Security Blog » General News http://www.insecure.ro It's all about Security - Security Blog - Mon, 24 May 2010 08:30:50 +0000 en hourly 1 http://wordpress.org/?v=3.0 Web Warriors (CBC/HDTV) http://www.insecure.ro/news/web-warriors-cbchdtv/ http://www.insecure.ro/news/web-warriors-cbchdtv/#comments Mon, 24 May 2010 08:29:44 +0000 inSecure http://www.insecure.ro/?p=336 Salut, am gasit un filmulet interesant pe internet. Are aproape 40 de minute, si zic eu ca merita.

Vizionare Placuta!

]]> http://www.insecure.ro/news/web-warriors-cbchdtv/feed/ 0 Windows 7 Security – Slides http://www.insecure.ro/news/windows-7-security-slides/ http://www.insecure.ro/news/windows-7-security-slides/#comments Sun, 09 May 2010 21:29:50 +0000 inSecure http://www.insecure.ro/?p=332 Am gasit ceva interesant despre securitatea din Windows 7.
Sper sa va placa!


Pareri ?

]]> http://www.insecure.ro/news/windows-7-security-slides/feed/ 1 Jarlsberg – Web Application Exploits and Defenses http://www.insecure.ro/news/jarlsberg-web-application-exploits-and-defenses/ http://www.insecure.ro/news/jarlsberg-web-application-exploits-and-defenses/#comments Sun, 09 May 2010 21:05:55 +0000 inSecure http://www.insecure.ro/?p=329 Jarlsber

A aparut un nou tool, creat chiar de ‘marele’ Google.
Ce ofera acest tool?!

Learn how hackers find security vulnerabilities!
Learn how hackers exploit web applications!
Learn how to stop them!

This codelab shows how web application vulnerabilities can be exploited and how to defend against these attacks. The best way to learn things is by doing, so you'll get a chance to do some real penetration testing, actually exploiting a real application. Specifically, you'll learn the following:

How an application can be attacked using common web security vulnerabilities, like cross-site scripting vulnerabilities (XSS) and cross-site request forgery (XSRF).
How to find, fix, and avoid these common vulnerabilities and other bugs that have a security impact, such as denial-of-service, information disclosure, or remote code execution.

To get the most out of this lab, you should have some familiarity with how a web application works (e.g., general knowledge of HTML, templates, cookies, AJAX, etc.).

O sa il incerc si eu, dupa licenta, ca deocamdata nu am timp. Daca ati reusit sa il testati voi, va rog dati-va cu parerea, sa stiu daca merita sa il incerc.
Apropo, NU sunt fan Google.

Website: http://jarlsberg.appspot.com/
Download: http://jarlsberg.appspot.com/jarlsberg-code.zip

]]> http://www.insecure.ro/news/jarlsberg-web-application-exploits-and-defenses/feed/ 2 Microsoft Hyper-V Server 2008 R2 http://www.insecure.ro/news/microsoft-hyper-v-server-2008-r2/ http://www.insecure.ro/news/microsoft-hyper-v-server-2008-r2/#comments Wed, 03 Mar 2010 13:23:55 +0000 inSecure http://www.insecure.ro/?p=314 Ok, nu am mai scris de ceva timp, dar ma pregatesc de licenta.

O sa fie o licenta cu virtualizare, deci o sa scriu mai mult de virtualizare…

Primul sistem: Microsoft Hyper-V Server 2008 R2
Mai multe detalii aici + Configuration Guide: here
Link de download: Hyper-V

]]> http://www.insecure.ro/news/microsoft-hyper-v-server-2008-r2/feed/ 1 Cont Twitter ! http://www.insecure.ro/news/cont-twitter/ http://www.insecure.ro/news/cont-twitter/#comments Tue, 15 Dec 2009 19:38:56 +0000 inSecure http://www.insecure.ro/?p=287 Salut, doar ce mi-am facut cont de twitter si m-am gandit sa va zic.
Din pacate nu prea am timp sa scriu pe blog, dar pe twitter sper sa scriu ceva mai des.
Link aici : http://twitter.com/inSecure_ro

]]> http://www.insecure.ro/news/cont-twitter/feed/ 1 De ce urasc Google? http://www.insecure.ro/news/de-ce-urasc-google/ http://www.insecure.ro/news/de-ce-urasc-google/#comments Mon, 14 Dec 2009 16:40:15 +0000 inSecure http://www.insecure.ro/?p=284 De ce urasc Google?

Au mult prea multe informatii despre fiecare utilizator.
Nu ati auzit despre noul motor de cautare al lui Google?(caffeine)

Pai se foloseste de cookie-ul utilizatorului, iar astfel nu vom mai avea deloc intimitate.
Google va stii tot ce cautam, si ne va putea gasi in caz ca vor vrea asta(nu e acelasi lucru ca inainte, inainte poate te gaseau dupa IP, acum au cookie direct pe PC-ul personal!!)

Si uite ce zice idiotul de CEO Eric Schmidt despre asta!

www.youtube.com/watch?v=A6e7wfDHzew

]]> http://www.insecure.ro/news/de-ce-urasc-google/feed/ 1 Metasploit 3.3 a fost LANSAT! http://www.insecure.ro/news/metasploit-3-3-a-fost-lansat/ http://www.insecure.ro/news/metasploit-3-3-a-fost-lansat/#comments Sat, 05 Dec 2009 13:39:43 +0000 inSecure http://www.insecure.ro/?p=236 S-a lansat versiunea 3.3 Metasploit!(2009-11-30)
Ce este Metasploit ?

