Irregular Expressions:

April, 2010


April 30, 2010  8:36 PM

Automating system tasks with Perl – Part 1



Posted by: Dan O'Connor
net::ssh::expect, perl expect

Bash and sh scripts are great for automating system tasks on the local host. For remote hosts I preferred to use Perl, you can use Perl to login via ssh or telnet ( great for routers ) and you can also do simple tasks on web sites. For connecting to remote systems I use...

April 30, 2010  10:46 AM

XSS in sharepoint



Posted by: Dan O'Connor
cve-2010-0817, sharepoint, xss

There is a privilege escalation vulnerability in MS Sharepoint.  There is a mitigation for IE 8 users, you can enabled a XSS filter ( see the links ).  There is also a work around if you ACL the help.aspx file, you wont be able to view the help for the site, but it is supposed to stop the...


April 27, 2010  11:21 PM

A little more of buffer overflows



Posted by: Dan O'Connor
buffer overflow, c, perl

With out getting very technical there is a few things worth noting when referring to overflows. There is some programing languages that buffer overflows are more difficult then others.  An application written in a low level language like 'c' which gives the developer very fine control over the...


April 27, 2010  11:11 PM

Snort updated



Posted by: Dan O'Connor
snort

Snort was updated on the 26th, http://www.snort.org/downloads . Here is the list of new additions and improvements from the update.

2010-04-22 - Snort 2.8.6

[*] New Additions
   * HTTP Inspect now splits requests into 5 components -
     Method, URI, Header (non-cookie), Cookies,...


April 25, 2010  11:08 PM

MS10-025 And Buffer Overflows



Posted by: Dan O'Connor
buffer, buffer overflow, CVE-2010-0478, heap overflow, ms01-025, stack overflow

The MS10-025 update has been retracted, MS states that it "does not address the underlying issue" . MS10-025 is a Windows Server 2000 SP4 Windows media services Stack-based buffer overflow. Both are the same concept, but Stack vs Heap referrers to where the overflow occurred. A Heap overflow...


April 25, 2010  10:14 PM

3rd Suricata Beta



Posted by: Dan O'Connor
ids, suricata beta, suricata ids

There is a 3rd Suricata Beta available, head on over to http://www.openinfosecfoundation.org/index.php/download-suricata . Be warned that there is still a few items that need to be fixed. Here is the list from the download section.

Known issues & missing...


April 19, 2010  2:12 PM

Business Continuity With Volcanos



Posted by: Dan O'Connor
business continuity

I am thinking that most airlines and other companies that rely on air traffic for day to day business did not put too much time planning for a volcanic ash cloud grounding flights for an extended period of time. I have been seeing reports of this costing airlines 200 million dollars a day, if...


April 19, 2010  9:36 AM

ClamAV EOL of V 0.94



Posted by: Dan O'Connor
av, clam av, clam av eol

ClamAV is going to be releasing signature files that are going to be too large for version 0.94 to handle, if that is what you are running you need to update. http://www.clamav.net/lang/en/2009/10/05/eol-clamav-094/


April 14, 2010  9:58 AM

ATM Malware – Part 2



Posted by: Dan O'Connor
atm, ATM Malware

There has been an update to the original story I posted the other day, it now appears that there is a dollar value with the thief.  Released court documents put the loss between $200,000 and $400,000! that's a whole lot of ATM withdraws. There was some interesting information about the malware...


April 14, 2010  9:20 AM

NSA USB Detector



Posted by: Dan O'Connor
nsa usb detector, usb, usb detector

There has to be more then a few people out there that would really like to get a hold of this application. http://whatsbrewin.nextgov.com/2010/04/nsa_on_the_flash-media_hunt.php Being able to detect mass...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: