Windows 7 SP1 and Windows Server 2008 R2 SP1 become generally available for download yesterday. Microsoft had previously made SP1 available to MSDN and TechNet users (as well as Volume License customers) on February 16th. SP1 is available from the Microsoft Download Center or via Windows Update. You can update your PC / Server using Windows Update. In order to save bandwidth (if you have multiple clients or servers) download the stand-alone installer.
“Hacme Bankâ„¢ is designed to teach application developers, programmers, architects and security professionals how to create secure software. Hacme Bank simulates a “real-world” web services-enabled online banking application, which was built with a number of known and common vulnerabilities. This allows users to attempt real exploits against a web application and thus learn the specifics of the issue and how best to fix it. The web services exposed by Hacme Bank are used by our other testing applications including Hacme Books and Hacme Travel.” (FoundStone Web Site)
In this article I would like to explain how to install Hacme Bank 2.0 underÂ Windows Server 2003 R2. To do this I have install a virtual Windows Server 2003 R2 32bit under Virtual Box for Linux, running on Ubuntu 10.04 LTS (2.6.32-28-generic).
Now we can start the installation and configuration process 🙂
iPad is becoming increasingly popular in the enterprise: it’s a new and fashionable device to read mails and documents, arrange meetings and expose your presentations and probably your top management is pushing IT dept. to acquire and deploy the new platform. It could be a good solution or not but our mission is to secure the device improving overall security. To do this we need to implement or enforce security features: setting up devices manually, creating your personal security profile using IPCU (iPhone Configuration Utility) or installing a third party suite.
IPCU is available for Mac OS X and Windows platform. Using this tool you can create a profile (based on XML) for your mail, vpn, security settings and more to be transferred via iTunes, mail or HTTP/HTTPS on your devices. You can choose to encrypt the configuration using a Digital Certificate. I have made some test using an iPad 64Gb WiFi + 3G and iOS 4.0.2
The purpose of the test was to create an iPAD platform that supports the following features:
- Push Mail connected with Exchange Server
- Intranet access
- Device Encryption
- Application Control
- Password Protection
Please upgrade your firmware to the last available. Actually I’m testing 4.0.2 (multitasking, Cisco AnyConnect Mobile support, PDF vulnerability fix and more…)
A new version of LittleScanner has been released. The new version includes word and directories dictionaries.
Little Scanner 0.22 is a free URL discovery tool written in Perl and licensed under GNU General Public License. It’s goal is to enumerate all unlinked or hidden directories and pages hosted on a Web Server. This tool is really useful for all pentester, sysadmins and security managers.
READ MORE HERE.
This package contains script and dictionaries.
You can download it here.