Security Acts: Issue 2

Security Acts is a free magazine for professionals in IT Security.


Download the latest magazine

Subscribe to be notified when new issues are released.

Bookmark or share this message
  • Facebook
  • LinkedIn
  • Digg
  • del.icio.us
  • Live
  • TwitThis
  • Google
  • E-mail this story to a friend!
  • Print this article!

GreenSQL: Open Source Database Firewall

GreenSQL is an Open Source database firewall used to protect databases from SQL injection attacks. GreenSQL works as a proxy and has built in support for MySQL. The logic is based on evaluation of SQL commands using a risk scoring matrix as well as blocking known db administrative commands (DROP, CREATE, etc).

http://www.greensql.net/

Bookmark or share this message
  • Facebook
  • LinkedIn
  • Digg
  • del.icio.us
  • Live
  • TwitThis
  • Google
  • E-mail this story to a friend!
  • Print this article!

Zennos Core: Open Source Network and Server Monitoring

Zenoss Core is an open-source network monitoring and server monitoring product.  Zenoss features include

  • Network, Server, and Application monitoring with a single product
  • Ability to monitor any SNMP enabled device
  • Real-time alerting when outages or slowdowns occur
  • Single Event Console containing Zenoss alerts, SNMP traps, and log events

http://www.zenoss.com/product/network-monitoring

Bookmark or share this message
  • Facebook
  • LinkedIn
  • Digg
  • del.icio.us
  • Live
  • TwitThis
  • Google
  • E-mail this story to a friend!
  • Print this article!

PacketFence: Open Source Network Access Control (NAC)

PacketFence is a free and open source network access control (NAC) system.  The standard feature list illustrated on the official website:

  • Registration
    PacketFence supports an optional registration mechanism similar to “captive portal” solutions. An Acceptable Use Policy can be specified such that users cannot enable network access without first accepting it. The duration of a node registration can be a relative value (eg. “four weeks from first network access”) or an absolute date (eg. “Thu Jan 20 20:00:00 EST 2009″).
  • Detection of abnormal network activities
    Abnormal network activities (computer virus, worms, spyware, etc.) can be detected using local and remote Snort  sensors. Beyond simple detection, PacketFence layers its own alerting and suppression mechanism on each alert type. A set of configurable actions for each violation is available to administrators.
  • Proactive vulnerability scans
    Nessus vulnerability scans can be performed on a scheduled or ad-hoc basis. PacketFence correlates the Nessus vulnerability ID’s of each scan to the violation configuration, returning content specific web pages about which vulnerability the host may have.
  • Isolation of problematic devices
    PacketFence supports several isolation techniques, including VLAN isolation with VoIP support (even in heterogeneous environments) for multiple switch vendors.
  • Remediation through a captive portal
    Once trapped, all HTTP, IMAP and POP sessions are terminated by the PacketFence system. Based on the nodes current status (unregistered, open violation, etc), the user is redirected to the appropriate URL. In the case of a violation, the user will be presented with removal instructions for the particular infection he/she has.
  • 802.1X
    802.1X is supported through a FreeRADIUS module.
  • Wireless integration
    PacketFence intregrates perfectly with wireless networks through a FreeRADIUS module. This allows you to secure your wired and wireless networks the same way.
  • DHCP fingerprinting
    DHCP fingerprinting can be used to automatically register specific device types (eg. VoIP phones) and to disallow network access to other device types (eg. game consoles).

http://www.packetfence.org

Bookmark or share this message
  • Facebook
  • LinkedIn
  • Digg
  • del.icio.us
  • Live
  • TwitThis
  • Google
  • E-mail this story to a friend!
  • Print this article!

FreeNAS: Open Source Network Attached Storage (NAS)

FreeNAS is an embedded open source NAS (Network-Attached Storage) distribution based on FreeBSD, supporting the following protocols: CIFS (samba), FTP, NFS, TFTP, AFP, RSYNC, Unison, iSCSI (initiator and target) and UPnP.  FreeNAS supports additional services such as a Bittorent client, UPnP server, iTunes/DAAP server, and network bandwitdh measurement.  Take a look at the complete featurelist on the official website.

 FreeNAS logo

http://www.freenas.org/

Bookmark or share this message
  • Facebook
  • LinkedIn
  • Digg
  • del.icio.us
  • Live
  • TwitThis
  • Google
  • E-mail this story to a friend!
  • Print this article!

