Published in Advances in Digital Forensics III
The paper that I presented at the IFIP WG 11.9 digital forensics conference, “Using Search Engines to Acquire Network Forensics Evidence” (using my tool GooSweep) has been published as a chapter of the new hardcover “Advances in Digital Forensics III” from IFIP and Springer. I just received my copy today, and I’m quite [...]
Hamsters really aren’t that much cooler than Ferrets
You might remember an older post here, on the “Ferret” sniffer from Errata Security. You may have even found this blog by looking for information on Ferret. Since Blackhat, my logs show a lot of hits coming from Google searches for Ferret. I suppose they saw the presentation on Hamster and wanted some [...]
Tactical Exploitation at BlackHat 2007
HD Moore has placed the slides online for the talk he and Valsmith gave on “Tactical Exploitation” yesterday at Black Hat. I normally don’t like just reading through the slides for a talk, but until I can obtain some audio/video this’ll definitely do. One of the reasons I don’t like having only the [...]
Review: Linksys WRT54G Ultimate Hacking
If you already have one of these very popular and versatile routers, are in need of a good platform for small-scale network infrastructure, or want to use the WRT as a platform for penetration testing, then “Linksys WRT54G Ultimate Hacking” is a must-have. I read this book cover-to-cover this weekend, in-between moving things around [...]
Intercepting Voice-Over-IP Calls
Many thanks to the PaulDotCom podcast crew for mentioning this on the latest show (Episode 69). I had apparently missed out on it before now, and it sounds great.
VoiPong is a sniffer that picks up on all sorts of VoIP protocols, decodes the traffic, and saves them to .wav files. How cool is [...]
Playing With Fire: Malware in VMs
Lately I’ve been reading Eldad Eilam’s “Reversing: Secrets of Reverse Engineering”, working through all of the exercises and such. I need to build up my skills at really low level workings of Windows, static analysis of disassembled code, and debugging a live process more effectively. This is the perfect book for that, so [...]
SANS Stark Vegas – SYN City!
Tonight, here in Starkville, MS, I taught my first of what will hopefully be many training classes for SANS. Tonight, 8 very bright students (mostly IT staff for the university), took part in the “Stay Sharp: IP Packet Analysis”. I say they “took part”, rather than “attended”, as each and every single one [...]
OpenWRT on the Fon Fonera
UPDATE : Brett Hoff and Russell Butturini have made some notes of their own to go with these notes, to clarify some of the things that have changed in newer versions of Kamikaze and the Fon, gotchas with non-Apache webservers, and a few other things you might have problems with. Those notes are available [...]
Fresh proxies, delivered straight to your doorstep
Several times a day, I get notification that there are new comments on this blog, waiting for moderator approval…
…unfortunately, they’re not adoring fans :) . It’s always “comment-spam”, trying hard to place some advertising on my site for refinancing of mortgages, various pills, porn, and who-knows-what-else. It’s typically from many different IP [...]
SECCDC Final Standing and official NBNSpoof Release
So the smoke has cleared and the dust has settled on the judging, discussions, and drama surrounding the Southeastern Collegiate Cyber Defense Competition, and the final rankings have been released. We did better than we had been previously led to believe! The top three teams (out of 9 teams) are:
Louisville
UNC Charlotte
Mississippi State
We wound up [...]