Friday, September 5th, 2008
Earlier this year, Michel Arboi wrote a blog post explaining how to use Nessus to call Nikto and incorporate the results into Nessus output. Most newcomers to Nessus have enabled the nikto.nasl wrapper only to find it produced no output. Some Nessus users have found various ways to ensure Nikto ...
Posted in Internet, Networking, Privacy, Security | No Comments
Friday, August 29th, 2008
ISR-evilgrade is a modular framework that allow us to take advantage of poor upgrade implementations by injecting fake updates and exploiting the system or software.
How does it work?
It works with modules, each module implements the structure needed to emulate a false update of specific applications/systems. Evilgrade needs the manipulation of ...
Posted in Internet, Networking, Privacy, Security, Software | No Comments
Thursday, August 28th, 2008
A pair of security researchers recently demonstrated that a theoretical attack possible against the internet’s most embedded infrastructure can, in fact, be very real.
The attack exploits normal behavior in the internet routing protocol BGP, which ISPs use to determine how best to route traffic destined for other parts of the ...
Posted in Hardware, Internet, Networking, Privacy, Security | No Comments
Tuesday, August 26th, 2008
Researchers at Carnegie Mellon University have released an extension for Firefox 3 that can protect wireless network users from so-called "man-in-the-middle" attacks.
The software, dubbed "Perspectives," is available for download for free.
Perspectives also protects against attacks that exploit a recently exposed flaw in the DNS system, which translates Web addresses into ...
Posted in Internet, Networking, Privacy, Security | No Comments
Monday, August 25th, 2008
Traditionally, the area of information security has been purely defensive. Classic examples of the defensive mechanisms used in order to protect communication networks include firewalls, encryption and IDS (Intrusion Detection Systems). The strategy follows the classical security paradigm of "Protect, Detect and React.” In other words, try to protect the ...
Posted in Hardware, Internet, Networking, Privacy, Security | No Comments
