Showing posts sorted by date for query IPV6. Sort by relevance Show all posts
Showing posts sorted by date for query IPV6. Sort by relevance Show all posts

Nmap 6.25 Released! With 85 New Scripts, Windows 8 Enhancements & Better Performance

Posted by Avik Sarkar On 12/05/2012 07:33:00 pm

Nmap 6.25 Released! With 85 New Scripts, Windows 8 Enhancements & Better Performance

Gordon Lyon also known as Fyodor, the author of world's most popular security scanner 'Nmap' announced another update. Almost after five months we got this new version that is Nmap 6.25. This release of Nmap  contains hundreds of improvements, including 85 new NSE scripts, nearly 1,000 new OS and service detection fingerprints, performance enhancements such as the new kqueue and poll I/O engines, better IPv6 traceroute support, Windows 8 improvements, and much more!  It also includes the work of five Google Summer of Code interns who worked full time with Nmap mentors during the summer. 

Here are the most important change since 6.01:
  • Integrated all of your IPv4 OS fingerprint submissions since January (more than 3,000 of them).  Added 373 fingerprints, bringing the new total to 3,946.  Additions include Linux 3.6, Windows 8, Windows Server 2012, Mac OS X 10.8, and a ton of new WAPs, printers, routers, and other devices--including our first IP-enabled doorbell! Many existing fingerprints were improved.
  • Integrated all of your service/version detection fingerprints submitted since January (more than 1,500)!  Our signature count jumped by more than 400 to 8,645.  We now detect 897 protocols, from extremely popular ones like http, ssh, smtp and imap to the more obscure airdroid, gopher-proxy, and enemyterritory. 
  • Integrated your latest IPv6 OS submissions and corrections. We're still low on IPv6 fingerprints, so please scan any IPv6 systems you own or administer and submit them to http://nmap.org/submit/.  Both new fingerprints (if Nmap doesn't find a good match) and corrections (if Nmap guesses wrong) are useful.
  • Enabled support for IPv6 traceroute using UDP, SCTP, and IPProto(Next Header) probes. 
  • Scripts can now return a structured name-value table so that results are query-able from XML output. Scripts can return a string as before, or a table, or a table and a string. In this last case, the table will go to XML output and the string will go to screen output. See http://nmap.org/book/nse-api.html#nse-structured-output 
  • [Nsock] Added new poll and kqueue I/O engines for improved performance on Windows and BSD-based systems including Mac OS X. These are in addition to the epoll engine (used on Linux) and the classic select engine fallback for other system.  
  • [Ncat] Added support for Unix domain sockets. The new -U and --unixsock options activate this mode.  These provide compatibility with Hobbit's original Netcat. 
  • Moved some Windows dependencies, including OpenSSL, libsvn, and the vcredist files, into a new public Subversion directory /nmap-mswin32-aux and moved it out of the source tarball. This reduces the compressed tarball size from 22 MB to 8 MB and similarly reduces the bandwidth and storage required for an svn checkout.
  • [NSE] Replaced old RPC grinder (RPC enumeration, performed as part of version detection when a port seems to run a SunRPC service) with a faster and easier to maintain NSE-based implementation. This also allowed us to remove the crufty old pos_scan scan engine. 




For additional information and to know the full change log of this release click Here. To download Namp 6.25 (Source Code & Binary Packages) for Windows, Linux, Mac, Unix & few other OS click Here






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

THC-IPv6 Attack Toolkit, A Tool to Attack the Inherent Protocol Weaknesses of IPV6 & ICMP6

Posted by Avik Sarkar On 10/13/2012 01:26:00 am


THC-IPv6 Attack Toolkit, A Tool to Attack the Inherent Protocol Weaknesses of IPV6 & ICMP6

German hackers group, widely known as THC -The Hacker's Choice released an comprehensive attack toolkit for the IPv6 protocol suite named 'THC-IPv6 Attack Toolkit'. THC is the first group who is releasing such attacking tool for IPv6 protocol. According to the release note this is  a complete tool set to attack the inherent protocol weaknesses of IPV6 and ICMP6, and includes an easy to use packet factory library. It comprises of state-of-the-art tools for alive scanning, man-in-the-middle attacks, denial-of-service etc. which exploits inherent vulnerabilities in IPv6. 

Features at a Glance:- 
  • parasite6: icmp neighbor solitication/advertisement spoofer, puts you as man-in-the-middle, same as ARP mitm (and parasite)
  • alive6: an effective alive scanng, which will detect all systems listening to this address
  • dnsdict6: parallized dns ipv6 dictionary bruteforcer
  • fake_router6: announce yourself as a router on the network, with the highest priority
  • redir6: redirect traffic to you intelligently (man-in-the-middle) with a clever icmp6 redirect spoofer
  • toobig6: mtu decreaser with the same intelligence as redir6
  • detect-new-ip6: detect new ip6 devices which join the network, you can run a script to automatically scan these systems etc.
  • dos-new-ip6: detect new ip6 devices and tell them that their chosen IP collides on the network (DOS).
  • trace6: very fast traceroute6 with supports ICMP6 echo request and TCP-SYN
  • flood_router6: flood a target with random router advertisements
  • flood_advertise6: flood a target with random neighbor advertisements
  • exploit6: known ipv6 vulnerabilities to test against a target
  • denial6: a collection of denial-of-service tests againsts a target
  • fuzz_ip6: fuzzer for ipv6
  • implementation6: performs various implementation checks on ipv6
  • implementation6d: listen daemon for implementation6 to check behind a fw
  • fake_mld6: announce yourself in a multicast group of your choice on the net
  • fake_mld26: same but for MLDv2
  • fake_mldrouter6: fake MLD router messages
  • fake_mipv6: steal a mobile IP to yours if IPSEC is not needed for authentication
  • fake_advertiser6: announce yourself on the network
  • smurf6: local smurfer
  • rsmurf6: remote smurfer, known to work only against linux at the moment
  • sendpees6: a tool by willdamn(ad)gmail.com, which generates a neighbor solicitation requests with a lot of CGAs (crypto stuff ;-) to keep the CPU busy. nice.
  • thcping6: sends a hand crafted ping6 packet [and about 25 more tools for you to discover]
For detailed information about the usage, library interface & so on click here. To Download THC-IPv6 Attack Toolkit Click Here (Linux Only). For those who are hearing the name THC first time, we want to give you reminder that before this tool, this German hackers group published few other hack tools like Hydra (Fastest Login Cracker), THC SSL Dos and so on. 






