e-Eye Digital Security hit a homerun in 2004 when they won the $6 Million dollar Defense Information System Agency’s I-ASSURE contract which will allow their robust e-Eye Retina Vulnerability Scanner to be used on DOD systems world wide.

The Retina Vulnerability Scanner will be used to measure compliance with Department of Defense (DoD) Computer Emergency Response Team (CERT) Information Assurance Vulnerability Management Notices.

The DOD used to use Internet System Security (ISS) vulnerability assessment tools exclusively for this task. However, on 30 September 2005 the ISS vulnerability tools will no longer be used by the Department of Defense.

This comes at a time of the “cover up” CiscoGate controversy which involved ISS. On July 2005, Michael Lynn, a former research analyst with Internet Security Systems, resigned from the company just before releasing a major flaw in Cisco routers (many of which are on critical infrastructures).

According to Lynn, Cisco and ISS allowed him to speak about the flaw at the Black Hat but suddenly changed their minds at the last minute attempting to shut Lynn up with legal action. Cisco and ISS were trying to protect there shareholders at the cost of all the customers, organizations and nations that depend on the Cisco routers. From an ethical perspective, this was not a great way for an Internet System Security company to act.

It will be interesting to see if e-Eye Digital will be more ethical than ISS as it comes to power.  Something very evil tends to happen when large groups of people get together to gather large sums of money.

As stated above, after Friday, 30 Sept 05, the ISS scanner will no longer be available. You should be able to download the new e-Eye Retina Network Security Scanner from one of the DISA pages:

e-Eye Retina Network Security Scanner(SCCVI)

http://iase.disa.mil/stigs/iss/index.html (gone 17 Oct Update)

http://iase.disa.mil/stigs/iss/retina.html (gone 17 Oct Update)

http://www.eeye.com/html/company/press/PR20040623.html

DISA IA Announcement: DISA will be converting from using Internet Security Scanner to the e-Eye Retina Network Security Scanner(SCCVI) effective 1 Aug 05 for all security reviews, compliance validations, certification efforts, etc. All open findings related to a penetration test conducted with the ISS tool will be archived (closed) as a Retina penetration test is conducted by DISA. The ISS findings are still valid open findings that need to be worked and closed by the site. However, sites are highly encouraged/recommended to perform a self-assessment using the Retina scanner, as soon as they receive the tool.

Information, online training, and Retina software can be obtained from the http://iase.disa.mil website.

http://www.eeye.com/html/index.html

Retina Network Vulnerability Scanner:

http://www.eeye.com/html/products/retina/index.html

Resources

ISS is Shady

e-Eye Press release

Inside CiscoGate

Lynn’s Lawyer

Lynn Presents at the BlackHat

Cisco & ISS vs. Lynn

Speed test: Tor, sponsored by the EFF, and Google's new beta VPN are both aimed at those of us who want to protect our privacy and rights online. While Google claims that its VPN program is to boost security on wireless networks, it can also be used with wired internet connections to add some more security for the rest of us.

Once again Google uses incredible engineering to create something that may just become number one yet another area of IT.  Google Adsense is doing so well that Yahoo and MSN are testing out similar content relevant ad scripts. 

Tor looks like it is much more secure that the Google implementation.  I mean VPN is pretty secure but Tor is ridiculously secure in that it uses software that uses each system it connects to as a seperate VPN which encrypts traffic at each point.  This makes the traffic very difficult (if not impossible to track) as EFF stores none of that data.  Google will hold the traffic data but claims that the data will be “personally unidentifiable” which means it can not be tracked back to any one person (at least that is how I understand it).

But I wonder what this VPN wireless project could mean in terms of practical use.  Will Google deploy in at Starbucks and Borders Book stores around the world?

read more | digg story

Phishing attacks that attempt to capture a user's Yahoo! ID and password by tricking the gullible into handing over their credentials to fake sign-in pages have been around for months if not years. Recently, though, these phishing sites have begun using alternative Yahoo! Sign In pages, such as Yahoo! Photos, net security firm Websense reports.

I get links to the these sites via email all the time.  It seems that if you place your email@address.com on a website, these criminals have automated software that find these addresses and email you a false email from PayPal or Yahoo! or ebay or any other account that you might have digital cash in. 

Some of the emails they send look legit.  But if you look under the hood, you'll see that it goes to sites that have nothing to do with the company it claims to be from.  Typically, the address comes from outside the U.S. 

read more | digg story

114 Exploits / 449 Bulletins on ElseNot.com

MS05-043: Vulnerability in Print Spooler Service Could Allow Remote Code Execution (896423) Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold

MS05-042: Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing (899587) Windows 2000 Service Pack 4, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows Server 2003 Gold, Windows Server 2003 SP1