Welcome to the Tenable Network Security Podcast - Episode 71

Hosts: Paul Asadoorian, Product Evangelist and Carlos Perez, Lead Vulnerability Researcher

Announcements

• Several new blog posts have been published this week, including:
  • Analyzing the Compromise - without Going Hungry
  • Nessus "Exploitable With" Field Updated



• Check out our video channel on YouTube that contains the latest Nessus and SecurityCenter 4 tutorials.


• We're hiring! - Visit the Tenable web site for more information about open positions.


• You can subscribe to the Tenable Network Security Podcast on iTunes!


• Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, provide Nessus plugin statistics and more!

Stories

• Security vulnerabilities galore in social networks - A new web site, www.socialnetworksecurity.org, has been created to document the ever increasing vulnerabilities present in popular social networking sites such as Facebook. It seems that many sites, as it will come to no great suprise, are vulnerable to things like XSS. I believe it's the nature of the beast, so many of these web sites are in a race to add features and functionality, and it's too time consuming for them to properly identify security vulnerabilities as they go along. I do hope that big web sites take a step back from the fast and furious pace and start to implement security, before they get too far down a path and end up with a site that requires a major overhaul to be "secure".

It's 4:55 PM on a Friday and you are looking forward to an enjoyable dinner with your family. Your Blackberry starts buzzing from across your desk while your inbox starts filling up with alerts from your SecurityCenter along with frantic emails from Human Resources. It seems a disgruntled employee named Jack Black quit today and nobody remembered to tell the IT group to disable his accounts until after important files started disappearing. Suddenly, you are stuck in Incident Response mode, gathering data on the user's activities. Do you cancel your reservations?

Fortunately, you have deployed Tenable Network Security's Unified Security Monitoring products, and have a wide array of resources[1] at hand to streamline the response process. These resources include SecurityCenter, the Passive Vulnerability Scanner (PVS) and Log Correlation Engine (LCE). At a high level, what can these resources do for you?

SecurityCenter

SecurityCenter provides a unified view of both vulnerability and event data along with the alerting, ticketing and reporting required for thorough user forensics.

Passive Vulnerability Scanner

PVS not only tracks vulnerabilities, but logs user and network activities detected in real-time on the wire. These activities include:

Over the past few months, fields in Nessus reports indicating whether or not an exploit exists for a given vulnerability have continued to evolve. We first announced this feature in October 2010 in a post titled New Nessus Feature: Public Exploit Availability. Ron Gula then wrote a follow-up post called ”If an exploit falls in the forest, does anyone hear it being patched?”, that described the usefulness of the information contained within the "Exploit available" and "Exploitable With" fields in Nessus plugins.

The Nessus interface has now received an update that will display the "Exploitable With" field directly in the report (prior to the latest version, this field was only contained in the HTML export).

Click for larger image

Welcome to the Tenable Network Security Podcast - Episode 70

Hosts: Paul Asadoorian, Product Evangelist and Carlos Perez, Lead Vulnerability Researcher

Announcements

• Several new blog posts have been published this week, including:
  • Microsoft Patch Tuesday Roundup - February 2011
  • Tenable All-Star Showcase - Atlanta - February 22



• Tenable will be at the upcoming RSA conference next week. Please stop by our booth (#729)!


• Check out our video channel on YouTube that contains the latest Nessus and SecurityCenter 4 tutorials.


• We're hiring! - Visit the Tenable web site for more information about open positions.


• You can subscribe to the Tenable Network Security Podcast on iTunes!


• Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, provide Nessus plugin statistics and more!

Stories

• Honeynet Project Releases PhoneyC - Furthermore, PhoneyC emulates specific vulnerabilities to pinpoint the attack vector. PhoneyC is a modular framework that enables the study of malicious HTTP pages and understands modern vulnerabilities and attacker techniques.

And the race is on to apply patches to the Microsoft Windows systems in your environment! One of the bulletins this month, MS011-04, fixes remotely exploitable issues in the IIS FTP service. To me, FTP falls in the same category as Telnet, which is "You should be using SSH instead". Despite the lack of security that FTP offers, it still appears to be wildly popular decades later. I performed some searches using "SHODAN", "The Computer Search Engine", which scours the Internet looking for open ports, services and banners. I told it to find systems with port 21 (FTP) open and got the following results:

• United States: 27,355
• China: 15,341
• India: 11,122
• Egypt: 10,476
• Thailand: 10,068

Welcome to the Tenable Network Security Podcast - Episode 69

Hosts: Paul Asadoorian, Product Evangelist, Ron Gula, CEO/CTO, and Carlos Perez, Lead Vulnerability Researcher

Announcements

• Several new blog posts have been published this week, including:
  • Tenable All-Star Showcase - Atlanta - February 22
  • Nessus 4.4 Receives SC Magazine "Recommended Award"
  • Risky Business Episode 181 - Interview with Paul Asadoorian
• Tenable will be at the upcoming RSA conference next week. Please stop by our booth (#729)!
• UMD and Tenable Announce New Cybersecurity Partnership
• Check out our video channel on YouTube that contains the latest Nessus and SecurityCenter 4 tutorials.
• We're hiring! - Visit the Tenable web site for more information about open positions.
• You can subscribe to the Tenable Network Security Podcast on iTunes!
• Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, provide Nessus plugin statistics and more!

