open source security tool turbo talks
play

Open Source Security Tool Turbo Talks Wireshark Sharkfest 2011 - PowerPoint PPT Presentation

Sep 17, 2022 •166 likes •279 views

Insecure.Org Insecure.Org Open Source Security Tool Turbo Talks Wireshark Sharkfest 2011 Gordon Fyodor Lyon Nmap Security Scanner Project Tod Beardsley Metasploit Project (Rapid7) Thomas D'Otreppe Aircrack-ng Insecure.Org

  1. Insecure.Org Insecure.Org Open Source Security Tool Turbo Talks Wireshark Sharkfest 2011 Gordon “Fyodor” Lyon Nmap Security Scanner Project Tod Beardsley Metasploit Project (Rapid7) Thomas D'Otreppe Aircrack-ng

  2. Insecure.Org Insecure.Org Nmap Security Scanner

  3. Insecure.Org Insecure.Org Outline • Nmap Scripting Engine • IPv6 • Zenmap GUI • Nmap Suite • Final Notes & Q&A

  4. Insecure.Org Insecure.Org Nmap Scripting Engine # nmap -A -T4 www.wireshark.org [...] 21/tcp open ftp vsftpd 2.0.8 or later | ftp-anon: Anonymous FTP login allowed (FTP code 230) | drwxrwxr-x 3 ftp ftp 4096 Jun 07 17:37 osx | drwxrwxr-x 2 ftp ftp 36864 Jun 13 10:01 prerelease | drwxrwxr-x 3 ftp ftp 4096 Jun 07 17:35 src 22/tcp open ssh OpenSSH 5.3p1 Debian 3ubuntu6 (protocol 2.0) | ssh-hostkey: 1024 79:d7:cc:0c:8f:03:20:0d:75:39:09:7f:09:42:9c:25 (DSA) |_2048 1c:6a:6d:94:5e:9b:60:ac:7e:15:f9:c7:24:85:4b:42 (RSA) 80/tcp open http Apache httpd 2.2.14 ((Ubuntu)) | http-robots.txt: 3 disallowed entries |_/awstats/ /cgi-bin/ /mailman/ |_http-title: Wireshark · Go deep. 443/tcp open ssl/http Apache httpd 2.2.14 ((Ubuntu)) |_http-title: Wireshark · Go deep. | http-robots.txt: 3 disallowed entries |_/awstats/ /cgi-bin/ /mailman/

  5. Insecure.Org Insecure.Org Script Collection Growth 250 200 150 100 50 0 2007-1 2007-2 2008-1 2008-2 2009-1 2009-2 2010-1 2010-2 2011-1 2011-2

  6. Insecure.Org Insecure.Org IPv6 • Current status • World IPv6 Day Commemorative Release: http://bit.ly/nmapv6 • Future plans • Demo

  7. Insecure.Org Insecure.Org Zenmap GUI

  8. Insecure.Org Insecure.Org Ndiff # ndiff facebook-072410.xml facebook-072510.xml 69.63.176.68: PORT STATE SERVICE VERSION -80/tcp open http lighttpd 1.5.0 +80/tcp open http nginx video-ssl-03-06-ash1.fbcdn.net (69.63.186.53): PORT STATE SERVICE VERSION -443/tcp open ssl/http lighttpd 1.5.0 +443/tcp open ssl/http nginx legacymail.thefacebook.com (66.220.144.49): PORT STATE SERVICE VERSION 443/tcp open ssl/http Microsoft IIS httpd 6.0 | html-title: Document Moved -|_ Did not follow redirect to https://mail.thefacebook.com/exchange +|_ Did not follow redirect to https://mail.thefacebook.com/exchange/

  9. Insecure.Org Insecure.Org Ncat http://nmap.org/ncat/

  10. Insecure.Org Insecure.Org

  11. Insecure.Org Insecure.Org Resources: Download Nmap for free: http://nmap.org Contact me: fyodor@insecure.org Slides for this talk: http://nmap.org/presentations Questions?

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Trends in Open Source Security FOSDEM 2013 Florian Weimer fweimer@redhat.com Red Hat

Trends in Open Source Security FOSDEM 2013 Florian Weimer fweimer@redhat.com Red Hat

Trends in Open Source Security FOSDEM 2013 Florian Weimer fweimer@redhat.com Red Hat Product Security Team 2013-02-02 Overview Vulnerability tracking Tool-chain hardening Distribution-wide defect analysis 2 TRENDS IN OPEN

462 views • 31 slides
TURBO PARTS Technical Information Brochure www.meat-doria.com TURBO TURBO introduction As the

TURBO PARTS Technical Information Brochure www.meat-doria.com TURBO TURBO introduction As the

TURBO PARTS Technical Information Brochure www.meat-doria.com TURBO TURBO introduction As the number of modern turbo diesel vehicles in circulation grows and manufacturers turn into small turbocharged gasoline engines, the so-called

634 views • 14 slides
How to run Linux on RISC-V with open hardware and open source FPGA tools FOSDEM (2020-02-02)

How to run Linux on RISC-V with open hardware and open source FPGA tools FOSDEM (2020-02-02)

Slides: https://github.com/pdp7/talks/blob/master/fosdem20.pdf How to run Linux on RISC-V with open hardware and open source FPGA tools FOSDEM (2020-02-02) Drew Fustini drew@oshpark.com Twitter: @pdp7 Open Source Hardware designer at OSH

1.02k views • 82 slides
Automating the Development of Information Systems with the MOSKitt Open Source Tool Vicente

Automating the Development of Information Systems with the MOSKitt Open Source Tool Vicente

http://www.moskitt.org Automating the Development of Information Systems with the MOSKitt Open Source Tool Vicente Pelechano Universidad Politcnica de Valencia viernes 18 de mayo de 12 Content PART I: About the Project and the Tool

1.07k views • 80 slides
An Open Source tool helps a global community of professionals

An Open Source tool helps a global community of professionals

An Open Source tool helps a global community of professionals shift from traditional contacts and annual meetings to continuous interaction on the web

505 views • 37 slides
Make Money With Open Source What is Open Source? Community Free software vs. open source

Make Money With Open Source What is Open Source? Community Free software vs. open source

Make Money With Open Source What is Open Source? Community Free software vs. open source Licenses: GPL vs. LGPL vs. MIT/Apache Foundations: Linux, Apache, Eclipse, Similar: Open Data, Open Hardware, Open Knowledge, ... Advantages of OS

508 views • 13 slides
Adventures in Open Source Software: Dealing with Security Life in the pkgsrc security team By

Adventures in Open Source Software: Dealing with Security Life in the pkgsrc security team By

Adventures in Open Source Software: Dealing with Security Life in the pkgsrc security team By Sevan Janiyan What is pkgsrc Cross platform packaging system 23 listed platforms in 2015Q3 release notes Strive to keep local changes minimal

563 views • 44 slides
Here's where we are with open source security and here's what we need to do about it Nicko

Here's where we are with open source security and here's what we need to do about it Nicko

Here's where we are with open source security and here's what we need to do about it Nicko van Someren, Core Infrastructure Initiative 2014 was a bad year for FOSS security The Linux Foundation created the Core Infrastructure Initiative

931 views • 25 slides
LCT: An Open Source Concolic Testing Tool for Java Programs Kari Khknen, Tuomas Launiainen,

LCT: An Open Source Concolic Testing Tool for Java Programs Kari Khknen, Tuomas Launiainen,

LCT: An Open Source Concolic Testing Tool for Java Programs Kari Khknen, Tuomas Launiainen, Olli Saarikivi, Janne Kauttio, Keijo Heljanko and Ilkka Niemel BYTECODE 2011 Overview Concolic Testing Tool Overview Experiments

395 views • 13 slides
A web-based open-source geoinformation tool for regional water resources assessment Susanna

A web-based open-source geoinformation tool for regional water resources assessment Susanna

A web-based open-source geoinformation tool for regional water resources assessment Susanna Grasso, Pierluigi Claps, Daniele Ganora, Andrea Libertino Politecnico di Torino Department of Environment, Land and Infrastructure Engineering 3rd

408 views • 20 slides
An Open-Source Tool for Automated Generation of Black-box xUnit Test Code and its Industrial

An Open-Source Tool for Automated Generation of Black-box xUnit Test Code and its Industrial

An Open-Source Tool for Automated Generation of Black-box xUnit Test Code and its Industrial Evaluation Christian Wiederseiner, Shahnewaz A. Jolly Matt M. Eskandar Vahid Garousi MR Control Systems International Inc., Calgary, Software

294 views • 17 slides
OpenSoC Fabric An open source, parameterized, CoDEx CoD Ex network generation tool Farzad

OpenSoC Fabric An open source, parameterized, CoDEx CoD Ex network generation tool Farzad

OpenSoC Fabric An open source, parameterized, CoDEx CoD Ex network generation tool Farzad Fatollahi-Fard, Dave Donofrio, George Michelogiannakis, John Shalf 8th International Symposium on Networks-on-Chip (NOCS) September 17-19, 2014. Ferrara,

1.1k views • 83 slides
An Open-Source Library and Tool for AMR Graphs Michael Wayne Goodman Nanyang Technological

An Open-Source Library and Tool for AMR Graphs Michael Wayne Goodman Nanyang Technological

An Open-Source Library and Tool for AMR Graphs Michael Wayne Goodman Nanyang Technological University Introduction If you work with Abstract Meaning Representation, consider the Penman package for both Python and command-line usage: Reads

339 views • 19 slides
TURBO PARTS Technical Information Brochure www.hoffer-products.com TURBO introduction As the

TURBO PARTS Technical Information Brochure www.hoffer-products.com TURBO introduction As the

TURBO PARTS Technical Information Brochure www.hoffer-products.com TURBO introduction As the number of modern turbo diesel vehicles in circulation grows and manufacturers turn into small turbocharged gasoline engines, the so-called DOWNSIZING,

262 views • 14 slides
Open Source HDL Synthesis and Verification with Yosys Clifford Wolf Abstract Yosys (Yosys Open

Open Source HDL Synthesis and Verification with Yosys Clifford Wolf Abstract Yosys (Yosys Open

Open Source HDL Synthesis and Verification with Yosys Clifford Wolf Abstract Yosys (Yosys Open Synthesis Suite) is an open source project aiming at creating a fully-featured HDL synthesis tool, and more. Lately a lot of features related to

302 views • 28 slides
Raising The Security Bar with Guardr Mediacurrent Mark Shropshire Open Source Security Lead

Raising The Security Bar with Guardr Mediacurrent Mark Shropshire Open Source Security Lead

Raising The Security Bar with Guardr Mediacurrent Mark Shropshire Open Source Security Lead Mark is the lead maintainer of Guardr, a suite of modules predicated around Drupal security. He is passionate about architecting systems to solve

812 views • 38 slides
FTP File Transfer Protocol Computer Center, CS, NCTU FTP FTP File Transfer Protocol

FTP File Transfer Protocol Computer Center, CS, NCTU FTP FTP File Transfer Protocol

FTP File Transfer Protocol Computer Center, CS, NCTU FTP FTP File Transfer Protocol Used to transfer data from one computer to another over the internet. Client-Server Architecture. Separated control/data connections.

1.19k views • 11 slides
FR&D FUNDING OPPORTUNITIES AUGUST 25, 2016 MARK KURT & AMY OVERMAN, CO-CHAIRS FR&D

FR&D FUNDING OPPORTUNITIES AUGUST 25, 2016 MARK KURT & AMY OVERMAN, CO-CHAIRS FR&D

FR&D FUNDING OPPORTUNITIES AUGUST 25, 2016 MARK KURT & AMY OVERMAN, CO-CHAIRS FR&D COMMITTEE New Members, term 2016-2018 Diane Duffy (SoHS), at-large Kacy Kim (LSB), at-large Excel (Qie) Li (Math/Sci), at-large Federico Pous

518 views • 19 slides
On the conference USB sticks and Tails. Joel Alwen IST Austria USB Stick Design Goals 1.

On the conference USB sticks and Tails. Joel Alwen IST Austria USB Stick Design Goals 1.

Rump Session 2016 On the conference USB sticks and Tails. Joel Alwen IST Austria USB Stick Design Goals 1. Automount Proceedings on any live system USB Stick Design Goals 1. Automount Proceedings on any live system 2. Bootable Tails install

764 views • 28 slides
ENERGY STAR Connected Thermostats Stakeholder Working Meeting November 16, 2018 1 Attendees

ENERGY STAR Connected Thermostats Stakeholder Working Meeting November 16, 2018 1 Attendees

ENERGY STAR Connected Thermostats Stakeholder Working Meeting November 16, 2018 1 Attendees Abigail Daken, EPA Ethan Goldman, VEIC Dan Baldewicz, ICF for EPA Dan Fredman, VEIC Leo Rainer, LBNL Phillip Kelsven, BPA Michael Blasnik,

654 views • 36 slides
RLOGIN pseudo- terminal TCP/IP TCP/IP terminal login driver driver shell kernel kernel

RLOGIN pseudo- terminal TCP/IP TCP/IP terminal login driver driver shell kernel kernel

TELNET vs. telnet TELNET is a protocol that provides a general, bi- CSCE 515: directional, eight-bit byte oriented communications facility. Computer Network telnet is a program that supports the TELNET Programming protocol over

530 views • 9 slides
3.3 FTP File Transfer Protocol (FTP) is first published in 1971 (RFC 114) that were

3.3 FTP File Transfer Protocol (FTP) is first published in 1971 (RFC 114) that were

3.3 FTP File Transfer Protocol (FTP) is first published in 1971 (RFC 114) that were implemented on hosts at MIT. In 1985, a standard FTP is published as RFC 959. Several extensions are published since then including anonymous FTP, secure

1.13k views • 46 slides
Introduction to Network Security Chapter 11 Remote Access Security Dr. Doug Jacobson -

Introduction to Network Security Chapter 11 Remote Access Security Dr. Doug Jacobson -

Introduction to Network Security Chapter 11 Remote Access Security Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Remote Access Telnet Rlogin X-Windows FTP General Countermeasures

1.48k views • 104 slides
Applications: Telnet, rlogin, ftp, Sun RPC, nfs, finger, whois, X & % telnet1.tex

Applications: Telnet, rlogin, ftp, Sun RPC, nfs, finger, whois, X & % telnet1.tex

' $ AIS 1 Applications: Telnet, rlogin, ftp, Sun RPC, nfs, finger, whois, X & % telnet1.tex February 3, 1998 ' $ AIS 2 Remote login remote login to host from host to host telnet, rlogin rlogin: mostly Unix systems

769 views • 30 slides

More recommend