Network Miner 0.91

Jim Clausing posted an article on the Storm Center diary today about some updates to network security tools (Jim is always all over that.. he's sort of the Tim "The Tool Man" Taylor of the NetSec world) and mentioned there was an update to Network Miner. I'd never looked at it before, that I remember, so I downloaded the latest version. What a neat tool. It runs on Windows, and uses Winpcap (it doesn't install Winpcap but if you do NetSec you'd probably already have it installed.) Just unzip the archive and fire it up. Tell it what interface to monitor, and it begins to track host connections to your box, showing the IP, fingerprint of the OS, frames received, files transferred, images, messages, credentials, sessions, DNS requests, any clear text and even what it deems anomalies. Very nice. I'll definitely keep this one in my toolkit for Windows hosts. You can get the latest version at SourceForge and if you don't have Winpcap, get that here.

NSA helped with Windows 7 development

According to Richard Schaeffer, information assurance director for the NSA, the agency worked with Microsoft and the DoD to enhance security in Windows 7. The agency was also involved in Windows Vista, XP and Windows 2000.
Full article from Computerworld here.

Summary of Cyber Security Awareness Month Articles

Each day last month, which was Cyber Security Awareness Month, the handlers at the Internet Storm Center wrote a diary article drilling down on a particular port or set of ports and the app that uses them. Now that it's done, what we've ended up with is a nice 31 chapter primer on common ports. So the Director, Marcus Sachs, made a summary page to that end. Link is here. Enjoy.