Wednesday, November 26, 2008

ISC Redeux

Got some feedback on the SANS Alumni list that the Storm Center has been up and down all morning, mostly down. Hope it's nothing more than a technical issue.


The Internet Storm Center appears to be down. The SANS main site is up and running; may be just maintenance. Hopefully it will be back up soon. I haven't had my daily browse to see what's going on in NetSec this morning. Off to Security Focus or my news reader, I guess. Talisker is a good place to get an overall view too, a dashboard found at
It has sections on news, latest vulns, tools, signatures and some snappy maps. =-)
Looks especially good to have up when clients are walking through and you get introduced as "the security guy". Does this mean I get a gun and a badge too?

Thursday, November 13, 2008


This will be old news to many, I presume, but I came across a very nifty tool called Malzilla in a security list today. Turns out it's just what I've been looking for. Doing IDS analysis, you come across a lot of obfuscated code in various formats: Jscript, Hex encoded, Base64, shellcode and the like. I'd never found one tool to help me quickly work though this until I found Malzilla. Primarily a malware analysis tool, it deobfuscates all of the above as well as having a hex viewer, a Pscript tool, and a URL deobfuscater. Very nice, free, and open source. If interested, you can grab the W32 binaries package at . Sweet! Many thanks to the author, Boban Spasic, as well as the other contributors to the project, found in the About tab of the tool.

Tuesday, November 11, 2008

WPA Cracked

As reported now everywhere, WPA has been cracked. 12-15 minutes according to one article. Rather than rehash all the info there, just go to the Storm Center articles and get all the links and the latest info. They really do a great job staying on top of this stuff.

Oh, and move to WPA2 if you haven't already. it's not affected, and unless your AP/Wireless Router is older, it's probably already supported.

Blog Archive