Stories

• "Hackers" Break Into NASDAQ
• Attackers Still On The Hunt For TELNET
• Java JFileChooser Programmatic Manipulation Vulnerability
• Debian 6.0 Released: "This means the Debian userland running on top of FreeBSD."
• Lessons Learned from the Exposure of 1.5 Million Twitter Accounts

Download Tenable Podcast Episode 69

I appeared on Risky Business episode 181 for the "sponsor interview" segment of the show. I really enjoy talking to Patrick Gray - he asks great questions and we always have a great chat. This time around I discussed some topics regarding defensive measures that actually work, including:

• Creating listening services that "trap" web spiders
• Putting intelligence inside your documents to detect attackers
• Monitoring various services and including the results in your SEIM

These topics, and more, will be the topic of my upcoming talk debuting at SOURCE Boston titled "Bringing Sexy Back: Defensive Measures That Actually Work".

Tenable is proud to announce a newly formed partnership with the Univeristy of Maryland's Cybersecurity Center. The partnership will focus on preparing the future security workforce and collaborating on cybersecurity challenges.

"COLLEGE PARK, MD AND COLUMBIA, MD – The University of Maryland (UMD) and Tenable Network Security, the leader in Unified Security Monitoring and creator of the awardwinning Nessus vulnerability scanner, have announced a new partnership to establish collaborative activities in the area of cybersecurity. The partnership will promote cybersecurity education, research and technology development through UMD's newly established Maryland Cybersecurity Center (MC2, or MC-squared). UMD and Tenable plan to leverage one another's resources, knowledge base, and unique perspectives to develop innovative solutions to cybersecurity challenges."

Read the full press release.

Tenable has participated in several security challenges in the past, you can read more about our past experiences at these events here:

• The Mid-Atlantic Regional CCDC 2010 Event - Part I
• The Mid-Atlantic Regional CCDC 2010 Event - Part II
• Cyberdawn - A Diverse Cyber Exercise - Part I
• A Diverse Cyber Exercise - Part II
• NYC InfraGard Capture The Flag Event

Tenable Network Security will be hosting a half-day security and compliance seminar in Atlanta featuring Marcus Ranum, Ron Gula and Renaud Deraison. This is your chance to interact with Tenable executives, get the latest news and perspectives on industry trends, ask questions about Nessus and hear an enterprise case study from a Tenable customer.  

Tenable's technical leaders - Ron Gula, Renaud DeRaison and Marcus Ranum -  have all created market leading and award winning products individually (Nessus, Dragon IDS, Gauntlet Firewall, TIS firewall tool kit) prior to joining forces at Tenable. Tenable's Unified Security Monitoring approach is their combined vision for monitoring and securing enterprise networks.

Tenable CSO, Marcus Ranum

The event is held on the morning of February 22 in Buckhead, Georgia, and lasts half a day with breakfast and lunch provided. If you are interested in registering, please contact Tim Glinka via email at tglinka@tenable.com. 

It's a rare honor to receive the highest ranking accorded by a reviewer - especially in a highly competitive field. Tenable is very proud to announce that Secure Computing magazine has awarded Nessus 5 out of 5 stars in all categories, including a nice write-up about Nessus features, documentation, support and user experience:

"This product has been the old standby for years, and we find it is still the good dog when it comes to straight-up vulnerability assessment."

Welcome to the Tenable Network Security Podcast - Episode 68

Hosts: Paul Asadoorian, Product Evangelist, Ron Gula, CEO/CTO, and Carlos Perez, Lead Vulnerability Researcher

Announcements

• Several new blog posts have been published this week, including:
  • Nessus App for iPhone - The Video
  • Passively Detect all of your Exploitable Vulnerabilities - PVS 3.4 Released
• Check out our video channel on YouTube that contains the latest Nessus and SecurityCenter 4 tutorials, including the new 3D Tool Beta.


• We're hiring! - Visit the Tenable web site for more information about open positions.


• You can subscribe to the Tenable Network Security Podcast on iTunes!


• Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, provide Nessus plugin statistics and more!

Stories

• Kaspersky Source Code Leaked - Turns out an former employee had distributed copies of the software. This is a tricky thing to defend against, since how do you know if one of your employees is stealing source code? Sure, many would say that you need to limit and control access to the source code, but you still need to allow the developers to access it. Now, antivirus software in particular probably gets a high bounty on the computer underground because if you could analyze the source code directly, you stand a better chance of making malware that is more resilient. The former employee of Kaspersky was arrested and sentenced to three years in prison.

Getting to ShmooCon each year is always challenging (as is trying to get home). Mother Nature seems to enjoy disrupting the travel to and from the conference, which is held in Washington, D.C in January or February of each year. Despite the weather issues, I've always found it to be a conference worth attending. It features quality talks, leading security researchers sharing thoughts and ideas and several extra events such as "Firetalks" and "Hacker Karaoke".

From Printer to Domain Admin

I've always been fascinated with the concept of attacking printers. The common misconception of "oh, it’s only a printer" makes them a prime target for attackers because people believe that printers pose little to no security risk. This mindset typically translates to the following conditions, which help to fuel my fascination: