SecuraBit

Before It Bytes!

The Academy Pro – Weekly Video Review

The Academy Pro this week released videos covering a range of topics applying to the penetration testing software Core Impact, McAfee Security Center, GFI Network Server Monitor, Panda GateDefender Integra and more!  Here is a brief rundown of what’s new.  So be sure to stop on by, sign up, sit back and learn something!

(Please note, you must register with The Academy Pro before viewing these videos!)

Quick system scan with McAfee Security Center

Installing McAfee Security Center

GigaVUE file management with Citrus

GigaVUE file management with the CLI I

GigaVUE file management with the CLI II

Enable logging with GFI Network Server Monitor 7

Installing GFI Network Server Monitor 7

Installing and updating Core Impact 10

URL Filtering with Panda GateDefender Integra

Configuring a Panda GateDefender Integra in Route Mode

Also, The Academy Pro has recruited bloggers to add content to their site, but they are still looking for more. If you believe you have what it takes to post up-to-date security content on their blog, drop them a line at feedback[@]theacademypro[dot]com

Escaping the clutches of The GOOG

We live in a world where everything and anything is just a click or web search away. Instant access to information is the new norm and seemingly taken for granted.  When questions need answering, most “Just Google it.”; with that ease and convenience of using The GOOG though, comes a price…Your privacy.

Enter GoogleSharing.

On Tuesday, Moxie Marlinspike released a small lightweight Firefox extension that is aimed to prevent the collection of users search/behavioral data by Google. GoogleSharing works by serving all of your queries through a custom proxy that contains a collection of what Moxie calls “GoogleSharing Identities”.  When enabled, if the Firefox plug-in detects a request sent out to any of Google’s services, it routes you through the proxy, removes any identification information and then replaces that data with one of the random, pooled Google Sharing Identities.  Pretty slick!  Obviously, if you are already logged into any of Google’s many services (Gmail, iGoogle, Groups etc) GoogleSharing won’t help one bit.

While anonymous proxies are nothing new, GoogleSharing introduces a different method of anonymity for a pretty specific threat. With its lean and quick Firefox extension, GoogleSharing is a step in the right direction of trying to regain some sort of privacy back on the net.

Hacking China Gone Wild

The Peoples Republic of China sure has been busy making it into the headlines the past few days:

Early Tuesday morning, China’s premier internet search engine Baidu, was attacked by the group calling themselves the Iranian Cyber Army. The DoS attack which took place over the night rendered the search giant’s website unavailable throughout most of the morning with one Taiwanese version of the site still recovering. The attack vector used on Baidu seems to be the same internal credentials method in which the Iranian Cyber Army used against Twitter just last month.

With this type of DNS attack seeming to be all the rage these days; it didn’t take long for Chinese hackers to slap back with a message of their own. Within hours of Baidu going down, at least two Iranian website have been compromised with more said to be on the way. This isn’t the last we’ll hear of this intercontinental cyber-street-fight…

Stealing the headlines late yesterday though was the news that Google.cn was attacked as part of a large scale sophisticated attack on their infrastructure. According to Tuesday evenings blog post, the mid-December attack targeted various Gmail accounts of Chinese human rights activists. The attackers however, were not able to gain total access into the email accounts; they only obtained bits of information from the subject line of the emails. As a form of retaliation, Google has since stopped censoring search results in China and threatened to pull out of the country all together.

While the details of this story are slow to unfold, it is looking more and more like a high profile corporate espionage operation organized or maybe even sponsored by Chinese government. A statement from Leslie Harris, president and CEO of the Center for Democracy and Technology seems to echo that fact: “They wouldn’t be taking an action suggesting that they cannot operate in China … if it was not related to the Chinese government,” she said.

Based on recent posts by Adobe and now news that Yahoo may have been targeted as well, a statement issued by the US government is letting China know that they are taking these allegations very seriously. It will be interesting to see what comes of all this as more details are emerging by the minute.

