9 min
Vulnerability Disclosure
R7-2014-12: More Amplification Vulnerabilities in NTP Allow Even More DRDoS Attacks
Overview
As part of Rapid7 Labs' Project Sonar , among
other things, we scan the entire public IPv4 space (minus those who have opted
out) looking for listening NTP servers. During this research we discovered some
unknown NTP servers responding to our probes with messages that were entirely
unexpected. This lead to the writing of an NTP fuzzer in Metasploit
3 min
IT Ops
How to Integrate Go / GoLang with Logentries
Would you like to send logs from your Go program code into your Logentries
account?Thanks to the help of Gal Ben-Haim’s, bsphere Golang library for log
entries , Go coders can be sending their logs
to Logentries in no time at all. Benefits of using this Go Lang library and
implementing with your Logentries account include:
* Remote viewing and analysis of your Go program log events
* All your logs are sent to one location, and viewed through an easy to use
2 min
Metasploit
Feedback on Rapid7's Tech Preview Process and Metasploit Pro 4.10
By guest blogger Sean Duffy, IS Team Lead, TriNet
Rapid7 invited me to participate in pre-release testing of Metasploit 4.10, a
process they call Tech Preview. They asked me to openly share my thoughts with
the community.
Preparation and Logistics
I always enjoy working with Rapid7. Preparatory meetings and documentation made
the installation and testing process a breeze. Rapid7 was also kind enough to
extend my testing and feedback sessions when work so rudely intruded on the fun.
Zero comp
4 min
Events
More SNMP Information Leaks: CVE-2014-4862 and CVE-2014-4863
Today, Rapid7 would like to disclose a pair of newly discovered vulnerabilities
around consumer and SOHO-grade cable modems, the Arris DOCSIS 3.0 (aka,
Touchstone cable modems) and Netmaster Wireless Cable Modems. Both exposures
were discovered by Rapid7's Deral Percent_X
Heiland and independent researcher Matthew Kienow. The duo plan to discuss these
and other common vulnerabilities and configuration issues at DerbyCon near the
end of September. In the meantime,
3 min
IT Ops
Real-time Alerting on Anomaly and Inactivity Made Simple.
“a·nom·a·ly”
1. Deviation or departure from the normal or common order, form, or rule.
When someone is looking to be alerted when something unexpected happens within
their environment they are usually referring to anomaly detection. But the
problem is that it’s hard to turn a complex problem (i.e. looking for something
when you are not sure what it is) into an easy to use solution.
The thing about anomaly detection is that you don’t know how the issue will
present itself so predicting the patte
1 min
Metasploit
msfconsole failing to start? Try 'msfconsole -n'
As part of the last release, the Metasploit Engineering team here at Rapid7 has
been on a path of refactoring in the Metasploit open source code in order to
make it more performant and to get toward a larger goal of eventually breaking
up the framework into a multitude of libraries that can be used and tested in a
standalone way.
This effort will make it easier to deliver features and respond to issues more
quickly, as well as ensure that regressions and bugs can get diagnosed, triaged,
and fix
4 min
Metasploit
Hunting for Credentials: How Metasploit Pro Beat Me on the Command Line
By guest blogger Robert Jones, Information Security Manager, City of Corpus
Christi
I had the opportunity to participate in a tech preview of Metasploit Pro's new
credentials features. In our shop, we use Metasploit Pro, Nexpose, UserInsight
and ControlsInsight, all by Rapid7. I certainly wish I could spend the majority
of my time pentesting, but instead I often times I find myself using Metasploit
to educate users by showing them how I can compromise their machines. It is
incredibly compelli
6 min
IT Ops
An APM Solution Divided Cannot Stand
This post originally appeared onthe Smart Bear blog
. To read
more content like this, subscribe to the Software Quality Matters Blog
.
Frustrations with lack of tool unification might just lead to revolution in the
APM space…
Application Performance Management (APM) is a broad concept, and many
technologies fall under its umb
3 min
IT Ops
Evolve, Don't Revolve
Logs have been around for a while, not quite as long as the wheel, but not far
off. Here at Logentries, we have the mantra of evolve don’t revolve (as in don’t
sit around spinning your wheels getting nowhere). We are taking this concept
and looking to evolve the way you work with and think about your log data.
Gone are the old days, where you only used logs to find exceptions. A new day
has dawned, and the future is here, the future is Logentries (
2 min
Metasploit
Metasploit Pro's New Credentials Features Save Us Time in Workflows
By guest blogger Dustin Heywood, Manager, Security Assurance, ATB Financial
Recently I was invited to participate in Metasploit Pro's Tech Preview Program,
where customers are given early access to new product releases. I've taken part
in this program before and I have always loved the experience.
For those of you who haven't been involved in a Rapid7 Tech Preview program: It
starts out with a call with the customer engagement manager and the product
management team, who gave me an overview
3 min
Improving Visibility into your Security Program – the Risk Scorecard Report
One of the most strenuous aspects of managing your security program is
understanding where to focus your time and effort. It can be a challenge to
balance providing consistent progress updates to your stakeholders and working
with your IT teams to prioritize and remediate issues based on the most accurate
data available at that time. Communication is critical, yet how do you know what
to target and how do you share this information with your organization? Nexpose
has the perfect tool to help yo
1 min
Microsoft
August Patch Tuesday
Microsoft clearly wants everyone to shake off the dog days of summer and pay
attention to patching. This month's advance notice contains nine advisories
spanning a range of MSFT products. We have the ubiquitous Internet Explorer all
supported versions patch (MS14-051), with the same likely caveat that this would
apply to Windows XP too, if Microsoft still supported it. This patch addresses
the sole vulnerability to be actively exploited in the wild from in this month's
crop of issues, CVE-201
4 min
IT Ops
JSON logging in Apache and Nginx with Logentries
I’m often asked on calls with our customers what is the preferred format for log
data being sent to Logentries
. While we pride ourselves on being the Log Management
tool that is easiest to setup a
4 min
IT Ops
How D3 can help you build effective data visualizations
Data Visualization is the method of consolidating data into one collective,
illustrative graphic. Traditionally, data visualization has been used for
quantitative work, but ways to represent qualitative work have been shown to be
equally powerful. The main goal of data visualization, is to communicate
information clearly and effectively through graphical means. That doesn’t mean
that it needs to look boring to be functional or extremely sophisticated to look
beautiful. In order to achieve a bala
2 min
Events
Metasploit Race to Root and Loginpalooza
Race to Root
Unless you've gotten to this blog by freak accident, you are certain to be aware
that next week is Black Hat USA 2014, and of course, we'll be there. You can
find us at Booth #541, where we'll be running the Metasploit Race to Root, using
the latest pre-release build of Metasploit Pro.
Now, this is not just a contest to see who can get their badge scanned the
fastest. Oh no. This is a real, hands-on micro-sized capture the flag
competition, run by our capable and talented in-house