United States
Anatomy of an ARP Poisoning Attack
WatchGuard Technologies, Inc.
WatchGuard Technologies, Inc.
ProductsPartnersSupportAbout UsHow to BuySearchProfile
 
Products  

Security Articles

Video Tutorials

WatchGuard Feeds

WatchGuard Wire

Radio Free Security

White Papers

Case Studies

Network Security Glossary

WatchGuard Wire
Improve Your Security IQ

SensePost's new BiDiBLAH saves time in security assessments

In a Black Hat 2005 briefing entitled, "Automation: Deus ex Machina, or Rube Goldberg Machine?" SensePost researcher Roelof Temmingh introduced a useful new security tool named BiDiBLAH. BiDiBLAH's clever approach can save you a lot of time in trying to discover where your network's defensive weak points are.

Before I describe this tool, a bit about SensePost: they perform security assessments, or penetration tests, for their customers. Yes, they get paid to attack networks (with full permission from their clients) to find any security weaknesses. They must be very good at what they do. They have an impressive client roster, the classes they teach are uniformly terrific, and the other security experts here treat them with tons of respect.

Like most pen-test organizations, SensePost has developed a methodology for efficiently finding weaknesses in their clients' defenses. Their methodology consists of the following steps:

  1. Intelligence gathering
  2. Footprinting
  3. Targeting
  4. Fingerprinting
  5. Vulnerability discovery
  6. Penetration

During each step, SensePost gathers truckloads of data about the target network. They gather information such as the domains, sub-domains, and IP address blocks their target owns. They have to discover which IP addresses attackers can actually reach from the Internet, and what Internet services each IP address offers. To help them identify which devices to attack, they also try to learn what operating system each IP address runs, and what applications it uses to provide Internet services. SensePost performs these types of assessment for large clients who own thousands of IP addresses. The sheer amount of data they must gather and correlate would take ages if done manually. That's where BiDiBLAH fits in.

BiDiBLAH automates as much of the security assessment methodology as possible. By tying together many free, open-source security tools, BiDiBLAH provides a one-stop shop for pen-testers. More important, the tool helps you perform many security assessment steps automatically, and it even helps you correlate the data you discover. Once you find all your client's security weaknesses (or your own), BiDiBLAH automates the time-consuming task of generating reports. As Temmingh puts it, "BiDiBLAH helps pen-tests perform 80% of their work in 20% of the time." (You still need to do the last 20% the hard way.)

At the end of his briefing, Temmingh announced that SensePost released a slightly-crippled version of BiDiBLAH to the public for free. The crippled version allows you to use the tool for only 20 minutes at a time. However, BiDiBLAH scans so quickly that you could learn a lot in 20 minutes. This is a great chance for small business administrators to get their hands on a large enterprise-strength tool. Whether you pen-test for a living, or you just want to assess your own network, give BiDiBLAH a try. -- Corey Nachreiner

Copyright© 2010 WatchGuard® Technologies, Inc. You may copy and distribute this article freely in any medium as long as you copy and distribute the entire article without change and preserve this copyright statement and notice.