Archive | August, 2007

Vista more secure than Mac OSX and Linux?

Cybertroopers storming your ship?


Judging by figures alone, Vista is more secure than Mac OSX and Linux? I somehow find this a rather strange claim, I guess these things are always subjective.

Most numbers can be moulded into any shape you want, and can show any result you like.

According to the numbers given in a new report from Microsoft, Windows Vista has blown away all the major enterprise Linux distributions and Mac OS X as far as having the smallest amount of serious security vulnerabilities in the six months since its release. The numbers were compiled by Jeff Jones, the security strategy director in Microsoft’s Trustworthy Computing Group.

“The results of the analysis show that Windows Vista continues to show a trend of fewer total and fewer High severity vulnerabilities at the 6-month mark compared to its predecessor product Windows XP (which did not benefit from the SDL [Secure Development Lifecycle] and compared to other modern competitive workstation OSes (which also did not benefit from an SDL-like process),” Jones wrote in a blog posting about the report on June 21.

I’ve heard some things about this report though, for example flaws in Firefox WERE counted under Linux, but flaws in IE were NOT counted under Vista.

In the report, available as a PDF download on Jones’ blog, Jones compares the number of vulnerabilities of critical, medium and low severity that have been discovered in Vista with those found in Windows XP, Red Hat Enterprise Linux 4 Workstation, Ubuntu 6.06 LTS, Ubuntu 6.06 LTS—Reduced Component Set, Novell SUSE Linux Enterprise Desktop 10.8, Novell SLED 10—Reduced Component Set and Apple Mac OS X v10.4.

The score, according to Jones: In the first six months of the Vista life cycle, Microsoft has released four major security bulletins that address 12 total vulnerabilities affecting Windows Vista.

Plus the amount of software packages included in these linux distributions are 100x times more than those in Vista, so it’s not really a fair comparison is it? I’m sure you if you counted core services and OS system files, the figures would look a lot different.

It’s a pretty comprehensive article, so do check it out and let us know what you think.

Source: Eweek


Posted in: General News

Tags: , , , , , , , , , , ,

Posted in: General News | Add a Comment
Recent in General News:
- Teen Accused Of Hacking School To Change Grades
- Google’s Chrome Apps – Are They Worth The Risk?
- Twitter Breach Leaks 250,000 User E-mails & Passwords

Related Posts:

Most Read in General News:
- Hacking Still Can’t Outdo Stupidity for Data Leaks - 125,377 views
- eEye Launches 0-Day Exploit Tracker - 85,483 views
- Seattle Computer Security Expert Turns Tables On The Police - 43,709 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


LLDP – Link Layer Discovery Protocol Fuzzer

Cybertroopers storming your ship?


The first Link Layer Discovery Protocol Fuzzer is now available, test cases are also ready to be used along with the tool. The fuzzing architecure makes it easy to extend the tool with new test cases and more LLDP compliant devices arise.

LLDP is a Layer 2 protocol which allows network devices to advertise their identity and capabilities on the local network, it helps to keep track of devices and the packets are multi-casted.

CDP, EDP and NDP are similar to LLDP.

The LLDP fuzzer is meant for black box testing techniques on LLDP enabled networks/devices. Its aim is to find security vulnerabilities by using test cases as it’s important to be able to replicate a test case.

It can be automated and it tries to find bugs by sending malformed packets and look for corner cases.

It can find vulnerabilities in any agent receiving LLDP packets and is programmed in Python. It works fine on Linux but won’t work on Windows due to RAW socket limitations.

There are currently 10 test cases.

You can download LLDP Fuzzer here:

LLDPfuzzer.tar

And also:

Download the paper – LLDPpaper.pdf
Download the presentation – LLDPpresentation.ppt

Or read more here.


Posted in: Hacking Tools, Network Hacking

Tags: , , , , , , ,

Posted in: Hacking Tools, Network Hacking | Add a Comment
Recent in Hacking Tools:
- The Backdoor Factory (BDF) – Patch Binaries With Shellcode
- Gdog – Python Windows Backdoor With Gmail Command & Control
- SPF (SpeedPhish Framework) – E-mail Phishing Toolkit

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,973,238 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,400,445 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 675,885 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


OpenMusic – Free Music for a free World

Don't let your data go over to the Dark Side!


What is open music?

Open Music is music that is shareable, available in “source code” form, allows derivative works and is free of cost for non-commercial use. It is the concept of “open source” computer software applied to music.

