Titania at Interop 2014 - Coming to America

Source: internetworld.com

… Except unlike Eddie Murphy, we’re not coming to get a bride. We’re coming to show off Nipper Studio and Paws Studio – the network security software, that gained praise all over the world from government agencies and departments like the FBI, Department of Defense, The Treasury, the Department of Energy as well as corporate giants (Cisco, HP, Verizon to name just a few).

Penetration testers in over 60 countries have chosen us and have not been disappointed, why don’t you visit us at booth 962 to find out why? We’ll be there from Tuesday (1st April 2014) to Thursday (3rd April 2014).

Why Interop?

It’s a chance for you to meet the team, find out what we do and trial our cyber security solutions. It is also a chance for us to meet with interesting people, future clients and keep up with the latest trends in the world of networks, security, auditing and compliance. We would also like to take part in thought-provoking discussions and strengthen our relationships across the Atlantic. With 60% of our business taking place in the United States, we are sure to meet some familiar faces for a good catch up over those famous American pancakes.  

Source: interop.com

What do we expect?

As we put the finishing touches to the preparations for the show, there’s a tinge of excitement over what the experience will be like. There’s no doubt this is one of the biggest independent IT conferences of the year.  So many infosec professionals all in one place; it’s bound to be a buzzing atmosphere, filled with BYOD, SDN, IoT all sprinkled with lots of LEDs. If there’s anything that won’t be missing that’s the flashing lights.

The expo floor has seen a lot of changes in the 28 years that it’s been running filled with weird and wonderful things from the flying monkeys, to cars and motorbikes, either as props or as giveaways. Yet, the infosec community still gets excited by the quality of the talks, the disruptive technology and the efficacy of the workshops. Striking the right balance between work and fun makes sense, doesn't it?

But we expect to see plenty of security conscious organisations and government representatives, to filter through the flash and glitz in search for the best cyber solutions. After all, it’s not for nothing that the US is at the forefront of cyber defence, is it? And it explains why Titania has thrived in the American information security market.  

What do we have for you?

Our very own CEO – Ian Whiting, an experienced infosec professional, previously certified by CESG (Communications-Electronics Security Group) - will be there to answer your questions. Plus we have an expert team ready to give you all the information you need and a tool which brings even more features to answer the ever-increasing demands of today’s CIO. Andy Williams, Titania's Head of International Development is experienced in liaising with companies across the ocean having worked for 6 years as an international trade advisor for the US Department of Commerce, at the American Embassy in London. Or in fewer words, he’s our go-to expert for those interested in a serious business relationship.

Aside from reading about our products, we suggest you also stop by for a quick demo and an evaluation license, so that you can take your time and try out our software, after the Interop party.

Listening to the Network

by Ian Whiting (Titania, CEO)

About the Author 

Ian has been working with leading global organizations and government agencies to help improve computer security for more than a decade. He has previously been accredited by CESG for his security and team leading expertise for over 5 years. In 2009 Ian Whiting founded Titania with the aim of producing security auditing software products that can be used by non-security specialists and provide the detailed analysis that traditionally only an experienced penetration tester could achieve.


My favourite tool for monitoring network traffic with a graphical environment is Wireshark, on a command line then I would commonly use TCPDump. Both tools are mature products that have been around for years, and if you are a penetration tester you have most likely already used either one or both of them.

Many years ago now, when network hubs were used, the quantity of network traffic arriving at my laptop used to be huge. In today’s modern switched networks you usually no longer get to see network traffic that was sent to a specific network address. However it is still worth checking to see if you can see traffic that should not be visible in a switched environment. I have had to report to clients on a number of occasions, instances where I have been watching network packets that I simply should not have seen. I have recently seen a network hub still being used on a network that should have long since been replaced. In this case the company being tested was a financial organisation supplier and the network traffic on the hub contained data from several competing financial clients.

