Hello and welcome to the Tuesday, November 1st, 2020 edition of the Sands and Storms anders Stormcast.

My name is Johannes Ulrich and I'm recording from Jacksonville, Florida.

Rob today wrote about NMAP without NMAP, always a popular topic.

In this particular case, Rob looked at a built-in PowerShell command.

It's part of the NetTCP IP module and its test net connection or short TNC.

This tool pretty much is meant to debug connection.

So with that, you're able to check if a port is

listening or not essentially one of the key features of nmap now one thing raw points out it's actually

pretty slow in order to do sort of a port scan of multiple ports but it also has even a trace route feature built-in.

A couple more tricks from Rob as part of his post, including how to improve the speed a little bit

for port scan, but still not really its strong point, but in a pinch if all you have is power shell and a couple

ports that need to be scanned it's probably a valid tool of course the big thing on tuesday will

be the open ssl update that's supposed to become available sometime in the morning East Coast time.

Now, we don't have really any details at all other than it will affect OpenSSL 3.0, which

was released about a year ago.

So any operating system that receives a major update within the last year

is likely vulnerable if it does include OpenSSL. OpenSL 1.1.1.1 is not affected. It will also

receive a patch, but it will not be a security patch. Well, as soon as we have more details on

Tuesday, we'll certainly try to dissect what it means and publish a post about it. And talking

about critical vulnerabilities connect-wise on Friday,

release an update for its recover and R1 soft server backup products

which suffer from a critical vulnerability

...