The Security Pub

Random Thoughts About Security

Category Archives: Security Tools

Software Update: Cain & Abel 4.9.38 is Released

Cain & Abel is a password recovery tool for Microsoft operating systems.

It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using dictionary and brute force attacks, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols.

[learn_more caption="Changes in this version"]Added TCP/UDP Large Send Offloading status detection on Windows Vista/7. Better handling of APR-SSL MitM threads. Fixed a problem with APR in Windows7 causing attacker’s machine to be isolated from poisoned hosts. Speed improvement in Credential Manager Password Decoder for x64 operating systems. Fixed a Cain’s runtime error when SIP/RTP sniffer filter is disabled. SIP, MGCP and RTP sniffer filters are now separated. Fixed RTP sniffer filter to avoid processing Link-local Multicast Name Resolution (LLMNR) traffic on UDP port 5355. Fixed RTP sniffer filter to avoid processing SSDP traffic on UDP port 1900. Fixed RTP sniffer filter to avoid processing Multicast DNS (MDNS) traffic on UDP port 5353. Improved RTP protocol validation function.[/learn_more]

Nessus iPhone Application

Tenable has released a free iPhone application for its Nessus Vulnerability Scanner.  This iPhone application provides Nessus users the ability to:

  • Connect to a Nessus server
  • Launch scans
  • Create new scans
  • Review reports

All you will need is an iPhone or iPod Touch running iOS 4.0 or later.  You can download the Nessus iPhone application in the App Store, under the productivity category

ZBot Removal Tool

ZBot (also known as Zeus, ZeusBot or WSNPoem, Gorhax and Kneber) is a Trojan created to steal sensitive information from compromised computers.  Zbot focuses mainly on online backing information, that unsuspected users would enter in to access the financial organizations website, however it also monitoring system information to obtain additional authentication credentials.  Some of the newer variants are doing even more now.  They are gathering visited website history and other data the user enters in online, while at the same time it is taking screen shots.

To help with this BitDefender has created a ZBot Removal Tool which checks users’ computers, detects and eliminates most of the ZBot variants spotted in the wild.

Acunetix Web Vulnerability Scanner 7 Released

Acunetix announced version 7 of its Web Vulnerability Scanner which features a new vulnerability verifying techniques, scanning engine, support for a wider variety of web applications, improved performance, less false positives and detection of a wide range of new web vulnerability types.

Check out the video below to find out whats new in the Acunetix Web Vulnerability Scanner Version 7.  You can also download the Free version from the Security Tools Page.

Wireshark 1.4.0 is Released

wireshark Wireshark is a popular network protocol analyzer. It is used for troubleshooting, analysis, development, and education.

The following features are new (or have been significantly updated) since version 1.2:

  • The packet list internals have been rewritten and are now more efficient.
  • Columns are easier to use. You can add a protocol field as a column by right-clicking on its packet detail item, and you can adjust some column preferences by right-clicking the column header.
  • Preliminary Python scripting support has been added.
  • Many memory leaks have been fixed.
  • Wireshark 1.4 does not support Windows 2000. Please use Wireshark 1.2 or 1.0 on those systems.
  • Packets can now be ignored (excluded from dissection), similar to the way they can be marked.
  • Manual IP address resolution is now supported.
  • Columns with seconds can now be displayed as hours, minutes and seconds.
  • You can now set the capture buffer size on UNIX and Linux if you have libpcap 1.0.0 or greater.
  • TShark no longer needs elevated privileges on UNIX or Linux to list interfaces. Only dumpcap requires privileges now.
  • Wireshark and TShark can enable 802.11 monitor mode directly if you have libpcap 1.0.0 or greater.
  • You can play RTP streams directly from the RTP Analysis window.
  • Capinfos and editcap now respectively support time order checking and forcing.
  • Wireshark now has a “jump to timestamp” command-line option.
  • You can open JPEG files directly in Wireshark.

You can download the latest version from The Security Pubs Toolbox.

Application Review – Password Safe

Security Pub Followers, be on the look out for upcoming posts where I will share my thoughts on the security tools that I have used or currently using.

password safe Do you have a lot of passwords to remember and keep up with for different things?  If the answer is yes then I would suggest taking a look at this easy to use open source password management tool called Password Safe. It uses the encryption method Twofish cipher which was created in part by security genius Bruce Schneier.  With password safe you can easily create one password as the master password which will then unlock the safe for you to view all your other user names and passwords.

Key Benefits

  • Keep your passwords organized
  • Secure your passwords with Twofish Cipher encryption
  • Quickly Generate Strong Passwords
  • Create Backups of your Password Database
  • Stores Password History
  • Auto Type – quickly enter your username and password with a single click
  • And MUCH more…..

To download the latest version 3.22, released on May 23, 2010. Visit SourceForge