ISC Feature of the Week: Tools->Information Gathering

Published: 2012-05-17. Last Updated: 2012-05-17 20:39:55 UTC
by Adam Swanger (Version: 1)
4 comment(s)

Overview

One of the sections on the ISC Tools page is Information Gathering at https://isc.sans.edu/tools/#info-gathering. This collection will help you easily find out how your browser and plugins look to the outside and lists some other information lookup tools.

Features

Browser Headers - https://isc.sans.edu/tools/browserinfo.html
How a server sees your browser.

Browser Plugin Detector - https://isc.sans.edu/tools/adobinator.html
This page attempts to detect various browser plugins. The detection code used was created using PluginDetect.

  • Lists plugins detected and various version information for each.

Site Availability Check - https://isc.sans.edu/tools/sitecheck.html
Checks if hostname is reachable.

  • Single input box.
  • Displays failure if unreachable.
  • If reachable, outputs:
    • Page load time
    • Page size in bytes
    • Return status code (ie. 200 success)
    • Final URL

Site DNS Check - https://isc.sans.edu/tools/dnscheck.html
Hostname to IP DNS resolver.

  • Single input box.
  • Output IP if system is able to resolve.

Whereis[IP] - https://isc.sans.edu/tools/whereis.html

  • Multi-line input box. Enter one(1) IP per line.
  • Output table contains:
    • IP ADDRESS queried
    • ASN of IP
    • NETWORK assignment
    • COUNTRY abbreviation
    • ISP name
    • RIR - Name of registry

Content Security Policy Test - https://isc.sans.edu/tools/csptest.html
Created for Firefox 4 but features may be found in other browsers.

  • Lots of details and information on the test outlined and explained on the page

 

Post suggestions or comments in the section below or send us any questions or comments in the contact form on https://isc.sans.edu/contact.html#contact-form
--
Adam Swanger, Web Developer (GWEB, GWAPT)
Internet Storm Center https://isc.sans.edu

 

Keywords: ISC feature
4 comment(s)

Comments

Not sure if the plugin needs an update or the configuration needs tweaking, but the browser plugin detector is showing some rather old versions as the latest. For example, it says that the current version of Adobe PDF Reader is 9.4.2.
@Pete Thanks for pointing that out! Latest versions updated and I set a reminder to keep up with them.
A similar remark w.r.t. Flash. Currently https://isc.sans.edu/tools/adobinator.html specifies 11.2 as the latest and 10.1.85.3 as the vulnerable version.

According to http://www.adobe.com/software/flash/about/ currently the latest version is 11.2.202.235. It is important to mention the entire set of numbers, as at the beginning of this month the latest version was 11.2.202.233 (see http://krebsonsecurity.com/2012/05/critical-flash-update-fixes-zero-day-flaw/).

Furthermore you are mixing 10.x.x.x and 11.x.x.x version numbers. According to http://www.adobe.com/support/security/bulletins/apsb12-07.html a version 10.3.183.18 exists (which can be downloaded from http://helpx.adobe.com/flash-player/kb/archived-flash-player-versions.html); it replaces 10.3.183.16. Note: 10.1.85.3 was released on 2010-09-20 and many later versions were found vulnerable!

Instead of trying to stay up-to-date with the frequent Adobe patches, you could point to the Adobe pages that provide the latest version info.

Note that the following links usually provide you with the latest versions for Windows ("ax" = ActiveX):
http://download.macromedia.com/pub/flashplayer/current/install_flash_player_ax_32bit.exe
http://download.macromedia.com/pub/flashplayer/current/install_flash_player_32bit.exe
http://download.macromedia.com/pub/flashplayer/current/install_flash_player_ax_64bit.exe
http://download.macromedia.com/pub/flashplayer/current/install_flash_player_64bit.exe
(source: http://helpx.adobe.com/flash-player/kb/installation-problems-flash-player-windows.html)
Thanks for the feedback on the plugin detector! We decided keeping up with versioning is going to be way time consuming so we trimmed the data down to the output from the detector and links out for info and latest version download page.

Diary Archives