Welcome to the Tenable Network Security Podcast - Episode 5

Announcements

• We've moved our video site! Due to some problems with Blip, all of our videos can now be found on YouTube in Tenable Security's Video Channel (http://www.youtube.com/tenablesecurity).
• New video has been released that shows the new Nessus 4.2 client and web interface. You can view the video in high definition on our You Tube channel.
• Great post by Marcus Ranum on Logs - Logs Of Our Fathers
• We are looking for feedback on the new Nessus client version 4.2, so head on over to our Nessus discussion forums and let us know what you think!
• As always be sure to check out our blog at http://blog.tenablesecurity.com

The current version of the Nessus 4.2 client and server is labeled as "ALPHA1" and is still very much in development. However, the new client interface has been completely overhauled, moving to a web-based interfaced. This introduces a substantial change for the end user without significantly changing the features they are accustomed to. We wanted everyone to get a sneak preview of the new version, see some of the new features and give feedback early in the development phase. A short video has been uploaded to our new video channel on You Tube:

We would appreciate feedback and suggestions on how to make the new NessusClient even better. You can visit the Nessus discussion forums and let us know what you think!

At USENIX in Anaheim, back in 2005, George Dyson treated us to a fantastic keynote speech about the early history of computing. You can catch a videotaped reprise of it here, on the TED site. I highly recommend it - there's lots of interesting and quirky stuff. I managed to talk him into giving me a copy of his powerpoint file, and subsequently tracked him down and am re-posting this material with his permission.

November, 1951

Machine Log #1

Welcome to the Tenable Network Security Podcast - Episode 4

Announcements

We've moved our video site! Due to some problems with Blip, all of our videos can now be found on YouTube in Tenable Security's Video Channel (http://www.youtube.com/tenablesecurity).
• New whitepaper titled "Web Application Scanning with Nessus" has been released and covers some of the updated features added to Nessus in support of web application testing..
• Nessus 4.0.2 has been released, featuring support for Windows 7 and Snow Leopard.
• As always be sure to check out our blog at http://blog.tenablesecurity.com
• A new presentation has been posted to the Tenable Web Site. It is titled "Bob's Great Adventure: Attacking and Defending Web Applications" by Paul Asadoorian"

Web applications that manage sensitive data are usually protected with either basic or form-based authentication. Nessus can be configured with the appropriate credentials for these authentication schemes as they relate to web application testing. This post covers these authentication schemes in-depth, and explores some of the potential problems you may experience when scanning with credentials and how to overcome them.

Basic Authentication

For web applications, or sections of web applications, that require basic authentication, you can enter one username and password pair that Nessus can use each time it is prompted for credentials. On the "Advanced" tab in the "Login configurations" section, enter the desired username and password in the "HTTP account" and "HTTP password" fields as shown below.

Tenable is pleased to announce the release of Version 4.0.2 of the Nessus vulnerability scanner!. This release includes several fixes and support for the latest operating systems from Microsoft and Apple. All customers are encouraged to upgrade to the latest version of the Nessus Server and NessusClient. Following is a summary of some of the fixes and improvements:

Welcome to the Tenable Network Security Podcast - Episode 3

Announcements

• New whitepaper on web application testing is being released next week.
• Correction on The Tenable appliance it does support Security Center, with future support for PVS and LCE Hardware appliance has been announced as well
• As always be sure to check out our blog at http://blog.tenablesecurity.com

Welcome to the Tenable Network Security Podcast - Episode 2

Announcements

• New videos on finding Rogue access points and discovering the latest IIS 5 FTP vulnerability uploaded http://tenablesecurity.blip.tv
• The Tenable appliance was announced, featuring immediate support for Nessus & Security Center, and future support for PVS and LCE
• As always be sure to check out our blog at http://blog.tenablesecurity.com

Interview: Marcus Ranum on Zero Day Exploits: Defending Your Network

• If you are speaking to the security professionals responsible for network security, what can you tell them about "0day" exploits that is helpful?
• Does the media over-hype so-called "0Day" exploits?
• Why is that remote exploits garner so much attention, I mean XSS vulnerabilities are found everyday and no one seems to notice, yet find a juicy exploit in a commonly exposed network service and everyone goes bonkers?
• Many people are asking, "Who still uses FTP?". This is a common theme that I see even today, large organizations with mature security architecture using clear-text protocols such as Telnet, FTP, and TFTP, why? What can they do to expedite the usage of secure protocols, or does this even matter?
• What is missing from most organization's security architecture, in your opinion, that would work to thwart "0day" or even the most common exploits?
• How do economics work against us when it comes to 0day exploits? For example, there are companies that will hold on to, and sell, "0day" exploits, and there are others that will buy "0day" exploits and work with the vendors to fix them.

We also interview Dan Philpott from FISMApedia!

Stories

• New Version of the popular Subseven trojan released
• Microsoft Warns Of IIS FTp Flaw - Offers workarounds and cookies (okay, just workarounds)
• Upgraded to Snow Leopard? Time to upgrade Adobe Flash too!

Tenable Events

• Ron Gula will be speaking at the Hacker Halted conference in Miami on September 23, 2009
• Marcus Ranum is speaking at Forrester's Security Forum on September 10, 2009
• Paul Asadoorian and others from Tenable Network Security will be attending Cyber Dawn Cyber Exercise on October 3-4, 2009

Remote "0Day" IIS FTPd Exploit

On September 1, 2009 security researcher "kingcope" released an exploit for a previously undisclosed vulnerability in the Microsoft IIS 5.0/6.0 FTP Server. Microsoft had not been made aware of the problem, therefore there is no patch available at this time. The exploit is known to work against Windows 2000 servers running IIS 5.0 and 6.0, and rumored to cause a denial of service against 6.0 on Windows 2003.

Tenable is pleased to announce the release of the Tenable Virtual Appliance! The appliance replaces the Nessus VM Appliance and provides a preinstalled image of all Tenable applications in one easy to configure interface. The Tenable Virtual Appliance is available for Tenable customers and is provided for use with VMware Server, VMware Player and VMware ESX Server. Currently, Nessus and Security Center applications are available on the appliance with the Log Correlation Engine and Passive Vulnerability Scanner to be released soon. Tenable ProfessionalFeed customers can download the latest version of the Tenable Virtual Appliance along with any available updates from the Tenable Support Portal.