Friday, April 11th, 2008
Malicious hackers beware: Computer security expert Joel Eriksson might already own your box.
Eriksson, a researcher at the Swedish security firm Bitsec, uses reverse-engineering tools to find remotely exploitable security holes in hacking software. In particular, he targets the client-side applications intruders use to control Trojan horses from afar, finding vulnerabilities ...
Posted in Coding, Internet, Privacy, Security, Software | No Comments
Friday, April 11th, 2008
Traditional IDS/IPS systems occur at the network level, usually plugged into a spanning port on a switch. I love this concept and think it should be part of any defense in depth strategy. The two primary weaknesses in these devices are, (1) they cannot process encrypted streams and (2) they ...
Posted in Coding, Internet, Security | 2 Comments
Friday, April 11th, 2008
Seeing as I've just spent the morning trying to get all this up and running I thought I'd create an entry about how to get Backtrack running in VirtualBox.
For those who haven't heard of it, VirtualBox is an open source equivalent to vmware workstation. It does full snapshoting (unlike vmware ...
Posted in Coding, Linux, Privacy, Security, Software | 5 Comments
Thursday, April 10th, 2008
The CLSID for an ActiveX control is a GUID for that control. You can prevent an ActiveX control from running in Internet Explorer by setting the kill bit so that the control is never called by Internet Explorer when default settings are used.
The kill bit is a specific value for ...
Posted in Coding, Internet, Security, Windows | No Comments
Wednesday, April 9th, 2008
The folks over at Darknet do a great job of pointing out interesting tools for use in penetration testing and web app security testing among other things. I won’t be duplicating their feed here, but when I see something that I want to test for myself, I will be posting ...
Posted in Coding, Internet, Linux, Privacy, Security, Software | No Comments
