Security News #0x18
- Here is a nice piece on a MITM attack type that goes after Windows. Apparently Windows can use automatic methods to determine if there is a proxy on the local network that should be used for web traffic, and it is this process itself that is vulnerable to attack.
- Here is a short description of some of the various features of nmap.
- Don’t forget- you can no longer use direct database output in current versions of snort.
- Metasploit now has a new module for Linux privilege escalation based on the older CVE 2009-2692 sendpage vulnerability. The module affects kernels with versions 2.4.4 -18.104.22.168 and 2.6.0 – 22.214.171.124.
- One of my favorite tools, ModSecurity is coming to IIS and Nginx!