Type: Posts; User: hogfly; Keyword(s):
Search took 0.05 seconds.
July 13th, 2006, 12:31 PM
As this has been resolved, I won't add that much other than ntscan, ipcscan, and sqlscan have been the most popular tools I have seen in windows honeynet research. They all function as TH13 has...
June 20th, 2006, 12:35 PM
We've been using truecrypt for quite a while now. The tool is great, does what it's supposed to and best of all it's free. One of the best functions is the ability to escrow the keys for data...
June 19th, 2006, 04:42 AM
You know..I'm freaking sick of the refs and the yellow cards. It's just out of control. They hand out an average of 5 per game they're saying. That's just insane.
As far as the points...
June 14th, 2006, 03:36 PM
June 14th, 2006, 02:21 PM
I believe the answer would be a VPN. Why would someone need 26 million records at home? That's just stupid.
June 12th, 2006, 04:06 AM
And what a lousy new name if I do say so myself...wireshark..sounds so corporate..I'd almost have to say it's only a matter of time before we see a corporate offering.
June 12th, 2006, 03:41 AM
I've got a 4 host honeynet running behind a roo honeywall. I rotate the hosts out and vary the operating systems and vulnerabilities. I've also got a nepenthes boxen up and collecting...
Oh the humanity..
A SECURITY outfit found the easiest way to crack into a company's systems was to leave a few Trojan laced USB drives scattered around the front door.
More at source:...
Alas for the registry.
MRU is a goldmine, MUICache is another good spot.
Check out Astaro Security Linux? www.astaro.com
Not so sure about the spam function as the box would have to be a mail router to process the messages.
Antionline IRC has returned! A select few of us see the unique value a live chat brings to our community here so from the ashes of infamy rises AntiOnline IRC.
Want to talk about an antionline...
I second the vote for ultravnc.
I'm in the same boat as Soda. I've been running a research honeynet for a few years now and have collected upwards to 50 tools at a time. I collect more logs than anyone should ever have to sift...
No SMS server is implemented.
SAVCE 10.x is installed on every machine, however they are not in managed mode.
300+ views and only 4 responses..disappointing.
Here are some key steps that should be taken.
- Contact the other CSIRT member, arrange to meet them in the lobby or parking lot of...
Hmmm so this is it for a response? I'll post part two some time tomorrow.
Gentlemen...Please stop getting hung up on MY policy. This is ficticious and not about me or MY policy, it's about you and YOURS.
Und3rtak3r: Good question. I said system for a reason....the...
I've been gone for quite a while (out paying the bills) so here's a little fun for anyone that wishes to participate. This will be a multi-phase incident response and forensics scenario.
January 27th, 2006, 03:56 PM
NIST has said that government agencies should no longer use MD5. While still a very valid method of proving the integrity of a file, it has been proven vulnerable to attack. Use it at your...
January 27th, 2006, 02:54 PM
Don't do anything stupid..
STEP AWAY FROM THE COMPUTER...
An Incident has occured --
Triage --stop the bleeding
contain the threat
notify your chain of...
January 3rd, 2006, 05:14 AM
No, it doesn't work because they are recognized and therefore executed based on their 'magic' If you filtered by the magic at the border you *may* have a chance of blocking them from the outside. ...
December 29th, 2005, 07:09 PM
Microsoft is supposed to move GDI to userspace in vista, which should cure atleast this problem of not being compartmentalized.
December 29th, 2005, 05:13 AM
True :) but according to atleast state regs that's the case. I hope no one in their right mind would consider caesar..oh wait Microsoft still uses ROT-13(14) to "encrypt" the registry.
December 29th, 2005, 04:19 AM
This is where data classification comes in to play. If data is federally protected, you better be damn sure to encrypt it, and if it's sensitive to the company then you would be better off...
December 7th, 2005, 07:34 PM
With a centralized model you will always run the risk of your log collection point being noticed. In fact, it can be another point of honeypotting :) setting up a honeypot syslog server can be...