So I found a link to the Business Opportunities Weblog today and the "How Much is Your Blog Worth" calculator. It's an amusing page which returned the following results:
I'd have to say that while I'm really attached to my blog... if anyone wants to buy it for 15 grand... I'd be willing to sell.
SpamMailBag.com returned a much lower value:
What does this mean??? Not a whole heck of a lot, but it's interesting to play with...
That being said... the nCircle blog (Which recently underwent major reformatting) is valued at 34K:
Just something amusing to play with.
One of the websites in my RSS feed that I really enjoy is LinuxSecurity.com. The site compiles outside links from various news sources and presents some of the more interesting ones on a single page... however it's not without issues... From the RSS feed, you are constantly getting "Page Not Found" errors... and you have to return to the main page to click the link for the article.
Anyways I was over there looking today and I found some rather interesting articles available:
Stompy Session ID Analyzer -- This is a great concept... I haven't tested it yet so I can't quite say great tool. People quite often create their own Session IDs... this will let you see if they're based off anything.. or if there's a pattern available... Download Link (tgz)
AJAX Fingerprinting Web 2.0 -- Another great concept... As people move to this new world of Web 2.0 applications are being built on frameworks... GWT, PyJamas, ASP.NET AJAX, etc... More often than not when these frameworks are flawed... the applications based off them will also be flawed. The concept of AJAX fingerprinting gives us:
Ajax fingerprinting can help in deriving the following benefits:
- Vulnerability detection – Knowledge of the framework on which a web application is running, allows the mapping of publicly known vulnerabilities found for that particular framework. Example – DWR client side vulnerability.
- Architecture enumeration – On the basis of derived information from fingerprinting it is possible to guess application architecture and inner working of a system. Example – Atlas (.NET application framework), DWR (Servelet/JavaScript combo).
- Assessment methodology – Derived information from the fingerprinting phase can help in defining future assessment path and vulnerability detection methods. Example – Deciding on JavaScript-scanning.
Download Link (pdf)
These last two are just news articles...
2006: The Year Hacking Became a Business
Vulns Spiked 39% in 2006 according to an IBM ISS report.
I've got some things to do before bed... but I wanted to make sure I shared these.
Digital Bond has released a SCADA Honeynet... It emulates a fairly popular PLC and it sounds like a fairly interesting idea... First thing tomorrow I'm going to give it a look and let everyone know what I think.
Other than that I just wanted to point out Jeremiah Grossman's blog for those that don't read it... or rather two great posts that he published today.
The first post was Input Validating or Output Filtering, which is better. Not only does the article give a clear explanation of the two preventative measures, but it also gives examples.
The second post is The Difference Between Security Assessments and Penetration Tests. It's focused towards Web Application Security, since that's his field of expertise, however it can be applied to any aspect of security.
That's all for today... short and sweet.
OWASP has released the their Top 10 Web Application Vulnerabilities (2007) document as release candidate 1 (RC1). It is available in both MS Word and PDF formats. The 35 page document provides descriptions of the 10 vulnerabilities as well as verification and protection methods. The OWASP team is accepting feedback and suggestions on the document until the end of February, so if you've got anything to contribute let them know.
Here's the summary page of this years 10 Vulnerabilities.
As I was making my final read through bloglines before calling it a night, I noticed a new post on StillSecureAfterAllTheseYears.com. The post is, surprise!, yet another on NAC... but that's cool everyone seems to be talking about it these days... It's on a new feature in Extreme XOS. The "new" feature isn't that new... Cisco users may recognize it as DHCP Snooping with IP Source Guard or even NetReg wth a few custom scripts to query DHCP leases and enable/disable switch ports (which would be entirely free btw). So Alan's post is describing how if you don't want to the infrastructure change to support 802.1x and are stuck with DHCP NAC then Extreme offers this amazing new feature.
The problem is that none of this is new... While I was still working at the college we were discussing implementing NetReg with some custom scripts.. I even had a test implementation up and running... and Cisco's DHCP Snooping with IP Source Guard has been around for a little bit now... So where does that leave us... From a pure technology standpoint we have nothing that would be considered "new technology"... From a product standpoint we have a product that has finally implemented features that the competition has.
One thing I've done lately is attack people for their bias... Agnitum, WebRoot and now Alan Shimel... At least Alan can come out and say that he's biased... which makes this read even more like a press release or advertising than a blog post that's informing readers. This "new" feature has only one target audience to whom it's an advantage.... existing Extreme customers because they previously lacked this feature... and at least it is somewhat presented that way..."Here's a new "nice to have", should you already have the equipment"...
I'd previously heard good things about Extreme... some friends had tested and deployed the software and had spoken highly of it... especially of the NAC features... Having never used it personally, I can only reiterate the description I was given... the description of a device that allowed all the benefits of 802.1x without requiring an OS that supported 802.1x because it relied on a webpage for authentication, making it function seemlessly cross-platform.
