Tenable Blog

Passwords are just so easy to abuse...

It was interesting to see that the top scorer in the game (who went by the handle of "ftp", and coincidentally had 21 scores in the first day of game play!) did not use fancy new exploits, 0day attacks or a wide range of open-source or even commercial tools. He was able to gain access to systems because the teams left default or easily guessable passwords set on some of the Linux servers. He used SSH to login to the systems, then SCP to upload some Python code, that was used to update the scoring engine. From there he was able to maintain access, not by rootkit technology or anything sophisticated, but just hiding in plain sight. The Python script makes a TCP connection to the scoring server and sends a message. It was moved into a file called "/dev/vfat", to make it look like a system file. Next, a shell script was written to call the python script every ten minutes. This file was called "getty" and ran in the background, and was also inserted into the startup scripts to ensure it kept running. The teams never found these processes running and "ftp" won the game, no exploits required.

Hacker "ftp" at work, winning the game using built-in tools such as bash, python and SSH.

Cyber Exercise

Over this past weekend I attended Cyberdawn, a cyber exercise that was hosted by Battlefield High School in Haymarket, Virginia.

Nessus, the Security Center and Passive Vulnerabiltiy Scanner were awarded a Reader's Choice award from Information Security magazine and SearchSecurity.com. The winners “were selected based on extensive, in-depth discussions and interviews between the editors of Information Security magazine and SearchSecurity.com and over 1,700 information security executives and managers, who were asked to assess and rate products deployed within their organizations from a listing of more than 380 products spanning 17 product categories. The judging panel then selected Gold, Silver and Bronze award winners within each product category.”

Welcome to the Tenable Network Security Podcast - Episode 5

Announcements

• We've moved our video site! Due to some problems with Blip, all of our videos can now be found on YouTube in Tenable Security's Video Channel (http://www.youtube.com/tenablesecurity).
• New video has been released that shows the new Nessus 4.2 client and web interface. You can view the video in high definition on our You Tube channel.
• Great post by Marcus Ranum on Logs - Logs Of Our Fathers
• We are looking for feedback on the new Nessus client version 4.2, so head on over to our Nessus discussion forums and let us know what you think!
• As always be sure to check out our blog at http://blog.tenablesecurity.com

At USENIX in Anaheim, back in 2005, George Dyson treated us to a fantastic keynote speech about the early history of computing. You can catch a videotaped reprise of it here, on the TED site. I highly recommend it - there's lots of interesting and quirky stuff. I managed to talk him into giving me a copy of his powerpoint file, and subsequently tracked him down and am re-posting this material with his permission.

November, 1951

Machine Log #1