Vyatta Excel Firewall Rule Generator « Adam’s Tech Notes

6 09 2010

As one of the many happy Vyatta users around the globe, I like things that make life easier to create rules etc. The web interface on Vyatta …. “needs some work” to make it useful. The following post on “Adam’s Tech Notes” is about an awesome excel spreadsheet he has created to help with firewall rule management for Vyatta. Its early days & he is looking for comments & feedback for its use – so download a copy, bang in some firewall rules & give him some support to get this off the ground.

Vyatta Excel Firewall Rule Generator

3 September 2010, 11:11 am

Vyatta is fantastic as a routing product, but one thing I always hate is having to maintain firewall rules. The web interface makes managing rules cumbersome and the command line, whilst the best way to create rules, is hopeless if you need to re-order, re-number or do any of these types of tasks. To be fair, this is a problem on most routers and is not specific to Vyatta itself.

via Vyatta Excel Firewall Rule Generator « Adam’s Tech Notes.

Advertisements




PaulDotCom: Archives : Zen and The Art Of An Internal Penetration Testing Program

5 09 2010

Ok Ok …. I know im 2 years late to post this as a “new” presentation – but there is some interesting & valuable info in here about pentesting your internal network. Its starts out pretty high level, but is a nice rounded overview on the reasons, methods & tools that you can use to penetration test your network. Hosted by CoreSecurity & presented by Paul Asadoorian from pauldotcom.

Part1:

• Phase I – Target identification
• Phase II – Detect OS & Services
• Phase III – Identify Vulnerabilities

Part2:

• Phase IV – Exploitation
• Phase V – Post-Exploitation
• Phase VI – Reporting

Part 1 has some great grounding information in penetration testing, examples in here for several tools (nmap, nessus, nbtscan etc) and also ways to link them together, eg, run an nmap scan across the network, identifying windows hosts listening on 445, use the nmap scripting engine to determine if they are vulnerable – and use that list of hosts in nessus or metasploit etc.

Part 2 contains more information on why should you exploit a machine, how to exploit etc, using both Metasploit & Core Impact. Some useful info on tasks to perform once you have compromised a host – automated info gathering, looking for sensitive data, gathering screenshots, video, sound recordings etc etc. This segment ends with some good tips on how to report this information to management, then some Q&A.

there is some great info in here, its worth a look.

Part 1:

This webcast is Part I of a two part series I am doing in collaboration with Core Security Technologies. The presentation is full of tips, tricks, process, and practical knowledge about performing penetration testing within your own organization. Whether you are a third-party doing penetration tests or want to penetration test your internal network, this webcast is for you! In Part I I cover such topics as finding rogue access points, processes for creating a successful penetration testing program, identifying targets, and more! Information and resources are below:

via PaulDotCom: Archives.

===OR===

Zen and the Art of an Internal Penetration Testing Program Part I with Paul Asadoorian
Recording date: Wednesday, November 19, 2008 3:00 pm Eastern Standard Time (New York, GMT-05:00)
Panelist Information: Paul Asadoorian of PaulDotCom Security Weekly
Duration: 1 hour 9 minutes
Description:

Please join Core Security and Paul Asadoorian, founder of PaulDotCom Security Weekly, for a live webcast: “Zen and the Art of Maintaining an Internal Penetration Testing Program.”

During this webcast, Asadoorian will offer tips on successfully integrating penetration testing into your vulnerability management program. You’ll learn:

* How to determine if internal penetration testing is right for your organization
* What questions you should ask when planning a pen testing initiative
* How you can best pitch testing to other departments and gain permission from management
* What types of tests to run and how to address the process of dealing with compromised devices
* Which tips and tricks can help you carry out faster, more effective testing

Whether you’re considering rolling out an internal penetration testing program or need a refresher of best practices for your current testing initiatives, this webcast is sure to be time well-spent.

via Core Security: Recorded webcast

Part 2:

During the webcast, Paul Asadoorian of PaulDotCom Security Weekly will discuss best practices for automating your security testing initiatives. You’ll learn tips and tricks for tying vulnerability scanning, penetration testing and reporting into an efficient, repeatable testing process. Paul will demonstrate techniques for vulnerability identification and exploitation, including:

• Importing Nmap data into Nessus
• Using Nessus, and running nessuscmd to automate vulnerability scanning
• Importing results into Metasploit
• Running msfcli to automate penetration testing
• Importing Nmap & Nessus results into CORE IMPACT Pro
• Using Python to script tasks on compromised hosts with CORE IMPACT Pro

You’ll also get answers to questions such as, “How do I integrate password cracking into my testing?” and “What should I do once a host is compromised during a test?”

via Core Security: Recorded webcast





HttpWatch: Overview

5 09 2010

I just want to share a nice little tool I have been using to troubleshoot web page load times, and also as an easy way to see all the components of a loaded page without having to view source. You can simply load up the plugin, hit record, go to the website & you get a breakdown of each object, the time it takes to load and the link for it. It makes calls like “my internet is slow” easier to measure. Its free (for the basic version) and I find it very useful. Check it out. – HttpWatch

HttpWatch integrates with Internet Explorer and Firefox browsers to show you exactly what HTTP traffic is triggered when you access a web page. If you access a site that uses secure HTTPS connections, HttpWatch automatically displays the decrypted form of the network traffic.

