Well, I'm back home and almost caught up on sleep after SANSFIRE (the largest gathering of handlers in one place in the history of the Internet Storm Center). The training at these conferences is always top notch, but meeting with other professionals that are going through the same sorts of things at work is also a treat for me and getting to actually meet some of the other handlers in person after corresponding with them online for, in some cases, 5 years was a blast. There were a number of people who came up to me in DC (especially on Thursday when all the handlers --except one who shall remain nameless-- wore our ISC shirts) to thank us for providing this service. We all appreciate the kind words, but we wouldn't be able to do what we do, if it weren't for the rest of our readers out there submitting logs to Dshield, writing in when they see something suspicious on their own machines or networks (and including packets and the malware), or just giving us a heads up that they hear about a new vulnerability somewhere. We enjoy doing this, and we struggle through the slow days when there doesn't seem to be anything to write about to get to the "exciting" days when there is a massive malware outbreak. I think I speak for all of us here when I say that the thanks really go to you folks, we couldn't do it without you, so keep up the good work.
We now return you to our regularly scheduled Linux local privilege escalation exploits. :)
I will be teaching next: Malware Reverse-Engineering Challenge - SANS New York City 2019
Jul 15th 2006
1 decade ago