And it has a license as source code programs have too. Even more it comes under 2 licenses: Green and Yellow.

Who seems to promote open source music? -> Magnatune

Don’t know where to start with open music? Try at LinuxTAG as a start, and after that move to Open Music Archive.

Why did I post the article? Because I liked the idea and to inform you that from now on we’ll have “secure” music. Just kidding… The truth is that many firms have tried to shutdown P2P servers due to piracy (in this case music).

I’m thinking in perspective, first open source software, then open source music… what next? Open source movies? Could be.

Listening to: Magic Mushrooms :: Open Source


Posted in: Legal Issues

Tags: , , , ,

Posted in: Legal Issues | Add a Comment
Recent in Legal Issues:
- FBI Backed Off Apple In iPhone Cracking Case
- TalkTalk Hack – Breach WAS Serious & Disclosed Bank Details
- More Drama About Hillary Clinton’s E-mail Leak – VNC & RDP Open

Related Posts:

Most Read in Legal Issues:
- Class President Hacks School Grades - 80,690 views
- Hospital Hacker GhostExodus Owns Himself – Arrested - 47,594 views
- One Of The World’s Most Prolific Music Piracy Groups Busted - 43,599 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


July Commenter of the Month Competition Winner 2007!

Cybertroopers storming your ship?


So, I guess you guys are wondering who has won the July contest? It was a pretty close call.

As you know we started the Darknet Commenter of the Month Competition on June 1st and it ran for the whole of June, we have just finished the second month of the competition in July and are now in the third, starting today August 1st – Sponsored by GFI.

We are offering some pretty cool prizes like iPods and PSPs, along with cool GFI merchandise like shirts, keyrings and mugs.

GFI Goodies

Keep up the great comments and high quality interaction, we really enjoy reading your discussions and feedback.

Just to remind you of the added perks, by being one of the top 5 commenter’s you also have your name and chosen link displayed on the sidebar of every page of Darknet, with a high PR5 (close to 6) on most pages (3000+ spidered by Google).

So announcing the winner for July…it’s backbone, very narrowly beating Sandeep Nain!

Commenters July

Once again we have to give a shout out to therealdonquixote for his top quality comments in the month of July.

Keep commenting guys, and stand to win a prize for the month of August!

Winner of the month for June was Daniel with 35 comments.


Posted in: Site News

Tags: , , , , , , , , , , ,

Posted in: Site News | Add a Comment
Recent in Site News:
- A Look Back At 2015 – Tools & News Highlights
- A Look Back At 2014 – Tools & News Highlights
- Yes – We Now Have A Facebook Page – So Please Like It!

Related Posts:

Most Read in Site News:
- Welcome to Darknet – The REBIRTH - 36,569 views
- Get the ball rollin’ - 18,992 views
- Slashdot Effect vs Digg Effect Traffic Report - 12,251 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95


Security Freak Video Lectures – Hacking, Programming, Networking & More

Don't let your data go over to the Dark Side!


A while back a reader e-mailed us about a new site they have called Security Freak, the site is about informatin security education and is mostly using video lectures to illustrate and convey the lessons.

Security-Freak.net is an attempt to lower the entry barrier for starting computer security research. The author has noticed that during his interactions with security enthusiasts in general and students in particular, he noticed that many lose interest because of the lack of organized learning resources in this area.

This is not to undermine the sheer volume of tutorials written on various security related topics such as raw sockets, packet injection etc. But for most beginners it is very difficult to assimilate these voluminous documents at one go.

They are various videos covering programming security software, raw sockets, network sniffing, packet injection, programming worms, wireless and some tutorials for common security tools such as wireshark and nbtscan.

There’s are currently around 41 videos at around 500 minutes of watching time, so it’s definitely worth checking out.

The videos are here:

Security Freak Videos

The site is free and the author said it will remain free, there are no pop-ups or registration required.

You can read more here:

Security Freak


Posted in: Hacking Tools, Programming

Tags: , , , , , , , , ,

Posted in: Hacking Tools, Programming | Add a Comment
Recent in Hacking Tools:
- The Backdoor Factory (BDF) – Patch Binaries With Shellcode
- Gdog – Python Windows Backdoor With Gmail Command & Control
- SPF (SpeedPhish Framework) – E-mail Phishing Toolkit

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,973,238 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,400,445 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 675,885 views

Malwarebytes Anti-Exploit Premium | 1 Year 1 PC for $24.95