Register

To become a member of ITProPortal Register here.

Already a member? Login here

Please register below. All we need is a valid email address and a password.

Please use a real email address as we need to email you to confirm your account.
Must be at least 6 characters long.

Benefits of joining ITProPortal:

  • Unlimited Access to Special Reports and White Papers
  • Exclusive offers and discounts
  • Free entry to all competitions
  • Access to beta sections of ITProPortal.com

Login to your account



Forgot your password?

Submit
Register
Cancel

Line Noise : A few tidbits from Tipping Point Tower

Line Noise : A few tidbits from Tipping Point Tower
  • Digg del.icio.us reddit Facebook

As a research team we come across a variety of interesting articles, papers and links ranging from cutting edge security research to silly web toys.

We're constantly sharing information and commentary with one another and thought that it may be interesting for others to join in on the fun. So we have decided to dedicate some time to creating a generic "week in review" blog series.

We'll see how it goes and we'll decide on whether or not to keep it up based on the feedback we receive. To kick things off, here are some random recent musings straight from our internal IRC:

  • googleDrive is a fun little toy. Cody thought it would be interesting to snag the code and make a networked multiplayer racing game out of it. Looks like the author of googleDrive is already planning googleRacer which will allow you to plot a course and race against the clock.
  • Automated Patch-Based Exploit Generation. This interesting and recently published paper has stirred up all sorts of noise in the security specialized media arena and various mailing lists and boards.
  • Aaron found this link to a military sponsored rootkit and botnet research call for papers.
  • The pokerbot writeup and one of the ualberta papers it references. These made the rounds last weekend, with a decent application of DLL injection. It's supposed to be part of a series, so the second part may possibly be up by the time you read this.
  • Debian. That not random enough key generation vulnerability that everyone has been talking about. Ben Laurie has an interesting post on his blog, HD Moore generated the whole keyspace. XKCD made a comic about it and as expected we made a detailed write up of our own here.
  • Recently Google opened up a diagnostic page allowing users to check the malicious status of specific sites. To try this for yourself plug a target domain into: 
http://www.google.com/safebrowsing/diagnostic?site=http://www.example.com
Sebastian Muniz will be dropping some Cisco IOS rootkit hotness at EUSecWest which reminds us of FX's forensic tool.
You are reading page 1 of 1

Posted by Team Dvlabs on 16 May 2008

Tags: Promoting Security