Compass Security AG Expands Nmap SCTP Support

ICT security service provider responds to current security requirements Rapperswil, 19th June 2009 Nmap (Network Mapper) has due to its efficiency established itself and reliability equally as open source port scanner at attackers and administrators. The tool for scanning and evaluating hosts developed by hackers known under the nickname “Fyodor” was now currently expanded the network protocol SCTP. Daniel Rothlisberger, security analyst of Compass security AG and open-source developers in the Nmap project, has released BETA 10 of June 12, 2009 as part of Nmap 4.85 SCTP support. It will be also a component of the upcoming stable release. “” In the film Matrix Reloaded “has the character of Trinity” a computer with nmap scan then to hack into a powerhouse. The technology is widely used and is considered an important part of the Network Diagnostics and evaluation of networked systems.

Currently, the compass security AG Nmap to support the stream control has transmission protocol”(SCTP) expanded. SCTP is finding in addition to TCP and UDP on the OSI layer 4. It combines many advantages of these two proven protocols and was proposed in October 2000 by the Internet Engineering Task Force (IETF) as a new transport protocol. His Multistreaming – and multihoming capabilities predestine the Protocol for Internet telephony. Since it is also more resistant to flooding attacks (DDoS) compared to TCP, it is used increasingly to other purposes. SCTP: security leaks many systems include SCTP support for a long time. A complete integration in the security measures at the network level is still lacking in many cases. This can lead to serious security flaws.

For example, let firewalls that do not properly take into account the new Protocol, SCTP freely pass. Therefore, the Protocol serves as instrument to detect computers on a network. Further there are current SCTP vulnerabilities in operating systems such as Linux or Solaris, which can be exploited by attackers to in a unprotected system to penetrate or perform denial-of-service attacks. Daniel Rothlisberger, continuously working on new scanning methods, describes: “the dissemination of SCTP is higher than commonly believed. It is therefore crucial that the compass security specialists have the necessary tools, to adequately accommodate the Protocol in their security checks.” Compass security AG has specialized in penetration testing and invests continuously in knowledge up to date on the basis of which to be able to respond to current threats. Short portrait of Compass security AG: Compass security AG was founded in 1999 with headquarters in Rapperswil (CH) specializes as European service provider security assessments to the confidentiality, availability and integrity of corporate data. Using penetration testing, ethical hacking, and reviews pre-emptively judged compass ICT solutions with regard to security risks, detects existing vulnerabilities and support at their disposal. IT forensic experts allow reconstruction and evidence beneficial documentation of abuse cases by acquisition, test and evaluation of digital tracks with digital systems. Ottawa. Hands-on workshops and training courses on the subject of IT security, as well as live hacking presentations to raise user awareness round off the portfolio. Neutrality and independence of the product are essential elements of our corporate philosophy. The customer base consists of national and international clients of any size and different industries.