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Nessus 5.0.2 Vulnerability Scanner Released & Available For Download

Posted by Avik Sarkar On 10/11/2012 03:51:00 am

Nessus 5.0.2 Vulnerability Scanner Released & Available For Download 

Earlier we have discussed several times about Nessus, a proprietary comprehensive vulnerability scanning tool. After almost six months, yet again Tenable Network Security officially announced the availability of Nessus 5.0.2. According to surveys done by sectools.org, Nessus is the world's most popular vulnerability scanner, taking first place in the 2000, 2003, and 2006 security tools survey. Tenable estimates that it is used by over 75,000 organizations worldwide. This update is largely a bugfix release, however a new build for Solaris 10 is now available. The major issues addressed in 5.0.2 include enhanced support for UTF8 encoding problems in reports and the detection of network congestion errors during scans more conservatively. 

Official Change Log for Nessus 5.0.2:- 
  • UTF8 encoding problems would sometimes cause the generation of reports to fail 
  • Fixed a case where generating some compliance checks reports would cause the scanner to hang, using 100% of the CPU 
  • Resolved a resource leak issue occurring when a large number of different users are connected at the same time 
  • Network congestion errors are now detected more conservatively 
  • Upgraded libxml2, libxslt, openssl to their newest versions 
  • Some nessusd.rules directives were not honored by the port scanners 
  • Solaris 10 build
Other fixes:-
  • Smarter max_hosts and global.max_hosts defaults
  • Added support for named virtual hosts for IPv6
  • Fixed a memory leak when mixing IPv4 and IPv6 targets
  • Fixed the systemd control script (Fedora 16)
  • Fixed a crash in nessus-mkcert on the command-line (Win32)
  • Fixed a crash in localtime(), when passed an invalid argument (Win32)
  • Fixed scratchpad_query() to allow NULL arguments
  • PSSDK fix (Win32)

To Download Nessus 5.0.2 Click Here



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Kaspersky Releases Linux Mail Security With Anti-malware, Anti-spam & Content Filtering

Posted by Avik Sarkar On 9/09/2012 12:59:00 am

Kaspersky Releases Linux Mail Security With Anti-malware, Anti-spam & Content Filtering 

Russian anti virus firm & security giant  Kaspersky Lab has released an anti-spam and anti-malware application called Linux Mail Security which can be integrated into different type of Linux-based mail server to fight spam and block malicious attachments. The latest spam-fighting features – including Reputation Filtering and Enforced Anti-Spam Updates Service  help to filter out zero-hour spam, while our new ZetaShield technology helps to shield businesses from zero-day and targeted attacks. Designed for integration with a range of Linux-based mail systems, Kaspersky Linux Mail Security delivers the security, flexibility and ease of management that businesses and ISPs demand. 

Key Features:- 
  • Advanced antivirus engine- Kaspersky Linux Mail Security includes the latest version of Kaspersky Lab’s award-winning antivirus engine – with behaviour stream signatures – to help detect and remove malicious attachments from incoming emails.

  • Zero-Day Exploit and Targeted Attack (ZETA) Shield- Kaspersky’s ZetaShield offers protection against unknown malware and exploits – to defend you from zero-day and zero-hour attacks and APTs (Advanced Persistent Threats).

Powerful Anti-Spam Engine- Kaspersky Linux Mail Security provides the latest version of Kaspersky’s anti-spam engine – including two powerful new technologies:
  • Enforced Anti-Spam Updates Service – uses push technology, directly from the Kaspersky cloud, to deliver real-time updates. By reducing the ‘update window’ from 20 minutes to approximately 1 minute, the Enforced Anti-Spam Updates Service helps to defend businesses against zero-hour spam and spam epidemics.
  • Cloud-assisted Reputation Filtering – fights against unknown spam, to enhance the spam capture rate and reduce the number of false positives.

Kaspersky Security Network -The cloud-based Kaspersky Security Network (KSN) gathers data from millions of participating users’ systems around the world to help defend your system from the very latest viruses and malware attacks. Potential threats are monitored and analysed – in real-time – to help block dangerous actions, before harm is caused.
Attachment filtering- The new Format Recogniser feature can filter attachments – using information about file type, name and message size. This helps businesses to enforce their email usage policy and can help to address corporate liability issues that can arise when users try to distribute illegal music or video files via the corporate email system.
Improved!Global Blacklists and Whitelists- In addition to creating corporate blacklists or whitelists, administrators can manage ‘allowed’ or ‘denied’ senders email – using IPv4 and IPv6, wildcards and regular expressions.
Personal Blacklists and Whitelists- Users also can create their own blacklists and whitelists.
Backup and personal backup with flexible search -Blocked email is quarantined in a backup system. If the system uses Microsoft Active Directory or OpenLDAP, individual users can access their personal backup via the web so they’re less likely to need to call your helpdesk.
Integration with most popular MTAs (Postfix, Sendmail, Exim, qmail and CommunigatePro)- Kaspersky Linux Mail Security lets you select the method of integration, depending on your choice of Mail Transfer Agent (MTA) – so you can integrate as a filter or using a Milter API.
Antivirus command line file scanner- The Kaspersky Anti-Virus On-Demand Scanner can be used for on-demand virus checking of objects – which can include directories, regular files and devices such as hard drives, flash drives and DVD-ROMs.
Amavisd-new- Kaspersky Linux Mail Security supports integration with Linux mail systems using the high-performance AMaViS interface.
Monitoring and Reporting features- 

  • SNMP (Simple Network Management Protocol) support – any type of event can be monitored using SNMP events and traps
  • A new dashboard gives an at-a-glance view of status and monitoring
  • Detailed, flexible reporting in PDF format – for customisable reports that help in the monitoring and analysis of security and policies
  • Notification system – informs administrators and document owners about policy violation incidents
  • Detailed logs – on all product actions, to help in identifying problems

Easy to deploy, maintain and manage- 

  • System administrators can run manual updates or set the rules for fully automatic updates of antivirus, anti-spam and ZetaShield
  • Integration with Active Directory and OpenLDAP
  • Rich email traffic management rules – administrators can create rules according to corporate security policies
  • IPv6 support
  • Scalable architecture – the entire system can be easily migrated from a test server to a production environment
Kaspersky Linux Mail Security will support the following Linux distributions - Red Hat Enterprise Linux 6.2 Server, Fedora 16, SUSE Linux Enterprise Server 11 SP2, Debian GNU/Linux 6.0.4 Squeeze, CentOS 6.2, openSUSE Linux 12.1, Ubuntu 10.04 LTS; 12.04 LTS, Mandriva Enterprise Server 5.2, FreeBSD 8.3, 9.0, Canaima 3.0, Asianux 4 SP1. 


