Online Incident Reporting

CSIRT Development

Publications

Forming an Incident Response Team (IRT)

Learn more

CSIRT Training

The following organizations provide a variety of training targeted specifically to CSIRTs including development, design, implementation and operations

Learn more

CSIRT VulRec

Vulnerability reconnaissance is a task completed by all good security professionals in the course of daily activity. Searching web pages and information links to determine the latest threats and risks to their domain. VulRec allows a user to manage their daily security related links and to categorize them and search them based on those categories.

The latest version of VulRec can be download from here!   (Download)

The latest URL package (links file) can be downloaded from:

        http://www.csirt.org/vulrec/vulrec.ini

Unzip the package all to one directory and execute. The links file is the vulrec.ini file and can be replaced with newer versions downloaded from this site. There is an auto download function built into the tool or you can manually download the file from the link above and just replace the old one in the programs working directory.

If you require assistance with VulRec email: martinez@csirt.org

-FAQ-

Q: What are the system requirements to run VulRec Tool?

A: VulRec is not very resource intensive. The system requirements for VulRec are MS Windows OS from Win98 and up. I have only personally tested the system on Win98 SE, XP and Windows 2000, but there shouldn't be any issues on other MS operating systems. VulRec Tool also requires Internet Explorer 4 or later.

Q: How do I install VulRec Tool?

A: Just unzip (www.winzip.com) all of the files in the package to a folder on your machine. As long as all of the files are in the same folder it does not care where that folder resides.

Q: How do I start VulRec Tool?

A: Double click on the VulnRecon icon in the folder where you unzipped the archive. This should start the program running.

Q: So what do I do once the app is running?

A: The packages comes with a small INI file already installed. Simply clicking the button marked "Search List" will search the links list for any link that matches the selected criteria in the checkboxes on the screen. Once the list is searched you can use the "Next" and "Back" buttons to go from one link to the next in the list. Alternatively you can uncheck or check additional boxes to refine your search of the list. If you make any changes to the checkboxes make sure to click "Search List" again to search the list with your new criteria.

Q: What do I do if I have to use a proxy server to get to the Internet?

A: The main surfing engine of the VulRec tool keys off of the proxy settings within your Internet Explorer. This tool is NOT Netscape friendly. If you set your proxy settings in Internet Explorer you will effectively set them in the VulRec Tool as well. HOWEVER there is a trick to the auto download functionality and proxy servers. See two questions down.

Q: How do I update the .INI file to the latest version?

A: Any time you wish to update to the latest INI file from the Internet all you have to do is go under the Edit menu and choose "Fetch Latest URLS". As long as you are connected to the Internet this function will go to the VulRec Tool homepage and download and install the latest links file that has been released by CSIRT. THIS WILL OVERWRITE any changes that you have made to the old links file using the editor. If you wish to save the old links file you can simply copy vulrec.ini to another folder PRIOR to downloading the new one.

Q: The INI updater doesn't see my proxy!!

A: That is correct. The auto update function proxy settings must be set in the options preferences menu. In there you will see a place to put your proxy server and the port that you must connect with. Username and Password for proxy servers with the auto updater are not supported at this time. If that is your case you can manually go to the VulRec home page and download the latest links file and put it in place of the old one.

Q: How do I edit the links file?

A: The links file can be edited with any text editor, however I do not recommend doing this. Unless your editor (and you) understand UNIX style line termination I suggest you use the built in editor! Under the edit menu there is an option for "Edit URLS". Once your choose this option you will be presented with a grid that contains all of the URLS in the links file as well as all of the classifications that has been given to them. Simply click on the link that you want to reclassify and check the correct check boxes. Click the Update URL button and that URL will be updated. You can remove URLS by highlighting the URL you wish to remove and clicking the Remove URL button. Adding URLS is just as simple. Type the URL into the URL edit box and check the appropriate checkboxes. The VulRec Tool understands full URL with or without HTTP:// or www. The tool can also browse HTTPS:// sites. You will be prompted for your user ID and password for these sites. Click the Add URL button and the URL will be added to the list. When you click the Exit button all of you changes will have been saved and you will be brought back to the main program screen.

CSIRT accepts no responsibility, express or implied, for the accuracy of the information disclosed in this Web Site. CSIRT will not be held responsible for any loss suffered in respect of any action taken as a result of the information contained in this Web Site. All content is provided solely for informational purposes; usage implies consent that CSIRT is free from any liability regarding the use or misuse of site material.

Security News Updates

      
    foreground (text) color; default is blackbackground color; default is whitecolor for non-highlighted links; default is bluecolor for highlighted links; default is redscroll speed (in ms): larger is slower; default is 40Verdana (in ms) to wait on paused lines; default is 2000stop scrolling when mouse is over applet? default is YESdisplay initial "wait" message? default is to displayfont to use for text display; default is Helveticafont size to use for text display; default is 10size of horizontal padding area around text; default is 5size of vertical padding area around text; default is 5
    Add this News feed to your site

Threat Assessments

InfoCon Alerts


InfoCon 1: Peacetime
InfoCon 2: Heightened alert
InfoCon 3: Full alert
InfoCon 4: Internet Meltdown


Learn more

Security Bulletins

Daily and weekly summaries of security issues and new vulnerabilities.

Learn more