Denial of Service with Slowloris

Earlier this week the ha.ckers.org blog posted the release of the Slowloris HTTP DoS tool primarily coded by Rsnake, discribed as The low bandwidth, yet greedy and poisonous HTTP client! The attack vector essentially works by initialising an HTTP request but never completes the request, causing the handling thread to wait for the end of […]

Acer Aspire One

Last week I bit the bullet and bought a ‘toy’ I’ve been looking at for a while, the Acer Aspire One (AA1), and so far I’ve had few regrets. Whilst being small and, more importantly to me, light the screen size is still large enough to work with (including using multiple windows at once) and […]

Random Malware Analysis

Having recently been left with several hours to kill with nothing but a laptop and my virtual lab I thought I’d try my hand at some rudimentary malware analysis. For a random live sample I selected the most recent submission to my Nepenthes Server. $ tail -n1 /opt/nepenthes/var/log/logged_submissions[2009-05-21T19:10:59] 90.130.169.175 -> 195.97.252.143 creceive://90.130.169.175:2526 93715cfc2fbb07c0482c51e02809b937 To start […]

Dark Reading: DIY security lab

As I’m currently setting up and playing with my home research lab this article from Dark Reading caught my attention. The article doesn’t provide too much ‘new’ material to those that have researched security labs even in minimal depths, but it does focus on how security labs can provide cheap training to keep your skills sharp during the current economic current. I don’t want to paraphrase the article as it is all fairly self-explanatory, for those considering how to use a proposed or existing lab John Sawyers’ article suggests the following possibilities:

Sec610 Reverse Engineering Malware Demo

I spent a very interesting hour with Lenny Zeltser (and others) around a week ago with a live demo of part of Lenny’s Sec610 course. For those interested in taking the course, or malware in general, then I’d suggest that if the demo is a representative sample of the course then you’re likely to really […]