Hackfest Presentation Tuesday JCL Hosp. Cowden Center 6:00 - 8:00 Defcon 18 Videos
PLUG Linux Security Team will be presenting Professional Videos from Defcon 18 over the next 10 months, The Videos are excellent quality purchased at the con and include speaker and overheaf with high quality audio. http://plug.phoenix.az.us See you there! -- Office: (602)239-3392 ATT: (503)754-4452 http://it-clowns.com http://it-clowns.com/wiki/index.php?title=Obnosis “These capitalists generally act harmoniously and in concert, to fleece the people” --Abraham Lincoln --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
DEFCON 18 Slides Online
While these are not the complete production quality of all the video taken with the speaker on the left side and the content on the right promised by Steve Kaplan (and I [shared costs]) for the Hackfest presentations through the reduced at CON purchase price of $299.00. They are the production presentations posted online (which are good enough for those of us just looking to get the meat of the technology (depending on how you learn): https://www.defcon.org/html/links/dc-archives/dc-18-archive.html -- Office: (602)239-3392 ATT: (503)754-4452 http://it-clowns.com http://it-clowns.com/wiki/index.php?title=Obnosis “Achieving life is not the equivalent of avoiding death.” Ayn Rand --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
HackFest Tomorrow 6:00is to 8:00 DefCon 18 Review
We will be going over a CD review of some of the content from DefCon 18 while we wait for the DVD Video/Audio series which we plan to present through the next sessions this year. Join us at JCL Cowden Center http://plug.phoenix.az.us/security -- Office: (602)239-3392 ATT: (503)754-4452 http://it-clowns.com http://it-clowns.com/wiki/index.php?title=Obnosis Faith is, at one and the same time, absolutely necessary and altogether impossible. --Stanislav Lem --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
DefCon 18
Too bad I can't take off for Friday, I would enroll in this: https://forum.defcon.org/showthread.php?t=11627 Capture the Packet Contest Encrypt or be Sorry! -- IvedaXpress.com Systems Engineer Office: (480)307-8712 ATT: (503)754-4452 Faith is, at one and the same time, absolutely necessary and altogether impossible. --Stanislav Lem --- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
Re: Defcon 18
I'm indeed giving a trip to Vegas that weekend some serious thought =) BTW I bought Fyodor's Nmap book and love it. Ben On Sun, Jul 18, 2010 at 6:32 AM, Lisa Kachold lisakach...@obnosis.com wrote: Opps, I did it. I read the list of presentations, so now I HAVE to go to Defcon 18: https://www.defcon.org/html/defcon-18/dc-18-news.html Who else is going? -- Forwarded message -- From: Fyodor fyo...@insecure.org Date: Fri, Jul 16, 2010 at 10:50 AM Subject: Nmap Defcon Release: Version 5.35DC1 To: nmap-hack...@insecure.org Hi folks. It has been 3.5 months since the last Nmap release (5.30BETA1 on March 29), and anyone following the nmap-dev list knows that we've been very busy during that time. So I'm pleased to release Nmap version 5.35DC1 containing the fruits of that labor. The Defcon name is because that conference is awesome! And also because David Fifield and I have an exciting Nmap talk planned there and at Black Hat in a couple weeks (see http://seclists.org/nmap-dev/2010/q3/108). This release includes 131 NSE scripts (17 new), 6,622 version detection signatures, 2,608 OS fingerprints, and more. I'm particularly excited about the new db2 and ms-sql scripts, and nfs-ls really makes NFS discovery easy! We also added Eugene Alexeev's clever new dns-cache-snoop script. Nping and Ncat were significantly improved as well. The Nmap 5.35DC1 source code and packages for Linux, Mac OS X, and Windows are available for download at the usual place: http://nmap.org/download.html This is a BETA release, but we hope it works well for you. If not (or if you have any suggestions for improvement), please let us know on nmap-dev as described at