilities
Interesting article from Tech Republic that show how important the Human Resources are and how often this point is overlooked. This is probably one of the most neglected area where people think that you get knowledge by getting hit on the head with the magic wand. Good and timely training is an essential part of keeping your architecture secured.
Here is an extract of this article:
Lack of training: your biggest threat
By David Southgate, TechRepublic
October 17, 2002 12:22 PM PT
Contrary to popular belief, corporate sabotage is among the least likely causes of computer security breaches.
According to an "April 2002 survey" by the Computer Security Institute, sabotage accounted for just 8 percent of system attacks in 2002. Security breaches are more often due to errors by end users or administrators. The inadvertent gaffes are the main culprits for introducing viruses, allowing denial of service attacks, and opening entryways to supposedly secured data.
CIOs can reduce, and possibly eliminate, an organization's risk from these errors by creating and implementing a comprehensive set of IT security policies aimed at user behavior. These policies, along with efforts to educate users about how to eliminate security weaknesses, can thwart future vulnerabilities and boost awareness about security issues throughout the enterprise.
"Click here to view the complete article from TechRepublic"
The ICAT Vulnerability database from NIST
Posted by cdupuis on Sunday, 22 September 2002 @ 22:39:08 EDT (1233 reads)
Topic Vulnerabilities
A nice resources to assist you in your daily tasks. This is a very complete database of vulnerabilities and access if FREE. Another neat knowledge sharing site from NIST. See a message below giving an update on the DB and links to access it.
Hello ICATList Subscribers,
ICAT currently has 4814 vulnerability entries! We are fast approaching our 5000th entry and are very excited to have reached this milestone. The ICAT
Development Team would like to publicly thank the CVE people (http://cve.mitre.org) who have continued to feed ever-increasing numbers of
vulnerabilities to the ICAT project.
This summer, the SANS Institute updated their ?Top Twenty Most Critical Internet Security Vulnerabilities? (http://www.sans.org/top20.htm). This list of important high-level vulnerabilities is integrated into the ICAT database and you can use it to prioritize your vulnerability mitigation efforts.
As always, if you have any questions, comments, or concerns, please email icat@nist.gov. In the past, ICAT users have made suggestions that have
affected the layout and implementation of the web site, and even pointed out small errors such as typos and broken links to us. This help is always very much appreciated.
Thank you for using ICAT!
Michael Reilly
ICAT Project Lead
http://icat.nist.gov
"Click here visit this great resource
|
|
Login here
Don't have an account yet? You can create one. As a registered user you have some advantages like theme manager, comments configuration and post comments with your name.
Today's Big Story
There isn't a Biggest Story for Today, yet.
Past Articles
| Monday, September 16 | | · | ''Slapper Worm'' # Going after Apache servers |
| Monday, September 09 | | · | Security 30 years on |
| Wednesday, August 28 | | · | P2P Security |
| Monday, March 11 | | · | Distributed Reflection Denial of Service (DRDoS) |
| Thursday, February 07 | | · | Standards for Penetration Testing |
| Wednesday, October 24 | | · | Very sad day for the **FREE** security web site. |
| Wednesday, October 03 | | · | Top 20 vulnerabilities document |
| Thursday, August 23 | | · | The Center for IT Security |
| Thursday, June 28 | | · | 5 New documents on Buffer Overflow |
| Wednesday, May 30 | | · | CERT Hacking Information |
| Thursday, May 10 | | · | Kerberos Denial of service |
| Friday, April 27 | | · | Firethru - A tool to bypass your security |
| Tuesday, April 10 | | · | Globbing Vulnerabilitites in multiple FTP Deamons |
| Monday, February 26 | | · | Outlook VCARD vulnerability |
|
Main Library Area 
COBIT© Standard 
Canadian CISSP GSEC GCFA CEH Security+ Looking for Work
