September 8, 2009 at 12:57 pm #4247
September 8, 2009 at 1:41 pm #26917nightmare44Participant
Tested it this morning on my BT VM and works perfectly
September 8, 2009 at 1:51 pm #26918JhaddixParticipant
September 8, 2009 at 1:57 pm #26919
September 8, 2009 at 5:55 pm #26920
September 8, 2009 at 6:13 pm #26921ethicalhack3rParticipant
Works on local machine too. Time to BSOD my girlfriend all night! ;D
September 8, 2009 at 6:35 pm #26922KrisTeasonParticipant
Metasploit guys already added it into the framework. Tested it on my Vista box – works like a charm.
September 8, 2009 at 7:20 pm #26923UNIXParticipant
Nice one.. wonder when first patch will be released..
September 9, 2009 at 3:24 pm #26924vijay2Participant
Apparently the bug is just for SMB v2 and you can disabled SMB v2 if you are not using it.
More info. on
December 22, 2009 at 6:40 pm #26925
i’m new to this security business, want i actually do is to secure peremeter devices with firewall but i think it’s better to know the treats out there so i can really prepare. my question now is what do i do if i get the source code for this exploite and i want a prove of concept?
most of the source i see is in python and i don’t know what to do. i run a linux box and mixture of windows pc’s what do i need to compile a python source code.
thanks to anyone who helps and a merry christmas.
December 23, 2009 at 10:34 am #26926
Python isn’t compiled, but run on the fly. On Linux usual execution of a python script would be:
python sourceFile.py [parameters]
(assumes python is installed and binary is in your path)
(assumes you are in the same directory as the source file)
Hope this helps
December 23, 2009 at 11:14 am #26927
December 23, 2009 at 2:16 pm #26928
December 23, 2009 at 2:39 pm #26929
😉 thanks Andrew, you’re the best.. 😉
December 23, 2009 at 2:58 pm #26930
would you be my mentor in security,pentesting and defence. cos i really want to study. like i said before i’m into firewalls both ISA and Cisco ASA. currently i have MCSE Security,CCNP,CCDP,CCIE WRITTEN and i’ve scheduled my lab for April next year. but my problem now is i really LOVE security but netwoking is pulling me off.
The question i always ask is “after all this security crackers are still able to hack into networks” then why security, i’m even thinking there is nothing called security cos today you’re secured tomorrow you are down. i’ve decided to do the OSCP and OSWP and forget about the CCIE. please advise me.
December 23, 2009 at 4:03 pm #26931
humbled by the request, but I’m still just learning this stuff myself. But keep asking intelligent questions around here and I’ll likely be around to help when and where I can.
I wouldn’t give up on the Cisco certs completely, partly because it is easier to secure/compromise a network if you have an indepth understanding of a network, and partly because there is some really good money available if you can get your CCIE.
But at the same time I would also suggest the OSCP, is a brilliant course and will/would-have answered the queries you’ve had today, plus a whole lot more.
December 24, 2009 at 9:46 pm #26932KevParticipant
Sorry Termight but he promised to be my mentor first! I like that name termight or termite. A termite has an amazing way to tunnel in and own a house or wood. Wood being a vulnerable place, block being a little more secure. Very good.
December 25, 2009 at 2:12 am #26933
thanks for the compliment on my name. actually i choose the name termight cos of the insect termite but wanted a different way to spell it.
Termites are the best networks and tunnel drillers in this world. also it’s hard to get them during the day only at night or till the day they’ll break down your house. lol ;D.
and about the mentoring we can both share one master and be the best team mates. think abt it. i can also help you in Cisco and Microsoft stuff.
December 25, 2009 at 2:57 am #26934
Does it means CCIE pays more than security? if yes then after my CCIE R&S i’ll pursue the CCIE security track. Also thank you very much for the advise. Merry Christmas.
to all who read this Merry Christmas.
December 29, 2009 at 6:56 pm #26935hayabusaParticipant
I’d say the pay comes with the experience and the specific position, but in general, CCIE’s make excellent money, from employers looking for the cert. That said, Security knowledge can be equally valuable, in the right markets. It’s all about choice, where you want your career to go, and who you want to work with / for.
January 4, 2010 at 1:23 pm #26936
I didn’t say that CCIE pays more than security, don’t have the knowledge or stats to back that up. But from anecdotal evidence you’ll likely find it easier to convince non-technical HR/Management/organisations to pay big bucks for a ‘network guy’ than a ‘security guy’. Just business mentality. But as Hayabusa states, where/what do you want to work can be more important in the long run than who will pay the most money. Plenty of factors to consider.
You must be logged in to reply to this topic.