We also want to announce that our T-Shirts have arrived, which you can get here! Stickers will be available very soon! As always, hit up the forums and start talking security with other professionals, pop into our irc at irc.freenode.net #securabit (cloaks coming soon!), and send any feedback to feedback@securabit.com or through the contact page on the site here!
I know I’m a few days late, however Snort Security Platform (SnortSP) 3.0 Beta is available from Snort’s website. SnortSP 3.0 is the software platform which has traffic analysis engine modules that plug into SnortSP. It still runs on the 2.8.2 detection platform but it runs as a SnortSP engine module.
Some of the major features include:
Shell-based user interface with embedded scripting language
Native IPv6, MPLS and GRE support
Native support for inline operation
More subsystem plugin types such as data acquisition modules, decoders and traffic analyzers
Multithreaded execution model - multiple analysis engines may operate simultaneously on the same traffic
Performance increases
I’ve been messing around with it for a few days now and have found it to be an entirely different program altogether as the syntax and commands to get it up and running can become rather of a headache when first starting out. Overall though I like the idea of multiple detection analysis engines as well as the shell-based interface therefore preventing you from simply killing the snort process inadvertently. Anyways, thought I’d let you all know that it’s there now for all your sniffing needs!
So unless you’ve been living under a rock for the past couple of years, you should be quite familiar with the term “rainbow tables” and know how unbelievably awesome these are. A fellow colleague and I were in a pinch the other day and had no way of cracking an md5 hashed password as we simply didn’t have access to a set of rainbow tables, nor did we have time to wait for 0phcrack and JTR to brute force it. So we stumbled across a free site that has over 1.6 million known hashes available.
The site is called Hash Mash and it simply allows you to plug in the md5 and just hit decrypt or create an md5 using the encrypt tab. Rainbow tables work unbelievably fast and has helped many people in my situation as well as the forensics field. However be aware that if the password is encrypted then you will run into some issues that will require a higher level of understanding in order to break the encryption, for starters, knowing the original encryption algorithm being used. Be sure to check this site out for all of your “ethical” cracking needs.
**If you are in the position to download rainbow tables for offline use then you can visit the Shmoo Group and download them there too. Happy cracking [|:) <-my interpretation of a white hat.
Once again we can’t thank you all enough for your support! Continue to spread the word as we will be putting out more and more episodes! Be sure to let us know what you all think as well since that’s the only thing that’s going to help us mold the show to the likings of our listeners.
