Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Network Security Podcast - Episode 62

Welcome to the Tenable Network Security Podcast - Episode 62

Hosts: Paul Asadoorian, Product Evangelist



  • SQLi Cheat Sheet - It amazes me just how many different ways of doing the same thing are built into our technologies. This exists in almost every programming language; there have always been multiple ways to write different code that accomplishes the same goals. Unfortunately, attackers use this to their advantage to evade filters. This one just happens to be for SQLi, and if you are a penetration tester this is a handy reference. However, if an attacker is trying to exploit this against live systems, you should be able to detect these attempts. Also, if an attacker can run these tests offline in an environment mirroring what the target has in production, you can be very successful. To combat this threat I want to stress really securing your environment, which means plugging all those information leaks that seem to be all too common in web applications.
  • j0llydmper - Attackers will use any means necessary to collect sensitive information. This includes the program j0llydmper, which runs as a Windows service and dumps selected files from USB drives to a select location on the disk for easy recovery. I believe it's going to be tough to identify malware in the coming years, as it will likely try to do things that are normal, like copying files and not doing things like writing registry entries, etc.
  • BeEF - Browser Exploitation Framework Updated - BeEF is becoming one of the more dangerous penetration testing tools out there. It's nice to see it gain momentum and get updated, as it can really put context around web application attacks such as XSS. For me, it seems logical, as it quite easily evades firewalls, antivirus, patching, IDS and several other technologies. When I speak to people about defense, still to this day, many do not completely understand the attack vector, let alone tune their networks to detect and prevent browser-based attacks. Josh Wright has one of the most enlightening quotes that was posted on the PaulDotCom Mailing list: "I owned the network with a HSRP MITM attack, followed by Ettercap+etterfilter injection to serve up malicious PDFs in 1x1 iframes". This is a great example of how attackers are able to be successful, and as far as defense goes, it's not an easy answer.
  • Abusing Open Web Proxies - It's weeks like this that just make me want to cry when I think about defense. The scary part is, open web proxies have been around since the beginning of time (er, "The Internet" anyhow). Attackers are using anonymous, stealthy proxies to do things like brute force login and password combinations for popular web sites. One could also use these proxies to attack web sites anonymously, giving protection mechanisms such as IDS, IPS and WAFs a run for their money. I think it boils down to: you have to have a web site that is hardened to the max to survive in today's Internet.
  • Military Bans Removable Media To Curb Leaks - While this may seem logical, it's difficult to enforce. You can hide a USB thumb drive just about anywhere (pause for laughter). If you can control the computers, you can physically disable the USB ports, which forces someone to bring in their own computer to steal information.
  • Gawker web site CMS and database compromised - 1.3 million users' account information has been stolen and published via Bittorrent. How did this happen? Your guess is as good as mine, and it looks like someone is in need of some application security.

Tenable Pocast Episode 62 Direct Download

Subscribe to the Tenable Blog

Try for Free Buy Now

Try Tenable.io Vulnerability Management


Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Try Nessus Professional Free


Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.