Archive | August, 2007

Vista more secure than Mac OSX and Linux?

Outsmart Malicious Hackers

Judging by figures alone, Vista is more secure than Mac OSX and Linux? I somehow find this a rather strange claim, I guess these things are always subjective.

Most numbers can be moulded into any shape you want, and can show any result you like.

According to the numbers given in a new report from Microsoft, Windows Vista has blown away all the major enterprise Linux distributions and Mac OS X as far as having the smallest amount of serious security vulnerabilities in the six months since its release. The numbers were compiled by Jeff Jones, the security strategy director in Microsoft’s Trustworthy Computing Group.

“The results of the analysis show that Windows Vista continues to show a trend of fewer total and fewer High severity vulnerabilities at the 6-month mark compared to its predecessor product Windows XP (which did not benefit from the SDL [Secure Development Lifecycle] and compared to other modern competitive workstation OSes (which also did not benefit from an SDL-like process),” Jones wrote in a blog posting about the report on June 21.

I’ve heard some things about this report though, for example flaws in Firefox WERE counted under Linux, but flaws in IE were NOT counted under Vista.

In the report, available as a PDF download on Jones’ blog, Jones compares the number of vulnerabilities of critical, medium and low severity that have been discovered in Vista with those found in Windows XP, Red Hat Enterprise Linux 4 Workstation, Ubuntu 6.06 LTS, Ubuntu 6.06 LTS—Reduced Component Set, Novell SUSE Linux Enterprise Desktop 10.8, Novell SLED 10—Reduced Component Set and Apple Mac OS X v10.4.

The score, according to Jones: In the first six months of the Vista life cycle, Microsoft has released four major security bulletins that address 12 total vulnerabilities affecting Windows Vista.

Plus the amount of software packages included in these linux distributions are 100x times more than those in Vista, so it’s not really a fair comparison is it? I’m sure you if you counted core services and OS system files, the figures would look a lot different.

It’s a pretty comprehensive article, so do check it out and let us know what you think.

Source: Eweek

Posted in: General News

Tags: , , , , , , , , , , ,

Posted in: General News | Add a Comment
Recent in General News:
- Security Vendor Trustwave Bought By Singtel For $810M
- Teen Accused Of Hacking School To Change Grades
- Google’s Chrome Apps – Are They Worth The Risk?

Related Posts:

Most Read in General News:
- Hacking Still Can’t Outdo Stupidity for Data Leaks - 125,543 views
- eEye Launches 0-Day Exploit Tracker - 86,319 views
- Seattle Computer Security Expert Turns Tables On The Police - 45,326 views

LLDP – Link Layer Discovery Protocol Fuzzer

Outsmart Malicious Hackers

The first Link Layer Discovery Protocol Fuzzer is now available, test cases are also ready to be used along with the tool. The fuzzing architecure makes it easy to extend the tool with new test cases and more LLDP compliant devices arise.

LLDP is a Layer 2 protocol which allows network devices to advertise their identity and capabilities on the local network, it helps to keep track of devices and the packets are multi-casted.

CDP, EDP and NDP are similar to LLDP.

The LLDP fuzzer is meant for black box testing techniques on LLDP enabled networks/devices. Its aim is to find security vulnerabilities by using test cases as it’s important to be able to replicate a test case.

It can be automated and it tries to find bugs by sending malformed packets and look for corner cases.

It can find vulnerabilities in any agent receiving LLDP packets and is programmed in Python. It works fine on Linux but won’t work on Windows due to RAW socket limitations.

There are currently 10 test cases.

You can download LLDP Fuzzer here:


And also:

Download the paper – LLDPpaper.pdf
Download the presentation – LLDPpresentation.ppt

Or read more here.

Posted in: Hacking Tools, Network Hacking

Tags: , , , , , , ,

Posted in: Hacking Tools, Network Hacking | Add a Comment
Recent in Hacking Tools:
- Bluto – DNS Recon, Zone Transfer & Brute Forcer
- dork-cli – Command-line Google Dork Tool
- T50 – The Fastest Mixed Packet Injector Tool

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 2,024,600 views
- Brutus Password Cracker – Download AET2 - 1,610,478 views
- wwwhack 1.9 – Download Web Hacking Tool - 707,820 views

OpenMusic – Free Music for a free World

Keep on Guard!

What is open music?

Open Music is music that is shareable, available in “source code” form, allows derivative works and is free of cost for non-commercial use. It is the concept of “open source” computer software applied to music.

