ISC StormCast for Wednesday, January 18th 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleOracle Quarterly Patch Advisory Released, January 17th 2012:...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC Feature of the Week: The 404Project, (Wed, Jan 18th)
The 404Project is a simple snippet of code you add to your 404 error page that submits information back to ISC for reporting. The main purpose of this project is to trend the web pages crawlers and...
View ArticleISC StormCast for Thursday, January 19th 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleWHOIS contacts are your friends, (Thu, Jan 19th)
Youve rocked up to work ready to start the day and get on with the list of jobs the boss has graciously gifted you with, when your daily routing of reviewing the logs brings the normal sigh as x.x.x.x...
View ArticleISC StormCast for Friday, January 20th 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleThe privacy hodgepodge and IP Addresses, (Sat, Jan 21st)
A comment on one of the articles earlier this week prompted me to dig around privacy legislation from various part of the planet, only to realise what a mess it is and I should probably just have mowed...
View ArticleDNS Sinkhole Scripts Fixes/Update, (Sat, Jan 21st)
In October 2011 [1], I released an update for the main parser script used to generate the BIND/PowerDNS configuration files. This release of the sinkhole_parser.sh script contains some important fixes,...
View ArticleJavascript DDoS Tool Analysis, (Sun, Jan 22nd)
Last week's denial of service attack agains the Department of Justice (justice.gov), the FBI (fbi.gov) and other sites didn't just rely on Anonymous's favorite tool Low Orbit Ion Canon. Instead, a new...
View ArticleISC StormCast for Monday, January 23rd 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleMailbag - "Attacks", (Sun, Jan 22nd)
We got an email to the list today that got me to thinking. Alyce was concerned because of Attacks toward her computer that were being logged by the firewall that is part of the locally installed...
View ArticleISC StormCast for Tuesday, January 24th 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleIs it time to get rid of NetBIOS?, (Tue, Jan 24th)
NetBIOS, and its weaknesses that allow extremely easy spoofing have been well known all the way since 2005. I recently discussed NetBIOS with a colleague of mine, Arcel, and this discussion prompted me...
View ArticleISC StormCast for Wednesday, January 25th 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleISC StormCast for Thursday, January 26th 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticlepcAnywhere users patch now!, (Wed, Jan 25th)
Symantec released a patch for pcAnywhere products that fixes couple of vulnerabilities, among which the most dangerous one allows remote code execution. You can see Symantecs advisory here. Now, for...
View ArticleISC Feature of the Week: ISC Link Back, (Wed, Jan 25th)
Overview Need to attribute information to ISC? Want to provide users with an avenue to visit the ISC site? Want to link directly to the ISC Stormcast, Infocon or other information? These methods and...
View ArticleISC StormCast for Friday, January 27th 2012...
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleCISCO Ironport C & M Series telnet vulnerability, (Fri, Jan 27th)
In case you missed it there is a vulnerability in the CISCOIronport telnet service. Details can be found here...
View ArticleSSH Password attacks using domain name elements as userid, (Fri, Jan 27th)
A reader (Thanks Jim!) mentioned earlier today that his SSHlogs were showing access attempts utilising elements of the reverse DNS name of the IPaddress being accessed. For example using isc.sans.org...
View Article