Network Vulnerability Assessment

• Current and Former Projects
• Business Partners
• Holden Web and Open Source
• Contact Holden Web

• Database Readings
• TCP/IP Reading
• Web Security Reading
• Computer Forensics Topics
• Network Vulnerability Assessment
• Securing Wireless Networks
• Student Comments About Steve Holden

• Family and Friends
• About the Company

Course 589 can be a difficult class to track, as the subject area is very dynamic, and new exploits are being announced every day. You can help Steve keep this area up to date by contacting us to let us know what information you need, and to tell us about tools you have found useful.

Successful Attacks on Disk Encryption
Results announced in February 2008 reveal that present-day systems for disk encryption have some surprising vulnerabilities that are relatively easy to get around. See this blog as a starting point. It's true that physical access to the system is required, but it should make government agencies that believe sensitive information is being secured against laptop theft think again.

Disclosure Policies
The whole problem of disclosure policies is discussed well in the links from this CSO Perspectives article. It's obvious from this that there are a number of conflicting views, all strongly held.

Zero-Day Exploits
eEye Research are promoting their Blink tool with a site that tracks zero-day exploits. Even if you don't use the tool this is a potentially useful source of information.

How Fast Can an Expolit Spread?
Exploits are becoming of increasing concern to anyone who manages an IT infrastructure. There is a very illuminating graphic linked from this analysis of Code Red showing how quickly it spread across the world. Note that the graphic is a 4Mb download, so it may take the animation some time to start. The apparent geographical clustering is simply an artifact of the IP address mappings, which in some cases only identify a country. We all stand or fall together on the Internet!

The Slammer worm that affected SQL Server sites had a very fast propagation time, and by some estimated spread right across the Internet in less than ten minutes. Although these estimates were for geographical spread rather than saturation it shows that high-speed interconnectivity can be a mixed blessing. You do have a firewall, don't you ...

Rootkits
There is some interestig material in this (now somewhat dated) description of the state of play in Windows rootkits, which explains how the cracker community have started to become quite methodical in exploiting the systemic weaknesses in Windows.

Security Tools
If you are looking for security tools, or just want to know what's available, there is a huge amount of information to be gleaned from the 2006 Security Tools Survey.

Which Web Sites Are Safe?
If you are interested in helping your users to maintain "safe browsing" habits then you could consider using the plugins available for McAfee's Site Advisor or similar. That way at least they get some warning of a site's potential to disrupt.

• 
  See it at Amazon.com

• Python Code
• Python Web Programming
• Networking in Python
• Python Training
• Introduction to Python
• .NET: IronPython from the Ground Up

• AES encryption of files in Python with PyCrypto
• New Holden Web Subsidiary to Produce DjangoCon 2010
• Students: Help Python 3 Take Off
• How to extend the user model in Django and enable new fields in ‘newforms-admin’
• jacobian's django-deployment-workshop
• Register for PyCon, or the Kitten Gets It
• New Podcast: A Little Bit of Python