Thursday, November 25, 2010

BackTrack 4 R2 available

I am a few days behind...but BackTrack 4 R2 is available.

Changes:
  • Kernel 2.6.35.8 – *Much* improved mac80211 stack.
  • USB 3.0 support.
  • New wireless cards supported.
  • All wireless Injection patches applied, maximum support for wireless attacks.
  • Even *faster* desktop environment.
  • Revamped Fluxbox environment for the KDE challenged.
  • Metasploit rebuilt from scratch, MySQL db_drivers working out of the box.
  • Updated old packages, added new ones, and removed obsolete ones.
  • New BackTrack Wiki with better documentation and support.
  • Our most professional, tested and streamlined release ever.
http://www.backtrack-linux.org/backtrack/backtrack-4-r2-download/
Posted by at No comments:

Monday, November 15, 2010

Phish using TechNet as the lure?

Nope....it is just a really Phishtastic looking e-mail....

Posted by at No comments:

Wednesday, November 3, 2010

Firesheep author Guilty/Evil? (Skills-Gap dependence)

I've talked to a few security people and regular IT folks about the FireSheep tool, and I've also read a few discussions about it. Some have called him irresponsible, some guilty, etc...

In a narrow minded, but broad categorization we could call Wireshark, TCPdump, or [insert sniffing tool here] authors into "guilty" parties. These tools can do the same thing. To keep the conversation...uh...focused we won't mention tools like Metasploit or even NMap.

I know this makes it more "accessible" to the common wanna-be attacker, but when are we going to stop using the "skills" gap argument? Do other physical security professionals rely on "skills" gap to protect them, or do they address the issues?

I dunno, innocent or guilty, a light has been pointed into a dark corner and now people are taking notice. If a constant drone of security professionals encouraging the companies to fix the issue isn't enough, then the attention from this will (or should).
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)