I want to note that the government cannot even be trusted to use the powers that in already has, within the scope of the law. It has been repeated been found to abuse the powers given to it. Therefore, it would be difficult for me to support such an action without significant public interaction of this issue.

I for one forsee the second that law passes, that terror networks go deeper underground. We are making it more difficult for ourselves.

Only thing not mentioned here is Law Enforcement, contact your local LE agency, see if any local/state/federal laws were broken, you might even be able to set the FBI on them.

Understood and agreed.

Let me ask, how was my review? Is there anything I should have covered and left out?

Well, previously, I was using the test option to test an attempt using the credentials and it was denied. I tried today using both admin and non  admin creds, and they went through fine, so I must have just forgotten something.

Anyway, I first performed a scan using the non privileged account, and got 4 vulnerabilities, including the one I thought I fixed... It was the ICMP Timestamp... the other three are best practices I dont need on my home PC, Password expiration, account lockout, password length. I'll make a few changes, but i probably wont make the password expiration.

Later on today I'll run the scan with admin creds, see what happens.

Don, when will the winner for November be announced?

I originally tested this, putting in my credentials, but it was unable to connect or something. My thoughts at the moment was that the service it was trying to connect to was unfamiliar to me, so im not sure there was any program to answer the login call...

I think CIW Sec is a good one too, I was planning on knocking it out before the retirement next year, whether I do or not depends on my schedule.

Hello all,

I was preparing to turn in after a successful night, when I realized that I should probably share it with you all.I have been wanting to use a vulnerability scanner at home to see my vulnerabilities, and get some experience doing it. I have been looking at Nessus, but I didnt feel ready to go for it, and I worried with some modules requiring payment. While looking into Metasploit Unleased in an attempt to understand tools I was using in my studies, I found a scanner called NeXpose from Rapid7, the owners of the popular Metasploit Framework. So I am writing a quick review based on my experience.

NeXpose is vulnerability management software from Rapid7. The community edition is a free single user license program. One of the first things I noticed is that it claimed to be a full vulnerability management program, unlike the Secunia PSI program I use, which only scans for out of date/EOL/vulnerable software.

In any case, I looked into the program after a short registration process, I was emailed the activation code and the email included links to the download, and the software manual. I downloaded and began reading the manual while downloading the software, and found it easy to understand, and the walkthough was fairly comprehensive. I defiantly appreciated that, although it was not really necessary for most of the installation.

Installation was a breeze, no configuration changes necessary during install although according to documentation, security software will interfere with its use, so they appear to want you to disable WF, and any other applications that could interfere, AV was mentioned, I assume because of the exploit databases. Obviously this will require forward planning, insure your hosts are behind a boundary firewall, if you require internet connectivity (which you will at least for the program update)

The one issues I encountered that was not noted in the manual was issues that ended up being caused by Internet Explorer's enhanced security configuration (The software is supported on Windows Server 2k and 2k3 and Linux OS' only)

There was one additional issue after I completed my first scan, where the program stayed at the scanning page, but the console said the scan was done, I simply closed and reopened the browser, and it was GTG.

Scanning time was fairly quick, I would say under 5 minutes for one host, but I wasnt counting, It may have been closer to 3. I was able to monitor the action via the program's console, in which the program would attempt to access services, attempt exploits. I am pleased to announce that it only found 1 vulnerability, which it gave me an easy to follow recommendation for remediation. I can say there is little else as pleasing as seeing those words scroll by: NOT VULNERABLE, LOGIN ATTEMPT FAILED, ect... I'll be glad to answer any questions you guys may have, and thanks for letting me share.

you should have added: "respect my authoritah!"

Asking questions is one step on the path to knowledge. the other is google. (No, not yahoo, google.)

I wouldnt be so sure.

Sil, I haven't heard from the other side, can you give us the down and dirty on the real Stuxnet?

I still think it is defiantly possible this was designed as a weapon, based on the info I have (from the media).

There appears to be no risk of nuc. fallout, as we know Iran does not have a nuke currently, so if I wanted to disrupt the process, it would work (It supposedly has).

There is evidence that various countries were nervous about Iran's programs, now they can relax for a moment.

Here is what I find interesting, despite the so called "cyberweapon", noone is off to war, no one is REALLY pointing fingers. In addition, despite the so called danger, I am not aware of any changes in any government INFOCON levels during this time...

As for blackmailing, this is a strange theory. I have never heard of a country being blackmailed. And according to the CSFI opinion, the point of the worm was destabilization. This makes since when you consider that when the first variant was found, the creators changed the worm, rather than simply activating its malicious processes, almost as if they needed more time to achieve an objective.

I read that article as well. I find it interesting, if this is a cyber weapon, it seems its deployment was not well planned, the widespread infections were bound to get noticed, and now the analysis of it points back to us. At a time when we are trying to make the rules of cyber warefare, it seems that we seem to be making our own rules. However, based on recently available information, it would appear the world would support us in such an endeavor... which helps me sleep at night.

Not much of an update this week, but I will post it.

This week I have been trying to find a prefered study method, because I really dont like reading on the computer for too long, I prefer reading a physical book, but I haven't decided to buy them yet, I don't know whats holding me back...

Anyway, I have been using the Logical Security CEH videos from a link posted on the forums earlier. I like them a lot, it keeps me interested. At the moment I am trying just to go through the videos/books without labbing, and just trying to get through one of them completely, and go back through and lab.

One thing I did do was DL the latest copy of Backtrack, though I probably wont use it in my studies, i'm sure most of the older exploits have been filtered out.

Also I found a free vulnerability scanner, which I have been looking for for quite some time. I think Nessus has a free version as well but I didnt decide to go with it for some reason...

this was noted in the second vmware link I posted, most of what was being discussed is beyond my level of virtualization knowledge, but it seems that even when you change the MAC in there, it is restricted to a specific range.

hmm, I am still researching but according to this:

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=507

VMWare uses the OUI 00:50:56 The MAC address range is 00:50:56:00:00:00 - 00:50:56:3F:FF:FF. According to the article this is for manually assigned addresses, but based on Com_boy's post, I'm going to assume it is the range for auto settings as well.

EDIT:That range varies based on the vmware version, seperate ranges for VMware server, and ESXi based on this.

http://communities.vmware.com/message/1233229

The OS detection tells you, in parentheses, what virtualization technology is in use, in this case, VMware. You will have to test Zen out for yourself.

The best way would be to test it, fire up a vm running the microsoft vm solution, Zen and any others you can get your hand on.