-
You say features, I say (possible) vulnerabilities
I was listening to a recent MindOfRoot podcast (good podcast BTW if you are interested in IT type topics) which included an interview with a Microsoftie about WS-MAN (sorry for not recalling the exact name of the person). If you don’t know (I didn’t) WS-MAN stands for (drum roll please): web services management. That’s right…
-
Can you test AV using VirusTotal?
Just a little post to bait Kurt 🙂 Many people are up in arms about the idea of submitting a sample to VirusTotal and interpreting the (usually rather poor) detection count. A few links to get you started: virustotal usage FAIL why perform virustotal based av tests? “Only X Out of 32 Antivirus Products Detect…
-
Gimme Dope Obama
Via Assarbad’s blog: The original is from SWR3, host of other great shows like Wie war der Tag, Liebling?. Also, some new blogs I’ve subscribed to: Nothing for Ungood Threat Research Craigrow DebugInfo Black Magic Code Also, somebody seems to have had a lot of free time: (The idea is that you can put links…
-
Mixed links
(Most of these links are from the GSD blog) The Dude – a network scanning and mapping software. Free and available for Linux! SmartSniff – not very interesting, but I found out that you can use raw sockets to sniff traffic (not just to craft arbitrary traffic). 4 Tools You Need To Predict The Death…
-
The original SPAM video
From Monthy Python:
-
Bulletproof hosting
Google not being evil 🙂
-
Spam from the F-Secure forums
It is no secret that I have less than stellar opinion about F-Secure (the short version is: in my opinion they are a reseller of the Kaspersky engine, but usually manage to get lower detection rates in tests and they like to talk about their research, even though all the hard work is done by…
-
Improvement to Software Restriction Policies in Windows 7
While listening to the episode of RunAs Radio about Windows 7 I’ve heard about AppLocker, a beefed up version of Software Restriction Policies. It is an interesting improvement, but I expect that it will still be enforced from User Mode, making it not as secure as it could be. Also, given the recent mishaps with…
-
Mixed links
GCC has built-in primitives to walk the stack. Neato! (of course if you foobard your stack…) ParetoLogic is blogging. Just don’t forget where they come from. Via the All about Linux blog: Lazy Linux: 10 essential tricks for admins.
-
Possible PE file trick
I was reading this: pefile and LOAD_CONFIG and took a look at the structure: IMAGE_LOAD_CONFIG_DIRECTORY Structure. Some things which I found interesting: GlobalFlagsClear – The global flags that control system behavior. For more information, see Gflags.exe. GlobalFlagsSet – The global flags that control system behavior. For more information, see Gflags.exe. LockPrefixTable – The VA of…