Domain: corest.com
Stories and comments across the archive that link to corest.com.
Comments · 6
-
hashed logs
One automated way is to use Modular Syslog's hashed logging function:
http://ezine.daemonnews.org/200112/log_protection. html
http://www.softpanorama.org/Logs/log_management.sh tml
http://www2.corest.com/files/files/11/PEO.pdf
http://www.linuxsecurity.com/content/view/117280/5 0/ -
One of the best exploit sites around
For info on exploits badcoded Note: This is not a 0day site, it is real info for exploit writing. -
Re:Why?Karma whore free mirror - didn't bother fixing links so piss off...
The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. This project initially started off as a portable network game and has evolved into a powerful tool for penetration testing, exploit development, and vulnerability research.
The Framework was written in the Perl scripting language and includes various components written in C, assembler, and Python. The widespread support for the Perl language allows the Framework to run on almost any Unix-like system under its default configuration. A customized Cygwin environment is provided for users of Windows-based operating systems. The project core is dual-licensed under the GPLv2 and Perl Artistic Licenses, allowing it to be used in both open-source and commercial projects.
This project can be roughly compared to commercial offerings such as Immunity's CANVAS and Core Security Technology's Impact. The major difference between the Framework and these commercial products is the focus; while the commercial products need to always provide the latest exploits and an intuitive GUI, the Framework was designed to facilitate research and experimentation with new technologies.
The Framework was developed by Spoonm and H D Moore, they can be reached via email at msfdev [at] metasploit.com.
Recent Updates
[ 08/07/2004 ] Released version 2.2 of the Metasploit Framework
[ 08/07/2004 ] New exploit module added: lsass_ms04_011
[ 08/07/2004 ] New exploit module added: mercantec_softcart
[ 08/07/2004 ] New exploit module added: smb_sniffer
[ 08/07/2004 ] New exploit module added: ut2004_secure_linux
[ 08/07/2004 ] New exploit module added: ut2004_secure_win32
[ 08/07/2004 ] New exploit module added: afp_loginext
[ 07/07/2004 ] New exploit module added: distcc_exec
[ 06/08/2004 ] New exploit module added: squid_ntlm_authenticate
[ 06/06/2004 ] Released version 2.1 of the Metasploit Framework
-
Don't forget IMPACT
I have not used your Canvas exploitation environment, but have been impressed by the competitive tool CORE Impact. It is too bad these are so expensive. IMHO it is better to have these capabilities available to all for free (as with the Metasploit framework) than to have them limited to rich folks. Having money doesn't always correlate with good intentions. Metasploit is certainly not up to the level of Core Impact yet, and probably not Canvas either. But it has improved rapidly over the last ~6 months. Give it time.
-
Another product
There's another product from Core-Sdi that also secures syslog. Secure Logging
-
My bad - SMBDIE.EXE kills NetBT, but not NBX.
I contacted the author of SMBDIE.EXE, and he told me that it crashes NetBIOS over TCP [NetBT], but not NetBIOS over IPX [NBX]. Here is his response:SMBdie attack NetBIOS over TCP [NetBT], not NetBIOS over IPX [NBX].
But, I guess the people from CORE have provided enough information in their advisory. Check this out: http://www.corest.com/common/showdoc.php?idx=262&
i dxseccion=10Also, there is a sample NASL script (Nessus) at this location: http://cvs.nessus.org/cgi-bin/cvsweb.cgi/~checkou
t ~/nessus-plugins/scripts/smb_null_params_dos.naslLast, [EMAIL ADDRESS WITHHELD] has wrote a Linux version of SMBdie. Open source. Please contact him for a copy.