From: Petr.Kazil@eap.nl
Date: Thu Dec 13 2007 - 11:18:33 EST
> For me web app, to back end server, to the LAN is so rare it might as
> well be non-existent. Web app to DB - yeah...but not to internal LAN for
> me very much.
Yes, same here too. Nowadays WebApp, DB and LAN are always separated by
firewalls.
> Internal networks are still a mess, riddled with old vulnerabilities -
> even when the customer has patch management solutions. I can't be as
> noisy trying to find them like the good old days - but they are still
> there - the bigger the company the more legacy crap they have.
Yes, same here too.
What always surprises me is that comapnies can afford to be several months
- to 2 years (!) behind with Windows updates ... and nothing evil happens!
Somehow the infrastructures I know seem to be resistant to trojans,
malware and other stuff I read about all the time. Is it just that most
organizations have up-to-date virus checkers on mailscanners, websweepers
and PC's? Is that enough in most cases? It looks like that ... but it's
against all best practices.
> Anybody else in this boat? If so what's in your toolkit?
I made a quick dump of my Windows USB stick with tools. But - it's not
complete and I know a few tools have newer versions. I will have to make a
new updated version for myself soon (I have too many different USB sticks
now). But I hope you are amused, it's nothing special really:
01_Netwerk_Scanners\scanline\sl.exe
01_Netwerk_Scanners\superscan4\SuperScan4.exe
02_Vulnerability_Scanners\framework-2.5.exe
02_Vulnerability_Scanners\framework-3[1].0-beta-2-svn.exe
02_Vulnerability_Scanners\languardnss8.exe
03_Windows_Enumeration\winfingerprint-0.6.2\setup.exe
04_WindowsShares\legion\SETUP.EXE
04_WindowsShares\ShareEnum\Release\RetinaDemo589.exe
04_WindowsShares\ShareEnum\Release\ShareEnum.exe
05_Windows_Updates\Retina\RetinaMSDTC.exe
05_Windows_Updates\Retina\RetinaNetApi.exe
07_Dumpsec\DUMPEVT.exe
07_Dumpsec\DUMPSEC.exe
10_Sniffers\Tcpview.exe
10_Sniffers\ngSniff-1.0\ngSniff.exe
10_Sniffers\Wireshark\wireshark-setup-0.99.3.exe
11_ArpSpoofing\Cain and Abel\ca_setup.exe
12_Printers\Hijetter_exe\Hijetter.exe
13_Passwords\lc4setup.exe
13_Passwords\hydrawin\hydra-5.3-win\hydra.exe
13_Passwords\hydrawin\hydra-5.3-win\pw-inspector.exe
13_Passwords\L0phtCrack LC5 v5.04\lc5setup.exe
14_Netcat\nc111nt\nc.exe
15_Clients\vnc-4_1_1-x86_win32.exe
15_Clients\Putty\putty.exe
15_Clients\WS_FTP\ws_ftp32.exe
16_Spidering\httrack-3.40-2.exe
16_Spidering\wgetwin\wget.exe
18_WiFi\netstumblerinstaller_0_4_0.exe
19_MacAdresAanpassen\MacMakeUp.exe
20_Editors\OpenOffice\OOo_2.1.0_Win32Intel_install_en-US.exe
20_Editors\vi\gvim63.exe
22_Zippers\IZArc35.exe
23_Pictures\iview398.exe
30_BIOS\CTBIOS.EXE
30_BIOS\CTCM7.EXE
30_BIOS\MBM5370.EXE
31_PC_Settings_Belarc\advisor.exe
32_Loganalyse\eventcombMT.exe
40_Analyzecsvde\analyzecsvde_publish_oud\analyzecsvde_1_0_0_17\analyzecsvde.exe
90_Sysinternals Toolset\PsService\psservice.exe
91_Tools_Reskit\adlb.exe [and more]
92_Unix_Utils\grep.exe [and more]
94_Support Tools\acldiag.exe [and more]
99_AD_Tools\dnslint.exe
99_AD_Tools\repadmin.exe
99_AD_Tools\2003\replmon.exe
99_AD_Tools\Resource Kit\sonar.exe
99_NogOnbekend\fgdump-1.5.0
99_NogOnbekend\pwdump6-1.5.0
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:16 EDT