Tenable Network Security Podcast - Episode 52

Welcome to the Tenable Network Security Podcast - Episode 52

Hosts: Paul Asadoorian, Product Evangelist

Announcements

• Several new blog posts have been published this past week, including:
  • New Tenable eCommerce Site Supporting Nessus ProfessionalFeed Renewals
  • New Nessus Feature: Public Exploit Availability
  • BruCon 2010 Training & Conference Wrap-up


• Be certain to check out our video channel on YouTube that contains the latest Nessus and SecurityCenter 4 tutorials.
• We're hiring! - Visit the web site for more information about open positions.
• You can subscribe to the Tenable Network Security Podcast on iTunes!
• Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, provide Nessus plugin statistics and more!

Stories

• Monitoring Employees' Online Behavior - There are two aspects to this story that I find interesting. First, I think it's important for companies to look at what information is available publicly about a potential employee. The employee is most likely doing the same with the company and some of its employees, so it's only fair. Also, the information you put on the Internet via social networking sites is public, so don't be surprised when people actually look at it. If you are an existing employee of the company, don't be surprised if the information is being monitored as well. This is not all "spying", but monitoring the company name and any new accounts created by employees, legitimate or fake, is an excellent thing to keep an eye on.
• Vulnerability Assessment Testing Automation and Reporting Part III - This article comes from the SANS Internet Storm Center, and is the final part in a series about automation and vulnerability scanning. Adrien releases some neat scripts to convert v1 .nessus files to v2, discusses some use cases for the Nessus API, and splitting up large .nessus files.
• Turning the Tables – Part I - I had never thought of the difficulties one might encounter when finding vulnerabilities in software that is primarily used by criminals. I mean, they deserve responsible disclosure too, right? Billy Rios found out the hard way that when you email criminals, all you get back is SPAM. He also found a vulnerability in the Zeus botnet command and control administration interface that lets you extract the keys needed to control the bots, and essentially take over someone's botnet. This type of disclosure angers many, including the attackers and the good guys who would have likely used it to shut down a bunch of botnets. Now that it's public, it's a level playing field and brings up all sorts of new angles on the disclosure issue. One thing to consider: if this bug does not go public, the bad guys and small set of good guys will likely know about it, leaving the rest of us in the dark.
• THC-Hydra released 5.8 - It's nice to see this code being maintained as it's my favorite software for username and password brute forcing. There is a wrapper NASL so you can run this alongside Nessus (which we cover in the advanced Nessus training course). I will update it with the enhancements to the latest version, including support for Apple File Sharing Protocol (AFP).
• FireMaster: The Firefox Master Password Recovery Tool! - One thing to remember is that the attacks against the Firefox password database are offline dictionary and brute-force attempts. There currently are no documented flaws that I am aware of that allow attackers to get around the encryption of the database.