For Detailed Information Click Here



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Nmap 6 Released With Full IPv6 Support, Better Web Scanning & 289 New Scripts

Posted by Avik Sarkar On 5/22/2012 10:34:00 pm

Nmap 6 Released With Full IPv6 Support, Better Web Scanning & 289 New Scripts

Earlier we have discussed several times about Nmap. Now the Nmap Project is pleased to announce the immediate, free availability of the Nmap Security Scanner version 6.00. According to the project release - this product of almost three years of work, 3,924 code commits, and more than a dozen point releases since the big Nmap 5 release in July 2009. Nmap 6 includes a more powerful Nmap Scripting Engine, 289 new scripts, better web scanning, full IPv6 support, the Nping packet prober, faster scans, and much more. 
Top 6 improvements in Nmap 6:-
1. NSE Enhanced
The Nmap Scripting Engine (NSE) has exploded in popularity and capabilities. This modular system allows users to automate a wide variety of networking tasks, from querying network applications for configuration information to vulnerability detection and advanced host discovery. The script count has grown from 59 in Nmap 5 to 348 in Nmap 6, and all of them are documented and categorized in our NSE Documentation Portal. The underlying NSE infrastructure has improved dramatically as well.
2. Better Web Scanning
As the Internet has grown more web-centric, Nmap has developed web scanning capabilities to keep pace. When Nmap was first released in 1997, most of the network services offered by a server listened on individual TCP or UDP ports and could be found with a simple port scan. Now, applications are just as commonly accessed via URL path instead, all sharing a web server listening on a single port. Nmap now includes many techniques for enumerating those applications, as well as performing a wide variety of other HTTP tasks, from web site spidering to brute force authentication cracking. Technologies such as SSL encryption, HTTP pipelining, and caching mechanisms are well supported.
3. Full IPv6 Support
Given the exhaustion of available IPv4 addresses, the Internet community is trying to move to IPv6. Nmap has been a leader in the transition, offering basic IPv6 support since 2002. But basic support isn't enough, so we spent many months ensuring that Nmap version 6 contains full support for IP version 6. And we released it just in time for the World IPv6 Launch. We've created a new IPv6 OS detection system, advanced host discovery, raw-packet IPv6 port scanning, and many NSE scripts for IPv6-related protocols. It's easy to use too—just specify the -6 argument along with IPv6 target IP addresses or DNS records. In addition, all of our web sites are now accessible via IPv6. For example, Nmap.org can be found at 2600:3c01::f03c:91ff:fe96:967c.
4. New Nping Tool
The newest member of the Nmap suite of networking and security tools is Nping, an open source tool for network packet generation, response analysis and response time measurement. Nping can generate network packets for a wide range of protocols, allowing full control over protocol headers. While Nping can be used as a simple ping utility to detect active hosts, it can also be used as a raw packet generator for network stack stress testing, ARP poisoning, Denial of Service attacks, route tracing, etc. Nping's novel echo mode lets users see how packets change in transit between the source and destination hosts. That's a great way to understand firewall rules, detect packet corruption, and more.
5. Better Zenmap GUI & results viewer
While Nmap started out as a command-line tool and many (possibly most) users still use it that way, we've also developed an enhanced GUI and results viewer named Zenmap. One addition since Nmap 5 is a “filter hosts” feature which allows you to see only the hosts which match your criteria (e.g. Linux boxes, hosts running Apache, etc.) We've also localized the GUI to support five languages besides English. A new script selection interface helps you find and execute Nmap NSE scripts. It even tells you what arguments each script supports.
6. Faster scans
In Nmap's 15-year history, performance has always been a top priority. Whether scanning one target or a million, users want scans to run as fast as possible without sacrificing accuracy. Since Nmap 5 we've rewritten the traceroute system for higher performance and increased the allowed parallelism of the Nmap Scripting Engine and version detection subsystems. We also performed an intense memory audit which reduced peak consumption during our benchmark scan by 90%. We made many improvements to Zenmap data structures and algorithms as well so that it can now handle large enterprise scans with ease.
For detailed information click here. And to download Nmap 6 for Windows, Linux and many UNIX platforms (Solaris, Free/Net/OpenBSD, etc.) included Zenmap, the GUI frontend Click Here


 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

OpenBSD 5.1 Released With Better Hardware Support & Performance

Posted by Avik Sarkar On 5/03/2012 12:35:00 pm

OpenBSD 5.1 Released With Better Hardware Support & Performance
Last year we got both FreeBSD & PCBSD 9 after few months we got GhostBSD 2.5 Final version. Couple of moths ago a public beta of NetBSD 6.0 get released for testing purpose. Now its the turn of OpenBS, The OpenBSD project has made version 5.1 of its free BSD-based UNIX-like operating system available to download. The latest update to the distribution comes six months after the release of OpenBSD 5.0 and includes better hardware support, performance improvements and new features, as well as package upgrades. 
Some Highlights:-
  • GNOME 3.2.1 (fallback mode)
  • KDE 3.5.10
  • Xfce 4.8.3
  • MySQL 5.1.60
  • PostgreSQL 9.1.2
  • Postfix 2.8.8
  • OpenLDAP 2.3.43 and 2.4.26
  • Mozilla Firefox 3.5.19, 3.6.25 and 9.0.1
  • Mozilla Thunderbird 9.0.1
  • GHC 7.0.4
  • LibreOffice 3.4.5.2
  • Emacs 21.4, 22.3 and 23.4
  • Vim 7.3.154
  • PHP 5.2.17 and 5.3.10
  • Python 2.5.4, 2.7.1 and 3.2.2
  • Ruby 1.8.7.357 and 1.9.3.0
  • Tcl/Tk 8.5.11
  • Jdk 1.7
  • Mono 2.10.6
  • Chromium 16.0.912.77
  • Groff 1.21 
Along with these we are getting OpenSSH 6.0, Xenocara (based on X.Org 7.6 with xserver 1.11.4 + patches, freetype 2.4.8, fontconfig 2.8.0, Mesa 7.10.3, xterm 276, xkeyboard-config 2.5 and more), OpenSSL 1.0.0f, Bind 9.4.2-P2, Gcc 4.2.1, Perl 5.12.2, Lynx 2.8.7rel.2 with HTTPS and IPv6 support, Sudo 1.7.2p8 & so on.  For additional information & to see the release note click here.

To Download OpenBSD 5.1 Click Here




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Wireshark (Network Protocol Analyzer) 1.6.6 Released

Posted by Avik Sarkar On 3/30/2012 08:39:00 pm

Wireshark (Network Protocol Analyzer) 1.6.6 Released 
Again we have 2 updated version of Wireshark (Wireshark 1.4.12 & 1.6.6) - It is the world’s most popular network protocol analyzer. It is used for troubleshooting, analysis, development, and education. Wireshark is widely used by system admins and also cyber criminals as because Wireshark has the capability to sniffing packets. Earlier we have discussed several times about Wireshark. The current stable release of Wireshark is 1.6.6. It supersedes all previous releases, including all releases of Ethereal. For a complete list of system requirements and supported platforms, please consult the User's Guide. Information about each release can be found in the release notes.
Official change log for Wireshark 1.6.6:-
Bug Fixes:-
The following vulnerabilities have been fixed:-
  • wnpa-sec-2012-04: The ANSI A dissector could dereference a NULL pointer and crash. (Bug 6823)
  • Versions affected: 1.4.0 to 1.4.11, 1.6.0 to 1.6.5.
  • wnpa-sec-2012-05: The IEEE 802.11 dissector could go into an infinite loop. (Bug 6809)
  • Versions affected: 1.6.0 to 1.6.5.
  • wnpa-sec-2012-06: The pcap and pcap-ng file parsers could crash trying to read ERF data. (Bug 6804)
  • Versions affected: 1.4.0 to 1.4.11, 1.6.0 to 1.6.5.
  • wnpa-sec-2012-07: The MP2T dissector could try to allocate too much memory and crash. (Bug 6804)
  • Versions affected: 1.4.0 to 1.4.11, 1.6.0 to 1.6.5.
  • The Windows installers now include GnuTLS 1.12.18, which fixes several vulnerabilities.

The following bugs have been fixed:-
  • ISO SSAP: ActivityStart: Invalid decoding the activity parameter as a BER Integer. (Bug 2873)
  • Forward slashes in URI need to be converted to backslashes if WIN32. (Bug 5237)
  • Character echo pauses in Capture Filter field in Capture Options. (Bug 5356)
  • Some PGM options are not parsed correctly. (Bug 5687)
  • dumpcap crashes when capturing from pipe to a pcap-ng file (e.g., when passing data from CACE Pilot to Wireshark). (Bug 5939)
  • Unable to rearrange columns in preferences on Windows. (Bug 6077) (Note: this bug still affects the 64-bit package)
  • No error for UDP/IPv6 packet with zero checksum. (Bug 6232)
  • Wireshark installer doesn’t add access_bpf in 10.5.8. (Bug 6526)
  • Corrupted Diameter dictionary file that crashes Wireshark. (Bug 6664)
  • packetBB dissector bug: More than 1000000 items in the tree — possible infinite loop. (Bug 6687)
  • ZEP dissector: Timestamp not always displayed correctly. Fractional seconds never displayed. (Bug 6703)
  • GOOSE Messages don’t use the length field to perform the dissection. (Bug 6734)
  • Ethernet traces in K12 text format sometimes give bogus “malformed frame” errors and other problems. (Bug 6735)
  • max_ul_ext isn’t printed/decoded to the packet details log in GTP protocol packet. (Bug 6761)
  • non-IPP packets to or from port 631 are dissected as IPP. (Bug 6765)
  • lua proto registration fails for uppercase proto / g_ascii_strdown problem. (Bug 6766)
  • no menu item Fle->Export->SSL Session Keys in GTK. (Bug 6813)
  • IAX2 dissector reads past end of packet for unknown IEs. (Bug 6815)
  • TShark 1.6.5 immediately crashes on SSL decryption (every time). (Bug 6817)
  • USB: unknown GET DESCRIPTOR response triggers assert failure. (Bug 6826)
  • IEEE1588 PTPv2 over IPv6. (Bug 6836)
  • Patch to fix DTLS decryption. (Bug 6847)
  • Expression… dialog crash. (Bug 6891)
  • display filter “gtp.msisdn” not working. (Bug 6947)
  • Multiprotocol Label Switching Echo – Return Code: Reserved (5). (Bug 6951)
  • ISAKMP : VendorID CheckPoint : Malformed Packet. (Bug 6972)
  • Adding a Custom HTTP Header Field with a trailing colon causes wireshark to immediately crash (and crash upon restart). (Bug 6982)
  • Radiotap dissector lists a bogus “DBM TX Attenuation” bit. (Bug 7000)
  • MySQL dissector assertion. (Ask 8649)
  • Radiotap header format data rate alignment issues. (Ask 8649)

Updated Protocol Support:-
ANSI A, BSSGP, DIAMETER, DTLS, GOOSE, GSM Management, GTP, HTTP, IAX2, IEEE 802.11, IPP, ISAKMP, ISO SSAP, MP2T, MPLS, MySQL, NTP, PacketBB, PGM, Radiotap, SSL, TCP, UDP, USB, WSP

New and Updated Capture File Support:-
Endace ERF, Pcap-NG, Tektronix K12

To Download Wireshark Click Here




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Nmap 5.61TEST5 Released With 43 New Scripts, Improved OS & Version Detection & More

Posted by Avik Sarkar On 3/10/2012 10:13:00 pm

Nmap 5.61TEST5 Released With 43 New Scripts, Improved OS & Version Detection & More

Earlier we have discussed several times about Nmap. After 2 months of hard work with Nmap 5.61TEST4 finally the developer has announced the availability of Nmap 5.61TEST5. This release has 43 new scripts, including new brute forcers for http proxies, SOCKS proxies, Asterisk IAX2, Membase, MongoDB, Nessus XMLRPC, Redis, the WinPcap remote capture daemon, the VMWare auth daemon, and old-school rsync.  Better check that your passwords are strong!  Some other fun scripts are nat-pmp-mapport, asn-to-prefix, url-snarf, and http-auth-finder.  See the changelog entries below for a full list with descriptions.
This release also incorporated thousands of your OS detection and service detection submissions, dramatically improving the databases.  The IPv6 OS detection system became smarter as well.  And aslo as incorporated a new "nsock engines" system which improves performance by using advanced I/O APIs (such as epoll on Linux) rather than always using select.

To Download Nmap Click Here

 

 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Metasploit 4.2.0 Released With IPv6 Support & Virtualization Target Coverage

