Why perform Alpha Scans on a regular basis?

People are always asking me – “Why should I have you run an Alpha scan for me?”

Because a hacker may have been there already – not a “good” ethical hacker, but the Black hat  variety:

blackhathacker

As the Internet Storm Center discusses today: the Infosec community forum post  There are certain ports that should not be open on your machines.

It does depend on what software you have running, but most of the time port 4444 should not respond to an nmap scan (Alpha Scan)

 

Contact us to test your network systems to make sure that something nefarious is not happening.

Nmap an excellent tool for scanning

nmap.org  has some info, but we also review sites with insight into scanning.    Nmap is short for Network Mapper.

Ethical hacking – Penetration Testing  By Bhargav Tandel

Nix Craft  also a good site about nmap insights  NixCraft is an online community of new and seasoned Linux / Unix sysadmins who want to make the most of sysadmin-hood.

 

I gave the Nixcraft link to the 30 Nmap  command examples, but the site has many other good info links and pages.

 

Nmap is used to check system operation, i.e. what is the status of a port when it is probed in a certain way.

ACK scanning and SYN scanning will give different responses, also a firewall will give a different response as well.

We standardize nmap scanning with our basic Alpha Scan service 

The Alpha scan is there to give a window in the Company website Internet profile.

All hackers white or black perform an initial scan, and is paramount before doing a penetration test.

 

Of course use Kali Linux – The pentesting platform of choice, and thus can be used to perform compliance fulfillment for PCI.

Test your Bash Shell

how to test for vulnerable Bash shell:

Execute the following:

$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

on the command line, if it comes back with 

this is a test                

then the system is vulnerable

If the system returns:

 bash: warning: x: ignoring function definition attempt
 bash: error importing function definition for `x'
 this is a test

Then you are safe.

like on my system in this example: shellcode-safe

 

From Red Hat Security Blog: https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/

 

Contact Me at 314-504-3974 (Tony Zafiropoulos) if you need help in deciphering this issue.  Or Contact Us page

 

 

new RedHat Announcement at https://access.redhat.com/announcements/1210053  regarding all 6 Bash Shellcode CVE’s

 

————————-

Who to trust to “hack your systems”?

Taosecurity has an interesting post.

hubpluscables Is your network a jumble of wires andnetwork equipment but not yet ordered?

Hiring a 19 year old hacker without an Associates degree and some hacking knowledge does not make a secure corporate environment.

The ststaement by blogger Richard Bejtlich

Young has repeatedly assigned Brewer to hack into Butler’s computer system. “He finds security problems,” Young said. “And I patch them.”

This article does not mention whether Butler’s CISO spends any time looking for intruders who have already compromised his organization. Finding security problems and patching them is only one step in the security process. ”

 

Also Bruce Schneier’s “monitor first” is also a good principle to follow.  Patching known vulnerabilities is good, but monitoring and patching is better. With a concerted security policy, architecture, and consistent vulnerability scanning.

Maybe you have seen it?

 

We test and audit your environment to make you safer    (A – Σ – Ω)

A monitor and security policy can also be discussed, and we do not recommend hiring people with little experience.

Contact us