Let’s say you took a cool picture and want to send it to a friend. This is a sloth from “Last Week Tonight” with John Oliver. Read more
November 19, 2015—The Nmap Project is pleased to announce the immediate, free availability of the Nmap Security Scanner version 7.00 from https://nmap.org/. It is the product of three and a half years of work, nearly 3200 code commits, and more than a dozen point releases since the big Nmap 6 release in May 2012. Nmap turned 18 years old in September this year and celebrates its birthday with 171 new NSE scripts, expanded IPv6 support, world-class SSL/TLS analysis, and more user-requested features than ever. We recommend that all current users upgrade.
If you are a long-term Nmap user, and use nmap only for network scanning, you will be happy to know that there are several new features: [This is a slightly edited version of their press release at https://nmap.org/7/ ]
The Nmap Hackers produce
- Nmap – the command line network mapping tool.
- ZenMap – The GUI version (front-end) for Nmap, which provides a comfort level to people who are not used to operating from the command line, and also shows the command-line directives that the ZenMap GUI is actually producing. This has proven helpful to people entering the marvelous world of CLI.
- Ncat – updated and smooth communications tool. Ncat reads and writes data across networks from the command line. Ncat uses both TCP and UDP for communication and is designed to be a reliable back-end tool to provide network connectivity to other applications and users across IPv4 and IPv6 networks.
- Nping – similar to the venerable Ping application, Nping produces network packets for connectivity testing and other troubleshooting.
Nping grants network administrators full control over generated packets. Nping’s features include:
- Custom TCP, UDP, ICMP and ARP packet generation.
- Support for multiple target host specification.
- Support for multiple target port specification.
- Unprivileged modes for non-root users.
- Echo mode for advanced troubleshooting and discovery.
- Support for Ethernet frame generation.
- Support for IPv6 (currently experimental).
- Runs on Linux, Mac OS and MS Windows.
- Route tracing capabilities.
- Highly customizable.
- Free and open-source.
1. Major Nmap Scripting Engine (NSE) Expansion
They have added 171 new scripts and 20 libraries. Examples include firewall-bypass, supermicro-ipmi-conf, oracle-brute-stealth, and ssl-heartbleed. And NSE is now powerful enough that scripts can take on core functions such as IPv6 host discovery (dns-ip6-arpa-scan), version scanning (ike-version, snmp-info, etc.), and RPC grinding (rpc-grind).
2. Mature IPv6 support
Nmap 7 has full IPv6 support for CIDR-style address ranges, Idle Scan, parallel reverse-DNS, and more!
3. Infrastructure Upgrades
The Nmap Project has converted all of Nmap.Org to SSL [hopefully, they mean TLS 1.2] to reduce the risk of trojan binaries and reduce snooping in general. They are using the Git version control system and have an official Github mirror of the Nmap Subversion source repository and encourage code submissions to be made as Github pull requests. They have also got an official bug tracker hosted on Github.
4. Faster Scans
Nmap has continually pushed the speed boundaries of synchronous network scanning for 18 years, and this release is no exception. New Nsock engines give a performance boost to Windows and BSD systems, target reordering prevents a nasty edge case on multihomed systems, and NSE tweaks lead to much faster -sV scans.
5. SSL/TLS scanning solution of choice
Transport Layer Security (TLS) and its predecessor, SSL, are the security underpinning of the web, so when big vulnerabilities like Heartbleed, POODLE, and FREAK come calling, Nmap answers with vulnerability detection NSE scripts. The ssl-enum-ciphers script has been entirely revamped to perform fast analysis of TLS deployment problems, and version scanning probes have been tweaked to quickly detect the newest TLS handshake versions.
6. Ncat Enhanced
Ncat has been adopted by the Red Hat/Fedora family of distributions as the default package to provide the “netcat” and “nc” commands! This cooperation has resulted in a lot of squashed bugs and enhanced compatibility with Netcat’s options. Also very exciting is the addition of an embedded Lua interpreter for creating simple, cross-platform daemons and traffic filters.
7. Extreme Portability
Nmap still runs on all sorts of esoteric and archaic systems, and also runs on the latest operating systems.
- Nmap 7 runs cleanly on Windows from Windows Vista to Windows 10.
- They have even kept up their Windows XP binary, but why are you still running Windows XP??
- Mac OS X is supported from 10.8 Mountain Lion through 10.11 El Capitan.
- There is updated support for Solaris and AIX.
- Of course, there is still support for you Linux users!
