/ NEWS
workshop was to explore ways in which all these groups can
cooperate to solve the problems of our emerging profession.
/ NEWS ROUND-UP
The workshop was coordinated by Roy Isbell of the ITC
Nmap v5
Security Panel, who opened the proceedings by reviewing
On 16th July 2009,
Insecure.org announced the latest release
of network security analyser, Nmap (network mapper), which
the current cybercrime and forensic landscape, and explained
it describes as “Open Source software designed for network
how convergence was increasing the complexity met with by exploration or security auditing”.
Insecure.org explains how
law enforcement and forensic practitioners. The workshop
the program now generates network inventory, manages
explored issues surrounding qualifications, standards, proce-
server upgrade schedules, and monitors host or server uptime.
Nmap runs on all major operating systems, and v5.00 includes
dures, accredited laboratories, and approved products.
approximately 600 improvements of which the following four
Dr Steve Marsh provided an update on the work being carried are cited as the most important:
out since the release of the Cyber Security Strategy of the Unit-
• Nmap Scripting Engine (NSE) – a powerful and flexible
ed Kingdom and current ideas about measuring success. Qual-
scripting tool that allows the user to automate network tasks.
• Ncat –
Insecure.org calls this their “Swiss army Knife”. It
ity standards and procedures were addressed by Andrew Ren-
allows flexible, easier data transfer, redirection and debugging
nison, who discussed the current status of standards work and than in previous versions.
the need for a single comprehensive standard, compatible with
• Ndiff – using this tool users can directly compare scan results.
existing international standards and auditable for compliance.
Scans can be saved into an archive and changes can be tracked.
performance has been greatly improved in Nmap v5 and the
Gordon Homes of the PCeU gave a detailed and informative
user can now specify the scan rate, thus bypassing Nmap’s
update on how they are meeting the challenge, with examples congestion algorithms and effectively making scans faster.
of recent successes and the future challenges they face. Mike
This release has been termed the most important since 1997.
Dickinson from Micro Systemation raised the issue of product
Nmap.org (www.nmap.org) reported that Nmap has been named
validation and the need for an independent testing organisation
“security product of the year” by many sources such as Linux
similar to the National Institute of Standards and Technology Journal, Info World, and Codetalkers Digest. Moreover, it has
(NIST) in the USA. Dr Tim Watson from De Montfort University
featured in eight films including The Matrix Online and Die Hard 4.
reviewed in depth the 83 undergraduate degree courses listed
TEEN CybErwarrIOrS
on the Universities & Colleges Admissions Service (UCAS) Web
The Government is set to start a competition in 2010 with the
site for forensic computing, and discussed the varying structure aim to build up the UK’s cybersecurity ‘army’. Teenage ‘techies’
and quality of these courses. The final topic was provided by
are being encouraged to enter the contest with promises of
John Colley of ISC(2), who talked about how special interest
salaries that could be as high as 6 figures. Organisers are
looking to replicate a previous contest run in the USa, where the
groups can help. Looking at the current worldwide membership
aim was to find 10,000 new cyberwarriors. The contest will run
of leading organisations in the security field, he said that no as a series of tasks that include password extraction, website
one really knows how many are practising the discipline, or the
capture, and defence against cyber attacks. as previously
level of their qualifications or competence.
mentioned, the prizes for the lucky winners will be employment
with the government, but they also include places on courses
The discussions that took place during the workshop led to
and expert mentorship from sponsors, SaNS Institute
agreement on some problem areas, and identified potential scholarships, bursaries, and work experience.
resolutions that those attending took away to investigate fur-
ther. The workshop was deemed such a success that follow-up
US winner Michael Coppola gained extra credit for hacking
into the contest’s own scoring system and awarding himself
events are already being planned by the ITC Security Panel, to
10,000 extra points.
focus on specific subjects and bring together those who can
influence and guide the profession in future.
aCCESSDaTa rElEaSES FOrENSIC TOOlKIT 3.0
accessData has released the Forensic Toolkit 3.0 (FTK 3.0).
Expectations were low after the disappointment of FTK 2.0, but
industry pundits are now hailing the improvements in FTK 3.0
as enough to make it a contender again. many improvements
have been made to the toolkit, including faster performance
on even the weakest machines, indexing that permits rapid
searching, and distributed processing to help you ‘leverage
CpU resources from up to 4 computers.’
version 3.00 also offers a variety of new features. ram
analysis is now possible, allowing the user to sift ram captures
for passwords, HTml pages and more, search memory strings,
and list all processes. a compelling new feature is its ability to
properly analyse the apple OS X operating system.
7
DF1_06-07_News.indd 7 29/10/09 5:03:43 pm
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48 |
Page 49 |
Page 50 |
Page 51 |
Page 52