Screenshot of HttpWatch

Conventional network monitoring tools just display low level data captured from the network. In contrast, HttpWatch has been optimized for displaying HTTP traffic and allows you to quickly see the values of headers, cookies, query strings and more…

HttpWatch also supports non-interactive examination of HTTP data. When log files are saved, a complete record of the HTTP traffic is saved in a compact file. You can even examine log files that your customers and suppliers have recorded using the free Basic Edition.

via HttpWatch: Overview.





The Ethical Hacker Network – Maltego 3: First Look

5 09 2010

Recently read a great review on Maltego – its a quick walk through on digging the internet for information on an individual, from just a name, to email addresses, photos to physical location & phone numbers – its worth a read, and worth a download & play with the free version.

What is Maltego?

Maltego is an open source intelligence and forensics application. It will offer you timous mining and gathering of information as well as the representation of this information in a easy to understand format.

Maltego, developed by Roelof Temmingh, Andrew Macpherson and their team over at Paterva, is a premier information gathering tool that allows you to visualize and understand common trust relationships between entities of your choosing. Currently Maltego 3 is available for Windows and Linux. There is also an upcoming version for Apple users that has yet to be released.

Information gathering is a vital part of any penetration test or security audit, and it’s a process that demands patience, concentration and the right tool to be done correctly. In our case Maltego 3 is the tool for the job.

In this article we explore Maltego 3 and examine its fundamental features and a little hands-on with the newly designed version. If you haven’t already had a chance to upgrade to or pick up Maltego 3 you are missing out.

via The Ethical Hacker Network – Maltego 3: First Look.





Metasplot and social engineering toolkit SET on iphone4

17 08 2010

Having recently (1 week & counting) upgraded my iPhone 3G to a shiny new HTC Desire (more coming on that later), I was quite interested to see that someone has successfully ported metasploit & SET to an iPhone 4 … now to see if it will run on my now spare iPhone 3G ….

Metasploit 3.4 and SET 0.6.1 on iPhone 4

Posted Aug 7 2010 by muts in Offensive Security with 1 Comment

iphone4 msf 03 Metasploit 3.4 and SET 0.6.1 on iPhone 4Metasploit 3.4.2 on the iPhone 4

Just a quick update on getting your favorite tools on iOS 4 – Metasploit and SET. You need to have a Jailbroken iPhone with SSH access for this. You will also need to install nano and APT 0.7 Strict via Cydia. Getting everything up and running is a breeze now. Open a console and type in:

cd /private/var/

apt-get install subversion nano ruby rubygems wget python

apt-get clean

wget http://www.metasploit.com/releases/framework-3.4.1.tar.bz2

tar jxpf framework-3.4.1.tar.bz2

cd msf3

svn update

Remember that everything takes a bit more time on the iPhone, be patient while running msfconsole for the first time. Once that’s done, its a quick path to a shell:

iphone4 msf 02 Metasploit 3.4 and SET 0.6.1 on iPhone 4

via Metasplot and social engineering toolkit SET on iphone4.





Social-Engineer Toolkit v0.6.1 Teensy USB HID Attack Vector | SecManiac.com Blog

17 08 2010

hehehe … it was only a matter of time. With devices such as the original yubikey that I have been using being able to be programed to auto launch a website when plugged in, its good to see the idea going to the next level:

Social-Engineer Toolkit v0.6.1 Teensy USB HID Attack VectorPosted by relik @ 8:31 pmThe Teensy devices http://www.prjc.com are Arduino based devices that allow you to utilize onboard memory storage on a microcontroller and emulate a keyboard/mouse. In the Social-Engineer Toolkit SET, gives you the ability to choose Metasploit based payloads and drop a small download stager either through WSCRIPT or through PowerShell to download a backdoor from a remote IP/machine and execute it on the system itself. Why this attack is so useful is that it emulates a keyboard 100 percent, so you can essentially bypass any autorun protections on the system since its a keyboard, not a flash drive or CD/DVD type autorun attack. SET handles the entire creation from a webserver housing the malicious payload, to the actually Metasploit handler.

via Social-Engineer Toolkit v0.6.1 Teensy USB HID Attack Vector | SecManiac.com Blog.

Original credit appears to be going to irongeek from his very detailed original posting – including pictures (we all like pictures) here: Programmable HID USB Keystroke Dongle: Using the Teensy as a pen testing device





Portable Linux Apps Which Work With Any Linux Distro

25 07 2010

I have to admit, I am on the portable apps bandwagon – I cant live without my portable windows apps, meaning I dont have to install software onto restrictive machines – but still be able to do what I want to do (putty / portable firefox with foxproxy etc etc). Now that I have started using DropBox – I have my various Windows machines pretty well sorted with Apps & Data from anywhere. I was curious about other portable apps for Linux / MAC etc and stumbled across this one for Linux Portable Apps from my MakeUseOf feed – its worth a read.

Portable Apps for Windows and Mac have been around for a long time, but are less common in the Linux world. Due to the complexity of Linux dependencies, and the different way different distributions locate these dependencies, the portable Linux application long seemed like a pipe dream.

Until now.

New website PortableLinuxApps features a number of portable Linux applications, which will work on any Linux distribution. These can run off your flash drive or from a folder in your home directory; it doesn’t matter. Best of all, there’s documentation out there to help you make your own program, should you not be able to find what you’re looking for.

via Portable Linux Apps Which Work With Any Linux Distro.