1 min
Nexpose
How to Check for Remote Desktop Protocol (RDP) Services
There are many organizations concerned with the critical Microsoft Security
Bulletin MS12-020
[http://technet.microsoft.com/en-us/security/bulletin/ms12-020] Remote Desktop
Protocol (RDP) vulnerability. Here is a quick way to check if you have Remote
Desktop Protocol running on your system or network. I used NMAP
[http://nmap.org/] to check my home network.
In the highlighted text below you can see that NMAP can check for the RDP
service running. If you can't patch, this is important because at
2 min
Microsoft
Information Disclosure: Out of Office Auto Replies
Out of office replies are a blessing and a curse for organizations from an
operational security perspective. Many of the out of office auto replies I
receive contain too much information. Since many security professionals are at
the RSA Conference this week I've had plenty hit my inbox. This is nothing
compared to December around the holiday season. Like anything the information in
the replies can be used for good and bad. Good people are trying to ensure that
work continues while they are away
2 min
Quality Security: People, Process, and Products
Here at Rapid7 we have tons of talented people across the board, sometimes it's
scary. One of the people who I've interacted with a lot is Jennifer Benson, our
VP of Customer Experience. Through Jen I have found that three tenants of
People, Process, and Products (the 3Ps) are very handy when it comes down to
delivering just about anything. We use the 3Ps here at Rapid7 to deliver quality
customer experiences. Jen is very smart and she breaks many things down by using
the 3Ps. There is a reason
1 min
Metasploit
Free Microsoft Virtual Machines for Testing
I am often asked how security professionals and students can safely test
security software. My usual response is, they should create a virtual lab with
diverse operating systems for testing. The problem that many encounter is they
don't have licenses available to install the operating systems.
During my creating and testing the Metasploit Javascript Keylogger
[/2012/02/21/metasploit-javascript-keylogger], I came across free virtual
machines from Microsoft that are sure to be useful to securit
3 min
Metasploit
The Art of Keylogging with Metasploit & Javascript
Rarely does a week go by without a friend or family member getting their login
credentials compromised, then reused for malicious purposes. My wife is always
on the lookout on Facebook, warning relatives and friends to change their
passwords. Many people don't understand how their credentials get compromised.
Password reuse on several websites is usually the culprit. Password reuse is a
problem even if the website encrypts the passwords in their databases. An
attacker only needs to insert some
2 min
Microsoft
Microsoft Patch Tuesday - November 2011
November's Microsoft Patch Tuesday contains four bulletins: one “critical”, two
“importants”, and one “moderate”. The majority of these bulletins relate to
Microsoft's later versions of the OS, implying that the flaws they address were
possibly introduced with Windows Vista. Generally more vulnerabilities are found
in earlier versions of the OS, so this month is unusual.
The critical bulletin – MS11-083 – is a TCP/IP based, specifically UDP,
vulnerability which affects Vista, Windows 7, Server
0 min
Metasploit
Metasploit Framework Featured on CNN: Phishing Made Simple
While browsing security related articles at CNN, I noticed this video of Eric
Fiterman demonstrating a phishing attack and some post exploitation techniques
with Metasploit Framework.
Video courtesy of:
2 min
Patch Tuesday
October 2011 Patch Tuesday
This month, Microsoft issued eight bulletins, addressing 23 vulnerabilities
across Microsoft Windows, Silverlight, .NET and Forefront product lines. Only
two bulletins were rated 'critical', and the rest were rated 'important'.
In terms of prioritizing patching, when I look at security vulnerabilities,
first I want to understand which ones can have the most widespread impact.
MS11-081is a cumulative update which affects Internet Explorer, so it relates to
both corporate and home users. These v
2 min
Microsoft
Microsoft September 2011 Patch Tuesday
This month, Microsoft issued five bulletins to address 15 vulnerabilities. All
of these bulletins are rated “important”; however, while there are no “critical”
bulletins this month, organizations should not downplay the vulnerabilities
being addressed. It's easy for organizations to gain a false sense of security
during a light patch month and sometimes an attitude of complacency towards
non-critical vulnerabilities is evident.
“Important” vulnerabilities may not give attackers the full roo
3 min
Compliance
Disclosure, Destruction, and Denial
A few years ago while I was working at Defense Cybercrime Center (DC3), one of
my colleagues Terrence Lillard talked about the DDD triad in regards to what
attackers want to do to organization's assets. I haven't heard anyone outside of
him using that term, but I think it's worth sharing. I participated in an
awesome mini-conference event last week with the Metasploit Developement team
and this came up during my talk on Risk Management. When I asked the audience of
seasoned security practicioner
2 min
Patch Tuesday
July Patch Tuesday
Only four bulletins in July's Patch Tuesday, but patching a not insignificant 22
vulnerabilities. Only one of the bulletins is classified “critical”: MS11-053.
This should be taken seriously as it can allow remote command execution to
clients on Windows 7 and Windows Vista. This could affect both consumer and
corporate users.
In addition, wireless vulnerabilities like this one (MS11-053) are always
considered quite sexy because if successfully exploited they allow attackers to
do anything the
2 min
Metasploit
Testing Snort IDS with Metasploit vSploit Modules
One of my key objectives for developing the new vSploit modules
[https://www.rapid7.com/blog/post/2011/06/02/vsploit-virtualizing-exploitation-attributes-with-metasploit-framework/]
was to test network devices such as Snort [http://www.snort.org]. Snort or Cisco
[https://www.cisco.com/site/us/en/products/security/index.html] enterprise
products are widely deployed in enterprises, so Snort can safely be considered
the de-facto standard when it comes to intrusion detection systems (IDS). So
much
2 min
Metasploit
Emulating ZeuS DNS Traffic with Metasploit Framework
[UPDATE 6/28/2011] vSploit Modules will be released at DEFCON
This is a follow-up post for vSploit - Virtualizing Intrusion & Exploitation
Attributes with Metasploit Framework
[https://community.rapid7.com/blogs/rapid7/2011/06/02/vsploit--virtualizing-exploitation-attributes-with-metasploit-framework]
about using Metasploit as a way to test network infrastructure countermeasures
and coverage. I mentioned obtaining list of suspicious domains to use for
testing organization's networking intell
2 min
Metasploit
vSploit - Virtualizing Intrusion & Exploitation Attributes with Metasploit Framework
Many organizations are making significant investments in technologies in order
to tell if they have been compromised; however, frequently they find out when it
is too late. There are several network-based attributes that, when combined,
indicate possible compromises have taken place. Many pentesters are successful
at compromising hosts; however, commonly they are restricted in what they can
and can't do. There needs to be a way that they can sucessfully mimick threats
and scenarios, even when re
1 min
Metasploit
Metasploit Framework 3.7.1 Released!
Originally posted by HD Moore:
We are happy to announce the immediate availability of version 3.7.1 of the
Metasploit Framework, Metasploit Express, and Metasploit Pro. This is a
relatively small release focused on bug fixes and performance improvements.
Notable highlights include an improved IPv6 reverse_tcp stager from Stephen
Fewer, a performance improvement for HTTP services (client-side modules), a bug
fix to channel support in the PHP Meterpreter, an update to MSFGUI, and various
small