A common network protocol I see used on networks is Link Layer Discovery Protocol (LLDP), which is used for advertising the capabilities of the sender. LLDP is useful when combined with network management software, but it is also useful information for an attacker. The screenshot from Wireshark (see Figure 1) highlights a captured LLDP packet. You can clearly see that it contains information such as the make, model and software version from the switch; in this case it is a Brocade ICX running IronWare 7.4.00T311. Using that information it would be trivial for an attacker to review a vulnerability database and then download any exploit code for vulnerabilities. The information could also be used to obtain default passwords and other configuration settings that may not have been changed by the network administrator.

Figure 1. LLDP packet

Some manufacturers have developed their own variation of LLDP, the most prevalent of which is the Cisco Discovery Protocol (CDP). Although CDP is a Cisco proprietary protocol it has appeared on other manufacturer’s equipment too. You can see from the Wireshark CDP packet capture screenshot (see Figure 2), that the information in CDP also includes the software platform and version. You may have noticed that both LLDP and CDP include the management address of the devices, very useful.

Figure 2. CDP packet

The Cisco CDP also includes VLAN Trunking Protocol (VTP) domain information, which is also included in the Dynamic Trunking Protocol (DTP) packets (see Figure 3).

Figure 3. DTP packet

VTP is designed to make network administration easier by enabling the propagation of changes to the VLANs on the network, such as adding and removing VLANs over multiple network switches. VTP can be configured in server, client or transparent /off modes. If a switch is in server or client mode it is possible to modify the VLAN configuration on the switch if you can determine the VTP password. Therefore the presence of VTP could potentially pose a serious risk to a network, especially when a weak password has been set. 

The VTP password is not easily tested over the network without modifying the VLAN configuration (or destroying it), Nipper Studio can be used to review the actual configuration in order to determine its state without jeopardising the network (see Figure 4). It certainly would not make you a very popular penetration tester if you took down a customer’s network by removing all their VLANs.

Figure 4. Nipper Studio

A tool called Yersinia can be used to monitor the network in a similar manner to Wireshark, but it separates out protocols such as CDP, DTP and VTP in easy to review sections. However I would recommend using this tool with caution as it includes a number of network attacks such as using VTP (see Figure 5).

Figure 5. Yersinia

It is sometimes possible to audit the routing protocols present on the network by passively listening to the network traffic. Even though I should not be seeing routing protocol traffic when plugging in to a standard network port, at least the following Open Shortest Path First (OSPF) packet capture shown in the next example (see Figure 6) shows that MD5 authentication has been configured.

Figure 6. OSPF packet

However I have often seen routing protocols where either no authentication is configured or default credentials are transmitted with no encryption. In the next example (see Figure 7), Routing Information Protocol (RIP) version 1 is being used which has no support for authentication.

Figure 7. Vulnerable Routing Information Protocol

There are a huge number of other interesting protocols that have not been covered in this article, such as Dynamic Host Configuration Protocol (DHCP). However hopefully this article has bestowed a renewed understanding that simply listening to what the network has to communicate can highlight some security issues. These are issues which can be, and are too often, missed when security assessments place too great a focus on the results of network scanners.

Impressions of CRESTCon & IISP Congress 2014

CRESTCon & IISP Congress 2014 was a great opportunity for our CEO, Ian Whiting, to catch up with industry friends, meet lots of attendees who are keen advocates of our products, as well as speaking to several exhibitors who are also users of our software including HP, Ernst & Young, Nettitude, GDS and BT.

The exhibition was a good opportunity for us to provide inofsec professionals with a preview of some new major features soon to be releases in Nipper Studio. Our stress ball giveaway also proved quite popular with the pentesters – it seems they are a stressed bunch, who would've thought?

But instead of just giving you our own opinion of how the show went, this post brings together the views of those who attended, exhibited and kindly expressed themselves via the live news stream – Twitter. 

...Quite!

Andrea Simmons from HP also highlights in her presentation the amusing results of a much-debated 'study' by VoucherCloud: 

Adrian Davis (ISC2) makes a valid point about insider threats. Morrison's breach was indeed caused by a disaffected member of staff.

Selex ES steered people towards 'their very own' Robin Frewster security expert:

... and here's the consensus.

The Nettitude team

'Fuzzing' with Andy Davis of NCC Group:

Simon Clow puts it into context...

... and PwC agrees...

... while introducing James Campbell's stories on threat detection and response.