I also enjoyed reading StillSecureAfterAllTheseYears... It's a regular on my daily list of blogs to read and generally one of the first ones I'll read if I see it updated in bloglines. But I go to blogs for information and entertainment... not to read ads.
Perhaps a better way to approach this would have been to do what most vendors do... involve a third party... There are plenty of sites that provide reviews of hardware and software that has been provided to them... Hell.. Extreme can send me a switch and not only will I review Trusted DHCP Server but I'll review all the features of XOS... I'd be more than happy too... but I'm not associated with it... so I can provide an unbiased opinion...
Peace,
HT
Just a quick post to let everyone know that WinPcap 4.0 has been released...
From the announce email:
As of today, WinPcap 4.0 is available in the download section of the
WinPcap website, http://www.winpcap.org/install/ .
This software release contains major improvements to the kernel
driver, which has been thoroughly reviewed (and partially rewritten).
As a result, WinPcap 4.0 is extremely more reliable and stable than
previous versions!
The 4.0 version also adds the long awaited stable support for x64
platforms, including Windows XP and the upcoming Vista.
Finally, this release includes support for the CACE Technologies
Wireless AirPcap Adapters, the first open and affordable solution for
Wi-Fi capture on the Windows platform.
Full details of the changes can be found in the change log attached at
the end of this message.
As always, we profoundly thank all the users that tested the
development versions of WinPcap 4.0, it would not have been possible
without your help and precious suggestions. Thanks!
Gianluca Varenni
WinPcap Team
According to MOAB's advisory the Windows version of Quicktime (7.1.3) is vulnerable to CVE-2007-015. Secunia futher narrows this down by telling us that 7.1.3.100 is the vulnerable Windows version and says to apply Security Update 2007-001 to fix the problem.
In my last round of Bloglines reading before bed, I stumbled across a new post on the SBS Diva Blog, claiming that there wasn't a Windows patch for CVE-2007-015. I did some searching -- Downloaded the newest Quicktime from the Quicktime Site, Checked the Apple Support Downloads page, and ran Check for New updates inside Quicktime. None of these yielded an update and I'm still at version 7.1.3.100 (I updated my Mac since it popped up with a nice update message... but didn't think to look previously on Windows).
I'm sort of curious about this so I've fired off email to both Apple PR and Quicktime Support. Should I get a response... or anyone know another (more "out-of-the-way") method of updating the Windows Quicktime, I'd love for you to share it.
This is just a quick post to let all my readers know that IIS.net has launched a new Download Center. You can consider it your one-stop-shop for IIS Tools and Add-Ons.
I was just glancing at my bloglines feed before heading to bed and I noticed a couple of new posts by Robert Scoble. One of these, Breaking News: Adobe to release PDF to ISO, caught my eye. The fact that Scoble is so on top of things explains why he's ranked #9 on Forbes.com Top 25 Web Celebs (I found out about this listing via a post on Amber MacArthur's Blog).
Anyways... Adobe has released a press release stating that they will be passing the PDF 1.7 Specification to AIIM (Enterprise Content Management Association) so it can be passed to the ISO for publication.
The most I can do is share this because ultimately I don't know the benefits of being a standard... I'd love some insight on the subject...
From reading the ISO Website I've come up with the following list of benefits:
- Internationally agreed upon features such as terminology, compatibility and interoperability.
- Provides the requirements a product must meet and a method of measuring that those requirements are met
I suppose this is also a smart business move since ODF is already a published standard... It also makes sense to move towards standardization from a business sense... Standards can be complied to... and with current compliance pushes in various markets... this could include the use of PDF as the standard method of trading information...
So my question is... Will PDF be a Freely Available Standard (A short list, considering the more than 16,000 (according to the ISO in Brief publication) Standards the ISO has published, but surprisingly (to me) it includes C#)?
I'm a big fan of VMWare Server... I have VMWare Workstation on my Desktop but on my laptop I use VMWare Server... It's handy and the ability to allow others to remotely connect to it is great. It's also free.. which means not having to buy an additional license.
I hadn't used VMWare on my laptop in a little while and I went to run it this evening... Imagine my surprise when I couldn't run it... I got an error message that I'd never seen before.
/usr/lib/vmware/bin/vmware: /usr/lib/vmware/lib/libpng12.so.0/libpng12.so.0: no version information available (required by /usr/lib/libcairo.so.2)
I did some googling and came across this forum thread. I tried a couple of the options provided and most of them proved fairly useless... Then one of the suggestions saved the day.
Uninstall libdbus-1-2. There were no dependencies to it... (a small python package and that was it)... and as soon as I removed it and reinstalled VMWare Server it was up and running like a dream.
