Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!



Cnet Apologizes For Nmap Adware Mess

fv Re:Perfect american corporate business practice (231 comments)

But they didn't do anything illegal. They're basically just using their own download application that comes with extra stuff.

Yes, but Download.com still assures users that they will never bundle that "extra stuff". Their Adware & Spyware Notice says:

In your letters, user reviews, and polls, you told us bundled adware was unacceptable--no matter how harmless it might be. We want you to know what you're getting when you download from CNET Download.com, and no other download site can promise that.

Also, they make it look like a download link for the real installer (which it used to be), and then the user gets this CNET crap. But they still used our name liberally in the trojan installer as if we were somehow responsible for or involved in this abomination. I've got screen shots on my Download.com fiasco page.

Also, this "apology" rings hollow because they aren't fixing the problem along with it. In particular:

1) He claims that bundling malware with Nmap was a “mistake on our part” and “we reviewed all open source files in our catalog to ensure none are being bundled.” Either that is a lie, or they are totally incompetent, because tons of open source software is still being bundled. You can read the comments below his post for many examples.

2) Even if they had removed the malware bundling from open source software, what about all of the other free (but not open source) Windows software out there? They shouldn't infect any 3rd party software with sketchy toolbars, search engine redirectors, etc.

3) At the same time that Sean sent the “apology” to users, he sent this very different note to developers. He says they are working on a new expanded version of the rogue installer and “initial feedback from developers on our new model has been very positive and we are excited to bring this to the broader community as soon as possible”. He tries to mollify developers by promising to give them a cut (“revenue share”) of the proceeds from infecting their users.

4) You no longer need to register and log in to get the small (non-trojan) “direct download” link, but the giant green download button still exposes users to malware.

5) The Download.Com Adware & Spyware Notice still says “every time you download software from Download.com, you can trust that we've tested it and found it to be adware-free.” How can they say that while they are still adding their own adware? At least they removed the statement from their trojan installer that it is “SAFE, TRUSTED, AND SPYWARE FREE”.

more than 3 years ago

Taking Apart the Energizer Trojan

fv New Nmap 5.30BETA1 Release (55 comments)

We just today released Nmap 5.30BETA1, which contains the version detection signature described in this post for detecting the Energizer trojan. It also includes a detection and exploitation script for a major Mac OS X vulnerability which Nmap developer Patrik Karlsson found last month and Apple finally patched this morning. There are about 100 other changes as well, including 37 new NSE scripts. You can download it free here.

Pardon the Nmap promotion, but it seemed on-topic for the story.

more than 4 years ago

L0phtCrack (v6) Rises Again

fv Open Source Competitors (120 comments)

When the submitter referenced "open source alternatives that go by similar names", he was referring to ophcrack. Similar features are also available from Cain and Abel, and John the Ripper.

I maintain a list of top password crackers and sniffers as part of my SecTools.Org site.

While the submitter is correct that they have much more competition now, I still wish to congratulate the former L0pht guys on the new release!

more than 5 years ago

Taming Conficker, the Easy Way

fv Nmap 4.85BETA5 just released (288 comments)

I'm happy to report that we've just released Nmap 4.85BETA5 with Conficker detection so you can do that scan! The actual recommended command is:

nmap -PN -T4 -p139,445 -n -v --script=smb-check-vulns --script-args safe=1 [targetnetworks]

For more details, see the announcement at http://insecure.org.

more than 5 years ago

Nmap Network Scanning

fv Re:Network map? (125 comments)

Have they included a network mapping function yet? They announced it as a GSoC project last year I think, did they get around to hack some graphical map output?

Good question--and yes, we have! Full details on this feature, including screen shots, are provided in Section 12.5, "Surfing the Network Topology" starting on page 317. That section is also available free online. The code has been integrated into the latest version (4.76) of Nmap, available here.


more than 6 years ago

Nmap Network Scanning

fv Re: Matrix Reloaded (125 comments)

Yeah, Nmap has actually been in a surprising number of major movies. I created the Nmap in the Movies page to document them with screen shots. The Matrix Reloaded was the most exciting and really started the trend. I guess the rest of Hollywood just followed along and decided that the command shell was the new way to portray hacking, rather than ridiculous 3D animated eye-candy scenes from the era of Hackers and Swordfish. So we got Nmap in Bourne Ultimatum, Die Hard 4, etc.

I wanted to include a screen shot of Trinity hacking the Matrix with Nmap for this book, but a then-potential publisher said I needed permission from Time Warner first. It took many unanswered requests, but Time Warner finally replied with basically "hell no, you IP pirate!" Of course they phrased it politely like "we would love to allow that, but our policies prohibit us from granting that permission". Funny, they didn't mind using Nmap in their movie without permission, credit, notification, etc. Then they say I can't even include a screen shot of them using Nmap?

So I dumped the potential publisher and added the screen shots anyway (page 8) :).


more than 6 years ago


fv hasn't submitted any stories.


fv has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?