Grabbing Passwords from Windows
Param Singh has posted a nice tutorial how to extract password hashes from a Windows system at SecGuru.com. It’s a nice article describing everything from locating backup copies of the SAM files, booting a live CD to grab the SAM file to sniffing the password hashes off the wire.
It does not include how to crack the password hashes, but I’ve covered that topic several times on this site already.
Creating and Burning ISO files under Windows for free
One of the biggest issues I have with Windows is that there is no easy, and cheap, way to create ISO files from CDROMs. Under Linux and other UNIXs you can just run the ‘dd’ command and create an ISO file of the CDROM - But under Windows there seems to be a lack of such functionality.
That was until I found the ISO Recorder tool from Alex Fienman, which works much like a Windows Power Toy. The software works on Windows XP and Windows 2003 (including 64 bit versions). There is a command line version of it that is supposed to work for Windows Vista as well, but I don’t have an Vista installation to try it out on.
EUSecWest related photos
I’ve uploaded some of the pictures I took at EUSecWest and London. It’s not that many pictures as the batteries I brought with me for the camera are worn out and doesn’t carry much of a charge anymore.
My first post :-)
Bluefish here! will change this text to something more usefull later today.
Anyway, what I do in security is
a) work with it at an ISV
b) talk / discuss it at communities and such
c) provide content at http://en.wikipedia.org/
Page launch
Here we go again. Second time around, lets get it right.
Last time we settled down on a design we liked, a domain we loved, a dreadfull GUI written by me and some, well a lot of unsettled questions about where we should publish it. This time we have sorted out the where, how it should look and we have also chosen a well proven and well written poster called WordPress. It works, it’s easy and we like it so far. The browsing around for theme was alarmingly numbing, and the moving of all good material was not an easy task either but I think we have done it.
This time we got it all and we are here to stay. This site will be more updated, more agile and perhaps more interesting. So knock yourselves out.
/W
Definition of Risk, Vulnerability and Threat
There seems to be a lot of confusion by security consultants, reporters and the like what term to use to describe the whole risk, vulnerability and threat saga. This is my attempt to bring some enlightenment on the issue.
Threat is an party with the intent and capability to exploit an vulnerability in an asset. This could be an malicious hacker or an disgruntled employee.
An vulnerability is weakness in an asset that can be exploited. For an example, the security hole in Microsoft WMF (Windows Meta File) format is an vulnerability.
Risk is the probability of harmful consequences resulting from interactions between threats and vulnerable assets. Conventionally risk is expressed by the relation Risk = Severity x Likelihood.
- Severity: If asset or control gets compromised, what kind of information or access does the attacker get? Grabbing banners or list directories are rated less severe then for an example gaining administrative access to the system.
- Likelihood: How likely is it that this will happen? For an vulnerability, how easy is it to find and exploit? A published exploit or a worm using this vulnerability to spread increases the likelihood of this happening compared to a vulnerability which is hard to exploit and requires a lot of insider information. In short: How skilled must the threat be to exploit the asset?
I hope that more people in the industry would start using the right definitions, as it will look bad at us all if they don’t.
See also the Wikipedia entry on Risk and UN-ISDR: Terminology on disaster risk reduction.
VMWare Server Beta is released
As you should know by now VMWare released the free VMWare Player not long ago, which is basically a feature limited version of VMWare Workstation. They have now released their VMWare Server (currently in beta) for free, which is expected to lose it’s beta status sometime Q2 2006. VMWare Server is positioned as a “little brother” to VMWare ESX and is to replace the GSX server.
You are required to register to download VMWare Server, and at the moment the web site is getting hammered so it’s pretty slow. It does seem that BugMeNot has registration details already for those who doesn’t feel like giving your email address. So far I haven’t been able to obtain a copy of the software so I can’t provide feedback on how’s it running. I’ll return to this topic at a later stage when I’ve actually been able to get hold of a copy and test it out.
Instead of providing a product review I will offer my thoughts on what is happening in the virtualization market. I believe that what we are witnessing is a commoditization of the virtualization market, where the next generation of enterprise Linux distributions will include Xen virtualization technology and I wouldn’t be surprised if the high-end Windows Vista servers would include Virtual PC. SWsoft has announced earlier that they will release an free open source version of Virtuozzo called OpenVZ.
All this points to a future where virtualization is everywhere, where it is expected to be a part of the operating environment and no-one is really prepared to pay a premium for it. Why choose which OS you want to run, when you can run them all at the same time?
Personally I am happy with the turn of events, as I need to run a lot of systems during my research and development and all this free virtualization software makes it a little bit cheaper (which is important for me, as I am funding my research myself).
BackTrack 3.0 Beta released
BackTrack is the result of the merging of two Innovative Penetration Testing live Linux distributions Whax and Auditor. Based on SLAX (Slackware), BackTrack provides user modularity. This means the distribution can be easily customised by the user to include personal scripts, additional tools, customised kernels, etc.
As you know I am a great fan of Whax, and seeing Whax and Auditor joining forces is only a good thing, as good developers are hard to find and combinding the projects creates a solid core to focus around. I am currently downloading the beta to have a look under the hood.