Ironkey have produced a new device that is bootable and can run a virtualised desktop.
Ironkey have joined up with BeCrypt to provide a Trusted Client.
Wednesday, February 24, 2010
Tuesday, February 23, 2010
PKI CPS AND CS Paper
Certificate Policies and Certification
Practice Statements paper from Entrust
www.entrust.com/resources/pdf/cps.pdf
Practice Statements paper from Entrust
www.entrust.com/resources/pdf/cps.pdf
Sunday, February 21, 2010
PCI Standards doc
Friday, February 19, 2010
PDF exploits 80% of all attacks in 2009
Highlights of report from scansafe report
45% of all Web malware encounters in 2009 were with exploits and iframes indicative of compromised websites;
Malicious PDF files comprised 56% of Web-encountered exploits in 1Q09, growing to 80% of all exploits by 4Q09; Flash exploits encountered via the Web dropped from 40% in 1Q09 to 18% in 4Q09;
Web-encountered exploits in Word and Excel comprised less than 1% of all detected exploits for the year;
Malicious image files comprised 10% of all Web malware encountered in 2009;
Thursday, February 18, 2010
Setting up subscriptions for event log forwarding
Syslog type functionality for forwarding of windows events off multiple machines to one windows box, without third party support.
http://www.windowsecurity.com/articles/Video_Setting_up_Subscriptions_Event_Log_Forwarding.html
Tuesday, February 16, 2010
Copy a virtualbox vdi file
To copy an already created vdi file to create a new virtual machine use the following on a windows box. Should be the same on a Linux machine but obviously the path needs to be modified.
c:\Program Files\Sun\VirtualBox\VBoxManage.exe clonevdi original_file.vdi clone_file.vdi
c:\Program Files\Sun\VirtualBox\VBoxManage.exe clonevdi original_file.vdi clone_file.vdi
Sunday, February 14, 2010
VMWare directory traversal vulnerability
NMap script for it
http://www.skullsecurity.org/blog/?p=436
perl scri[t
http://fyrmassociates.com/tools/gueststealer-v1.pl
http://www.skullsecurity.org/blog/?p=436
perl scri[t
http://fyrmassociates.com/tools/gueststealer-v1.pl
Microsoft Exchange 2007 Audit Articles
A couple of articles on what can be auditted in MS Exchange 2007 Service Pack 2 that might shape what we want and/or can do.
Audit part 1
Audit part 2
Audit part 1
Audit part 2
Tuesday, February 9, 2010
Windows Offline Updater returns
Having seen AutoPatcher disappear, Claus has a goos write up on an alternative from here
http://grandstreamdreams.blogspot.com/2007/10/heise-offline-update-40-now-serving.html
http://grandstreamdreams.blogspot.com/2007/10/heise-offline-update-40-now-serving.html
Sunday, February 7, 2010
USB History for Windows and Linux systems
Good article on usb history in windows and linux systems and where to find the artifacts
http://blog.commandlinekungfu.com/2010/01/episode-77-usb-history.html
http://blog.commandlinekungfu.com/2010/01/episode-77-usb-history.html
Sans Forensic Summit in London
The 2010 European Community Digital Forensics and Incident Response Summit
- Dates:
- Pre-Summit Course Dates: April 14 - 18, 2010
- Summit Dates: April 19 - 20, 2010
- Summit Venue:
- London, UK
Thursday, February 4, 2010
Building openvpn on a vps
Pages to read
http://samj.net/2010/01/howto-set-up-openvpn-in-vps.html
http://forums.ramhost.org/bbs/viewtopic.php?pid=4
http://samj.net/2010/01/howto-set-up-openvpn-in-vps.html
http://forums.ramhost.org/bbs/viewtopic.php?pid=4
Installing BackTrack
Guide to install a persistent copy of Backtrack
http://www.infosecramblings.com/backtrack/backtrack-4-usbpersistent-changesnessus/
See also Hak5 video of today 04/02/10
http://www.infosecramblings.com/backtrack/backtrack-4-usbpersistent-changesnessus/
See also Hak5 video of today 04/02/10