06.19.08
Posted in CDVT - Version Tracker, IT, Tools at 12:59 am by Tyler Reguly
Greetings All,
First... I'm definitely not dead... that first month of marriage kept me busier than I'm used to being, but I definitely plan on posting more.
This post is actually rather exciting for me. If you read back through my blog, my iniital posts (and the reason I registered a domain) were because I wanted an easy way to keep track of new versions of software. I happened to register this domain, so I wanted to call it the Computer Defense Version Tracker (CDVT). My plan was to develop a file scheme, where software authors could place a small cdvt file in their root and I would fetch and parse the file, creating an updated list of versions of software. A number of authors were on board with the idea, but it never built much steam.
Having progressed my development skills quite a bit in the past two and half years (or at least I like to think I have), I realized I could write a simple screen scraper to do the work. So here's the "new and improved" CDVT, which I'm currently calling version 0.1. The download consists of two files, cdvt.py and cdvt.xml. The XML file contains references to each piece of software that is being checked. The python does the work. You can provide a couple of inputs when you run the file, and if you provide incorrect input, you'll get this error:
htregz@securitysentience:~/cdvt$ python cdvt.py
CDVT 0.1 by Tyler Reguly (ht@computerdefense.org)
Error: Output Type not provided
Usage: cdvt.py <output type> <output interface>
output type: csv or text
output interface: stdout or file
This should be fairly straight forward, you can generate csv or plain text and either print to the screen or write to a file. The next version will parse proper arguments and allow you to specify a filename. Right now the filename will be either versions.csv or versions.txt (depending on the output type).
Output from the text mode looks like this:
htregz@securitysentience:~/cdvt$ python cdvt.py text stdout
2.4 Kernel: 2.4.36.6
2.6 Kernel: 2.6.25.7
Aircrack-ng: 1.0-rc1
Cain & Abel: 4.9.14
ettercap: NG-0.7.3
Kismet: Kismet-2008-05-R1
Metasploit Release: 3.1 Release
Metasploit SVN Revision: 5533
NetStumbler: Version Info Not Available
Nikto: 2.02
nmap: 4.65
Notepad++: 4.9.2
Pass the Hash: 1.3
PsTools: 2.44
PuTTy: 0.60
Snort: 2.8.2.1
TCPDump: 3.9.8
VMWare Server: 1.0.6
VMWare Workstation: 6.0.4
Wireshark: 1.0.0
Since I do perform screen scraping, it isn't the fastest process in the world, but it isn't overly slow either. When you see the message 'Version Info Not Available', that means that the page that's scraped wasn't available or the regex couldn't match. In the above case, the NetStumbler download page is currently returning a 404 error.
I would love feedback, suggestions of apps to add and anything else. Feel free to email me or leave a comment.
Permalink
Digg this post
05.28.06
Posted in CDVT - Version Tracker, Site Related at 1:37 am by Tyler Reguly
Hey Hey,
We've made a move.... I was using hostprince, and I was even reselling their services to a few friends... It wasn't bad at first... they have 0-technical knowledge, but I could live with that but it eventually became ridiculous... I had a simple wget script running and they told me it was crashing their services... this page was written in perl and ran every 5 minutes to check on a text file... if you haven't guessed it was for CDVT (which I haven't forgotten about)... Anyways I've moved servers and picked up a new shell account, between the two we should be good to get CDVT up and running in the next month or so... Anyways.. enjoy the new server... I should be posting more now that the site will be more reliable..
Peace,
HT
Permalink
Digg this post
03.30.06
Posted in CDVT - Version Tracker at 1:34 am by Tyler Reguly
This project is still happening, in case anyone was wondering... Unfortunately I've run into problems... The host i'm using relies on cpanel which doesn't allow modification of the file privs on mysql... They also won't do a custom mod for me... I now have two choices... write a script that will prase the update file as if it were the LOAD DATA command, or move to another host... I don't have time to contemplate the change at the moment, so I'm pushing back launching this project until most likely the end of April... hopefully I'll have it up before the calendar officially reads May.
