-
A new Perl twitter account
Now, besides the perl one-liner account we have CPANr: Reviewing CPAN modules 140 chars at a time Very cool! The latest (as of this posting) is Net::Pcap, a module to slicing and dicing packet capture files, something which I’m sure will come in handy someday. Image taken from ivanlanin’s photostream with permission.
-
Webhoneypot
In the last couple of months I’ve been helping out with the webhoneypot project. From the Google code website: DShield.org is offering this honeypot for users to capture automated web application exploits. It is a very simple "semi interactive" honeypot implemented in PHP. The core idea is the following: you install it on a webserver…
-
Malicious sites by country
In an earlier post I’ve said that the number of malicious sites in a country has a close relation to the level of connectivity in the given country. Here is a chart to show this visually: (The data collection method is the same as for the other data: malicious domains from DNS-BH and clean domains…
-
FRHACK creates sexist award
The organizers of FRHACK, a french security conference in the making, came up with the idea of the “The Best IT Security Girl of the Year”. If you think I’m being over-sensitive, just look at the picture below and judge for yourself if it is a proper way to encourage women to participate in the…
-
The limits of mob-style takedowns
It is interesting to observe the dynamics of the interactions on the Internet. In the last couple of years several hosting (RBN, McColo and so on) organizations have been taken down by “denouncing them to the masses”. The usual flow of events was: Evidence was gathered against them The media “exposed” them Their upstream providers…
-
Mixed links
New blog in town: Telic Thoughts about information security – I especially liked their Is the CIA model still relevant? post. The CIA triad is a concept which I often reference and it is interesting to see how its limits are being pushed. Windows Server 2003 SP1 Out of Support in April – the Microsoft…
-
EthicalHacker.net compromised
Today I was greeted by the following e-mail in my inbox: EH-Net Compromise Disclosure EH-Net was compromised a few months back, and we are asking all members to immediately change their passwords. Although we do not hold any sensitive data such as social security numbers, credit card numbers, date of birth, etc., we still realize…
-
Mixed links
A new security Linux distro announced: SUMO Linux Notes on hardening Apache – some of them is not applicable if you are installing Apache from packages. I liked the idea mailing the admin whenever the server is (re)started. IWF causing problems for archive.org – interesting. While it wasn’t intentional, it was more an interoperability issue,…
-
Draw a bunny!
So I joined a useless but fun meme started by Andreas Gohr. As you can see, my artistic skills are not that good, but it is still fun to experiment. I tag kurt wismer, Dan Dascalescu and LonerVamp.
-
Yahoo! Briefcase closing
Apparently Google isn’t the only big web company closing down some of its offering. I got this email today: I didn’t use the service, but some of my readers (all 2 of them :-p) might, so watch out. As a security side-note: it is nice how Yahoo attaches a little icon to their “official” mails.…