name-services.com DoS
We've received a couple of reports from readers that name-services.com may be under a denial of service attack resulting in DNS being unavailable for a number of domains that host their DNS there. More info as it becomes available.
Update: (2007-08-10 01:00 UTC) They seem to be back up now.
SANSFIRE 2007 wrap up, part 1
It has now been a week since I got home from SANSFIRE. Since we here at the Internet Storm Center are the hosts of this conference, this is the one that usually has the largest contingent of handlers present. After mostly getting caught up on work at the day job, on behalf of all the handers, I'd like to thank all of you who attended our panel discussion and the talks by Tom and Ed, William and Robert, Adrien, Lorna, Don, and Johannes. Copies of the slides from some of the talks will be available here shortly, we'll put up another story with the links when they are ready to go. As we stated during the panel discussion, we can't do what we do without all of you submitting your firewall logs to Dshield and sending us your questions, observations, malware, and most importantly packets. We hope to see many of you again at future SANS conferences and, in particular, at next year's SANSFIRE.
Interesting new tool
No, I don't have a witty title in a dead language, but as many of you are aware, I'm constantly on the lookout for useful tools, so I was intrigued when I came across an announcement yesterday that Mandiant had released a free tool aimed at incident handlers, called Red Curtain. The purpose of the tool is to highlight which files may be suspicious and require a closer look by investigators. The tool scores files based on some interesting characteristics including entropy (how random the file is, which may be an indication of encryption), indications of packing, specific signatures of compilers and packers, digital signatures, etc. It certainly isn't foolproof, but is aimed at narrowing the investigator's initial job and would correctly flag anything written by Tom "if Latin isn't your thing, next time I'll try Sanskrit (shouldn't that be the official language of SANS anyway)" Liston. It sounds like a decent idea. Has anyone out there tried it, yet? If so, let us know what you think.
Update: As several readers have pointed out. The MD5 and SHA1 hashes of the zip file don't match what is on the Mandiant page, but the MD5 and SHA1 of the .exe inside the zip does match. I've notified Mandiant, but not gotten a response yet.
Update 2: The Mandiant folks have responded that the software got repackaged messing up the MD5 and SHA1 of the zip file, the page will be corrected shortly
Comments
www
Nov 17th 2022
6 months ago
EEW
Nov 17th 2022
6 months ago
qwq
Nov 17th 2022
6 months ago
mashood
Nov 17th 2022
6 months ago
isc.sans.edu
Nov 23rd 2022
6 months ago
isc.sans.edu
Nov 23rd 2022
6 months ago
isc.sans.edu
Dec 3rd 2022
5 months ago
isc.sans.edu
Dec 3rd 2022
5 months ago
<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.
<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission
isc.sans.edu
Dec 26th 2022
5 months ago
isc.sans.edu
Dec 26th 2022
5 months ago