Blog post by:  Sean Hausauer

The Academy Pro – Weekly Video Review

Back in November of 2009, the SecuraBit crew teamed up with The Academy Pro. For those who may not be totally up to speed with our affiliate site, The Academy Pro hosts a plethora of ‘how-to’ videos covering topics ranging from penetration testing to showing how to properly configure that shiny new firewall appliance. The Academy Pro currently has over 500 videos hosted on their site, all of which that can be easily searched by entering in your topic of choice.

This week The Academy Pro released ten videos covering a range of topics applying to the FortiGate firewall, SAINT 7.2.3, Zscaler, and Gigamon . Here is a brief rundown of what’s new this week. So be sure to stop on by, sign up, sit back and learn something new!

(Please note, you must register with The Academy Pro before viewing these videos!)

Blocking adult websites with Zscaler

Defining virus alerts with Zscaler

Configuring email alerts with a FortiGate firewall

Configuring event logs with a FortiGate firewall

Scanning OS X Snow Leopard with SAINT 7.2.3

Viewing host information with SAINT 7.2.3

Adding a new user to a TippingPoint device

Configuring HTTPS on a Gigamon GigaVUE

Configuring SNMP with Gigamon

Configuring SNMP with Gigamon

Also, be sure to join in on The Academy Pro chat room where they will be interviewing Nir Zuk, CTO of Palo Alto Networks, Monday January 11th at 2PM EST.

Blog post by:  Sean Hausauer

Everything Shmoo!

So begins another New Year and with it brings another year of conferences. One of the larger events to bring in the New Year is always ShmooCon which takes place this February 5th-7th in Washington DC. With the third and final round of tickets being sold out again in record time, those of you lucky enough to snag a barcode this time around look to be in for yet another amazing conference.

Speaking of that final round of ticket sales… Those of you that attempted to reserve a ticket during the last round might have noticed yet another ‘challenge’ to get that golden ticket to this year’s event. Round three brought in a server with much more availability than the previous two rounds and a webpage that was responsive the entire time. So what actually happened then?

The round three ‘challenge’ had to do with the link that brought you to the first step of the registration process. Clicking on the link brought you to a page greeting you with a ‘403 Forbidden’ error stating ‘You don’t have access to /cart/ on this server’. However, if you looked a bit closer at the URL while dusting off your web application hacking skills; you might have noticed that it wasn’t totally complete. The missing link was to manually enter in ‘reserve.cgi’ to the end of the URL.  Once the URL was manually made valid you were then able to go through the rest of the registration steps, enter in your Captcha and complete the process. The issue was caught and corrected by the site admins, but since the remaining tickets sold out in 15 minutes or so, it still left some in the dark. Better luck next year!!

If you were however, one of the few that were able to snag a ticket to ShmooCon 2010, this year’s speaker panel packs a solid line up and will not disappoint. With presentations covering everything from examining the risks of social networking to how to build your very own Predator UAV spy drone, ShmooCon brings inthe best minds from the security, hacker and maker communities together for a three day event not to be missed. This year’s event is broken up into various ‘tracks’ across the long weekend, with a single track of speed talks (One Track Mind) kicking off on Friday the 5th. The next two days consist of various presentations falling into the other three aptly named tracks: Break It!, Build It! and Bring It On! Thecomplete list of all of the speakers and presentations for this year’s event can be found here. ShmooCon also would not be complete without the various events and contests like ‘Hacker Arcade’ and ‘Hack-Or-Halo’ which return this year yet again along with the ‘Team Fortress 2 LAN Party’.

So bring your ShmooBalls and launchers for what looks to be another great conference to kick off 2010. If you still don’t have a ticket to ShmooCon, do what you can to get there!   A few tickets have been popping up on E-Bay and Pauldotcom.com has a thread going in the forums about a ticket exchange. Check them out! They may cost you, but the experience of ShmooCon should not be missed given the opportunity to make it!

Also, be sure to check out the next episode of the SecuraBit podcast streaming live on Wednesday, January 13th where we will be having the man himself, Bruce Potter on the show to discuss the upcoming conference and all things Shmoo!

Blog post by:  Sean Hausauer