Posted by Avik Sarkar On 2/24/2012 10:32:00 pm

Metasploit 4.2.0 Released With IPv6 Support & Virtualization Target Coverage
Earlier we haev discussed many times about one of the most famous and widely used exploitation framework named Metasploit. Yet again the Rapid 7 released another updated version of Metasploit. This update brings Metasploit to version 4.2.0, adding IPv6 support and virtualization target coverage. You'll also notice a new Product News section and update notification for our weekly updates. Since the last major release (4.1.0), added 54 new exploits, 66 new auxiliary modules, 43 new post-exploitation modules, and 18 new payloads. 
Brief About Metasploit:- 
The Metasploit Framework is a penetration testing toolkit, exploit development platform, and research tool. The framework includes hundreds of working remote exploits for a variety of platforms. Payloads, encoders, and nop slide generators can be mixed and matched with exploit modules to solve almost any exploit-related task.
Module Changes:-
  •     Novell eDirectory eMBox Unauthenticated File Access
  •     JBoss Seam 2 Remote Command Execution
  •     NAT-PMP Port Mapper
  •     TFTP File Transfer Utility
  •     VMWare Power Off Virtual Machine
  •     VMWare Power On Virtual Machine
  •     VMWare Tag Virtual Machine
  •     VMWare Terminate ESX Login Sessions
  •     John the Ripper AIX Password Cracker
  •     7-Technologies IGSS 9 IGSSdataServer.exe DoS
  •     Microsoft IIS FTP Server <= 7.0 LIST Stack Exhaustion
  •     DNS and DNSSEC fuzzer
  •     CheckPoint Firewall-1 SecuRemote Topology Service Hostname Disclosure
  •     CorpWatch Company ID Information Search
  •     CorpWatch Company Name Information Search
  •     General Electric D20 Password Recovery
  •     NAT-PMP External Address Scanner
  •     Shodan Search
  •     H.323 Version Scanner
  •     Drupal Views Module Users Enumeration
  •     Ektron CMS400.NET Default Password Scanner
  •     Generic HTTP Directory Traversal Utility
  •     Microsoft IIS HTTP Internal IP Disclosure
  •     Outlook Web App (OWA) Brute Force Utility
  •     Squiz Matrix User Enumeration Scanner
  •     Sybase Easerver 6.3 Directory Traversal
  •     Yaws Web Server Directory Traversal
  •     OKI Printer Default Login Credential Scanner
  •     MSSQL Schema Dump
  •     MYSQL Schema Dump
  •     NAT-PMP External Port Scanner
  •     pcAnywhere TCP Service Discovery
  •     pcAnywhere UDP Service Discovery
  •     Postgres Schema Dump
  •     SSH Public Key Acceptance Scanner
  •     Telnet Service Encyption Key ID Overflow Detection
  •     IpSwitch WhatsUp Gold TFTP Directory Traversal
  •     VMWare ESX/ESXi Fingerprint Scanner
  •     VMWare Authentication Daemon Login Scanner
  •     VMWare Authentication Daemon Version Scanner
  •     VMWare Enumerate Permissions
  •     VMWare Enumerate Active Sessions
  •     VMWare Enumerate User Accounts
  •     VMWare Enumerate Virtual Machines
  •     VMWare Enumerate Host Details
  •     VMWare Web Login Scanner
  •     VMWare Screenshot Stealer
  •     Capture: HTTP JavaScript Keylogger
  •     Oracle DB SQL Injection via SYS.DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION
  •     Asterisk Manager Login Utility
  •     FreeBSD Telnet Service Encryption Key ID Buffer Overflow
  •     Linux BSD-derived Telnet Service Encryption Key ID Buffer Overflow
  •     Java Applet Rhino Script Engine Remote Code Execution
  •     Family Connections less.php Remote Command Execution
  •     Gitorious Arbitrary Command Execution
  •     Horde 3.3.12 Backdoor Arbitrary PHP Code Execution
  •     OP5 license.php Remote Command Execution
  •     OP5 welcome Remote Command Execution
  •     Plone and Zope XMLTools Remote Command Execution
  •     PmWiki <= 2.2.34 pagelist.php Remote PHP Code Injection Exploit
  •     Support Incident Tracker <= 3.65 Remote Command Execution
  •     Splunk Search Remote Code Execution
  •     Traq admincp/common.php Remote Code Execution
  •     vBSEO <= 3.6.0 proc_deutf() Remote PHP Code Injection
  •     Mozilla Firefox 3.6.16 mChannel Use-After-Free
  •     CTEK SkyRouter 4200 and 4300 Command Execution
  •     Adobe Flash Player MP4 SequenceParameterSetNALUnit Buffer Overflow
  •     Icona SpA C6 Messenger DownloaderActiveX Control Arbitrary File Download and Execute
  •     HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution
  •     Viscom Image Viewer CP Pro 8.0/Gold 6.0 ActiveX Control
  •     Java MixerSequencer Object GM_Song Structure Handling Vulnerability
  •     MS05-054 Microsoft Internet Explorer JavaScript OnLoad Handler Remote Code Execution
  •     MS12-004 midiOutPlayNextPolyEvent Heap Overflow
  •     Viscom Software Movie Player Pro SDK ActiveX 6.8
  •     Adobe Reader U3D Memory Corruption Vulnerability
  •     Aviosoft Digital TV Player Professional 1.0 Stack Buffer Overflow
  •     BS.Player 2.57 Buffer Overflow
  •     CCMPlayer 1.5 m3u Playlist Stack Based Buffer Overflow
  •     Free MP3 CD Ripper 1.1 WAV File Stack Buffer Overflow
  •     McAfee SaaS MyCioScan ShowReport Remote Command Execution
  •     Mini-Stream RM-MP3 Converter v3.1.2.1 PLS File Stack Buffer Overflow
  •     MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow
  •     Ability Server 2.34 STOR Command Stack Buffer Overflow
  •     AbsoluteFTP 1.9.6 - 2.2.10 LIST Command Remote Buffer Overflow
  •     Serv-U FTP Server < 4.2 Buffer Overflow
  •     HP OpenView Network Node Manager ov.dll _OVBuildPath Buffer Overflow
  •     XAMPP WebDAV PHP Upload
  •     Avid Media Composer 5.5 - Avid Phonetic Indexer Buffer Overflow
  •     Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020000 Buffer Overflow
  •     HP Diagnostics Server magentservice.exe Overflow
  •     StreamDown 6.8.0 Buffer Overflow
  •     Wireshark console.lua Pre-Loading Script Execution
  •     Oracle Job Scheduler Named Pipe Command Execution
  •     SCADA 3S CoDeSys CmpWebServer <= v3.4 SP4 Patch 2 Stack Buffer Overflow
  •     Sunway Forcecontrol SNMP NetDBServer.exe Opcode 0x57
  •     OpenTFTP SP 1.4 Error Packet Overflow
  •     AIX Gather Dump Password Hashes
  •     Linux Gather Saved mount.cifs/mount.smbfs Credentials
  •     Multi Gather VirtualBox VM Enumeration
  •     UNIX Gather .fetchmailrc Credentials
  •     Multi Gather VMWare VM Identification
  •     UNIX Gather .netrc Credentials
  •     Multi Gather Mozilla Thunderbird Signon Credential Collection
  •     Multiple Linux / Unix Post Sudo Upgrade Shell
  •     Windows Escalate SMB Icon LNK dropper
  •     Windows Escalate Get System via Administrator
  •     Windows Gather RazorSQL Credentials
  •     Windows Gather File and Registry Artifacts Enumeration
  •     Windows Gather Enumerate Computers
  •     Post Windows Gather Forensics Duqu Registry Check
  •     Windows Gather Privileges Enumeration
  •     Windows Manage Download and/or Execute
  •     Windows Manage Create Shadow Copy
  •     Windows Manage List Shadow Copies
  •     Windows Manage Mount Shadow Copy
  •     Windows Manage Set Shadow Copy Storage Space
  •     Windows Manage Get Shadow Copy Storage Info
  •     Windows Recon Computer Browser Discovery
  •     Windows Recon Resolve Hostname
  •     Windows Gather Wireless BSS Info
  •     Windows Gather Wireless Current Connection Info
  •     Windows Disconnect Wireless Connection
  •     Windows Gather Wireless Profile
For additional information click Here. To Download Metasploit version 4.2.0 for windows & Linux click Here.

