NetSec

11.27.2004

I am deeply saddened to inform you of the sale of Illmob.org to an undisclosed party for the amount of $5,000US. Pingywon and morning_wood will continue to update the site for the next three months, until control of the domain is transferred. It is always a pity to lose an active member of the scene, and I wish nothing but the best for my friend xIllwillx, and I'm sure the rest of the community joins in my sentiments. Thanks for all you contributed, guys!

posted by Anonymous Saturday, November 27, 2004

11.24.2004

A flaw in Sun Microsystems' plug-in for running Java on a variety of browsers and operating systems could allow a virus to spread through Microsoft Windows and Linux PCs

posted by Lance Wednesday, November 24, 2004

PETCO settles Federal Trade Commission action over a security hole on it's e-commerce site that left as many as 500,000 customer credit card numbers exposed

posted by GeeWhiz Wednesday, November 24, 2004

11.23.2004

Handbook of Information Security Management

posted by GeeWhiz Tuesday, November 23, 2004

Port Reporter Parser Provides a GUI for Parsing Port Reporter Logs

posted by GeeWhiz Tuesday, November 23, 2004

11.22.2004

BlueMonger is a demo application for advanced smart phones running Java with support for the Bluetooth API. It will poll for Bluetooth devices in the near vicinity, list those devices and post their discovery to your weblog via XML-RPC. These posts will link back to BlueMonger.com so that you can see by the referrers if other people with weblogs have passed by the same device. If you don't know what that meant, you probably don't want to try this application.

posted by GeeWhiz Monday, November 22, 2004

11.21.2004

Port Reporter is a M$ Windows service that logs all port activity including PID to port mappings and a dump of all DLL's bound to a port. While this may eat up a bit of disk and CPU, this data could help track down backdoors, trojans, rootkits, etc. Here's a snippet from telnet-ing to a netcat listener on port 3333:

date,time,protocol,local port,local IP address,remote port,remote IP address,PID,module,user context
04/11/21,13:36:3,TCP,1372,127.0.0.1,3333,127.0.0.1,2648,telnet.exe,
04/11/21,13:36:3,TCP,3333,127.0.0.1,1372,127.0.0.1,4020,nc.exe,

posted by GeeWhiz Sunday, November 21, 2004