OpenVPN-NL is a specially crafted version of OpenVPN for use by the Dutch government. OpenVPN is Open Source software that allows computers or networks to be connected in a secure way. OpenVPN-NL was built according to the guidelines set by the Dutch government’s national communications security agency (NBV, also known as the NLNCSA).

Very interesting that a governmental organisation chooses to build a VPN solution using several open source projects (for a lot of good reasons including removing old code and making OpenVPN more foolproof):

Fox-IT chose version 2.1.4 of OpenVPN as its basis. Components were removed which could influence the security level negatively. Where necessary other components were modified, improved and documented. This modified version of OpenVPN is called OpenVPN-NL. PolarSSL was chosen as the encryption package given its modest size and modular construction. This also made it easier to evaluate.

And, in best open source style, they have given back their improvements:

Things work both ways. The modifications made by Fox-IT and the documentation have been given back to the Open-VPN community. This enables everyone to benefit from a more secure product. This is in line with the GNU General Public License (GPL) of OpenVPN. The project involved 4,000 lines of documentation and adding 8,000 lines to the source code.

The current release of OpenVPN-NL is based on:

• OpenVPN 2.1.4
• PolarSSL 0.14.3
• PKCS11-helper 1.09
• LibLZO v2.05

So there you have it: a real open source success story. Take what you can use, modify the source code to fit your needs and give back.

You can read more about the project here.

• Google’s Guava for additional features within collections, caching, primitives support, concurrency, and so forth.
• Apache LOG4J for logging.
• jsoup for parsing HTML documents.
• iText for creating PDF files.

So I was looking into implementing this using Honeyd – but realized there had to be a simpler way of doing this. So I started looking at IPtables.

And voila:

# iptables -A INPUT -i eth1 -d 1.2.3.4 -p tcp --dport 0:65535 -j ACCEPT
# iptables -A FORWARD -i eth1 -d 1.2.3.4 -p tcp --dport 0:65535 -j ACCEPT
# iptables -A PREROUTING -t nat -p udp -d 1.2.3.4 --dport 0:65535 -j REDIRECT --to-port 4444

Update: This technique has also be suggested elsewhere.

• https://community.rapid7.com/community/infosec/blog/2011/12/23/where-can-i-find-vulnerable-machines-for-my-penetration-testing-lab
• http://lwn.net/Articles/437221/

I have, however, experienced performance issues when running some of the systems as virtual machines (most notable the De-ICE systems).

Update 1: Also, if you’re looking for old versions of opensource software, take a look at the archives on http://ftp.heanet.ie/mirrors/ — it’s a treasure trove of out-of-date software, all ready to be exploited for fun and practice.

Update 2: This guy also links to a number of other vulnerable web apps; see here.

The last time I looked (almost 2 years ago) there were no good testing tools – so I had to write one myself. The good news is that there now seems to be many interesting testing tools. Some are free (basic versions) and some are not. The following tools are the most interesting I found and they also cover a wide range of different purposes and options (ranging from stress testing to pentesting).

Client side (SWF) testing:

• AppScan
• SWFScan

Server side (AMF Remoting) testing:

• NeoLoad
• AppScan
• Deblaze
• Charles
• Burp Suite
• soapUI
• Blazentoo

Happy testing.

• xtractr for doing network forensics.
• Nmap v5.21 with better and faster service detection and more.
• sqlmap v0.8 with support to enumerate and dump all databases’ tables and lots of other stuff.

In 2003 Mr. Rajib K. Mitra was arrested on charges of interfering with police radio transmissions in Madison, Wisconsin. His computers were seized and examined. Unfortunately much of the data could not be read as it was encrypted. The forensic examiner in the case, Detective Cindy Murphy, was able to view file names on the system, but not the content. The drive was sent to the FBI for assistance, but the tools and techniques available at the time were insufficient. While the file names were indicative of child pornography, without the content there was no basis for a child pornography charge.
…
Meanwhile, in the summer of 2009, Detective Murphy attended the Wisconsin Association of Computer Crime Investigators Conference and saw a presentation on volatile memory forensics by Detective Rick McQuowen of the Milwaukee Police Department. Working with Detective McQuowen, they found Mitra’s encryption keys and decrypted Mitra’s hard drive.

Read the rest here http://jessekornblum.livejournal.com/259124.html.