And it has a license as source code programs have too. Even more it comes under 2 licenses: Green and Yellow.

Who seems to promote open source music? -> Magnatune

Don’t know where to start with open music? Try at LinuxTAG as a start, and after that move to Open Music Archive.

Why did I post the article? Because I liked the idea and to inform you that from now on we’ll have “secure” music. Just kidding… The truth is that many firms have tried to shutdown P2P servers due to piracy (in this case music).

I’m thinking in perspective, first open source software, then open source music… what next? Open source movies? Could be.

Listening to: Magic Mushrooms :: Open Source

Posted in: Legal Issues

Tags: , , , ,

Posted in: Legal Issues | Add a Comment
Recent in Legal Issues:
- Fake News As A Service (FNaaS?) – $400k To Rig An Election
- UK Schedule 7 – Man Charged For Not Sharing Password
- Shadow Brokers Release Dangerous NSA Hacking Tools

Related Posts:

Most Read in Legal Issues:
- Class President Hacks School Grades - 80,825 views
- Hospital Hacker GhostExodus Owns Himself – Arrested - 47,775 views
- One Of The World’s Most Prolific Music Piracy Groups Busted - 43,664 views

July Commenter of the Month Competition Winner 2007!

Outsmart Malicious Hackers

So, I guess you guys are wondering who has won the July contest? It was a pretty close call.

As you know we started the Darknet Commenter of the Month Competition on June 1st and it ran for the whole of June, we have just finished the second month of the competition in July and are now in the third, starting today August 1st – Sponsored by GFI.

We are offering some pretty cool prizes like iPods and PSPs, along with cool GFI merchandise like shirts, keyrings and mugs.

GFI Goodies

Keep up the great comments and high quality interaction, we really enjoy reading your discussions and feedback.

Just to remind you of the added perks, by being one of the top 5 commenter’s you also have your name and chosen link displayed on the sidebar of every page of Darknet, with a high PR5 (close to 6) on most pages (3000+ spidered by Google).

So announcing the winner for July…it’s backbone, very narrowly beating Sandeep Nain!

Commenters July

Once again we have to give a shout out to therealdonquixote for his top quality comments in the month of July.

Keep commenting guys, and stand to win a prize for the month of August!

Winner of the month for June was Daniel with 35 comments.

Posted in: Site News

Tags: , , , , , , , , , , ,

Posted in: Site News | Add a Comment
Recent in Site News:
- Darknet Moving Servers & Upgrades Etc
- A Look Back At 2015 – Tools & News Highlights
- A Look Back At 2014 – Tools & News Highlights

Related Posts:

Most Read in Site News:
- Welcome to Darknet – The REBIRTH - 36,680 views
- Get the ball rollin’ - 19,016 views
- Slashdot Effect vs Digg Effect Traffic Report - 12,278 views

Security Freak Video Lectures – Hacking, Programming, Networking & More

Keep on Guard!

A while back a reader e-mailed us about a new site they have called Security Freak, the site is about informatin security education and is mostly using video lectures to illustrate and convey the lessons. is an attempt to lower the entry barrier for starting computer security research. The author has noticed that during his interactions with security enthusiasts in general and students in particular, he noticed that many lose interest because of the lack of organized learning resources in this area.

This is not to undermine the sheer volume of tutorials written on various security related topics such as raw sockets, packet injection etc. But for most beginners it is very difficult to assimilate these voluminous documents at one go.

They are various videos covering programming security software, raw sockets, network sniffing, packet injection, programming worms, wireless and some tutorials for common security tools such as wireshark and nbtscan.

There’s are currently around 41 videos at around 500 minutes of watching time, so it’s definitely worth checking out.

The videos are here:

Security Freak Videos

The site is free and the author said it will remain free, there are no pop-ups or registration required.

You can read more here:

Security Freak

Posted in: Hacking Tools, Programming

Tags: , , , , , , , , ,

Posted in: Hacking Tools, Programming | Add a Comment
Recent in Hacking Tools:
- Bluto – DNS Recon, Zone Transfer & Brute Forcer
- dork-cli – Command-line Google Dork Tool
- T50 – The Fastest Mixed Packet Injector Tool

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 2,024,600 views
- Brutus Password Cracker – Download AET2 - 1,610,478 views
- wwwhack 1.9 – Download Web Hacking Tool - 707,820 views