Finally, our own team - Ian Whiting below - shares a word, and a stress ball, with Gotham Digital Science

Hope this has inspired you to book tickets for next year's event. The CRESTCon & IISP Congress is definitely the right place to be for any infosec professional; whether beginners or more experienced, the conference has something to offer everyone.

What Makes CRESTCon & IISP 2014 The Must-Attend Event For Every Infosec Professional?

Source: crestcon.co.uk

The Exhibition

The exhibition brings tools and information to the hands of the visitors, with the chance to experience the products live, try the demos and clarify any questions directly with the providers. 

Source: CRESTCon 2013 via flickr.com

The Conference

The thing that sets CRESTCon apart from other trade shows is that it addresses different audiences via two streams. 

Stream 1 is targeting security consultants, researchers and those directly involved in testing or defending information systems. 

What's the talk of the town?

Some of the security experts presenting will be sinking their teeth in a few new topics. The audience will hear about security cameras and the security risk they can pose if infiltrated by bad actors, from Mike Sloss from Thales. Andy Davis, Research Director at the NCC Group will talk about Zulu, an intuitive and flexible fuzzing tool. 

Point of interest: Simon Clow from Context discusses iLO (Integrated Lights-Out management) and the security considerations for remote management interfaces. 

The rest of the talks are centered around the evolution of cyber crime with consistent provisions of case studies and research repositories.

Source: CRESTCon 2013 via flickr.com

Stream 2 is aimed at the wider public in the infosec community, including management representatives and risk and compliance officers, while featuring talks on career development opportunities. 

What about the career focus?

Ray Stanton (BT) sounds interesting:  "You may not like all that you hear, but Ray will stimulate thought and invoke critical debate". Andrea Simmons, from HP talks about the importance of understanding the breadth and depth of the infosec industry. Undermining it, she emphasises, could pose real risks to the community. 

The evolution of threats, incident-response, security awareness, the talent pool, tips on engaging at board-level and employer perspectives are among other topics. 

Point of interest: Rob Carolina, legal expert with the Origin law firm, tackles the ethical debate stirred in light of the Snowden scandal. 

The great thing about these presentations is that they take a pragmatic approach to security issues, and the speakers talk about their own experience as opposed to theoretical concepts of security. 

The Catch-up

It's nice to be out of the office once in a while, but it's even nicer when you get to meet old acquaintances, people who were colleagues at university, people you worked with, people you shared a beer and a hacking tip with a while back. Industry events are a great way to combine work with a friendly catch up. 

Source: CRESTCon 2013 via flickr.com

Titania's CEO, Ian Whiting and Andy Williams, Head of International Development are getting ready to attend the CRESTCon & IISP Congress on the 19th of March. They can be found in the exhibiting area, so if you are attending, drop by, say hello and watch a demo of our award-winning products Nipper Studio and Paws Studio. 

Titania is a proud sponsor of the 2014 edition of CRESTCon & IISP.

Source: crestcon.co.uk

Hope to see you there!

Security & Policing Event 2014 - What to Expect?

What is Security & Policing?

Source: Security & Policing2014
Exhibitor Brochure

For those who missed Security & Policing this year, make sure to book a place for next year's edition. Meanwhile, here is an overview of the event and what makes it so appealing to the security community.

The Home Office Security & Policing exhibition at the FIVE expo site in Farnborough, Hampshire UK is an essential trade show for the industry of defence, security and governmental bodies attracting global audiences and providing opportunities to showcase sensitive products in a safe environment. 

Delivered in partnership with the ADS (UK Aerospace, Defence, Security & Space) Group and UKTI DSO (UK Trade & Investment Defence & Security Organisation), the event has been running for 30 years, with the aim of providing the UK government with a platform of engagement with world leading security providers and professionals.  

In order for the show to be secure and comfortable, given the sensitive nature of the information and the profile of the attending audience, there are strict criteria for visitors. Please read the guidelines, in order to avoid disappointment.

What to expect?

The showcase is only one aspect of the event. Security & Policing also opens the conversation on national security aspects in the government and industry briefing sessions. Aside from being free to attend, these sessions bring solutions from governmental officials, as well as the opinions of security experts with long-standing experience in their field.  

