Serious DNS vulnerability

July 25, 2008 by Leave a Comment

I do not know if you have heard about the DNS vulnerability that is affecting a bunch of commercial vendors (Including Microsoft and BIND which are some of the most popular), there is a lot of panic in the Internet community since yesterday when more details were reveled, do not get surprised if there is a new worm with an exploit very soon.

The best thing that you can do to protect yourself as a DNS client is to use opendns.com as your DNS servers. This is a free DNS service that was never vulnerable: http://www.opendns.com/. [Read more...]

Filed Under: Linux, Microsoft, Security Tagged With: ,

Nessus on Virtual Machines

January 10, 2008 by 1 Comment

The following is a copy of an article I wrote for Techrepublic.com about how I used Nessus on openSUSE virtual machines to scan enterprise networks.

Takeaway: Nessus is the de facto standard of vulnerability scanners. It’s free, runs on free operating systems, requires few hardware resources–and gets the job done.

The Need

Vulnerability assessments are one of the key tools that information security professionals use to learn about their network environment. With the increasing quantity of threat agents and government regulations that carry harsh penalties, businesses have to know where their security vulnerabilities exist and now to mitigate them.

[Read more...]

Filed Under: Linux, Scripts and Utiliites, Security Tagged With: , , ,