Archive for the 'Uncategorized' Category

Cewl

I was working on getting the Cewl tool by digininja working, but had a number of troubles with Ruby. This was a virgin ubuntu 8.10 system.

The solution was found here -> http://intertwingly.net/blog/2008/11/23/RubyGems-1-3-1-on-Ubuntu-8-10

I finally got the Ruby upgraded and all the appropriate gems installed. I tested out the cewl.rb tool against a couple of sites.

root@prd-xxx-xxxxx:~/cewl# ./cewl.rb http://www.xyztest.x –email –meta –depth 4
0a4
CompanyName
XYZ
UUT
ZZZ
uvv

Email addresses found

Meta data found

I’m still a bit unsure about the meta data and email functionality, but the rest of it worked like a charm.

Nmap 5.00

For years, I have used the Nmap port scanning tool. The biggest update since 1997 is out in the form of Nmap 5.0.

As part of a penetration test, Nmap is one of the first tools I use to try to enumerate a network and see what it’s running as well as which ports might be open (or closed).

The new release is supposedly to be faster than prior versions. So far, my testing confirms this.

Aside from speed there are the new tools like Ncat that make Nmap 5 a major release.

According to the insecure.org website:

“The new Ncat tool aims to be your Swiss Army Knife for data transfer, redirection, and debugging,” the Nmap 5.0 release announcement states.

In addition, extensibility is a big part of the release. For example, the Nmap Scripting Engine (NSE) adds quite a bit to Nmap in terms of flexiblity and programability.

NSE is all about automating network scanning task with scripts. According to the release announcement:

“Those scripts are then executed in parallel with the speed and efficiency you expect from Nmap. All existing scripts have been improved, and 32 new ones added. New scripts include a whole bunch of MSRPC/NetBIOS attacks, queries, and vulnerability probes; open proxy detection; whois and AS number lookup queries; brute force attack scripts against the SNMP and POP3 protocols; and many more.”

One of the first steps of any network security assessment is scanning  to identify available and exposed network resources. I have no doubts that Nmap 5 will continue to be a valuable tool for network administrators, security nerds, and penetration testers alike.

WebKeePass

Found an awesome program for sharing / managing passwords within a smaller organization. It is called WebKeePass and is based on KeePass to a limited degree.

http://pauljones.mine.nu/webkeepass/

I managed to get this tool working with Active Directory based authentication. The trick is to create a user called “admin” in AD after you get AD authentication working. Then you can use this user to create rights and privileges for other users within WKP. Unfortunately, the access controls are not integrated with AD groups, but again this seems to be targeted towards smaller organizations.

NeoMail

Email email email. I have for years tried to better organize my email and eventually – due to the sheer volume it became readily apparent to me that even how much time it takes to process an email is relevant. Those seconds add up. I HATE the way outlook is designed. However, I have found a 3rd party add on to Outlook that is Outstanding. It is one of those programs that just works. It is called NeoMail.

I have include a basic screen shot below to wet your appetite, but you might want to check it out. Yes the link above is a referral, and yes I use this program on a daily basis. It helps me process up to 1000 messages a day in an effective manner. Now if I could get something similar for RSS feeds.

Hello world!

Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!