Source: Security & Policing2014
Exhibitor Brochure

Discussions, this year, are fueled by the possibilities opened by the world of digital and what the latest technological contributions bring to the defence industry. The conference briefings include talks on the use of social media in crime-fighting (Simon Imbert, I-Risc), cooperation in terms of threat-sharing (John Atherton, Surevine), protecting the critical national infrastructure, from the perspective of the telecoms provider (James Todd, BT), innovation for the US cyber defence community from a UK SME (Andy Williams, Titania) and “real-time” intelligence solutions on the frontline (Nichola Bates, Repknight). There is a strong emphasis on cybercrime, information security and technological progress to the benefit of the defence forces.

Other initiatives?

The other noteworthy event brought by Security & Policing is the International Security & Policing Summit; a conference setup in association with CityForum. Last year’s agenda looked at future planning and strategies that would incorporate technology with security and policing, and security measures for major events (lessons learnt from the 2012 Olympic Games).

For the 2014 session, the theme is Safer Cities - combining people, technology and security. The agenda facilitates a dialogue between UK policy makers, businesses and intelligence chiefs and international government and agency representatives. Predictions for 2020 and changes anticipated in the cybercrime landscape also feature on the agenda.

The Security Innovation Awards

The Security Innovation Awards are a way of recompensing UK businesses for any developments which bring significant improvements to crime prevention and the defence sector. All the while it rewards any partnership efforts between defence operatives and pioneering developers of technology. 

Altogether the Security & Policing trade show is a great way of attracting new business, the best way to keep up to date with the latest trends in terms of defence and policing advancements and a chance to listen to opinion leaders discussing risks and opportunities ahead. 

Titania Joins the Briefing Sessions at Security & Policing 2014

The Security & Policing event hosted by the Home Office at the Farnborough FIVE expo site is a unique opportunity to showcase sensitive cutting edge technologies and confidential products and solutions to police services, governmental departments and agencies from the UK and overseas.

This year’s event will focus on the expansion of an international delegate program, aiming to improve the UK’s export activities. The visitor delegation program will include top decision makers in key areas of the UK’s Security and Defence sector.

The high security standards and strict criteria for visitors and participants ensure a safe environment for sensitive products not available otherwise to the general public. For relevant audiences, Security & Policing offers first-hand access to classified information. 

Source: Security & Policing2014 Exhibitor Brochure

Following the talk from James Quinault, the Director of Cyber Security and Information Assurance, from the Cabinet Office, Andy Williams, Head of International Development at Titania will be speaking on the 11^th of March 2014. The presentation will focus on the innovative use of UK technology across US governmental institutions and the mutual benefits to network security and compliance auditing.

Titania comes with extensive experience in the cyber security field and Andy will also talk about Titania's membership of the Malvern Cyber Cluster and its commitment to supporting the development of cyber innovation and skills. 

Titania’s cybersecurity solutions Nipper Studio and Paws Studio are network security and compliance auditing tools already popular among military and governmental departments, in the US as well as UK, Germany, France and Australia.

Andy will talk about how to begin with, Nipper Studio was trialed by one U.S. Army unit. Subsequently the software was assessed and approved for use on the networks of the armed forces. Later, Paws Studio emerged as an answer to their compliance requirements. It was not long before both tools were shared across a wide variety of government departments and and by organisations in Financial, Communications, Retail and Technology sectors.

The advantage of Nipper Studio is that it can be installed in minutes, it does not store any configuration data and it audits network devices without the need to connect to the network, hence it does not introduce any additional security issues to the organisation. Whilst Paws Studio is a tool that answers today’s requirements for compliance, in line with established policies such as PCI, SANS and DoD STIG. 

click here for details

These tools have been developed with consideration for sensitive data; which is why their security focus makes them attractive to the audience present at Security & Policing. 

                                      click here for details                                                           

If you are attending the show, be sure to visit the briefing sessions. Plenty of relevant information for the cyber community.  

For more information on our cyber security tools, please get in touch at enquiries@titania.com or visit www.titania.com 

Nipper Studio Review

By Jim Halfpenny 

About the Author 

Jim is an experienced IT practitioner with 14 years experience in both academia and industry, working with renowned companies including British Airways, Oracle, BSkyB and Cloudera. 

