A Collation

There a a bunch of interesting security links today.

From the ISC diaries here and here we have:

An interesting write up of an ssh brute-force compromise of a honey-pot involving backdoors and IRC botnets.
Part III of 'Following the Bouncing Malware'. An analysis of what spyware is actually doing. Very confusing. Here are parts One and Two.
The IE, IFRAME vulnerability with exploit (and here and here). This is a beauty which allows remote code execution. Use Firefox dammit! It is also interesting to note that in the last few days there have also been this and this IE vulnerability, with no equivalent in Gecko based browsers. Microsoft's new advanced notification service has no mention of any patches for these vulnerabilities this tuesday.
There is a rumour that the Cisco PIX firewall source code has been stolen by a group called 'The Source Code Club' who posted to the alt.gaps.international.sales newsgroup looking for buyers. Another reason not to rely on closed-source products.

In addition joat had two interesting links:

Spyware Warrior is a blog deidcated to fighting spyware, with some interesting write-ups of doing so.
There is a site dedicated to port knocking. It has a whack of information including implementations for download in perl, C++, Java, Python and Bash.

That should keep you busy.

Last modified on 2004-11-06 06:52

Trackbacks

Trackback specific URI for this entry

No Trackbacks

Comments

Display comments as (Linear | Threaded)

No comments

Add Comment

Name
Email
Homepage
In reply to
Comment	E-Mail addresses will not be displayed and will only be used for E-Mail notifications. To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly. Enter the string from the spam-prevention image above:
	Remember Information? Subscribe to this entry