Search:

Type: Posts; User: hogfly; Keyword(s):

Page 1 of 20 1 2 3 4

Search: Search took 0.05 seconds.

  1. Replies
    16
    Views
    60,081

    As this has been resolved, I won't add that much...

    As this has been resolved, I won't add that much other than ntscan, ipcscan, and sqlscan have been the most popular tools I have seen in windows honeynet research. They all function as TH13 has...
  2. Replies
    8
    Views
    14,626

    We've been using truecrypt for quite a while now....

    We've been using truecrypt for quite a while now. The tool is great, does what it's supposed to and best of all it's free. One of the best functions is the ability to escrow the keys for data...
  3. Replies
    43
    Views
    18,460

    You know..I'm freaking sick of the refs and the...

    You know..I'm freaking sick of the refs and the yellow cards. It's just out of control. They hand out an average of 5 per game they're saying. That's just insane.

    As far as the points...
  4. Thread: Blackhat 2006

    by hogfly
    Replies
    2
    Views
    8,042

    Blackhat 2006

    Anyone going?
  5. Replies
    20
    Views
    10,827

    I believe the answer would be a VPN. Why would...

    I believe the answer would be a VPN. Why would someone need 26 million records at home? That's just stupid.
  6. Replies
    11
    Views
    11,323

    And what a lousy new name if I do say so...

    And what a lousy new name if I do say so myself...wireshark..sounds so corporate..I'd almost have to say it's only a matter of time before we see a corporate offering.
  7. Thread: My Honey

    by hogfly
    Replies
    12
    Views
    13,496

    soda, I've got a 4 host honeynet running behind...

    soda,
    I've got a 4 host honeynet running behind a roo honeywall. I rotate the hosts out and vary the operating systems and vulnerabilities. I've also got a nepenthes boxen up and collecting...
  8. Replies
    20
    Views
    10,827

    This is simply brilliant

    Oh the humanity..
    A SECURITY outfit found the easiest way to crack into a company's systems was to leave a few Trojan laced USB drives scattered around the front door.

    More at source:...
  9. Replies
    5
    Views
    7,204

    Alas for the registry. MRU is a goldmine,...

    Alas for the registry.

    MRU is a goldmine, MUICache is another good spot.
  10. Replies
    9
    Views
    12,608

    Check out Astaro Security Linux? www.astaro.com...

    Check out Astaro Security Linux? www.astaro.com

    Not so sure about the spam function as the box would have to be a mail router to process the messages.
  11. Replies
    64
    Views
    33,751

    The RETURN of IRC

    Antionline IRC has returned! A select few of us see the unique value a live chat brings to our community here so from the ashes of infamy rises AntiOnline IRC.

    Want to talk about an antionline...
  12. Replies
    12
    Views
    11,227

    I second the vote for ultravnc.

    I second the vote for ultravnc.
  13. Thread: My Honey

    by hogfly
    Replies
    12
    Views
    13,496

    I'm in the same boat as Soda. I've been running...

    I'm in the same boat as Soda. I've been running a research honeynet for a few years now and have collected upwards to 50 tools at a time. I collect more logs than anyone should ever have to sift...
  14. Replies
    10
    Views
    12,724

    No SMS server is implemented. SAVCE 10.x is...

    No SMS server is implemented.
    SAVCE 10.x is installed on every machine, however they are not in managed mode.
  15. Replies
    10
    Views
    12,724

    PART II

    300+ views and only 4 responses..disappointing.

    Anyways..
    Here are some key steps that should be taken.

    - Contact the other CSIRT member, arrange to meet them in the lobby or parking lot of...
  16. Replies
    10
    Views
    12,724

    Hmmm so this is it for a response? I'll post...

    Hmmm so this is it for a response? I'll post part two some time tomorrow.
  17. Replies
    10
    Views
    12,724

    Gentlemen...Please stop getting hung up on MY...

    Gentlemen...Please stop getting hung up on MY policy. This is ficticious and not about me or MY policy, it's about you and YOURS.

    Und3rtak3r: Good question. I said system for a reason....the...
  18. Replies
    10
    Views
    12,724

    Incident Scenario

    Ok gang,
    I've been gone for quite a while (out paying the bills) so here's a little fun for anyone that wishes to participate. This will be a multi-phase incident response and forensics scenario.
    ...
  19. Replies
    9
    Views
    9,851

    All, NIST has said that government agencies...

    All,

    NIST has said that government agencies should no longer use MD5. While still a very valid method of proving the integrity of a file, it has been proven vulnerable to attack. Use it at your...
  20. STOP.... Breathe.. Don't do anything stupid.....

    STOP....
    Breathe..
    Don't do anything stupid..
    remain calm..
    STEP AWAY FROM THE COMPUTER...
    An Incident has occured --
    Triage --stop the bleeding
    contain the threat
    notify your chain of...
  21. No, it doesn't work because they are recognized...

    No, it doesn't work because they are recognized and therefore executed based on their 'magic' If you filtered by the magic at the border you *may* have a chance of blocking them from the outside. ...
  22. Microsoft is supposed to move GDI to userspace in...

    Microsoft is supposed to move GDI to userspace in vista, which should cure atleast this problem of not being compartmentalized.
  23. Replies
    8
    Views
    8,704

    True :) but according to atleast state regs...

    True :) but according to atleast state regs that's the case. I hope no one in their right mind would consider caesar..oh wait Microsoft still uses ROT-13(14) to "encrypt" the registry.

    AES is...
  24. Replies
    8
    Views
    8,704

    This is where data classification comes in to...

    This is where data classification comes in to play. If data is federally protected, you better be damn sure to encrypt it, and if it's sensitive to the company then you would be better off...
  25. Replies
    6
    Views
    6,518

    With a centralized model you will always run the...

    With a centralized model you will always run the risk of your log collection point being noticed. In fact, it can be another point of honeypotting :) setting up a honeypot syslog server can be...
Results 1 to 25 of 500
Page 1 of 20 1 2 3 4