There’s no shortage of vulnerability assessment tools out there and this time I’m looking at one that’s a little bit different. Nipper Studio from Titania offers a means to audit that often forgotten part of your network: the network itself. Routers, switches, firewalls and other network appliances are the fabric of your network and should definitely be in scope for any rigorous information security program. I've given Nipper Studio a test drive to see how it performs and how it differs from other tools out there.

Firstly it’s worth pointing out that Nipper Studio is not a traditional vulnerability scanner that trawls your network looking for weak spots. Instead you feed Nipper Studio the configuration files from your network devices and it audits them, producing a detailed report. This offline auditing means no traffic is generated by the audit and there’s no need to plug anything into your network, a definite plus for those working in high-security environments. Working from the inside out provides a totally different insight compared to traditional network-based scanners.

Nipper Studio offers good cross-platform support with packages available for Fedora, OpenSuSE, CentOS and Ubuntu flavours of Linux as well as Windows and Mac OS X. I’ve been testing out the version for Ubuntu, which is supplied as .deb packages for 32-bit and 64-bit systems. There is a good range of supported devices with all the usual players such as Cisco, Juniper and Checkpoint represented as well as some of the rising stars like SonicWALL on the list. As well as a GUI tool for generating reports Nipper Studio includes a command line version, very useful for scripting and automating audits.

Some of the wide range of network devices supported are shown above

Fire it up and Nipper Studio starts with a clean UI showing your reporting, configuration options and built-in documentation. Creating a report is as simple as clicking on the new report link and telling it the location of your configuration files. You can add multiple devices to a single report and load previous reports for comparison. Human readable full and summary reports can be generated in several formats including HTML, PDF, PostScript and LaTeX. Additionally you can create CSV, SQL and XML outputs enabling you to further process, report and archive your results.

The Nipper Studio GUI is simple and straightforward to use

The reports may appear on the surface very similar to vulnerability assessment reports from other tools but it is the level of detail that really shows off the benefits of this method of security auditing. Nipper Studio will report on firmware version, timeouts, routing and VLAN configuration, service banners, authentication and other configuration best practice which external scanners may miss. Exposing the internal configuration of the device exposes potential issues that simply cannot be seen from the outside or may be time consuming to evaluate such as weak authentication.

Reports on each finding are very detailed and include a severity level, ease of exploitation and recommendations on how to remedy the issue as well as CVSS v2 scores where applicable. Audits can be customised to include your organisation’s name and logo and to report based on your security organisation’s security policy such as password age and strength. You can also include your own notes and control which sections of the report to include so you can tailor it to the intended audience.

Reports drill down from high-level summary to detailed vulnerability breakdown

An important feature worth mentioning again is the ability to compare the results from previous reports. This enables you to see what has changed between audits and helps you to gauge the progress you’re making in improving the security posture of your network environment as well as highlight new threats. You will also be able to detect unauthorised or unplanned changes to your network outside of your change control process. It’s all too easy to make an ad-hoc change and not document it, with unpleasant consequences further down the line. This is not a tool solely for point-in-time inspection of your network.

Nipper Studio is licensed on a per-device basis starting at $1000 for 25 licenses, working out at $40 per device. As you would expect discounts are available for larger purchases; 1000 or more licenses will set you back $8.50 per device. Compare this to the cost of a manual check by an experienced auditor and you’ll get a figure an order of magnitude less for Nipper Studio as well as the benefit of rapid and repeatable reporting. Is there anything that this product would miss that a trained auditor would catch? Quite possibly, but using this tool for your initial baseline and regular testing means you can cover off the majority of common issues and better spend your remaining security budget more effectively.

#NAW2014 Apprenticeship Week Ends With a Visit from Worcester MP Robin Walker at Titania's Offices

The end of the Apprenticeship Week has been marked by a visit from Worcester MP Robin Walker.  

