VMware Running on Windows Host Security Hole

by File in: security, Windows

If you are running VMware on a Windows host configured with host-to-guest shared folders, it is possible for a program running in the guest to gain access to the host’s complete file system and create or modify executable files in sensitive locations. A vulnerability exists in VMware’s shared folders mechanism that grants users of a […]

Out of the Box, the ASUS Eee PC is Incredibly Insecure

by File in: security

HDM pointed out on the Metasploit blog that the guys from RISE Security rooted an ASUS Eee PC quite easily. They used Metasploit to exploit a Samba vulnerability that was published in July 2007 – almost seven months ago. Why is ASUS shipping new products with vulnerabilities that are serious enough to allow attackers to […]

SBS 2003 and Microsoft Security Bulletin MS08-006

by File in: SBS, security

I was scanning through Microsoft Security Bulletin MS08-006 and saw the Aggregate Severity Rating was ‘Important’ for all versions of Windows XP and Windows 2003. Because no critical ratings were listed, I felt secure in waiting a day or two before applying this patch. I tend to wait for others to find patch problems before […]

Check out Hello Secure World Virtual Labs

by File in: security

Microsoft’s Hello Secure World web site has some very nice virtual labs all network administrators should take a run through. You’ll be introduced to some of the attacks the bad guys use to try to penetrate our networks, such as Cross Site Scripting and SQL Injection. This site is definitely targeted towards the MSDN/developer crowd, […]

MS08-001 details and exploit video

by File in: security, Windows

Here is an interesting, albeit highly technical video analyzing a buffer overflow vulnerability described in MS08-001. I knew assembly language back in college, but it was still tough for me to understand how the code analysis was performed. For those who are not familiar with this security bulletin: According to ISS, who discovered this issue, […]

Printer spamming on port 9100

by File in: security

Jeremiah Grossman posted about an interesting proof of concept paper Aaron Weaver wrote about spamming printers from the Internet. He is able to perform this cross-site printing exploit that uses RAW IP printing on port 9100 to print out ascii art on an unsuspecting user’s printer. I decided to try this out for myself on […]

Free application vulnerability scanners from Secunia

by File in: utilities

I was reading Claus’ Grand Stream Dreams site today and came across a post where he mentioned Secunia’s Software Inspector, a free online application vulnerability scanner that will search your computer for software with known security issues. It’s a Java applet which doesn’t require installation and performed a through system scan quite quickly. Within a […]

Howto: Create a bootable Backtrack 2.0 USB flash drive

by File in: howto

The Backtrack 2.0 final distribution is probably the finest collection of open source network penetration, security, and auditing tools currently available. I use this software for some network penetration testing and security auditing work I perform. I suggest only using these tools on networks you own or have permission to audit because of potential legal […]

The ACPO Good Practice Guide for Computer-Based Electronic Evidence

by File in: Guides

This guide, written with law enforcement officers in mind, is a great introductory guide to incident response. It’s chock full of information and suggestions regarding securing a potential crime scene and preserving digital evidence. I don’t specialize in security, but I’ve participated in more than a few investigations, including one with the FBI. This is […]