Seen on Full Disclosure, Zero Wine is a brand new project to help in malware analyzis. Based on QEMU and Wine, it provides a safe environment to launch suspicious Windows executable and analyze their behavior. Using the Wine debugging features, all the APIs calls are logged for further reporting. Project
Month: December 2008
Strong Authentication
I’m just back from the cinema with the children. We watched Madagascar 2. Before the movie, and between (too much) ads, the trailer of a coming movie called “Monsters Vs. Aliens” was presented. The trailer was very funny and started with an example of what could be called “very strong
You Asked the Webmaster? Hold the Line Please…
A few days ago, I accidentally discovered a security flaw in a public forum dedicated to a well-known security software solution. No “high-level” attack but something really dumb. During the registration process, I pasted a wrong string in the registration page. My clipboard still contained some basic HTML tags. All
JanusVA: Hardware Privacy Adapter
According to their website, JanusVM is … “a software that allows you to surf the Internet without oppression or censorship, while protecting your privacy, security, and identity. It has advanced filtering capabilities for modifying web page content, managing cookies, controlling access, and removing ads, banners, pop-ups and other obnoxious Internet
X-mas Topology
I generated some traffic to wish you a Merry Christmas! Source: http://www.ende-der-vernunft.org/.
dns.be: More Anycasting
dns.be is responsible of the .be (Belgium) TLD. In a few words, this organization manages the administrative tasks to register domains in the .be zone and also maintains a set of .be-root servers which forward requests to the right name servers to resolve .be domains. At the moment, nine servers
Pwned by a Mosquito!
In Helsinki, the police catched a car thief with the help of … a mosquito! They found a mosquito full of fresh blood in astolen car. They analyzed the DNA and it matched a bad guy already recorded in the police database. Pwned! ;-) Read the BBC News article.
Cc: Party or the Right Way to Use Email
I just received an official e-mail from a security appliance manufacturer. The message was an official communication about their products line. End of 2008 (almost 2009!), I’m really surprised how this communication was handled! First, a Word document was attached to the message. Why? Word documents may carry viruses or
PaulDotCom Goes TV (again)
Big fan of PaulDotCom for a long time, I listen to the Security Weekly postcast every week in my car (that’s the positive side of traffic jam in the morning ;-) They also broadcasted videos for a long time but the last episode was posted in May 2008. They are
Rogue/Hacked DHCP Server Detection Using Nagios
Beginning of this month, the Internet Storm Center published a diary about a new malware (called Trojan.Flush.M) detected by Symantec: Rogue DHCP servers. The malicious code was analyzed by Symantec. Once the machine infected, it sends fake DHCP offer packets using UDP ports 67 and 68 when another computer on