During the visit Robin was accompanied by Derrin Kent, of TDM Wyre Academy and Helena Baxtor, the Chair of the Worcestershire Training Providers Association. They sat down with all Titania’s apprentices and the Directors to discuss apprenticeships and the positive effects it has had on the company as well as on the apprentices' careers. 

From left to right: Robin Walker MP, Max MacFarlane - software development apprentice, Luke Willmore - accounts apprentice,  Ian Whiting - Titania CEO, Edwin Bentley - software developer, Derrin Kent -  TDM Wyre Academy Managing Director

When speaking about apprenticeships and their positive impact on unemployment and the economy in the region, Robin spoke about how the number had increased from 470 apprentices in 2010 to being on track for over 1,000 this year. The MP said that, because of their success 'apprenticeships are definitely here to stay, as in politics the importance of apprenticeships is something everyone seems to get', despite party divisions on other issues. 

Aside from Edwin’s story which can be found in this article, Titania has invested in two other bright, young apprentices.

Luke Willmore, joined the company in September 2013 as a Business Apprentice, through Worcester College of Technology. Aside from being a quick learner and an ongoing support to the Accounts Team, Luke also brings new ideas to the business. His latest initiative has been implementing a new stationery process, which keeps the office supplies better organised as well as cost-effective. The 18 year old is now working towards completing his level 2 NVQ and felt that an apprenticeship would be the best way to learn the administrative aspects of a business.

Max MacFarlane comes from TDM Wyre Academy and has been an apprentice with Titania’s development team since June 2013. Max has been working on a free tool kit and he is now contributing to Titania’s established software products. 

IT has always been in Max’s chosen career path, in one way or another. He first studied it for GSCEs and A-levels. Then he followed it with a computing degree, but he realised that the learning style did not suit him, so he left university to find a job in computing. Instead he came across the apprenticeships from TDM and incidentally, Titania’s apprenticeship in programming. Max is working towards a City & Guilds Level 3 and hopes for a career in software development. 

Robin Walker MP with Titania's apprentices

When asked about how employing apprentices has benefited Titania, Ian Whiting said, 'Recruitment in our industry is very difficult and being provided with enthusiastic, capable young people, who have already been vetted and qualified by apprenticeship providers like TDM is a massive help. This means that we have really strong candidates who we can train to grow alongside the company and develop a career with us.'

National Apprenticeship Week in Worcester: Apprentices in Cyber Security

Source: apprenticeships.org.uk

National Apprenticeship Week 2014 sets the spotlight on apprentices all over UK. Last year’s events and media exposure have increased apprenticeship vacancies by 20% in the West Midlands, over August to October 2013.

Here, at Titania, we are aware of how important it is to offer young people an opportunity at the beginning of their career. As an expanding cyber security company, we want people to grow and develop alongside us.

Apprenticeships in Worcester have increased considerably as well. This week, we featured in the news, next to Hewett Recruitment, Worcester College of Technology, Mazak and Sanctuary Group, The Community Housing Group. The wide range of apprentice positions varies from social media, to engineering, HR, plumbing and cyber security.

Cyber security is still a new industry for school-leavers. As it stands, only 7% of infosec professionals are under the age of 29, and a mere 17% of the total IT workforce is female. An initiative called e-skills was launched to address these problems. Through strategic partnerships with the Malvern Cyber Security Cluster and a consortium of key employers, their efforts are starting to make a difference to the world of cyber security.

Despite being a young business, we recognised the need for new talent in the industry and took on a bright apprentice with no previous experience in cyber security. Three years later, Edwin Bentley is one of the key developers of Titania’s Nipper Studio security auditing software which is supplied to 60 countries worldwide, and has become an invaluable member of the team. Certainly for us, apprenticeships have proven to be a great success, for both the company and for Edwin in his career.

As the company matured, we continued to take on people that can grow alongside the business and now we have two more apprentices; Max MacFarlane in the development team and Luke Willmore learning the administrative side of the business. We would like to thank them for their hard work and also acknowledge the dedication of our more experienced staff for doing an excellent job at training our apprentices. 

Why not join us and the rest of the country, this week, in celebrating all the young people who decided to give it a go and learn something new. Well done, apprentices!

If you are an employer, or an apprentice in cyber security we would like to hear from you, in the comment section below.