Metasploit este o unealta open source de testare a vulnerabilitatii unui Server/PC. Are exploit-uri predefinite, si este o unealta de vis pentru orice ‘script-kiddie’.

Mai jos am pus o descriere in engleza.

The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.

Metasploit v3.3 il puteti gasi aici:

Windows – Metasploit-3.3.exe
Linux – Metasploit-3.3.tar.bz2

Detalii cu functionalitati: Metasploit Release Notes
Homepage: Metasploit.com

]]> http://www.insecure.ro/news/metasploit-3-3-a-fost-lansat/feed/ 2 Cain & Abel http://www.insecure.ro/news/cain-abel/ http://www.insecure.ro/news/cain-abel/#comments Thu, 12 Nov 2009 19:24:06 +0000 inSecure http://www.insecure.ro/?p=231 Ce este Cain & Abel ?

Am pus aici o descriere completa luata de pe oxit.it

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of several kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols.

The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort. It covers some security aspects/weakness intrinsic of protocol's standards, authentication methods and caching mechanisms; its main purpose is the simplified recovery of passwords and credentials from various sources, however it also ships some "non standard" utilities for Microsoft Windows users.

Cain & Abel has been developed in the hope that it will be useful for network administrators, teachers, security consultants/professionals, forensic staff, security software vendors, professional penetration testers and everyone else that plans to use it for ethical reasons. The author will not help or support any illegal activity done with this program.

De ce am adus aminte de Cain & Abel ?

Pai a aparut versiunea noua de Cain & Abel !

Ce s-a schimbat:

[!] Added Windows Firewall status detection on startup.
[!] Added UAC compatibility in Windows Vista/Seven.
[!] Winpcap library upgrade to version 4.1.1.

Download here: Cain & Abel
Homepage : here
Tutoriale Cain & Abel (youtube) : Link

]]> http://www.insecure.ro/news/cain-abel/feed/ 3 How To Web http://www.insecure.ro/news/how-to-web/ http://www.insecure.ro/news/how-to-web/#comments Sat, 24 Oct 2009 15:23:07 +0000 inSecure http://www.insecure.ro/?p=222 How To Web

Pe site-ul How-To-Web gasim urmatoarea descriere:

How to Web este prima conferinţă educaţională dedicată webului din România, destinată studenţilor şi tinerilor profesionişti. How to Web este un prilej excelent de a lua contact cu problemele şi tehnologiile webului global şi de a interactiona cu antreprenorii sau tehnicienii care dezvoltă soluţii pentru acestea.

De ce ar fi bine sa participati la aceasta conferinta?

Pai am putea sa aflam raspunsul la cateva intrebari de genul:
Vrei sa iti deschizi un website si nu stii de unde sa incepi?!
Cum sa faci un plan de afaceri valabil si in Online?

Acum cateva zile am luat ultimul numar Forbes si surprinzator am gasit un articol despre UberVU.
“Real Time Search – UberVu”
Din Forbes citez: “Sunt tineri si au intrat in lumea internetului fara niciun ban, dar au creat uberVU, o unealta care vaneaza cuvinte cheie pe platforme sociale asa cum face Google pe intregul web”.
As vrea sa le cunosc povestea, si cum au reusit.
In plus sunt fosti studenti ai Facultatii de Automatica si Calculatoare din Bucuresti(unde sper sa termin si eu in acest an).
Asta ar putea fi un singur motiv pentru care s-ar merita participarea la eveniment.

In plus gasim si raspunsul la una din intrebarile precizate mai sus in seminarul:
12:10 – 12:45 Cum să începem un business de web
Vorbitori: Vladimir Oane, Mihai Sava (Brainient), Eugenia Cosinschi, Cristina Alexandru, Cristian Pascu

Ne vedem acolo!

Loc de desfasurare : Politehnica Bucuresti, Facultatea de Automatica si Calculatoare, Sala EC105

]]> http://www.insecure.ro/news/how-to-web/feed/ 0 The World’s Fastest MD5 Cracker – BarsWF http://www.insecure.ro/news/the-world%e2%80%99s-fastest-md5-cracker-%e2%80%93-barswf/ http://www.insecure.ro/news/the-world%e2%80%99s-fastest-md5-cracker-%e2%80%93-barswf/#comments Wed, 23 Sep 2009 09:26:13 +0000 inSecure http://www.insecure.ro/?p=200 BarsWF este un tool de cracking pentru parole de MD5. Aceste tool este cel mai rapid, dupa un benchmark ce il puteti vedea aici.

System Requirements
CUDA version only:nVidia GeForce 8xxx and up, at least 256mb of video memory.
LATEST nVidia-driver with CUDA support.Standard drivers might be a bit older (as CUDA 2.0 is still beta)
CPU with SSE2 support (P4, Core2Duo, Athlon64, Sempron64, Phenom).
Recommended 64-bit OS (WinXP 64 or Vista64). 32-bit version is also available.

Homepage: http://3.14.by/en/

]]> http://www.insecure.ro/news/the-world%e2%80%99s-fastest-md5-cracker-%e2%80%93-barswf/feed/ 0