http://nmap.org/book/man-bugs.html. Here are the 83 most significant changes in this release: o [NSE] Added 17 scripts, bringing the total to 131! They are described individually in the CHANGELOG, but here is the list of new ones: afp-serverinfo, db2-brute, dns-cache-snoop, dns-fuzz, ftp-libopie http-php-version, irc-unrealircd-backdoor, ms-sql-brute, ms-sql-config, ms-sql-empty-password, ms-sql-hasdbaccess, ms-sql-query, ms-sql-tables ms-sql-xp-cmdshell, nfs-ls ntp-monlist Learn more about any of these at: http://nmap.org/nsedoc/ o Performed a major OS detection integration run. The database has grown to 2,608 fingerprints (an increase of 262) and many of the existing fingerprints were improved. These include the Apple iPad and Cisco IOS 15.X devices. We also received many fingerprints for ancient Microsoft systems including MS-DOS with MS Networking Client 3.0, Windows 3.1, and Windows NT 3.1. David posted highlights of his integration work at http://seclists.org/nmap-dev/2010/q2/283. o Performed a large version detection integration run. The number of signatures has grown to 6,622 (an increase of 279). New signatures include a remote administrative backdoor that a school famously used to spy on its students, an open source digital currency scheme named Bitcoin, and game servers for EVE Online, l2emurt Lineage II, and Frozen Bubble. You can read David's highlights at http://seclists.org/nmap-dev/2010/q2/385. o [NSE] Added nfs-ls.nse, which lists NFS exported files and their attributes. The nfs-acls and nfs-dirlist scripts were deleted because all their features are supported by this script. [Djalal] o [NSE] Add new DB2 library and two scripts - db2-brute.nse uses the unpwdb library to guess credentials for DB2 - db2-info.nse re-write of Tom Sellers script to use the new library [Patrik] o [NSE] Added a library for Microsoft SQL Server and 7 new scripts. The new scripts are: - ms-sql-brute.nse uses the unpwdb library to guess credentials for MSSQL - ms-sql-config retrieves various configuration details from the server - ms-sql-empty-password checks if the sa account has an empty password - ms-sql-hasdbaccess lists database access per user - ms-sql-query add support for running custom queries against the database - ms-sql-tables lists databases, tables, columns and datatypes with optional keyword filtering - ms-sql-xp-cmdshell adds support for OS command execution to privileged users [Patrik] o [NSE] Added the afp-serverinfo script that gets a hostname, IP addresses, and other configuration information from an AFP server. The script, and a patch to the afp library, were contributed by Andrew Orr and subsequently enhanced by Patrik and David. o [NSE] Added additional vulnerability checks to smb-check-vulns.nse: The Windows RAS RPC service vulnerability MS06-025 (http://www.microsoft.com/technet/security/bulletin/ms06-025.mspx) and the Windows DNS Server RPC vuln MS07-029 (http://www.microsoft.com/technet/security/bulletin/ms07-029.mspx). Note that these are only run if you specify the unsafe script arg because the implemented test crashes vulnerable services. [Drazen] o [NSE] Added dns-cache-snoop.nse
Defcon 18
Opps, I did it. I read the list of presentations, so now I HAVE to go to Defcon 18: https://www.defcon.org/html/defcon-18/dc-18-news.html Who else is going? -- Forwarded message -- From: Fyodor fyo...@insecure.org Date: Fri, Jul 16, 2010 at 10:50 AM Subject: Nmap Defcon Release: Version 5.35DC1 To: nmap-hack...