 |
 |
 |
Microsoft Exploitability Index Wed, 15 Oct 2008 Microsoft has just added a new index to new security bulletins to provide additional information about the potential exploitability of vulnerabilities associated with a Microsoft security update. The index classify each vulnerability with the Exploitability Index Assessment that indicate the likelihood of functioning exploit code, the three possible values are: You can find additional information in this document and real examples in the new Microsoft Security Bulletin Summary for October 2008 posted at: 13:48 | path: /Vulnerability Management | permanent link to this entry | 0 comments | microsoft, exploitability index, vulnerabilities Realtime Ossim Ntop Sessions visualization Mon, 25 Aug 2008 I've been developing a flex application that parse Ntop connections Data and shows a graphical interface to navigate throught the host and connections information. - Click Node label to show Host Info - Click box connector to show connection info posted at: 12:53 | path: /Security Visualization | permanent link to this entry | 1 comments | ossim,flex,flash,security visualization, ntop Raffy Presentation about security visualiztion at SOURCE Boston 2008 Sat, 23 Aug 2008 Here is a video of Raffael Marty's presentation about security visualization at SOURCE Boston 2008 conference:
posted at: 15:53 | path: /Security Visualization | permanent link to this entry | 0 comments | security visualization Ossim Data Visualization Sat, 23 Aug 2008
I'm making an effort to develop some different ways of visualizating OSSIM events and alerts. Here are some examples of my research:
  posted at: 13:51 | path: /Security Visualization | permanent link to this entry | 0 comments | ossim,flex,flash,security visualization Last Scada OPC Nessus Plugins Thu, 21 Aug 2008 We have released some new Nessus Plugins related to OPC Servers security issues. List of New OPC Nessus Plugins: posted at: 08:57 | path: /Nessus/plugins | permanent link to this entry | 0 comments | nessus, scada, opc 3d Nmap Wed, 20 Aug 2008
Here is a screenshot of a project I'm working on. The tool parse XML nmap scan files and shows an interactive 3d environment where you can inspect nmap scanning results.
I´m developing with XNA (C#). I'll will publish the code as soon as I fix some errors.
 posted at: 21:45 | path: /Security Visualization | permanent link to this entry | 0 comments | nmap,3d,security visualization New Scada OPC Nessus Plugins Mon, 11 Aug 2008 Today we have released some new Nessus Plugins related to OPC Servers security issues. List of New OPC Nessus Plugins: We'll release new plugins related to OPC and Scada in general during the next weeks!!! posted at: 09:50 | path: /Nessus/plugins | permanent link to this entry | 0 comments | nessus, scada, opc Parsing Cisco Mib Wed, 06 Aug 2008
I wrote a little python script to parse Cisco mib. I need this information to implement part of the Nessus Feed Cisco stuff, for example to retrieve the cisco model from snmp.
#
# Parse Cisco Products MIB
#
# You can download mib file from http://www.oidview.com/mibs/9/CISCO-PRODUCTS-MIB.html
#
import re
import fileinput
for line in fileinput.input("cisco_mib_parse.txt"):
#catalyst296024LT OBJECT IDENTIFIER ::= { ciscoProducts 951 } -- 24 10/100, 8 POE and 2T ports switch
p = re.compile("(\S+).*ciscoProducts ([0-9]+)")
m = p.match(line)
model = m.group(1)
number = m.group(2)
posted at: 11:48 | path: /Nessus/cisco | permanent link to this entry | 0 comments | nessus, cisco An approach to malware collection log visualization Wed, 06 Aug 2008
I have just published an article related to malware collection log visualization.
The paper focus on visualization of Nepenthes logs using AfterGlow. In the paper you can find information about correlation ips with countries and binary files with ClamAV signatures with the goal of generating interesting graphs.
Get it here
 posted at: 11:47 | path: /Security Visualization/Malware | permanent link to this entry | 1 comments | malware,security visualization, log analysis Visualization of Api calls and Imported symbols of malware binary files Wed, 06 Aug 2008
I'm developing a tool to extract interesting information from malware files with the goal of generating a relation graph.
The tool extract api calls and imported symbols of binary files, I´ve make some interesting graph from malware files collected by Nepenthes.
::read more posted at: 11:46 | path: /Security Visualization/Malware | permanent link to this entry | 0 comments | visualization, malware AlienVault Free Nessus Feed Wed, 06 Aug 2008
We have started a Free Nessus Feed you'll found more information at the nessus feed
page: http://www.alienvault.com/free_nessus_feed.php
posted at: 11:45 | path: /Nessus | permanent link to this entry | 0 comments | nessus, alienvault Showing relation graph between nessus scripts and include files Wed, 06 Aug 2008
I have make an interesting graph showing the relation between nessus scripts and include files
Click to view large image posted at: 11:42 | path: /Nessus | permanent link to this entry | 2 comments | nessus,visualization Scada: OPC Nessus Plugins Wed, 06 Aug 2008 During the development of the Free Nessus Feed we are writing some interesting plugins about Scada. Today we released some plugins relating to OPC (OLE for Process Control) Servers, OPC standard specifies the communication of real-time plant data between control devices from different manufacturers. List of OPC Nessus Plugins: We have write some functions for accesing DCOM Applications information throught WMI. posted at: 11:41 | path: /Nessus/plugins | permanent link to this entry | 0 comments | nessus, scada, opc |
Categories
/ (13) 
Archives Tags
| | ||||||||||||||||||||||||||||||||||||||||||||||||||
 |
 |
