Added by Leon van der Eijk on February 21, 2011 at 8:23am —
So there I was (don't you love it when a story starts like that?), arriving at work recently when I was asked to look at a co-workers laptop that was infected with a fake antivirus program. Another co-worker had already done what I would have done, in that he ran MalwareBytes (MBAM) on the machine. However, I was surprised that MBAM hadn't even detected the infection. Neither had the installed real antivirus, Microsoft Security Essentials.… Continue
Added by Ken Pryor on February 17, 2011 at 7:41pm —
I just added Judy Novak to the "IDS hall of fame" of my Intrusion Detection Mindmap.
She definitely deserves a place in anybody's IDS hall of fame. ;-)
The mindmap can be downloaded here.
Just save it as IDS.mm and open it in the mindmapping tool of your choice. I personally prefer Freeplane.
If you have valuable… Continue
Added by d3tm4r on February 17, 2011 at 3:14pm —
This is what Morpheus said to Neo in the movie "The Matrix". And it's so very true regarding information security.
Intruders don't care about what you're thinking about your network security. They just peek and poke until they find a hole that you would not have thought existed.
Check! Your! Facts! Know your network. If you're not sure - just check, don't speculate!
It's the same for general troubleshooting problems and for information security. I am seeing… Continue
Added by d3tm4r on February 15, 2011 at 4:00pm —
Since I seem to be moving from tumblr to DTH permanently, here is a re-post of an older article on a topic which I think is still important for folks to be aware of.
Reputation Based Protection is a good idea to complement classic signature based and heuristic malware detection.
Some antivirus vendors have already added cloud based reputation services to their antivirus products.
How do those services…
Added by d3tm4r on February 13, 2011 at 10:14am —
The folks of Pauldotcom Security Weekly podcast inspired me to write something about using 0day exploits for pentesting.
The question was, whether or not it's a good idea or fair to use those in a pentest.
My take on this is like "hell yeah!". But there are some more aspects to that topic of course, otherwise I wouldn't have considered writing a blogpost on it.
So first off, let's discuss what the intention of using 0days in pentesting might be. For me… Continue
Added by d3tm4r on February 13, 2011 at 9:00am —
From my experience, people just recognize those security breaches that are kind of “in your face” or get big press.
“Oh, a worm just took down all of our servers. We’ve got a problem!”
“Oh, a virus has infected all of our PCs. Let’s quickly delete it!”
“Oh, chinese hackers have pwns0red several companies. But we are fine because we’ve got IDS, IPS, Antivirus, Anti-Spam, DLP and ‘til now…
Added by d3tm4r on February 12, 2011 at 12:30pm —
Added by Jayson E. Street on February 7, 2011 at 8:34am —
Not sure after 5 years why it took so long for the pain to catch up with
the fact he is gone. Though now that it has it is hitting HARD. :-(
I wrote this 5 years ago but even they hurt worse reading them now.
I miss you soo much!!
There Are no words
I look at a grave with two dates and remember what was between them
and I have no words.
People try to comfort and understand the pain
and I have no words.
I look… Continue
Added by Jayson E. Street on December 3, 2010 at 11:12am —
Using maxmind to resolve found ip addresses on my kippo honeypot to longitude/latitude coordinates. The icons display "successful" brute-force ssh logins from all over the world ( using the googlemaps API)
Added by Leon van der Eijk on October 24, 2010 at 7:36am —
On the 23th of July I started with the SSH honeypot kippo. So after a good two months I decided to collect all the urls/locations those “1337 h4x0rs” are wgetting all their files from.
I came up with the following list:
Added by Leon van der Eijk on September 28, 2010 at 7:51am —
Most of my activity is limited to lab experiments and after a while of "not doing something" it can be a real pain to remember just exactly what i did last time and playing about with wireless card setting is just one example.
i got myself an alfa highpower usb wifi adapted mainly for Back|Track and all works fine, however i stumbled across some forum post that discussed the "HighPower" setting for this device and a method of increasing you range using the txpower value so i decided to… Continue
Added by James Fisher on August 7, 2010 at 10:30am —
Kippo honeypot results after 2 weeks in production
Password popularity contest…
Added by Leon van der Eijk on August 2, 2010 at 6:47am —
Hey everyone, check out my blog. I cover tools, research and certifications!
Added by Skyler Onken on July 14, 2010 at 8:12am —
Just Thought I'd throw out the few Vendor's presentations I thought were worthwhile to me.
Trusted Computer Solutions' Linux Security Blanket:
Very cool, Like "Secedit" for Linux.
It's based on profiles.
From the Vendor Page:
Security Blanket allows you to:
Lock down Linux and Solaris operating systems automatically
Added by Sean Benson on June 25, 2010 at 10:08am —
DevBUG - Keeping track so you don't have to
DevBUG is an idea that came to me while conducting a Vulnerability Assessment for University a few months back. We did a service scan on a web server and found that way too many ports and services were running! But that wasn't the problem, well, not for us anyway. The problem was, is that we had 20 different software services and versions to google and write about.
So what is the process? We… Continue
Added by Ryan Dewhurst (ethicalhack3r) on May 19, 2010 at 11:00am —
Do I need to hack the internet to understand attacks and their impact.
While developing my personal labs I discovered that in order to make a lab representative of current infrastructure you will spend more time understanding what an
administrator does not what… Continue
Added by James Fisher on May 8, 2010 at 5:00am —
I am posting this on behalf of Chris Nickerson I thought it was a good post that would fit well here.
grant me the serenity to accept people that will not secure their networks, the courage to face them when they blame me for their problems, and the wisdom go out drinkin’ afterwards!”
I am over it! I am over all of the BS. I am over all of the compliance posturing. I am over all of the “NEW AGE” High tech hipster… Continue
Added by Jayson E. Street on April 5, 2010 at 12:21pm —
MSA is shwing a hard drive in leftover state
1- Update the controller firmware version up to J210P22:
Elguer Solano G. Continue
Storage Support Engineer
Added by operat0r on March 24, 2010 at 7:49am —
Added by operat0r on March 23, 2010 at 3:22pm —