 -Source (rapid7)



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Serv-U FTP Server Added In RHEL Catalog As A Secure File Transfer Application

Posted by Avik Sarkar On 2/18/2012 12:16:00 am

Serv-U FTP Server Added In RHEL Catalog As A Secure File Transfer Application & Will Also Support  Ubuntu, OpenSUSE, Mint
Red Hat enhancing more security in RHEL. After RhinoSoft joined the Red Hat partner program as an independent software vendor soon Serv-U FTP Server was added to the official Red Hat Linux product catalog as a secure file transfer application. Not only Red Hat Enterprise Linux (RHEL), Serv-U will also supports Fedora, Ubuntu, OpenSUSE, Mint, CentOS and the Amazon Linux AMI for its EC2 cloud computing deployment.
"When we ported Serv-U to Linux last year it gave Linux administrators new capabilities like web-based administration, mobile transfers and integration with third-party portals," said RhinoSoft President Mark Peterson. "This year we reaffirmed our commitment to the Linux community by aligning with its largest platform provider."
"Our solutions make secure file transfer affordable to businesses, especially those facing budget challenges," said RhinoSoft VP of Product Management Jonathan Lampe. "Supporting Serv-U on a wide variety of platforms helps our customers save money through reduced training and overhead costs."
Brief About RhinoSoft:-
RhinoSoft is the global leader in affordable file transfer, with more than 90,000 business customers, including nine of the Fortune 10, in 90 different countries. Its award-winning and U.S. Department of Defense-certified Serv-U FTP Server and FTP Voyager client products support FTP, SFTP, FTPS and web-based HTTP/S transfers over FIPS 140-2 validated channels while continuing to incorporate emerging technologies such as mobile computing, IPv6, native 64-bit computing and UTF-8/Unicode internationalization.




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Wireshark Ver 1.4.11 & 1.6.5 Released (Fixed Many Security Holes)

Posted by Avik Sarkar On 1/14/2012 11:33:00 pm


Earlier we have several times talked about Wireshark. It is the world’s most popular network protocol analyzer. It is used for troubleshooting, analysis, development, and education. Wireshark is widely used by system admins and also cyber criminals as because Wireshark has the capability to sniffing packets.

Official Change Log:-
Bug Fixes:-
  • wnpa-sec-2012-01: Laurent Butti discovered that Wireshark failed to properly check record sizes for many packet capture file formats. (Bug 6663, bug 6666, bug 6667, bug 6668, bug 6669, bug 6670)
  • wnpa-sec-2012-02: Wireshark could dereference a NULL pointer and crash. (Bug 6634)
  • wnpa-sec-2012-03: The RLC dissector could overflow a buffer. (Bug 6391)
  • “Closing File!” Dialog Hangs. (Bug 3046)
  • Sub-fields of data field should appear in exported PDML as children of the data field instead of as siblings to it. (Bug 3809)
  • Incorrect time differences displayed with time reference set. (Bug 5580)
  • Wrong packet type association of SNMP trap after TFTP transfer. (Bug 5727)
  • SSL/TLS decryption needs wireshark to be rebooted. (Bug 6032)
  • Export HTTP Objects -> save all crashes Wireshark. (Bug 6250)
  • Wireshark Netflow dissector complains there is no template found though the template is exported. (Bug 6325)
  • DCERPC EPM tower UUID must be interpreted always as little endian. (Bug 6368)
  • Crash if no recent files. (Bug 6549)
  • IPv6 frame containing routing header with 0 segments left calculates wrong UDP checksum. (Bug 6560)
  • IPv4 UDP/TCP Checksum incorrect if routing header present. (Bug 6561)
  • Incorrect Parsing of SCPS Capabilities Option introduced in response to bug 6194. (Bug 6562)
  • Various crashes after loading NetMon2.x capture file. (Bug 6578)
  • Fixed compilation of dumpcap on some systems (when MUST_DO_SELECT is defined). (Bug 6614)
  • SIGSEGV in SVN 40046. (Bug 6634)
  • Wireshark dissects TCP option 25 as an “April 1″ option. (Bug 6643)
  • ZigBee ZCL Dissector reports invalid status. (Bug 6649)
  • ICMPv6 DNSSL option malformed on padding. (Bug 6660)
  • Wrong tvb_get_bits function call in packet-csn1.c. (Bug 6708)
  • [UDP] – Length Field of Pseudo Header while computing CheckSum is not correct. (Bug 6711)
  • pcapio.c: bug in libpcap_write_interface_description_block. (Bug 6719)
  • Memory leaks in various dissectors.
  • Bytes highlighted in wrong Byte pane when field selected in Details pane.

Updated Protocol Support:-
BGP, BMC CSN1, DCERPC EPM, DCP(ETSI) DMP DTLS GSM Management, H245 HPTEAM, ICMPv6, IEEE 802.15.4 IPSEC IPv4, IPv6, ISAKMP KERBEROS LDSS NFS RLC, RPC-NETLOGON RRC RTMPT SIGCOMP SSL SYSLOG TCP, UDP, XML ZigBee ZCL

New and Updated Capture File Support:-
Accellent 5Views, AIX iptrace, HP-UX nettl, I4B, Microsoft Network Monitor, Novell LANalyzer, PacketLogger, Pcap-ng, Sniffer, Tektronix K12, WildPackets {Airo,Ether}Peek.


To Download Wireshark Click Here



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Tor 0.2.3.9-alpha With Initial IPv6 Support

Posted by Avik Sarkar On 12/17/2011 11:59:00 pm



Tor 0.2.3.9-alpha introduces initial IPv6 support for bridges, adds a "DisableNetwork" security feature that bundles can use to avoid touching the network until bridges are configured, moves forward on the pluggable transport design, fixes a flaw in the hidden service design that unnecessarily prevented clients with wrong clocks from reaching hidden services, and fixes a wide variety of other issues.

Features:-  

  • Clients can now connect to private bridges over IPv6. Bridges still need at least one IPv4 address in order to connect to other relays. Note that we don't yet handle the case where the user has two bridge lines for the same bridge (one IPv4, one IPv6). Implements parts of proposal 186.


