Domain: foundstone.com
Stories and comments across the archive that link to foundstone.com.
Comments · 23
-
Re:For those who may ask...
Your right in the sense that if you don't speak python you will have trouble with half the value from this site. Half the value is that you can walk through the attacks and understand how they work which has nothing to do with the app source code.
The other half of the value is being able to walk through the source and see where the programmer could have plugged some holes. I suspect anyone taking the time to use this site will be able to muddle through. And of course everything google does starts in python then later they maybe add java. I would love to use app engine but I am not strong enough in java yet. (do they even support java on app engie?)
There are other pen test websites like this. You can download hacme bank its in vb.net I think. http://www.foundstone.com/us/resources/proddesc/hacmebank.htm -
Re:All i can say is
Yep--gamers back up their
.sol files and hack them to skip ahead in games. Lots of YouTubes showing how to do so. One man's poison is another man's tofu.Interesting article:
http://www.foundstone.com/us/resources/whitepapers/ajaxstoragewhitepaper.pdf
Go PKD!!!!!!!!!!
-
Re:Horribly InefficientI have to agree about the VirtualBox as a solution. If he makes a snapshot and restarts from that snapshot each time he could save a lot of time, and a separate snapshot OS/image could even be used for actually performing the delta imaging and comparison. The WinDiff on the other hand may be under powered depending on his actual purpose. If he is examining malware code he will need some more powerful tools to see what was actually changed, such as hidden NTFS data streams, raw disk sectors, etc. In that case some forensic tools might be a better bet in looking for that hidden information.
Forensic Toolkit could help there
http://www.foundstone.com/us/resources/proddesc/forensictoolkit.htm
http://www.foundstone.com/us/resources-free-tools.aspThere are lots of other Open Source forensic tools as well but this may get them started.
-
Re:Horribly InefficientI have to agree about the VirtualBox as a solution. If he makes a snapshot and restarts from that snapshot each time he could save a lot of time, and a separate snapshot OS/image could even be used for actually performing the delta imaging and comparison. The WinDiff on the other hand may be under powered depending on his actual purpose. If he is examining malware code he will need some more powerful tools to see what was actually changed, such as hidden NTFS data streams, raw disk sectors, etc. In that case some forensic tools might be a better bet in looking for that hidden information.
Forensic Toolkit could help there
http://www.foundstone.com/us/resources/proddesc/forensictoolkit.htm
http://www.foundstone.com/us/resources-free-tools.aspThere are lots of other Open Source forensic tools as well but this may get them started.
-
Arsenal of Tools
Funny, I also carry a thumb-drive with a removable memory card slot. It's this generic one floating around online: http://www.supermediastore.com/supermedia-handy-4
i n1--usb-20-flash-memory-card-reader-yellow.html
I think they're a great idea, because I can move with the SD card market as flash memory becomes denser and denser. Speed hasn't been a problem, either. The thumbdrives support USB 2.0 and my SD card seems to be capable of a very decent data transfer rate.
I have a collection of Windows tools on the drive. Not Linux tools, because I can usually accomplish whatever it is I'm doing in the Linux environments I encounter day to day.
Network Tools:
* Raw TCP/IP transfer -> netcat ( http://www.vulnwatch.org/netcat/ )
* SSH/Telnet -> putty ( http://www.chiark.greenend.org.uk/~sgtatham/putty/ )
* Port Scanner -> SuperScan4 ( http://www.foundstone.com/resources/proddesc/super scan.htm )
* Classic Port Scanner -> nmap ( http://insecure.org/nmap/download.html )
* Packet Capture and Analysis -> WireShark setup ( http://www.wireshark.org/download.html )
Editors:
* General -> vim 7.0 ( http://www.vim.org/download.php )
* Hex Editor -> xvi32 ( http://www.chmaas.handshake.de/delphi/freeware/xvi 32/xvi32.htm#download )
Development:
* Tiny C Compiler ( http://fabrice.bellard.free.fr/tcc/ )
* nasm ( http://sourceforge.net/project/showfiles.php?group _id=6208 )
Misc:
* Lightweight Windows md5sum -> md5summer ( http://www.md5summer.org/download.html )
* Process Explorer ( http://www.sysinternals.com/Utilities/ProcessExplo rer.html )
* MP3 Encoding -> RazorLame with lame ( http://www.dors.de/razorlame/download.php )
* Terminal Emulator -> TeraTerm Pro ( http://hp.vector.co.jp/authors/VA002416/teraterm.h tml )
The folder is 26.7MB. -
McAfee/Foundstone's free SiteDigger
-
Re:Firing rangesI know of a few:
One live site
And a number of "targets" where you supply your own hardware,
- WebGoat download from http://www.owasp.org/software/webgoat.html
- Foundstone's Hacme Bank application download from http://www.foundstone.com/resources/s3i_tools.htm
-
Check out SiteDigger
I've been using this for a while.
This tool will blow your mind.
You have to create an account with Google and acquire a key to use it.
Then point it at a site and let it run the hax0r search queries...
You will be amazed at what is exposed out there.
http://www.foundstone.com/resources/termsofuse.htm ?file=sitedigger2.zip -
Re:Someone needs to loose their job....
-
Free scanner tool for Sasser-vulnerable maschines
This is a very helpful free tool: It can scan IP ranges for computers that are vulnerable to be affected by the Sasser worm. Download here. "A Windows network admin utility for remotely detecting LSASS vulnerability released in the MS04-011 bulletin. Allows you to scan multiple IP ranges and send an alert message to vulnerable systems."
-
Windows ToolsI haven't made a change from Linux to Windows, but here is what I use to admin all our linux boxes and network equipment:
- SSH for Windows - works great for terminal access and secure file transfers.
- Teraterm - network device access via either telnet or serial port. There is an SSH add-on, but I prefer the "real" SSH client above.
- TightVNC - for your Windows boxes
- Superscan - great port scanner and all around TCP/IP utility
- Cygwin - for all your real *nix shell and utility needs
Jason
-
Re:I Don't KNow Why Anyone Would Use Foundstone?
Everyone meet Amer Deeba, the VP of marketing at Qualys. Qualys likes to troll
/. and various mailing lists to get some "grass roots" support behind their product. You can usually tell because it's anonymous or comes from a hotmail address that has never posted to the list before. Qualys will usually also use nessus as the comparison in a "We'll it's ok for something free but you know the GPL/support/complextiy/etc may be too much for you." Btw, the foundstone box is 1U (a little short of "half-rack", and it's cheaper than qualys as well). Doh, and it looks like FoundScan just beat Qualys in a Network Computing review too... -
Foundstone busted? Good...
Now, maybe I can get a discount on their Ultimate hacking class at the Black Hat Briefings. Heheh..
-
Why the hell is this Slashdot "worthy"?It took almost no effort to find the counterpoints on Foundstone's website. Funny the editors didn't stumble upon it as easily as I did. Why not try and get the facts straight? From the PDF for those to lazy to read:
According to Harvy Liss, President of VLSystems, which conducted the independent audit, "The vast majority of the software applications running on the 510 active Foundstone systems were properly licensed. Including operating systems and applications, several hundred software programs are currently in use by Foundstone and over 95% were identified as properly licensed. In our experience, having performed numerous software licensing audits, this is among the higher rates for pre-audit compliance."
For being such a small shop, Foundstone appears to do pretty well in this department.
Now, a pressing question is what about this is even news worthy? Slashdot is now helping rake a shop through the mud even though software piracy runs rampant in most businesses (especially those in the tech industry)? Are we now going to be subjected to stories like "company X accused of software piracy" where "company X" is any random org? Yes, "company X" probably has some pirated software floating around, but that doesn't mean they should get a slot on the front page. Besides, since when does the /. rally to accuse people of "intellectual property" violations when the political beat here is that IP is bullshit (which it is, but that's another argument)? -
There are always two sides to every story kids...
Found this on Foundstone.com:
FS Responds to Fortune
To our valued customers, partners, vendors and future customers,
The current issue of Fortune Magazine contains a lengthy article about Foundstone that significantly misrepresents the way we do business, and wrongly states that Foundstone does not respect intellectual property rights. I am writing to tell you some key facts surrounding this matter, and to correct some of the irresponsible misrepresentations and factual errors in the Fortune story.
Foundstone rigorously defends its commitment to protect intellectual property rights, and the intellectual property rights of other software makers. To demonstrate Foundstone's commitment to protecting the commercial use of other software, an independent, 3rd party audit was completed on May 2 (more than a month prior to this article). According to Harvey Liss, President of VLSystems, which conducted the independent audit, "The vast majority of the software applications running on the 510 active Foundstone systems were properly licensed. Including operating systems and applications, several hundred software programs are in current use by Foundstone and over 95% were identified as properly licensed. In our experience, having performed numerous software licensing audits, this is among the higher rates for pre-audit compliance." We recognize that for a company whose very foundations are built on protecting intellectual property, anything less than complete compliance is not acceptable. Our aggressive growth is not an excuse for non-compliance. We've taken the necessary steps to identify non-compliance and have immediately applied corrective action through new policies, procedures and education.
