PC CyberTekThe cyberspace visitor’s information center

If you follow this blog, you know that I did an article on the first stable release of Namp http://www.pccybertek.com/2010/01/nmap-5-20-released yesterday. Now that it has been out for a week, Fydor has already released another update, Namp 5.21 which is also a stable
release and not a beta. It’s mainly just a bug fix release. So I have updated the download section here with a link to the 5.21 release, which is on the right column about 3/4 of the way down the page. My download link is directly to the file on the insecure.org website or you can go to the Nmap download page yourself.

But I don’t want to just tell you about the update, I’d like to offer you some more since you took the time to stop by here. So here is a link to Iron Geek’s Baisc Nmap Tutorial video. And if already know the basics and would like to move on to some more advanced lesson, here is Iron Geek’s Nmap Video Tutorial 2: Port Scan Boogaloo Happy port knocking.

Fydor has released Nmap 5.20. This is the first stable release, or non beta release, of Nmap since July 2009. And like usual, it has a lot of nice improvements and upgrades. If I could only have one security tool, Nmap would be it. It’s the first, and sometimes the only, program I run when I want to do any kind of security audit or if I want an inventory of  the LAN and which services are running .
Read the rest of this entry »

Yes, that’s right. The essential network scanner, nmap, has made it to version 5. If you are unfamiliar with nmap, it’s a must have tool for anyone who does anything with networks. It’s the greatest port scanner around. And you can get it for just about any OS. But nmap is much more than just a port scanner. It can be used for more than just seeing what ports are open. You can also use it for its OS detection, among other things, and you can even use it to find the conficker virus on remote computers. It’s available as a command line tool and for those who prefer a gui, it also comes with zenmap which is a graphical front end for it.

My thanks to Fydor and the nmap development team for constantly updating this awesome tool and never being satisfied with the status quo. Now let me quote insecure.org

July 16, 2009 — Insecure.Org is pleased to announce the immediate, free availability of the Nmap Security Scanner version 5.00 from http://nmap.org/. This is the first stable release since 4.76 (last September), and the first major release since the 4.50 release in 2007. Dozens of development releases led up to this.

Considering all the changes, we consider this the most important Nmap release since 1997, and we recommend that all current users upgrade.

You can find a list of the changes here and be sure to download it.

An interesting post today, on the Internet Storm Center, reminds us to look over our router logs. Also, disable remote administration of the router, unless it’s absolutely necessary.

You can see what happens when someone guesses an easy password and gets into a router, and the lsessons learned, here.

The most excellent packet sniffing tool, formerly known as etheral, now known as wireshark has recently been updated to ver 1.0.6 This is one of those programs that I find hard to write up. All I can say is, I love it. When I was first learning about network traffic, I tried out etheral. I loved being able to see that raw network traffic. I was amazed at the shear amount of traffic on my LAN. It also stirred my interest in what all these protocols were.

Soon I was using it to uncover malware and where they were phoneing home to. I also used it to get ip addresses of people on IRC when they DCC to me. And just recently I used it at work. Someone forgot their e-mail password and they needed it to get on their web mail. I just fired up wireshark and the launched Outlook. Then I just looked through the log and found to communication to the POP server, and there was the user name and password.  Set it up with a wifi card and you can capture some intresting packets.

Then there is Sharkfest, June 15th – 18th at Stanford University which I can only dream of going to.

Here is a  beginers video intro to wireshark