  • New "DisableNetwork" config option to prevent Tor from launching any connections or accepting any connections except on a control port.
  • Bundles and controllers can set this option before letting Tor talk to the rest of the network, for example to prevent any connections to a non-bridge address. Packages like Orbot can also use this   option to instruct Tor to save power when the network is off.
  • Clients and bridges can now be configured to use a separate "transport" proxy. This approach makes the censorship arms race easier by allowing bridges to use protocol obfuscation plugins.  It implements the "managed proxy" part of proposal 180 (ticket 3472).
  • When using OpenSSL 1.0.0 or later, use OpenSSL's counter mode implementation. It makes AES_CTR about 7% faster than our old one (which was about 10% faster than the one OpenSSL used to provide). Resolves ticket 4526.
  •  Add a "tor2web mode" for clients that want to connect to hidden services non-anonymously (and possibly more quickly). As a safety measure to try to keep users from turning this on without knowing what they are doing, tor2web mode must be explicitly enabled at compile time, and a copy of Tor compiled to run in tor2web mode cannot be used as a normal Tor client. Implements feature 2553.
  •  Add experimental support for running on Windows with IOCP and no kernel-space socket buffers. This feature is controlled by a new "UserspaceIOCPBuffers" config option (off by default), which has no effect unless Tor has been built with support for bufferevents, is running on Windows, and has enabled IOCP. This may, in the long run, help solve or mitigate bug 98.
  •  Use a more secure consensus parameter voting algorithm. Now at least three directory authorities or a majority of them must vote on a given parameter before it will be included in the consensus. Implements proposal 178.


Major Bugfixes:-

  • Hidden services now ignore the timestamps on INTRODUCE2 cells.
  • They used to check that the timestamp was within 30 minutes of their system clock, so they could cap the size of their  replay-detection cache, but that approach unnecessarily refused service to clients with wrong clocks. Bugfix on 0.2.1.6-alpha, when the v3 intro-point protocol (the first one which sent a timestamp field in the INTRODUCE2 cell) was introduced; fixes bug 3460.
  • Only use the EVP interface when AES acceleration is enabled, to avoid a 5-7% performance regression. Resolves issue 4525; bugfix on 0.2.3.8-alpha.


Privacy/Anonymity Features (bridge detection):-

  • Make bridge SSL certificates a bit more stealthy by using random serial numbers, in the same fashion as OpenSSL when generating self-signed certificates. Implements ticket 4584.
  • Introduce a new config option "DynamicDHGroups", enabled by default, which provides each bridge with a unique prime DH modulus to be used during SSL handshakes. This option attempts to help against censors who might use the Apache DH modulus as a static identifier for bridges. Addresses ticket 4548.

To Download Tor 0.2.3.9-alpha Click Here



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Wireshark 1.4.10 & Wireshark 1.6.3 Released

Posted by Avik Sarkar On 11/03/2011 05:09:00 pm


Wireshark is the world’s most popular network protocol analyzer. It is used for troubleshooting, analysis, development, and education.

Updated Protocol Support:-
AJP13, ASN.1 PER, BACnet, CSN.1, DTN, Ethernet, ICMPv6, IEEE 802.11, IEEE 802.1q, Infiniband, IPsec, MySQL, PCEP, PN-RT, RTP, S1AP, SSL

New Capture File Support Included:-
Endace ERF. 

Bug Fixed:-
  • Assertion failed when doing File->Quit->Save during live capture. (Bug 1710)
  • Wrong PCEP XRO sub-object decoding. (Bug 3778)
  • Wireshark window takes very long time to show up if invalid network file path is at recent file list (Bug 3810)
  • Decoding [Status Records] Timestamp Sequence Field in Bundle Protocol fails if over 32 bits. (Bug 4109)
  • ISUP party number dissection. (Bug 5221)
  • wireshark-1.4.2 crashes when testing the example python dissector because of a dissector count assertion. (Bug 5431)
  • Ethernet packets with both VLAN tag and LLC header no longer displayed correctly. (Bug 5645)
  • SLL encapsuled 802.1Q VLAN is not dissected. (Bug 5680)
  • Wireshark crashes when attempting to open a file via drag & drop when there’s already a file open. (Bug 5987)
  • Adding and removing custom HTTP headers requires a restart. (Bug 6241)
  • Can’t read full 64-bit SNMP values. (Bug 6295)
  • Dissection fails for frames with Gigamon Header and VLAN. (Bug 6305)
  • RTP Stream Analysis does not work for TURN-encapsulated RTP. (Bug 6322)
  • packet-csn1.c doesn’t process CSN_CHOICE entries properly. (Bug 6328)
  • BACnet property time-synchronization-interval (204) name shown incorrectly as time-synchronization-recipients. (Bug 6336)
  • GUI crash on invalid IEEE 802.11 GAS frame. (Bug 6345)
  • [ASN.1 PER] Incorrect decoding of BIT STRING type. (Bug 6347)
  • ICMPv6 router advertisement Prefix Information Flag R “Router Address” missing. (Bug 6350)
  • Export -> Object -> HTTP -> save all: Error on saving files. (Bug 6362)
  • Inner tag of 802.1ad frames not parsed properly. (Bug 6366)
  • Added cursor type decoding to MySQL dissector. (Bug 6396)
  • Incorrect identification of UDP-encapsulated NAT-keepalive packets. (Bug 6414)
  • WPA IE pairwise cipher suite dissector uses incorrect value_string list. (Bug 6420)
  • S1AP protocol can’t decode IPv6 transportLayerAddress. (Bug 6435)
  • RTPS2 dissector doesn’t handle 0 in the octestToNextHeader field. (Bug 6449)
  • packet-ajp13 fix, cleanup, and enhancement. (Bug 6452)
  • Network Instruments Observer file format bugs. (Bug 6453)
  • Wireshark crashes when using “Open Recent” 2 times in a row. (Bug 6457)
  • Wireshark packet_gsm-sms, display bug: Filler bits in TP-User Data Header. (Bug 6469)
  • wireshark unable to decode NetFlow options which have system scope size != 4 bytes. (Bug 6471)
  • Display filter Expression Dialog Box Error. (Bug 6472)
  • text_import_scanner.l missing. (Bug 6531)

To Download Wireshark click Here


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Denial of Service Vulnerability in Cisco IOS Software IPv6

Posted by Avik Sarkar On 10/02/2011 03:38:00 pm


Cisco IOS Software contains a vulnerability in the IP version 6 (IPv6) protocol stack implementation that could allow an unauthenticated, remote attacker to cause a reload of an affected device that has IPv6 enabled. The vulnerability may be triggered when the device processes a malformed IPv6 packet.
Cisco has released free software updates that address this vulnerability. There are no workarounds to mitigate this vulnerability.
Note:- The September 28, 2011, Cisco IOS Software Security Advisory bundled publication includes ten Cisco Security Advisories. Nine of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses a vulnerability in Cisco Unified Communications Manager. Each advisory lists the Cisco IOS Software releases that correct the vulnerability or vulnerabilities detailed in the advisory as well as the Cisco IOS Software releases that correct all vulnerabilities in the September 2011 Bundled Publication. 