(IN)SECURE Magazine Issue 24 released

Covered topics:

* Writing a secure SOAP client with PHP: Field report from a real-world project
* How virtualized browsing shields against web-based attacks
* Review: 1Password 3
* Preparing a strategy for application vulnerability detection
* Threats 2.0: A glimpse into the near future
* Preventing malicious documents from compromising Windows machines
* Balancing productivity and security in a mixed environment
* AES and 3DES comparison analysis
* OSSEC: An introduction to open source log and event management
* Secure and differentiated access in enterprise wireless networks


Bookmark or share this message
  • Facebook
  • LinkedIn
  • Digg
  • del.icio.us
  • Live
  • TwitThis
  • Google
  • E-mail this story to a friend!
  • Print this article!

Windows utility: Disable wireless when connected via ethernet

Free Windows utility that automatically disaplyes your wireless network interface when your computer is connected via a cable network connection:

http://www.wlanbook.com/disable-wireless-connected-lan-xp-vista/

Bookmark or share this message
  • Facebook
  • LinkedIn
  • Digg
  • del.icio.us
  • Live
  • TwitThis
  • Google
  • E-mail this story to a friend!
  • Print this article!

Hack In The Box (HITB) Ezine is launched

Message from hackinthebox.org:

Welcome to 2010! We are proud to announce the immediate availability of our newly ‘reborn’ HITB ezine! You can grab your digital copies here:

https://www.hackinthebox.org/misc/HITB-Ezine-Issue-001.pdf

As some of you may know, we’ve previously had an ezine that used to be published monthly, however the birth of the HITBSecConf conference series has kept us too busy to continue working on it. Until now that is…

As with our conference series, the main purpose of this new format ezine is to provide security researchers a technical outlet for them to share their knowledge with the security community. We want these researchers to gain further recognition for their hard work and we have no doubt the security community will find the material beneficial to them.

We have decided to make the ezine available for free in the continued spirit of HITB in “Keeping Knowledge Free”. In addition to the freely available PDF downloads, combined editions of the magazine will be printed in limited quantities for distribution at the various HITBSecConf’s around the world – Dubai, Amsterdam and Malaysia. We aim to only print somewhere between 100 or 200 copies (maybe less) per conference so be sure to grab a copy when they come out!

Happy New Year once again and we hope you enjoy the zine!

Zarul Shahrin – zarulshahrin@hackinthebox.org
Editor, HITB Ezine

http://www.hitb.org

Bookmark or share this message
  • Facebook
  • LinkedIn
  • Digg
  • del.icio.us
  • Live
  • TwitThis
  • Google
  • E-mail this story to a friend!
  • Print this article!

BackTrack 4 Final Download

The final version of BackTrack 4 was released yesterday. It is available for download here from torrent or direct download links.

Bookmark or share this message
  • Facebook
  • LinkedIn
  • Digg
  • del.icio.us
  • Live
  • TwitThis
  • Google
  • E-mail this story to a friend!
  • Print this article!

Ernst & Young’s 2009 Global Information Security Survey

The Ernst & Young global information security survey takes a closer look at how organisations are specifically addressing the changing environment, including the risks, challenges, increasing regulatory requirements and new technologies. The survey identifies and examines potential opportunities for improvement and important short-term and long-term trends that will shape information security in the coming years.

Ernst & Young’s 2009 Global Information Security Survey Download

Official Press Release: Brand protection a major force driving Information Security

Bookmark or share this message
  • Facebook
  • LinkedIn
  • Digg
  • del.icio.us
  • Live
  • TwitThis
  • Google
  • E-mail this story to a friend!
  • Print this article!

OpenNebula: Open Source Virtualisation

OpenNebula is an open and flexible tool that fits into existing data center environments to build any type of Cloud deployment. OpenNebula can be primarily used as a virtualization tool to manage your virtual infrastructure in the data-center or cluster, which is usually referred as Private Cloud. OpenNebula supports Hybrid Cloud to combine local infrastructure with public cloud-based infrastructure, enabling highly scalable hosting environments. OpenNebula also supports Public Clouds by providing Cloud interfaces to expose its functionality for virtual machine, storage and network management.

http://www.opennebula.org/

Bookmark or share this message
  • Facebook
  • LinkedIn
  • Digg
  • del.icio.us
  • Live
  • TwitThis
  • Google
  • E-mail this story to a friend!
  • Print this article!

