Irregular Expressions:

March, 2010


March 29, 2010  5:46 PM

OpenSSL v1.0.0 released



Posted by: Dan O'Connor
openssl, openssl v 1.0.0

OpenSSL v1.0.0 has been released, this is a major release of OpenSSL.  When they say major they mean major, the list of changes is pages and pages long. Head over and get a fresh copy http://www.openssl.org/ .

March 28, 2010  9:48 PM

Communication During A Business Continuity Event – Part 1



Posted by: Dan O'Connor
business continuity, disaster recovery, openmeetings

During a major disaster recovery or a business continuity event maintaining team communication and co-operation can be a great asset during the event.  I have seen several different solutions use from skype, MSN / GTalk or other hosted IM, internal Jabber server and cell phones / black berries. ...


March 28, 2010  9:14 PM

Parsing XML with regular expressions – Part 2



Posted by: Dan O'Connor
parse xml, perl regex, regex group, regex xml

You cam also run into XML formatted like this.

                <global>
                        <pref name="trusted_ca" value="cacert.pem" />
                        <pref name="hide_toolbar" value="no" />
                        <pref name="hide_msglog" value="no"...


March 20, 2010  8:37 PM

Parsing XML with regular expressions – Part 1



Posted by: Dan O'Connor
parse xml perl, perl, perl xml, xml

Many applications now have the ability to produce XML reports, while perl does have modules available to parse this information I find regular expressions are faster on extremely large data sets. A small example.

<date>
	<start>Thu Mar  4 23:27:03...


March 18, 2010  9:57 PM

System Virtualization



Posted by: Dan O'Connor
virtualbox, vm

For the last few years I have been using VirtualBox for running my vm's. I prefer applications that will run on any of the operating systems that I use, and the more consistent the UI the better. VirtualBox will run on Windows, Linux, FreeBSD ( not sure about any other UNIX ) and OS-X. It is...


March 18, 2010  8:54 PM

Protecting system state



Posted by: Dan O'Connor
malware, sandboxie, system state

Sometimes you need to run an application that you really just don't know what it will do to your system. This is a great utility to sandbox your application, the running application will think that it's editing the system but you have the ability to delete the contents of the sandbox and revert...


March 10, 2010  3:48 PM

Energizer Malware



Posted by: Dan O'Connor
energizer malware

This is far too interesting not to post, US-CERT has analysis of malware discovered in Energizer battery chargers USB software.  When the charging software is installed it drops two DLL's on the system, one of which is Arucer.dll. Arucer.dll is the backdoor, it creates a...


March 10, 2010  3:13 PM

Installing Suricata on FreeBSD – Part 7



Posted by: Dan O'Connor
barnyard freebsd, suricata freebsd

To get the unified2 events coming out of Suricata into the database that was setup, you will need to install something to open that file format. One of the choices listed is barnyard2, it's a large install and needs to have snort installed as a dependency but it will do the...


March 8, 2010  10:02 PM

Mark Zuckerberg postings on BusinessInsider.com



Posted by: Dan O'Connor
facebook hack

This is really interesting, you might suspect that someone at facebook had looked into files that they should have not.  But the fact that it's the founder of the company doing it, and that it does not seem to be a rumor and that there is more then one person that is backing up the claims.  The...


March 7, 2010  8:57 PM

Updates to BIND



Posted by: Dan O'Connor

There has been a new release of BIND. http://isc.sans.org/diary.html?storyid=8335 DNS is one of those services that should really be patched sooner than later, the fixed bug list of the release is here. http://isc.org/files/release-notes/962.html#RELEASE [code] --- 9.6.2 released...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: