1) Nmap 4.20 has broken free of its RC chains and is now free to come outside and play. You might as well, run over to Winpcap.org and grab the new Winpcap 4.0 beta 3 as well. Download it, use it, and then tell Fyodor how cool it is. Improvements made over RC2 include the following:
- Updated nmap-mac-prefixes to reflect the latest OUI DB from the IEEE as of Dec 7.
- Integrated the latest OS fingerprint submissions. The 2nd generation DB size has grown to 231 fingerprints. Please keep them coming! New fingerprints include Mac OS X Server 10.5 pre-release, NetBSD 4.99.4, Windows NT, and much more.
- Fixed a segmentation fault in the new OS detection system which was reported by Craig Humphrey and Sebastian Garcia.
- Fixed a TCP sequence prediction difficulty indicator bug. The index is supposed to go from 0 ("trivial joke") to about 260 (OpenBSD). But some systems generated ISNs so insecurely that Nmap went berserk and reported a negative difficulty index. This generally only affects some printers, crappy cable modems, and Microsoft Windows (old versions). Thanks to Sebastian Garcia for helping me track down the problem.
2) GnuPG 1.4.6 was recently released. This update version fixes the highly critical vulnerability exposed in early December.
3) On Dec 7th, GooglePath 0.3 was released by Matteo Cantoni. Googlegath is a free open source perl utility to obtain information through Google searches. It could be useful for penetration testing, security scanning, script kiddies stuff etc..
4) On Nov 30th, ModSecuirty 2.0.4 was released. Mod Security is an intrusion detection and prevention engine for Web applications which operates as an Apache module or Java Servlet filter. It should be noted that ModSecurity & Thinking Stone Ltd. were recently acquired by Breach Security, Inc. For more info about ModSecurity, check out this great SecurityFocus interview with Ivan Ristic.
5) On Nov 30th, Stunnel 4.20 was released. Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL available on both UNIX and Windows.
5) On Nov 27th, Matteo Cantoni released Snmpcheck 1.6. Snmpcheck is a free open source perl utility to get information via SNMP protocols. It works fine against Windows, Linux, Cisco, HP-UX, SunOS systems and any devices with SNMP protocol support. Snmpcheck runs on GNU/Linux, *BSD and Windows (Cygwin) systems.
If you are into fuzzers, check out JBroFuzz from OWASP. JBroFuzz is a stateless network protocol fuzzer that emerged from the needs of penetration testing. Written in Java, it allows for the identification of certain classes of security vulnerabilities; by means of creating malformed data and having the network protocol in question consume the data.
Go fuzz some stuff, all the cool kids are doing it. Many software development companies are fuzzing the crap out of their products before release...but security researchers are still finding very serious flaws with simple fuzzers.
In other news, I noticed that my THC Amap install appears to be updating correctly again. There were no updates available, but it wasn't throwing an error anymore. You might remember that THC has some domain issues a while back ago...and this was causing the problem.
No comments:
Post a Comment