Tenable Network Security Podcast - Episode 50

Welcome to the Tenable Network Security Podcast - Episode 50

Announcements

• Several new blog posts have been published this past week, including:
  • Making Penetration Testers Lives Awful
  • Tenable Network Security Podcast - Episode 49 - Interview with Dennis Brown
  • Passive Vulnerability Scanner Network Licensing
• Ron, Marcus, and Renaud present the San Francisco Security Showcase on September 15, 2010! This is a free event that will feature topics such as a Nessus overview and future plans, the advantages of pairing active and passive scanning, an overview and discussion of current security strategies and new industry trends, the past, present and future of regulatory compliance, and a Tenable Network Security product/solutions overview.
• Be certain to check out our video channel on YouTube that contains the latest Nessus tutorials.
• We're hiring! - Visit the web site for more information about open positions.
• You can subscribe to the Tenable Network Security Podcast on iTunes!
• Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, provide Nessus plugin statistics and more!

Stories

• Hexinject - Packet Injection Tool - I think it's really interesting to see what can be injected into packets, such as turning ARP requests into ARP responses! The potential attack vectors are numerous.
• Apple Secret "wispr" Request - I find it neat when a particular device sends out a default "phone home" or other kind of probe on a wireless network. This leaves it vulnerable to all sorts of attacks and there are many researchers working on a way to exploit this one.
• Accton Switches Backdoor - Vendor Response - Here we go again, a gaping security hole put into a product in the name of user friendliness. I think this is a lame excuse. If your product is well designed and documented, you should not have to put a security hole in it to make it usable.
• Security is so much better than 10 years ago... - Someone obviously got the wrong idea about measuring security. There is a difference between local and global incidents, and just because we haven't seen something like the "ILOVEYOU" virus in the last ten years doesn't mean security is getting better. It begs the question, is security getting better, worse, or is that question just oversimplifying everything?
• Bear in the woods or prairie dog in the forest? - I like going through these analogies; it's fun because not only do we get to talk about all kinds of animals, but it helps us understand the right things to do. The prairie dog allows smaller animals to take refuge in their homes, giving them protection from predators. Starving the predators (or attackers) is a good analogy as we don't want to keep feeding the bad guys and let them get more powerful.
• Five Ways To Stop Mass SQL Injection Attacks - While I think these steps are a good start when addressing SQL injection, they don't address the real problem: that people aren't doing these things in order to stop attacks! Developers do not always validate input and organizations do not always implement security controls around their web applications and databases.
• upSploit Advisory Management - This is a very cool "automated" system for managing the vulnerability disclosure process. I thought it was nice for those that find vulnerabilities, create exploits for them, and just sit on them because a vendor is unresponsive. Usually these are low impact vulnerabilities, and I think this system will work well in that scenario.