Tenable Network Security Podcast - Episode 27

Welcome to the Tenable Network Security Podcast - Episode 27

Announcements

• Two new blog posts have been released titled "The Value Of Credentialed Vulnerability Scanning and Microsoft Patch Tuesday - March 2010 - "It Won't Happen To Me" Edition.
• New Nessus training now being offered at conferences! - The new course titled "Advanced Vulnerability Scanning Techniques Using Nessus" is now being offered at both Black Hat Las Vegas 2010 and BruCon 2010. Its a two-day course that will put the student into a real-world environment, forced to solve problems and identify vulnerabilities using the advanced features of the Nessus vulnerability scanner.
• You can provide feedback to this podcast and all of our social media outlets by visiting our discussions forum and adding messages to the "Tenable Social Media" thread. I would love to hear your feedback, questions, comments and suggestions! I put up a call for ideas on new Nessus videos, so please give us your feedback!
• We're hiring! - Visit the web site for more information about open positions, there are currently 7 open positions listed!
• You can subscribe to the NEW Tenable Network Security Podcast on iTunes! You can also subscribe to the new podcast RSS feed directly.
• Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, Nessus plugin statistics and more!

Stories

• Password Lists - Can't Get Enough - While this blog focuses on comparing some larger password lists, mostly taken from leaked accounts as a result of data breaches, its a good resource. The author links to several different passwords lists, including one called "The 500 worst passwords" (Warning: This list contains some foul language).
• Client Side Web Application Attacks - Malware authors continue to show their creative side with these attacks. The malware manipulates web pages and inserts extra fields, such as password or account numbers, into web page transactions.
• DNS Tunneling - 3 Part Series - DNS tunneling is one of those techniques that has evolved greatly over time. The initial theory was presented some time ago, and tools have been created and improved on over the years. It is now a viable option to send traffic out of a network. The DNS tunneling technique has even been packaged as an exploit payload as demonstrated by Ron Bowes.
• Finding Malware on your network via cached DNS entries - Excellent article that demonstrates use of a Perl script to find "evil" cached DNS entries. Basically, it takes a list of known malware domains, then queries your DNS servers to resolve them. If the entry comes back as cached, then someone else has already queried for that domain and you have a host that is infected.
• WMI Enabled Plugins Enumerate Anti-Virus, Anti-Spyware, and Firewalls - Tenable has released three new plugins that use WMI to enumerate software and firewall configurations on remote hosts:
  • WMI Firewall Enumeration (45052)
  • WMI Anti-virus Enumeration (45051)
  • WMI Anti-spyware Enumeration (45050)