OWASP Top 10 2010

The Open Web Application Security Project (OWASP) released a new top 10 list at its conference in Washington, D.C.

A1 –Injection

A2 –Cross Site Scripting (XSS)

A3 –Broken Authentication and Session Management

A4 –Insecure Direct Object References

A5 –Cross Site Request Forgery (CSRF)

A6 –Security Misconfiguration(NEW)

A7 –Failure to Restrict URL Access

A8 –UnvalidatedRedirects and Forwards (NEW)

A9 –Insecure Cryptographic Storage

A10 -Insufficient Transport Layer Protection

Two new items appeared in the list, that were not in the Top 10 2007 list: Security Misconfiguration, and UnvalidatedRedirects and Forwards.  The two items that dropped out of the list are Malicious File Execution and Information Leakage and Improper Error Handling.

The list, currently in Release Candidate stage can be downloaded from the OWASP website here.

Bookmark or share this message
  • Facebook
  • LinkedIn
  • Digg
  • del.icio.us
  • Live
  • TwitThis
  • Google
  • E-mail this story to a friend!
  • Print this article!

iPhone Warez

It seems like the warez scene for iphone apps is finally kicking off (or I must have missed it completely when it happened in the past).  PPCWarez, previously known for distributing cracked applications & games for the Windows Mobile platform, have opened a section for iPhone applications.  It seems to be pretty straightforward too to install these applications on a jailbroken iphone:

  • Open Cydia, and add the source http://cydia.hackulo.us
  • Also via Cydia, Install the AppSync application and reboot your iphone
  • Drag your downloaded iphone application into your iTunes Library
  • Sync your iphone via iTunes

Bookmark or share this message
  • Facebook
  • LinkedIn
  • Digg
  • del.icio.us
  • Live
  • TwitThis
  • Google
  • E-mail this story to a friend!
  • Print this article!

(IN)SECURE Magazine 22 released

Topics covered in this issue:

- Using real-time events to drive your network scans
- Review: Data Locker
- The Nmap project: Open source with style
- Enterprise effectiveness of digital certificates: Are they ready for prime-time?
- A look at geolocation, URL shortening and top Twitter threats
- How “fake stuff” can make you more secure
- Making clouds secure
- Q&A: Dr. Herbert Thompson on security ROI and RSA Conference
- Book review – Cyber Crime Fighters: Tales from the Trenches
- Top 5 myths about wireless protection
- Securing the foundation of IT systems
- A layered approach to making your Web application a safer environment
- In mashups we trust?
- Adopting the security best practice of least privilege
- Is your data recovery provider a data security problem?
- New strategies for establishing a comprehensive lifetime data protection program
- Security for multi-enterprise applications
- EU data breach notification proposals: How will your business be affected?
- Book review – 97 Things Every Software Architect Should Know
- Safety in the cloud: How CIOs can ensure the safety of their data as they migrate to cloud applications
- Vulnerability management

http://www.net-security.org/insecuremag.php

Bookmark or share this message
  • Facebook
  • LinkedIn
  • Digg
  • del.icio.us
  • Live
  • TwitThis
  • Google
  • E-mail this story to a friend!
  • Print this article!

Bypassing the Windows 7 activation

A method to bypass the Windows 7 online activation scheme has been found, approximately 3 months before the official Windows 7 release took place. My Digital Life published an article how the Windows 7 activation scheme was bypassed.   With this method Windows 7 can be permanently activated online and will pass Windows Genuine Advantage (WGA) validation.

SLP (System-Locked Pre-installation) and SLIC (Software Licensing Internal Code) are the mechanisms used by OEM computer manufacturers to factory activate pre-installed Windows operating system on computers so that activation process of Windows is done automatically once a user boots his new computer for the first time. From a leaked Windows 7 .ISO the boot.wim file was extracted to retreive the OEM SLP key, plus the OEM activation certificate. Using a loader, a SLIC that results in a valid validation can be emulated before Windows boots.

At this time different Windows 7 activators are already spreading the Internet for Windows 7 Ultimate, the only Windows 7 version that was leaked until current.

Windows 7 was released to manufacturing on 22nd of July 2009.  The official Windows 7 release date for the retail market is the 22nd of October 2009.

Bookmark or share this message
  • Facebook
  • LinkedIn
  • Digg
  • del.icio.us
  • Live
  • TwitThis
  • Google
  • E-mail this story to a friend!
  • Print this article!