2 min
Famous quotes and their bearing on information security
I love reading the works of the achievement and leadership greats. Their words,
some of which date back centuries, not only provide insight and motivation for
my career, they also validate many of the challenges we face in IT and
information security today. These ideas are great additions to my writing and
speaking and they're also, arguably, the one shoe-in we have with management on
the points we're trying to convey.
Here are some great quotes from some famous people that you might find
benef
1 min
January 2014 Patch Tuesday
2014 is off to a light start with Microsoft, as January was a very quiet month
for patches. There were only four advisories released this afternoon.
For the first time in quite a while, there is not a cumulative IE roll up patch.
I believe that this means the IE team was finally allowed to take a vacation
after the grueling year they had in 2013. However, I certainly expect them back
in February.
The second bulletin, MS14-002, addresses the somewhat awaited kernel elevation
of privilege
4 min
IT Ops
How to Send Log Data via a Proxy Server using Rsyslog
If you have a large number of servers you may have a requirement to
configure proxy servers in various parts of your network to accept messages and
then forward them to a centralized logging solution or service
. We regularly see this with larger customers where it
makes sense to collect logs centrally before sending them on to Logentries for
analysis. In some cases this can be a more stringent requirement where parts of
your network may not have direct access to the publ
1 min
Metasploit
Free Webcast: From Framework to Pro - Using Metasploit Pro in Penetration Tests
Metasploit Pro is more
than just a pretty web interface for Metasploit; it contains many little known
features that simplify large scale network penetration tests. In this technical
webinar for penetration testers who are familiar with Metasploit Framework
, David Maloney shows which features he finds most useful in Metasploit Pro.
Watch
3 min
IT Ops
How To Monitor Windows with Logentries
We are often asked at Support questions such as, “How do we use Logentries to
monitor Windows performance stats?” or “Can Logentries get alerts based on CPU
utilization on Windows?” The simple answer is yes, with the help of our
Logentries Agent for Windows and PowerShell
we can.
Here is a 5 minute tutorial to get you monitoring your CPU, Memory and Disk
Space with Logentries.
Installing the Logentries Agent
You
4 min
Metasploit Now Supports Malware Analysis via VirusTotal
VirusTotal is a free online service that allows you to analyze files or URLs in
order to identify malware detectable by antivirus engines, and is one of the
most popular ones in the community, so we decided to get a piece of that action.
As offensive tool developers, we often find ourselves testing the capabilities
of different AV products. There are usually two ways to achieve this, of course.
You either spend some money and build your own lab, or you spend nothing and
just use VirusTotal's API
10 min
Piercing SAProuter with Metasploit
Saprouter is basically a reverse proxy for SAP systems, typically sitting
between the Internet and internal SAP systems. Its main purpose is to allow
controlled access from hosts on the Internet to the internal SAP systems, since
it allows for a finer grained control of SAP protocols than a typical firewall.
This means that saprouter usualy ends up being exposed to the Internet, by
allowing the inbound TCP port 3299 to the saprouter host on the organization's
firewalls. And from the saprouter,
2 min
Exploits
Weekly Metasploit Update: Arbitrary Driver Loading & Win a WiFi Pineapple
Wow, I don't know about you, kind reader, but I'm just about blogged out after
that 12 Days of HaXmas sprint. I'll try to keep this update short and sweet.
Arbitrary Driver Loading
This week's update include a delightful new post module for managing a
compromised target, the Windows Manage Driver Loader by longtime Metasploit
community contributor, Borja Merino. If you, as a penetration tester, pops a box
get gains administrator rights (or elevate yourself there using any of the
several strateg
1 min
Metasploit
Make Your Voice Heard & Make Metasploit More Awesome
We've sharpened our pencils and put up a drawing board to decide where we want
to take Metasploit in 2014 and beyond. Metasploit is built on collaboration with
the community, both through the contributions of security researchers in
building the open source Metasploit Framework, and through a continuous feedback
loop with our customers that enables us to keep driving the solution to meet
their needs. As part of our continued commitment to the latter, we're asking you
to let us know how you use
1 min
Haxmas
Metasploit's 12 Days of HaXmas
12 Days of HaXmas, Wrapped!
Over the actual Twelve Days of Christmas
, we here in Metasploit
Nation have been celebrating the 12 Days of HaXmas by bringing our blog readers
a fresh post about Metasploit (and hackery in general) every day for twelve days
straight, all tagged under HaXmas. That conveniently lists all 12 posts in
reverse order, so as you scroll through the titles, you can sing along:
On the 12th day of HaXmas, my true love g
8 min
Authentication
12 Days of HaXmas: Diving Into Git for Current and Future Metasploit Devs
This post is the eleventh in a series, 12 Days of HaXmas, where we take a look
at some of more notable advancements in the Metasploit Framework over the course
of 2013.
Make no mistake -- the initial learning curve for git and GitHub can be pretty
hairy. Way back in 2011, we made the initial move to GitHub for our source code
hosting, but it took us until 2013 to remove the last vestiges of our old SVN
infrastructure. In the meantime, we've picked up a fair amount of git and GitHub
smarts. For
4 min
Haxmas
12 Days of HaXmas: Exploiting (and Fixing) RJS Rails Info Leaks
This post is the fifth in a series, 12 Days of HaXmas, where we take a look at
some of more notable advancements in the Metasploit Framework over the course of
2013.
Several weeks ago, Egor Homakov wrote a blog post
pointing out a common info leak vulnerability in many Rails apps that utilize
Remote JavaScript. The attack vector and implications can be hard to wrap your
head around, so in this post I'll explain ho
4 min
12 Days of HaXmas: Impress Your Family With Elite Metasploit Wizardry
This post is the fourth in a series, 12 Days of HaXmas, where we take a look at
some of more notable advancements in the Metasploit Framework over the course of
2013.
Every year during a major holiday, we crawl out from our own bat cave and
actually spend time with our family and friends. People start asking you what
you do for a living? You respond with something you probably regret like "I am a
penetration tester.", because to an average person your job title probably
sounds no different than
3 min
Haxmas
12 Days of HaXmas: Meterpreter, Reloaded
This post is the third in a series, 12 Days of HaXmas, where we take a look at
some of more notable advancements in the Metasploit Framework over the course of
2013.
Over the last quarter of 2013, we here in the Democratic Freehold of Metasploit
found that we needed to modernize our flagship remote access toolkit (RAT),
Meterpreter. That started with cleaving Meterpreter out of the main Metasploit
repository and setting it up with its own repository
, and
1 min
UI Vulnerability Exception Query
Working in support, we receive a lot of request of extracting the vulnerability
exception data from the UI. With this query noted below and using our new SQL
Query export feature, you'll finally be able to obtain that data.
This query will provide you with:
* Exception Scope
* Additional Comments
* Submitted Data
* Submitted By
* Review Date
* Review By
* Review Comments
* Expiration Date
* Status of Exception
* Reason
* Vulnerability Title
* Nexpose ID.
SELECT
CASE
WHEN dve.s