There are times when one might wish to repeat the top row or a few rows when printing out a spreadsheet in Calc. This is a printing function, and you get to it by editing the print range. In the Format menu, click on “Print Ranges” and then on “Edit…”
This opens a dialog where you can specifically set the ranges that get printed, starting with repeated rows. The button on the far right of the dialog next to that form field lets you specifically click on the row or rows that you want to have repeat at the top of every page.What shows up in the box if you choose the first row is “$1.” This is the first row, so that makes sense. If you had chosen the first 2 rows, the content would be “$1:$2.”
Here is the evidence from an output file from a password generating script I am writing.
Packt’s celebrates 10 years with a special $10 offer
This month marks 10 years since Packt Publishing embarked on its mission to deliver effective learning and information services to IT professionals. In that time it’s published over 2000 titles and helped projects become household names, awarding over $400,000 through its Open Source Project Royalty Scheme.
To celebrate this huge milestone, from June 26th Packt is offering all of its eBooks and Videos at just $10 each for 10 days – this promotion covers every title and customers can stock up on as many copies as they like until July 5th.
Dave Maclean, Managing Director explains ‘From our very first book published back in 2004, we’ve always focused on giving IT professionals the actionable knowledge they need to get the job done. As we look forward to the next 10 years, everything we do here at Packt will focus on helping those IT professionals, and the wider world, put software to work in innovative new ways.
We’re very excited to take our customers on this new journey with us, and we would like to thank them for coming this far with this special 10-day celebration, when we’ll be opening up our comprehensive range of titles for $10 each.
If you’ve already tried a Packt title in the past, you’ll know this is a great opportunity to explore what’s new and maintain your personal and professional development. If you’re new to Packt, then now is the time to try our extensive range – we’re confident that in our 2000+ titles you’ll find the knowledge you really need , whether that’s specific learning on an emerging technology or the key skills to keep you ahead of the competition in more established tech.’
DigitalOcean.com has a very reasonably pricing structure and is easy to use. You can get a small server instance, with 1/2GB RAM and 1 CPU for about $5 per month. This is a great price for developers who use a test server a couple of hours a month. They have larger instances for larger requirements, up to 20 CPUs and 64GB RAM. Your server could be in New York, San Francisco, Singapore, or Amsterdam. You can also refer your friends and colleagues, as I am doing here, so your usage could be subsidized at least in part. Check it out: DigitalOcean.com. I am using it for testing code and security.
The new Expert Metasploit Penetration Testing shows you how to use 8 general categories of Metasploit from scanning on the command line using the Metasploit database to store your scans, to using the Armitage web front-end. You need this tutorial if you are a network admin and are expected to keep up with security on the network, or if you are a penetration tester helping to keep cyberspace safer.
The Expert Metasploit Penetration Testing Tutorial is ery straightforward and understandable. There were a couple of things that gave me trouble. I run Ubuntu Studio Linux on the desktop and the webpage front-end didn’t work very well for me. The videos played alright through my video application. The other thing I had an issue with was that the base OS in the videos was BackTrack. I use the newer Kali Linux as an OS base. I have Kali installed on an older laptop for pen-testing engagements.
If you are better suited to video learning, this is a good addition to your video library. If you are better suited to reading, take a look at “Learning Metasploit Exploitation
and Development” by Aditya Balapure (2013) or “Mastering Metasploit” by Nipun Jaswal (2014) – both are available from Packt Publishing.
I am sure you have had situations where all the files and folders in a subdirectory are accidentally changed to the wrong permissions.
Basic permissions of the files on a website, so visitors can interact: 644
== Files can be read but nobody is allowed to write (edit) the files but the owner.
Owner | Group | Others
R W – | R – – | R – – ====
R=Read, W=Write, X=eXecute
To get the octal permission number (i.e.644) which is additive
R=4, W=2, X=1 (“-” also means zero)
Pritchett & DeSmet have produced a useful book to help you get up to speed with Kali Linux. To read my review, go here (wolfhalton.info)
To just go get the book, click on the book cover below…
This post is a complement to an article I wrote for eForensics Magazine, which is coming out in 2014.
NMap Noisy Example Output
# Nmap 6.40 scan initiated Tue Dec 3 22:55:48 2013 as: nmap -T5 -v -A -oN Kali-method-2.txt 192.168.1.0/24
Nmap scan report for 192.168.1.0 \24
Nmap scan report for unknownBCC8108BEB97 (192.168.1.64)
This EtherApe output complements my article in eForensics Magazine which is coming out in 2014
<!– traffic data in bytes. last_heard in seconds from dump time –>
<timestamp>2013-12-03 20:44:47 -0500</timestamp>