2010 July | Internet SecuritT Group

Clientele

Security Resources
- Center For Information Security Awareness
  InfraGard Awareness is a FREE information security awareness course that will teach you vital skills to protect yourself and your family from cybercrime and identity theft
- Comodo Free Security Solutions
  Internet Security Suite of cutting edge security including Antivirus, Firewall, malware prevention and more.
- Panda Security Tools
  Panda Security offers a range of free anti-virus tools to optimize the security of your PC. Download them free and start to benefit from their many features.
- Password Safe Password Management
  Password Safe allows you to safely and easily create a secured and encrypted user name/password list.
- ThreatFire Zero-Day Malware Protection
  By implementing sophisticated real-time behavioral analysis ThreatFire is able to stop never- before-seen “zero-day” threats solely by detecting their malicious activity.

Video-based captchas for sites and blogs

News | Thursday 1 July 2010 2:45 am

NuCaptcha is a technology that uses video to determine if people are really human, not machines. Video offers the greatest advancement in Captcha technology since it was first introduced ten years ago…

View full post on Help Net Security – News

Comments Off

Vulnerability Assessment Testing Automation Part I, (Tue, Jun 29th)

News | Thursday 1 July 2010 1:05 am

In my SANSFire presentation I described how and why to automate parts of the security testing process. The slides are posted here (handlers.dshield.org/adebeaupre/deBeaupre-SANSFire2010v011.pdf). Part of the process involves taking tool outputs, parsing them, and then importing the results to a database. In the example I am giving here we are taking nmap XML output, parsing it using a perl script and the nmap::parser (code.google.com/p/nmap-parser/) module, and then importing it to a MySQL database. The script I’m using is based on work by Paul Haas found here (www.redspin.com/blog/2009/10/27/nmap-database-output-xml-to-sql/). The table schema he uses is one of the better ones I have seen for nmap data storage. One of the major things the script lacks is the ability to parse nmap NSE output, still a work in progress. In any case the script is found here (handlers.dshield.org/adebeaupre/nmap_xml2mysql-v011.pl). The structure of the script is straight forward:
Main – reads command line arguments and calls the other functions

Usage – prints out a usage message if no command line arguments are provided

CreateTables – creats the database tables

Nmap_info – reads in the xml file and populates the tables

Db_output – outputs a success message
Unfortunately it needs some more work, but does the trick. I am more than open to suggestions, or better ways of doing things. Part II will be a script to import v2 .nessus files into a MySQL database, also in perl. Let us know if you use this script, something like it, or some other technique to manage security test data. Contact us or use the comment fields below.
Cheers,

Adrien de Beaupr

EWA-Canada.com

(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.

View full post on SANS Internet Storm Center, InfoCON: green

Comments Off

Lack of Security Focus Puts SMBs In Harm’s Way

News | Thursday 1 July 2010 12:22 am

Small-and medium businesses can be easier to secure than larger enterprises, but few have traditionally made the effort

View full post on DarkReading – All Stories

Comments Off

Some Content may originate from third party websites(i.e. Amazon, Yahoo Answers, Youtube)
Internet SecuritT Group LLC is not responsible or liable for the content of any third party affiliate
All third party content is property of the respective owners.

Featured Internet Security Services

Clientele

Security Resources

Video-based captchas for sites and blogs

Vulnerability Assessment Testing Automation Part I, (Tue, Jun 29th)

Lack of Security Focus Puts SMBs In Harm’s Way