The sources and recent timing of these defamatory statements about Foundstone to Fortune Magazine is not a coincidence. Unfortunately, Foundstone was forced to file a lawsuit against NT Objectives, Inc. because of the misappropriation of trade secrets and our unsuccessful attempts in obtaining key information and a reasonable level of cooperation from NTO. Foundstone recently received some favorable rulings in arbitration that would allow Foundstone full discovery rights to review NTO's code. From the very beginning, NTO has vehemently objected to full discovery, even though they proclaim innocence. This Fortune article is a deliberate attempt to shift focus away from the facts of the case and divert attention to rumor, innuendo, and misinformation.
Our loyal customers and market standing speak for themselves. While macro economic factors are negatively impacting other high-tech firms, Foundstone continues to buck the trend with impressive revenue growth, employee growth (Foundstoneâ(TM)s attrition rate is below the industry average), expanded product offerings, and solid financial stability. Foundstone respects the interests of our partners, vendors and associates, and will continue to deliver the highest quality products and services to meet the needs of current and new customers.
If you have any questions about this article, I invite you to call me or Stuart McClure and weâ(TM)d be happy to give you the facts. -
Re:My concern with windows (was: I don't understan
Try FPort, from http://www.foundstone.com. It's under "Resources", "Free Tools". It will tell you which processes are watching which ports.
-
Re:GobblesGOBBLES is a team of 17 (at the last count) people. Their advisory makes a very important point that foundstone and microsoft miss. There are already known buffer overflows in winamp, m$ media player, and other players, but the respective advisories talk of receiving a media file either from a web page or email attachment. Most users I suspect get more media files via p2p sharing than from web pages or email.
This is an infection vector that security "experts" are not taking sufficiently seriously.
-
Foundstone...According to the Microsoft Security Bulletin MS02-072, the "whitehat" hacking R&D team found this vulnerability.
The foundstone advisory is amazing considering what that company has gone through
Within the security community, they have been criticized for their treatment of the their people and their general lack of ethics.
-
If you can get them, Foundstone
Check out Foundstone. They'll do it and do it right.
-
Not the weakest link unless you want them to be
Actually, by design
.NET "shifts the burden from having to make critical security decisions--such as whether or not to run a particular application or what resources that application should be able to access--from end users to developers and administrators." This is an excerpt from a thorough security evaluation performed by Foundstone. The report can be found here. -
Not the weakest link unless you want them to be
Actually, by design
.NET "shifts the burden from having to make critical security decisions--such as whether or not to run a particular application or what resources that application should be able to access--from end users to developers and administrators." This is an excerpt from a thorough security evaluation performed by Foundstone. The report can be found here. -
Re:What more can Microsoft do?
Not write software without thinking about security?
Already being done. Microsoft has learned there lesson, it seems. A third-party security review, available here (PDF file) of the
.NET framework has shown that it's pretty darn secure (yes, Microsoft commissioned the review. Conspiracy theories can now commence.) (though as with anything, if the developers writing .NET services don't employ the security features available in .NET, it won't mean much. Microsoft is taking this seriously, but it'll be up to third parties to use the provided security framework). Office XP has many features with security in mind, such as the default and automatic stripping of malicious scripts and attachments in Outlook XP. Windows XP includes a built-in firewall, which while fairly primitve (it's essentially a packet filter, on par with ipchains or iptables, and not a more powerful proxy firewall), is a good step for home users who would otherwise not install anything like Black Ice Defender or other firewall products.
You can't change the past, but you can change the future. Microsoft has provided security hotfixes for their mistakes in the past, and are working with security in mind for current and future products. Don't sell them short based on years-old work. Look at what they're currently doing.
-
My own horn
This will come off as a bit biased (which it is), but I work for a company that has written some software called Hailstorm that's very good at helping you test your own security. It's especially good in situations where you have written something custom, whether it be a CGI script or some sort of server program. It succeeds where security scanners fail, because it can help you find problems that are previously unknown. To see it in action analyzing IDS systems, check out the article at SecurityFocus. Good security consulting firms are VERY expenseive, so Hailstorm may be a good choice depending on what you are really looking for.
If you want to hire a security firm, I would suggest a few different companies: Securify, a division of Kroll-O'Gara; Guardent; Ernst & Young; @Stake; and Foundstone.
Also, if you are interested in trying out Hailstorm (which, for the time being, only runs on NT 4.0/W2K, although it can test applications on any OS), shoot me an email (removing the obvious part), and I'll help you out. A trial version can be downloaded at www.ClickToSecure.com.