@insecure.org Hi folks. It has been 3.5 months since the last Nmap release (5.30BETA1 on March 29), and anyone following the nmap-dev list knows that we've been very busy during that time. So I'm pleased to release Nmap version 5.35DC1 containing the fruits of that labor. The Defcon name is because that conference is awesome! And also because David Fifield and I have an exciting Nmap talk planned there and at Black Hat in a couple weeks (see http://seclists.org/nmap-dev/2010/q3/108). This release includes 131 NSE scripts (17 new), 6,622 version detection signatures, 2,608 OS fingerprints, and more. I'm particularly excited about the new db2 and ms-sql scripts, and nfs-ls really makes NFS discovery easy! We also added Eugene Alexeev's clever new dns-cache-snoop script. Nping and Ncat were significantly improved as well. The Nmap 5.35DC1 source code and packages for Linux, Mac OS X, and Windows are available for download at the usual place: http://nmap.org/download.html This is a BETA release, but we hope it works well for you. If not (or if you have any suggestions for improvement), please let us know on nmap-dev as described at http://nmap.org/book/man-bugs.html. Here are the 83 most significant changes in this release: o [NSE] Added 17 scripts, bringing the total to 131! They are described individually in the CHANGELOG, but here is the list of new ones: afp-serverinfo, db2-brute, dns-cache-snoop, dns-fuzz, ftp-libopie http-php-version, irc-unrealircd-backdoor, ms-sql-brute, ms-sql-config, ms-sql-empty-password, ms-sql-hasdbaccess, ms-sql-query, ms-sql-tables ms-sql-xp-cmdshell, nfs-ls ntp-monlist Learn more about any of these at: http://nmap.org/nsedoc/ o Performed a major OS detection integration run. The database has grown to 2,608 fingerprints (an increase of 262) and many of the existing fingerprints were improved. These include the Apple iPad and Cisco IOS 15.X devices. We also received many fingerprints for ancient Microsoft systems including MS-DOS with MS Networking Client 3.0, Windows 3.1, and Windows NT 3.1. David posted highlights of his integration work at http://seclists.org/nmap-dev/2010/q2/283. o Performed a large version detection integration run. The number of signatures has grown to 6,622 (an increase of 279). New signatures include a remote administrative backdoor that a school famously used to spy on its students, an open source digital currency scheme named Bitcoin, and game servers for EVE Online, l2emurt Lineage II, and Frozen Bubble. You can read David's highlights at http://seclists.org/nmap-dev/2010/q2/385. o [NSE] Added nfs-ls.nse, which lists NFS exported files and their attributes. The nfs-acls and nfs-dirlist scripts were deleted because all their features are supported by this script. [Djalal] o [NSE] Add new DB2 library and two scripts - db2-brute.nse uses the unpwdb library to guess credentials for DB2 - db2-info.nse re-write of Tom Sellers script to use the new library [Patrik] o [NSE] Added a library for Microsoft SQL Server and 7 new scripts. The new scripts are: - ms-sql-brute.nse uses the unpwdb library to guess credentials for MSSQL - ms-sql-config retrieves various configuration details from the server - ms-sql-empty-password checks if the sa account has an empty password - ms-sql-hasdbaccess lists database access per user - ms-sql-query add support for running custom queries against the database - ms-sql-tables lists databases, tables, columns and datatypes with optional keyword filtering - ms-sql-xp-cmdshell adds support for OS command execution to privileged users [Patrik] o [NSE] Added the afp-serverinfo script that gets a hostname, IP addresses, and other configuration information from an AFP server. The script, and a patch to the afp library, were contributed by Andrew Orr and subsequently enhanced by Patrik and David. o [NSE] Added additional vulnerability checks to smb-check-vulns.nse: The Windows RAS RPC service vulnerability MS06-025 (http://www.microsoft.com/technet/security/bulletin/ms06-025.mspx) and the Windows DNS Server RPC vuln MS07-029 (http://www.microsoft.com/technet/security/bulletin/ms07-029.mspx). Note that these are only run if you specify the unsafe script arg because the implemented test crashes vulnerable services. [Drazen] o [NSE] Added dns-cache-snoop.nse by Eugene Alexeev. This script performs cache snooping by either sending non-recursive queries or by measuring response times. o [Zenmap] Added the ability to print Nmap output to a printer. [David] o [Nmap, Ncat, Nping] The default unit for time specifications is now seconds