Peace,
HT
Permalink
Digg this post
03.03.06
Posted in CDVT - Version Tracker at 9:55 pm by Tyler Reguly
Hey Hey,
So I know everyone is anxious for this... the perl script is finally written.. only took a couple minutes but I'm lazy... Anyways, I'm going to implement it later tonight or tomorrow morning.. and try and co-ordinate with those who've expressed an interest on Sunday night... get a beta version live as early as Monday or Tuesday...
Stay Tuned.
Peace,
HT
Permalink
Digg this post
02.23.06
Posted in CDVT - Version Tracker at 12:26 pm by Tyler Reguly
I've been busy with the new job, so updates have been slow..
I just wanted to mention that I've received a response from SourceFire and AIDE and both are interested in participating. SourceFire was really great in offering assistance since I've been so busy lately.
The rest of my unpacking should be done by the end of the week and I hope to have the beta online within a week of that (first weekend in march)
Permalink
Digg this post
02.14.06
Posted in CDVT - Version Tracker at 5:54 pm by Tyler Reguly
Hey Hey,
So I require a perl script for the cron jobs, as I recently found out... that's no problem, just need to write it haha... Then we should be good to go.
Also I've received a response from OpenSHH.. They already keep a bunch of version trackers updated and are not interested in taking part in this one.. That's fine with me... I've at least made the offer.. If anyone really wants to see this project included and is interested in hosting the version file for it and updating it... let me know...
Peace,
HT
Permalink
Digg this post
02.09.06
Posted in CDVT - Version Tracker at 2:11 pm by Tyler Reguly
Hey Hey,
CDVT is a project that was dreamed up by me off some comments on tracking current project versions by a colleague. I'm sure we'll release information on ourselves and how we came up with the project once we launch it. However, as I'm planning a move over the next couple weeks, there might be some delay in the actual launch, however I'm hoping to get it completed this weekend while I still have some free time.
The concept of the CDVT is to have the authors/maintainers of popular tools place a single text file on the root of their website. CDVT will check this file at regular intervals, and find contained it in the most recent version of the software, which it will update in it's database. The database will be used to populate the front-end... a small applet (most likely actually a table of some sort, maybe a full page) that will allow you to notice at a glace the most recent versions of the software and keep yourself up to date.
Included during the release, will be a front-end that you can incorporate into your own site, as well as hopefully an RSS feed and possibly the expansion to a mailed out newsletter, daily or weekly... possibly only on updates.
I am looking for contact from authors/maintainers that would like to have their projects added and also suggestions from everyone as to what other projects/tools you'd like to see included.
To date I've contacted the following projects and their authors/maintainers:
- nmap (verified participation)
- nessus (in communication)
- snort
- hping
- dsniff
- amap
- hydra
- BackTrack
- WinPcap (verified participation)
- ettercap
- Ethereal (in communication)
- Cain & Abel
- John the Ripper (verified participation)
- Kismet (verified participation)
- Metasploit (verified participation)
- HiJackThis [Added Feb 10th]
- StartupList [Added Feb 10th]
- netfilter/iptables [Added Feb 12th] (verified participation)
- kernel.org [Added Feb 12th] (in communication) [Asking me to use their method and stray from a standard]
- nikto [Added Feb 12th] (verified participation)
- portsentry [Added Feb 12th]
- aide [Added Feb 12th]
- logwatch [Added Feb 12th]
- openssh [Added Feb 12th] (in communication) [Asking me to use their method and stray from a standard]
- openssl [Added Feb 12th]
- syslog-ng [Added Feb 12th]
Let me know of any others, or any ideas/suggestions you may have. You can post your comments here, or contact me - ht[at]computerdefense.org
Peace,
HT
Permalink
Digg this post