-
Solution to the malware challenge
The deadline for submission to the malware challenge has passed, so I will post here my solution. Sorry for the rather poor presentation, but I exported it out from Word. Describe your malware lab. A virtual machine (VirtualBox[1]) with WindowsXP installed. OllyDbg[2] IDA 4.9 Freeware[3] PEiD[4] HxD[5] LordPE[6] ImpRec[7] What information can you gather about…
-
A small Slony-I tutorial
Update: the altperl scripts seem to take away the need for most of the steps here. Take a look at the post Slony1-2.0.0 + PostgreSQL 8.4devel for an example for how to use them. When I first installed Slony-I to replicate between two PostgreSQL servers, it was very confusing. Now I am somewhat less confused…
-
Limitations of Software Restriction Policies
Update: ok, SRP is even more broken than I thought. As one of the readers pointed out (thank you Anonymous!), there is a built-in (albeit only partially documented) option on runas which circumvents SRP. For some time now there has been a friendly back-and-forth between Didier Stevens and myself with regards to the topic of…
-
Mixed links
Via Pat’s Daily Grind: Philosophical Health Check and Battleground God. Very cool pages which aim to discover discrepancies/contradictions in your world view. I’ve been using Chrome for some time now and my conclusion is: it doesn’t matter what browser you use, as long as it is a reasonably new one. Thins I’ve liked: resizable textboxes…
-
Somebody messed up their routing tables…
tracepath podcast-files.cnet.com gets me this (observe the loop): … 6: r11-Vl3001.buh7.ro.gtsce.net (85.9.9.245) 29.703ms asymm 8 7: 85.9.9.169 (85.9.9.169) 26.761ms 8: r37-Vl2002.buh3.ro.gtsce.net (85.9.9.1) 27.132ms 9: r11-Vl3200.buh7.ro.gtsce.net (85.9.9.246) 25.090ms asymm 7 10: r10-gi13-0.buh7.ro.gtsce.net (85.9.32.73) 26.592ms asymm 6 11: r11-ten4-3.buh7.ro.gtsce.net (85.9.32.74) 29.970ms asymm 9 12: r11-Vl3001.buh7.ro.gtsce.net (85.9.9.245) 38.560ms asymm 8 13: 85.9.9.169 (85.9.9.169) 27.047ms asymm 7 14: r37-Vl2002.buh3.ro.gtsce.net…
-
Compiling OpenTyrian under Ubuntu
I suspect that every one of you has some childhood memories about computer games. Recently I discovered that one the games which was iconic for me at the time, was released as freeware. I’m talking about Tyrian. Not only was it released as freeware, but the full source was made available (together with the artwork!).…
-
Ethical hacker challenges
A new challenge is in full swing: Scooby Doo and the Crypto Caper. The solutions for the previous one will be shortly announced. It should be very interesting because it contained some hardcore Linux hacking which is always interesting.
-
Mixed links
Interesting series, given the current economic situation: a crash course in economics. A two part series on what it is like to write the technical book from one of the authors of “High Performance MySQL”: Part 1 Part 2 The editor’s reply It is very interesting, especially the technical methods used to automatically detect parts…
-
Network Miner
I don’t really like magazines because they (as they try to get money out of them) blur the line between content and advertising more and more (just recently I picked up an issue of Wired and it was incredible how much advertising is in it). Also, in the case of electronic magazines delivered in the…
-
Popular ideas about AV
There was a recent posting on Slashdot asking what reliable, free AV software is out there? It is very interesting to read the comments, since this is a geeky audience. If they get things wrong, what chance does the large population have of getting things right? Also, these are the people most likely to act…