Some say that Nmap is an old tool, and this is true. It nonetheless is still useful, because the authors tend to keep up with the times.

http://www.insecure.org/nmap/

Insecure.org also has a list of the Top 75 Security Tools. No telling how old the list is, but it is a good starting point.

http://www.insecure.org/tools.html

Don

As we wait for Justin Peltier's article on SensePost's BiDiBLAH, here are a couple more free tools by SensePost:

Wikto: Web Server Assessment Tool
http://www.sensepost.com/research/wikto/

Crowbar: Generic Web Brute Force Tool
http://www.sensepost.com/research/crowbar/

Don

Since Tenable Network Security announced that the next version of the popular Nessus Scanner would not be released under the GNU Public License, a fork has emerged. Originally named GNessUs, it is now named OpenVAS.

From http://www.openvas.org:
Update: OpenVAS has had it’s proposal to become an officially recognised Software in the Public Interest project accepted and an official motion was passed at the board meeting held today. We’ve also announced our intention to move from Attribution-NonCommercial-ShareAlike 2.0 to the Creative Commons; Attribution-ShareAlike 2.5 license for all non-code content (specifically these web pages), and have notified all contributors to ask permission to relicense. Finally, we recently announced a logo competition for use on our new web site. — Tim Brown 2005/11/15 22:52

Add your thoughts,
Don

Article Title - "Enterprise Security - The Battle for the Final Frontier"

http://www.ethicalhacker.net/content/view/17/2/

Member Feedback

What is SensePost BiDiBLAH: Automated Assessment Tool?

To find out what BiDiBLAH really is, read this document (PDF) [302KB]
http://www.sensepost.com/research/bidiblah/what_is_bidiblah.pdf

How does it work?

Check out the videos:
http://www.sensepost.com/research/bidiblah/

Want to learn more?
Keep an eye out for the first column by Justin Peltier next week.

Enjoy,
Don

Interesting news from the US Air Force... they not only choose to support Mile2's CPTS and CPTE, but they in turn denounce CEH. Read the following, and feel free to add your comments.

Don

---

Oct 14 2005 - Today Mile2 was awarded a contract to deliver CPTS & CPTE as dedicated classes for I.T. Staff at a major US Air Force Base. The statement of work included the following quote:

"These courses cannot be substituted with a Certified Ethical Hacker (CEH) curriculum."

From US Air Force Statement of Work 05T0273 Published 09/14/2005 inviting public bids for Penetration Testing Training. Awarded to Mile2 10/14/2005.

One prospective respondent to the solicitation asked the following question on Sept 28 2005:

Q: " Why doesn't Wright-Patterson AFB want a CEH-certified curriculum?"

USAF's response was as follows:

A: "CEH-certified courses tend to focus on teaching the student how to use a
handful of tools that are available on the internet. While this knowledge is
somewhat useful during a penetration test, our goal is to expand on this and
learn how to turn our results into a professional report. Most of our students
know how to use these tools, but need to learn the methodology behind a full
penetration test. This methodology could include identifing protection
opportunities, justifing testing activities and optimizing security controls to
reduce business risk."

Copied from Mile2 News Page at:
http://www.mile2.com/news_promotions.html

Under industry pressure, Sony BMG offers an exchange program for CDs with the 'content protection' software. Sony has also asked vendors to remove any unpurchased CDs with the software from store shelves.

See their press release:
http://blog.sonymusic.com/sonybmg/archives/111505.html

Don

Kind of makes our Free Monthly Giveaways look insignificant. But hey, I'm always for free training!

Be sure to not only check out the $1,000,000 Giveaway, but also what Mile2 has to offer for pen testing and forensics.

Don

Article Title - "Essential Wireless Hacking Tools"

http://www.ethicalhacker.net/content/view/16/24/

Member Feedback

Book Review and Sample Chapter - Hacking a Terror Network by Russ Rogers and Matthew G. Devost.

http://www.ethicalhacker.net/content/view/15/2/

Member Feedback.

The term 'exploit' is well known but creating one that effectively takes over a vulnerable system has always taken the chops of a seasoned programmer. Not any more. Now with exploit frameworks, anyone can launch attacks. This means the good guys, ethical hackers / penetration testers, and the bad guys, script kiddies and criminal hackers. Check out these 3 sets of tools:

CANVAS
CORE IMPACT
Metasploit Project

Let us know your experiences with these products, thoughts on the validity of using such tools or anything else that this post may spark in your mind.

Don

---

This post was originally in CSP Mag's Forums. Below is the response from another member.

---

Cool site that allows you to gather info on all kinds of internet sites, email servers, perform numerous lookups and more. Don't take my word for it. PC Mag reports that:

This is one handy page, with tons of practical tools for Web wizards (and wannabes). Look up Whois data for any domain in several ways, check a mail server to see if it's on spam blacklists, test an e-mail address for problems, and more.

http://www.dnsstuff.com/

Don

Sam Spade for Windows is a freeware network query tool. It helps in fingerprinting and network mapping. Check it out:

http://www.samspade.org/ssw/

Latest version is v1.14 and can be downloaded at:
http://static.samspade.org/ssw/spade114.exe

Microsoft fights back by adding the Sony root kit to the list of signatures in its AntiSpyware software purchased from Giant.

For full story:
http://www.eweek.com/article2/0,1895,1886122,00.asp

RSA Conference, Japan 2006 - website coming soon!
April 26-27, 2006
Tokyo Prince Hotel Park Tower
Tokyo, Japan

http://2006.rsaconference.com/us/conference/other.aspx