Thanks to Mubix for his posting on ZDNet, below you will find a link that describes all of the latest tools that were presented at Defcon 16. Use them at your own discretion and make sure you have permission if using them on an enterprise network! As Mubix has no control over the ZDnet posting, you can visit his site and keep up-to-date on the latest happenings.
And if Jay Beale is reading this, we want Middler to come out!
We are going to approach this subject very lightly as I’m sure it’s clearly copyright infringement, however Lifehacker has a great post for a website called Mygazines. (which we won’t link to for legal purposes) Basically it’s a repository of scanned magazines encompassing just about anything and everything your heart desires, minus the pr0n. Click the link below to be redirected to Lifehacker’s site to read the full article and read free magazines if you so choose to 
Weird, I could of sworn I heard someone say free 2600 mags
**By no means do we here at SecuraBit encourage engaging in unlawful activity however there are some free magazines on this site as well that could come in handy.
As many of you already know this DNS vulnerability has taken the community as a whole by storm. For you snort guys out there, here is the latest DNS signature that may help you detect such activity. Props to alexkirk from the #snort channel for hooking us up!
Implement at your own risk! Simply cut and paste as it looks pretty nasty below:
alert udp $EXTERNAL_NET 53 -> $HOME_NET any (msg:”DNS large number of NXDOMAIN replies - possible DNS cache poisoning”; byte_test:1,&,3,3; classtype:misc-attack; reference:cve,2008-0087; reference:url,www.microsoft.com/technet/security/bulletin/MS08-020.mspx; reference:cve,2008-1447;
reference:url,www.microsoft.com/technet/security/bulletin/MS08-037.mspx; threshold: type threshold, track by_src, count 1000, seconds 30;)
Hope this helps!
I know I’m a few days late, however Snort Security Platform (SnortSP) 3.0 Beta is available from Snort’s website. SnortSP 3.0 is the software platform which has traffic analysis engine modules that plug into SnortSP. It still runs on the 2.8.2 detection platform but it runs as a SnortSP engine module.
Some of the major features include:
I’ve been messing around with it for a few days now and have found it to be an entirely different program altogether as the syntax and commands to get it up and running can become rather of a headache when first starting out. Overall though I like the idea of multiple detection analysis engines as well as the shell-based interface therefore preventing you from simply killing the snort process inadvertently. Anyways, thought I’d let you all know that it’s there now for all your sniffing needs!
So unless you’ve been living under a rock for the past couple of years, you should be quite familiar with the term “rainbow tables” and know how unbelievably awesome these are. A fellow colleague and I were in a pinch the other day and had no way of cracking an md5 hashed password as we simply didn’t have access to a set of rainbow tables, nor did we have time to wait for 0phcrack and JTR to brute force it. So we stumbled across a free site that has over 1.6 million known hashes available.
The site is called Hash Mash and it simply allows you to plug in the md5 and just hit decrypt or create an md5 using the encrypt tab. Rainbow tables work unbelievably fast and has helped many people in my situation as well as the forensics field. However be aware that if the password is encrypted then you will run into some issues that will require a higher level of understanding in order to break the encryption, for starters, knowing the original encryption algorithm being used. Be sure to check this site out for all of your “ethical” cracking needs.
**If you are in the position to download rainbow tables for offline use then you can visit the Shmoo Group and download them there too. Happy cracking [|:) <-my interpretation of a white hat.
SecuraBit is powered by Wordpress | WordPress Theme Design | Logo design by Darren Kitchen | Proudly hosted by Divergent Networks