'security' Category
-
Security blog roundup
January 4, 2008Talking with enhanced in IRC, I realized that I should really do a post listing some of the security blogs that I read, so without further ado, I present you with the list (in no particular order) My awesome wife’s food blog, Eatables Hex people Geek00l – http://geek00l.blogspot.com/ Enhanced – http://global-security.blogspot.com/ Giovani – http://www.cblume.com/ Chflags […]
-
Some reference for locality in infosec
January 4, 2008A week or so ago I wrote about locality of reference in regards to network security, I found some *actual* research done on the topic and wanted to share it: http://www.cert.org/netsa/publications/Nspw2003-gates-locality.pdf I’m still in eager anticipation of the first tool to use locality for malicious activity assesment.
-
NSM-console version 0.2 release
December 21, 2007I found out there is internet here, so I’m finally able to post some code changes I was working on while on the airplane. Firstly, download the files here. The static page for nsm-console is here. I finally got around to releasing the next version of the nsm-console. This version incorporates a large amount of […]
-
NSM Console – A framework for running things
November 27, 2007Well, I’ve been hard at work for the last couple of days working on a (hopefully) useful tool for aiding in NSM file analysis (for pcap files, live analysis doesn’t work). Behold! I present NSM-Console! (read more about it here, watch a screencast here) Download the framework here. Keep in mind this framework only includes […]
-
Joining the Hex Network Security Monitoring LiveCD project
November 20, 2007Yep, that’s right, I’m going to be helping out with the Hex LiveCD project. I will hopefully be doing some development for some of the NSM tools and fixing bugs in the CD. In case you don’t know what Hex is, let me give you a little synopsis (from the Trac): “HeX LiveCD is a […]
-
A good set of baseline ipfw firewall rules for Mac OSX
November 16, 2007I want to point out the excellent baseline firewall rules posted by rmogull over on his blog. Check them out if you’re looking for a starting point for ipfw rules on OSX. Thanks rmogull!
-
Compile Ettercap-NG-0.7.3 natively on Leopard Fix
November 15, 2007UPDATE 2: njstaticuser mentioned he would like to know where to get this file below: I believe the file should be in /opt/local/var/macports/build/ – there should be a folder called _opt_local_var_macports_sources_rsync.macports.org_release_ports_<ettercap-ng> where <ettercap-ng> will be something like “net_ettercap-ng” (I don’t know the exact name because it has been cleaned from that directory). Under this directory […]
-
aimsnarf version 0.11 released
November 12, 2007Yea yea, I know, it’s only been a few hours since the first release. Well, here’s the new release with a couple of major todos taken care of: Download the script here. Read about aimsnarf in the previous post about it. Changes in this version: Trillian is now supported, as well as AOL’s AIM client. […]
-
Introducing ‘aimsnarf.rb’ => A simple AIM sniffing tool written in Ruby
November 12, 2007[UPDATE 11/13/07] : version 0.11 released Firstly, download the script here. aimsnarf.rb is a small (~200 lines) Ruby script that I’ve written to sniff and dump AOL IM messages to STDOUT. I wrote this an as alternative to aimsniff, because I really dislike having to install aimsniff and all of it’s dependancies when all I […]
-
How to compile ettercap NG 0.7.3 on Mac OSX when you get that annoying pthread error
August 10, 2007[Update]: If you’re trying to compile Ettercap on Leopard, check here. I’ve been trying to get this compiled for 2 days now, finally found out how to do it. Figured I’d share for everyone else. If you try this without making the change to the configure file it will complain about you not having support […]