Affected Products:-

Cisco devices that are running an affected version of Cisco IOS Software and configured for IPv6 operation are vulnerable. A device that is running Cisco IOS Software and that has IPv6 enabled will show some interfaces with assigned IPv6 addresses when the show ipv6 interface brief command is executed.
The show ipv6 interface brief command will produce an error message if the version of Cisco IOS Software in use does not support IPv6, or will not show any interfaces with IPv6 address if IPv6 is disabled. The system is not vulnerable in these scenarios.
Sample output of the show ipv6 interface brief command on a system that is configured for IPv6 operation follows:-
router>show ipv6 interface brief 
FastEthernet0/0            [up/up]
    FE80::222:90FF:FEB0:1098
    2001:DB8:2:93::3
    200A:1::1
FastEthernet0/1            [up/up]
    FE80::222:90FF:FEB0:1099
    2001:DB8:2:94::1
Serial0/0/0                [down/down]
    unassigned
Serial0/0/0.4              [down/down]
    unassigned
Serial0/0/0.5              [down/down]
    unassigned
Serial0/0/0.6              [down/down]
    unassigned
Alternatively, the IPv6 protocol is enabled if the interface configuration command ipv6 address <IPv6 address> or ipv6 enable is present in the configuration. Both may be present, as shown in the vulnerable configuration in the following example shows:-
interface FastEthernet0/1
 ipv6 address 2001:0DB8:C18:1::/64 eui-64
!
interface FastEthernet0/2
 ipv6 enable
A device that is running Cisco IOS Software and that has IPv6 enabled on a physical or logical interface is vulnerable even if ipv6 unicast-routing is globally disabled (that is, the device is not routing IPv6 packets).
To determine the Cisco IOS Software release that is running on a Cisco product, administrators can log in to the device and issue the show version command to display the system banner. The system banner confirms that the device is running Cisco IOS Software by displaying text similar to "Cisco Internetwork Operating System Software" or "Cisco IOS Software." The image name displays in parentheses, followed by "Version" and the Cisco IOS Software release name. Other Cisco devices do not have the show version command or may provide different output.
The following example identifies a Cisco product that is running Cisco IOS Software Release 15.0(1)M1 with an installed image name of C3900-UNIVERSALK9-M:
Router> show version
Cisco IOS Software, C3900 Software (C3900-UNIVERSALK9-M), Version 15.0(1)M1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Wed 02-Dec-09 17:17 by prod_rel_team

!--- output truncated
 For Additional information click Here


-News Source (Cisco)



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Wireshark World’s Most Popular Network Protocol Analyzer is Now on Ver. 1.4.9 & 1.6.2

Posted by Avik Sarkar On 9/11/2011 04:43:00 pm


Wireshark is the world’s most popular network protocol analyzer. It is used for troubleshooting, analysis, development, and education.

This is the official change log for Wireshark:-

  • wnpa-sec-2011-12A large loop in the OpenSafety dissector could cause a crash. (Bug 6138)
  • Versions affected: 1.6.0 to 1.6.1.
  • wnpa-sec-2011-13A malformed IKE packet could consume excessive resources.
  • Versions affected: 1.4.0 to 1.4.8, 1.6.0 to 1.6.1.
  • CVE-2011-3266
  • wnpa-sec-2011-14A malformed capture file could result in an invalid root tvbuff and cause a crash. (Bug 6135)
  • Versions affected: 1.6.0 to 1.6.1.
  • wnpa-sec-2011-15Wireshark could run arbitrary Lua scripts. (Bug 6136)
  • Versions affected: 1.4.0 to 1.4.8, 1.6.0 to 1.6.1.
  • wnpa-sec-2011-16The CSN.1 dissector could crash. (Bug 6139)
  • Versions affected: 1.6.0 to 1.6.1.


The following bugs have been fixed:-

  • configure ignores (partially) LDFLAGS. (Bug 5607)
  • Build fails when it tries to #include <getopt.h>, not present in Solaris 9. (Bug 5608)
  • Unable to configure zero length SNMP Engine ID. (Bug 5731)
  • BACnet who-is request device range values are not decoded correctly in the packet details window. (Bug 5769)
  • H.323 RAS packets missing from packet counts in “Telephony->VoIP Calls” and the “Flow Graph” for the call. (Bug 5848)
  • Wireshark crashes if sercosiii module isn’t installed. (Bug 6006)
  • Editcap could create invalid pcap files when converting from JPEG. (Bug 6010)
  • Timestamp is incorrectly decoded for ICMP Timestamp Response packets from MS Windows. (Bug 6114)
  • Malformed Packet in decode for BGP-AD update. (Bug 6122)
  • Wrong display of CSN_BIT in CSN.1. (Bug 6151)
  • Fix CSN_RECURSIVE_TARRAY last bit error in packet-csn1.c. (Bug 6166)
  • Wireshark cannot display Reachable time & Retrans timer in IPv6 RA messages. (Bug 6168)
  • ReadPropertyMultiple-ACK not correctly dissected. (Bug 6178)
  • GTPv2 dissectors should treat gtpv2_ccrsi as optional. (Bug 6183)
  • BGP : AS_PATH attribute was decode wrong. (Bug 6188)
  • Fixes for SCPS TCP option. (Bug 6194)
  • Offset calculated incorrectly for sFlow extended data. (Bug 6219)
  • [Enter] key behavior varies when manually typing display filters. (Bug 6228)
  • Contents of pcapng EnhancedPacketBlocks with comments aren’t displayed. (Bug 6229)
  • Misdecoding 3G Neighbour Cell Information Element in SI2quater message due to a coding typo. (Bug 6237)
  • Mis-spelled word “unknown” in assorted files. (Bug 6244)
  • tshark run with -Tpdml makes a seg fault. (Bug 6245)
  • btl2cap extended window shows wrong bit. (Bug 6257)
  • NDMP dissector incorrectly represents “ndmp.bytes_left_to_read” as signed. (Bug 6262)
  • TShark/dumpcap skips capture duration flag occasionally. (Bug 6280)
  • File types with no snaplen written out with a zero snaplen in pcap-ng files. (Bug 6289)
  • Wireshark improperly parsing 802.11 Beacon Country Information tag. (Bug 6264)
  • ERF records with extension headers not written out correctly to pcap or pcap-ng files. (Bug 6265)
  • RTPS2: MAX_BITMAP_SIZE is defined incorrectly. (Bug 6276)
  • Copying from RTP stream analysis copies 1st line many times. (Bug 6279)
  • Wrong display of CSN_BIT under CSN_UNION. (Bug 6287)
  • MEGACO context tracking fix – context id reuse. (Bug 6311)

Updated Protocol Support:-
BACapp, Bluetooth L2CAP, CSN.1, DCERPC, GSM A RR, GTPv2, ICMP, ICMPv6, IKE, MEGACO, MSISDN, NDMP, OpenSafety, RTPS2, sFlow, SNMP, TCP

New and Updated Capture File Support:-
CommView, pcap-ng, JPEG.


TO download Wireshark click Here




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search