For me web app, to back end server, to the LAN is so rare it might as
well be non-existent. Web app to DB - yeah...but not to internal LAN for
me very much.
Yes, same here too. Nowadays WebApp, DB and LAN are always separated by
firewalls.
Internal networks are still a mess, riddled with old vulnerabilities -
even when the customer has patch management solutions. I can't be as
noisy trying to find them like the good old days - but they are still
there - the bigger the company the more legacy crap they have.
Yes, same here too.
What always surprises me is that comapnies can afford to be several months
- to 2 years (!) behind with Windows updates ... and nothing evil happens!
Somehow the infrastructures I know seem to be resistant to trojans,
malware and other stuff I read about all the time. Is it just that most
organizations have up-to-date virus checkers on mailscanners, websweepers
and PC's? Is that enough in most cases? It looks like that ... but it's
against all best practices.
Anybody else in this boat? If so what's in your toolkit?
I made a quick dump of my Windows USB stick with tools. But - it's not
complete and I know a few tools have newer versions. I will have to make a
new updated version for myself soon (I have too many different USB sticks
now). But I hope you are amused, it's nothing special really:
01_Netwerk_Scanners\scanline\sl.exe
01_Netwerk_Scanners\superscan4\SuperScan4.exe
02_Vulnerability_Scanners\framework-2.5.exe
02_Vulnerability_Scanners\framework-3[1].0-beta-2-svn.exe
02_Vulnerability_Scanners\languardnss8.exe
03_Windows_Enumeration\winfingerprint-0.6.2\setup.exe
04_WindowsShares\legion\SETUP.EXE
04_WindowsShares\ShareEnum\Release\RetinaDemo589.exe
04_WindowsShares\ShareEnum\Release\ShareEnum.exe
05_Windows_Updates\Retina\RetinaMSDTC.exe
05_Windows_Updates\Retina\RetinaNetApi.exe
07_Dumpsec\DUMPEVT.exe
07_Dumpsec\DUMPSEC.exe
10_Sniffers\Tcpview.exe
10_Sniffers\ngSniff-1.0\ngSniff.exe
10_Sniffers\Wireshark\wireshark-setup-0.99.3.exe
11_ArpSpoofing\Cain and Abel\ca_setup.exe
12_Printers\Hijetter_exe\Hijetter.exe
13_Passwords\lc4setup.exe
13_Passwords\hydrawin\hydra-5.3-win\hydra.exe
13_Passwords\hydrawin\hydra-5.3-win\pw-inspector.exe
13_Passwords\L0phtCrack LC5 v5.04\lc5setup.exe
14_Netcat\nc111nt\nc.exe
15_Clients\vnc-4_1_1-x86_win32.exe
15_Clients\Putty\putty.exe
15_Clients\WS_FTP\ws_ftp32.exe
16_Spidering\httrack-3.40-2.exe
16_Spidering\wgetwin\wget.exe
18_WiFi\netstumblerinstaller_0_4_0.exe
19_MacAdresAanpassen\MacMakeUp.exe
20_Editors\OpenOffice\OOo_2.1.0_Win32Intel_install_en-US.exe
20_Editors\vi\gvim63.exe
22_Zippers\IZArc35.exe
23_Pictures\iview398.exe
30_BIOS\CTBIOS.EXE
30_BIOS\CTCM7.EXE
30_BIOS\MBM5370.EXE
31_PC_Settings_Belarc\advisor.exe
32_Loganalyse\eventcombMT.exe
40_Analyzecsvde\analyzecsvde_publish_oud\analyzecsvde_1_0_0_17\analyzecsvde.exe
90_Sysinternals Toolset\PsService\psservice.exe
91_Tools_Reskit\adlb.exe [and more]
92_Unix_Utils\grep.exe [and more]
94_Support Tools\acldiag.exe [and more]
99_AD_Tools\dnslint.exe
99_AD_Tools\repadmin.exe
99_AD_Tools\2003\replmon.exe
99_AD_Tools\Resource Kit\sonar.exe
99_NogOnbekend\fgdump-1.5.0
99_NogOnbekend\pwdump6-1.5.0
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
