Here’s a video by Laura Chappell analyzing the network traffic from a bot-infected host. Good stuff!
Analyze a Bot-Infected Host with Wireshark
Leave a reply
Category Archives: security
Injection-proof SQL
Bruce Schneier points to an Oracle paper on How to Write Injection-proof SQL.? Sixty-two pages that I hope to look at some day…
Eavesdropping on Bluetooth
People assume those bluetooth headsets can’t be listened in on … or that it’s limited to 30 feet.? Both beliefs are false!
Joshua Wright is a wireless hacker and security guy extraordinairre.
[youtube]http://youtube.com/watch?v=1c-jzYAH2gw[/youtube]
Laura Chappell Interview on Ron Nutter’s Help Desk Tool Chest
Hear Laura Chappell, the network troubleshooting and packet inspection guru, on episode 6 of Ron Nutter’s Help Desk Tool Chest podcast (his interview with her is about 37 minutes in).
For more great stuff from Laura, see Wireshark University and www.packet-level.com.
Time to Update Wireshark
It’s time to update your copy of Wireshark, everyone’s favorite packet analyzer.? Why, you ask?
- follow UDP streams
- filter on SNMP OIDs
- improved Vista support
And if you don’t know about it already, head on over to Laura Chappell’s Wireshark University and check it out.? Sign up for the free FIN Bit Magazine and download the free Wireshark Accelerators reference card (keyboard shortcuts for Wireshark).
Give Snort a try
If you’ve been wanting to give the open source network intrusion detection system Snort a try, check out Knoppix-NSM.
I haven’t tried it yet, but Russ McRee wrote a nice article about it called Putting Snort to Work in Information Security magazine.
Free Antivirus/Antimalware Super-Scanner
If someone sends you a file (or you download a questionable file) and you really want to be sure that the file is safe, try out VirusTotal.
VirusTotal is “a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines”. You upload or email a file to them, and they scan it with a bunch of antivirus programs.
They currently list 32 companies whose antivirus engines are used.
This is certainly not a replacement for running antivirus software on your machine, since it only scans individual files that you submit.
Security Awareness Video Contest
Check out the winners of the 2007 Computer Security Awareness Video Contest conducted by the EDUCAUSE/Internet2 Computer and Network Security Task Force, the National Cyber Security Alliance, and ResearchChannel to raise awareness of and increase computer security at colleges and universities.
Quoting from the site:
The contest sought videos that explain computer security problems and specific actions college and university students can take to safeguard their computers or personal information.
Winning videos were selected for creativity, content, technical quality, and overall effectiveness of delivery. Cash prizes were awarded to winners in each category. The two gold winners received $1,000, the two silver winners received $800, and the two bronze winners received $400 in cash prizes. Five honorable mentions were also selected in each category.
Cisco interviews Ed Skoudis
Cisco’s Robb Boyd interviews security expert Ed Skoudis in this episode of Cisco’s Techwise Podcast series.
Ed is a popular SANS instructor and an excellent communicator. He and Robb give an overview of the current Internet security scene, and don’t even try to sell any Cisco products!
Probably the easiest way to get this podcast is to point your podcatcher (like iTunes) to this link and choose the episodes you want. The Skoudis one is called “Crouching Wi-Fi Hidden Dragon” after a section from his book, Counter Hack Reloaded.
NetworkWorld good stuff
I read NetworkWorld every week, and I usually find something interesting. The April 2, 2007 issue, however, surprised me with the number of articles that directly addressed topics that I’m currently interested in: