ToorCon 12

After a two year absence due to unavoidable other obligations like good friends’ weddings, I finally made it back to one of my favorite hacker conferences, Toorcon.  San Diego is always beautiful when I happen to be there with nice weather and a cool mix of people, both locals and visitors who are there for the conference, and this year was no exception. […]

REcon 2010

This last weekend I took a trip up to Montreal for REcon.  If you’re unfamiliar with REcon, it’s a small security conference focused on topics most interesting to reverse engineers.  As such, the talks are more technical than you will find at other more mainstream conferences like BlackHat or DEFCON, and generally require a certain level of expertise as a baseline.  If you don’t understand assembly language, you’ll probably not [...]

Advanced Persistent Threat

Ok, enough with the APT marketing and journalism diarrhea...  It's really quite simple: ad·vanced - /ædˈvænst, -ˈvɑnst/ -adjective 1. ahead or far or further along in progress, complexity, knowledge, skill, etc.: an advanced class in Spanish; to take a course in advanced mathematics; Our plans are too advanced to make the change now. per·sist·ent - /pərˈsɪstənt, -ˈzɪs-/ –adjective 1. persisting, esp. in spite of opposition, obstacles, discouragement, etc.; persevering: a most [...]

By |2010-04-12T09:37:30+00:00April 12th, 2010|attack, hpavc, rant, security, threat modeling|0 Comments

SmartPhone Unlock Screens: Moving in the Wrong Direction

I recently purchased the Motorola Droid from Verizon, and am so far very happy with it.  Other than finding the physical keyboard a bit lacking from being extremely spoiled by the Sidekick’s physical keyboard to which no other physical keyboard could ever hope to live up to, I’ve really had no complaints with the device or the Android 2.0 operating system that runs on it.  I have however, noticed that [...]

Simulating DDoS Attacks

Todd Manning and I have a new whitepaper available over at BreakingPoint on simulating Distributed Denial-of-Service (DDoS) attacks using the BreakingPoint product.  You can read more about the paper in my BreakingPoint blog post, or just grab the paper here.  If you're a BreakingPoint customer, you'll want the bundled version which comes with test cases and other supporting materials.

By |2009-02-27T11:40:24+00:00February 27th, 2009|attack, testing, whitepaper|0 Comments

MD5? Really?

First let me say that this article is not meant to diminish the work that Alexander Sotirov et. all have been doing for the past 6 months.  It’s good work, has brought about some awesome results, and has demonstrated what was once a theoretical attack on PKI certificates based on MD5 hash collisions.  What I’m amazed at is that it had the impact that it actually did. […]

How to Really Fix Your DNS

Obviously the first thing everyone should be doing is to apply the patches that the major vendors rolled out, and do it quickly.  It is no longer the time for debate in regard to whether or not you really do need to patch… the answer to that question is quite clear; Yes.  Yes you do. Stop reading this, go to your vendor right now, and get the patches. Then apply [...]

The Internet is a Dirty, Dirty Mistress

It’s been quite a while since I wrote or updated DFW, the I)ruidic FireWall.  Included with that utility is a default iptables firewall policy which the user can use directly, tweak to their liking, or completely throw away and start over from scratch.  NetFilter (iptables) has come a long way since I was actively working in the firewall space and regularly maintaining the DFW utility, so I thought it high [...]

By |2008-06-27T17:28:50+00:00June 27th, 2008|attack, perimeter security, security, software|0 Comments