Threat Intelligence Project (TIP) Update!
Submitted by enhanced on Tue, 02/09/2010 - 15:52After much waiting and anticipating, we are excited to announce that we will be releasing a client for those that wish to participate in the TIP project.
The initial release will have the option to obfuscate the IP addresses and potentially the payload, though we don't think that this really is in the spirit of things and does not afford the world the intelligence that could be derived were this data not obfuscated.
Having said all of this in a variety of grammatically incorrect ways, please keep posted for the download and additional details to follow.
- enhanced's blog
- Login or register to post comments
- Read more
Pulledpork v0.2.5 - Released
Submitted by enhanced on Wed, 10/14/2009 - 09:53A new and updated version of pulledpork is out, this version adds functionality and also addresses a number of previously reported bugs, a few simple examples:
- Improved and cleaned up code for efficiency and speed
- Do not overwrite local.rules on run
- Do not attempt to copy . and .. as rules files
- Much more...
- enhanced's blog
- Login or register to post comments
- Read more
Snort SID Information URL
Submitted by enhanced on Thu, 06/25/2009 - 13:24To combat the recent influx of "where is the Snort SID documentation" on the Snort mailing lists, I have created the following URL that you can use to update your BASE or whatever it is that you are using to view your Snort events.
Simply use the following url in your reference config:
http://rootedyour.com/snortsid?sid=xxxxx (where xxxx is the SID number itself)
i.e. http://rootedyour.com/snortsid?sid=234
Thank you for your time,
please drive fast and take chances
E
DX Studio Player Firefox plug-in command injection -- Complete with built-in Shell command
Submitted by Shirkdog on Thu, 06/11/2009 - 11:51Nothing like having the API do the work for you:
shell.execute("cmd.exe","/k cls|@echo this is wrong, very wrong.")
[Core Security Advisory]
- Shirkdog's blog
- Login or register to post comments
Microsoft Fixes Record Number Of Vulnerabilities
Submitted by enhanced on Wed, 06/10/2009 - 14:35It's curious... and I really don't know how good or bad it is that MS released fixes for 31 security issues in a single day.
I mean, does this speak more to their security issues, or does it speak more to their security practices and patching program?
Microsoft Fixes Record Number Of Vulnerabilities - The company's June Patch Day included 10 security bulletins to fix 31 threats in Microsoft products.
- enhanced's blog
- Login or register to post comments
- Read more
Why CISSP's are ruining security - An interesting parallel to MCSE's ruining Information Technology
Submitted by Shirkdog on Tue, 06/09/2009 - 11:56It is just one of those things, that eventually happens, but I want to take everyone back to 1999/2000. You have the Y2K bug, so people were focused on this as it affected applications in their enterprises. But after this paranoid (Black Sabbath reference, and not a misspelling of paranoia) subsided, I began to see advertisements, and hear about Microsoft Certified Training. I was working in a help-desk at the time and several of my co-workers actually had this MCSE in Windows NT. Windows 2000 ... was released and now all of them had to upgrade their certification and retake the test.
