Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Other miscellaneous stuff I've come across recently SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Other miscellaneous stuff I've come across recently

 

Complexity is bad for security

 

I've mentioned before that I read Spaf's blog.  He doesn't post too often, but he had a story last week that really resonated with me (and he referenced the story where the Mac+ beat a new AMD machine running XP in 53% of the tests they ran).  I started programming on machines where 256KB was a lot of RAM and 256MB was a lot of whole lot of disk (yes, I have been doing this a while).  Everyone likes all their new features, but that has resulted in bloated unmaintainable code and the size and complexity has a cost in security.

 

Honeypot-type fake service scripts/tools


Also, these fake SMB tools have been out a couple of months, but I missed them until they were mentioned this morning on the Darknet blog.  These are useful additions to the tools I run in my malware analysis environment to spoof other services.  Also, on the French Honeynet Project tools page are fake SNMP tools that I'll have to take a look at too.  Does anyone have a good compilation of these tools?  Let me know via the contact page and I'll summarize the results next week.

 

I will be teaching next: Reverse-Engineering Malware: Malware Analysis Tools and Techniques - SANS San Antonio 2020

Jim

409 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!