Though an IPS / IDS shouldnt be the one filtering this, an AV is the one who should be able to detect the potentially harmfull files (since that is what they are designed to do) but untill the AV vendors release there updated virus definitions, there had to be some workaround for the increasing automated [...]
Archive for May, 2006
Dang! went my snort with an alert. Oh these false positives can be so confusing at times; i thought, i had just re-configured my snort rules, and reformatted my laptop last week. "wat could be wrong" i thought. Hesitating (due to my laziness) i fired up Process View, TCPView and ethereal to monitor my traffic [...]
Yahoo Widgets + GoogleDesktop. A larger version can be found here.
From time to time it is handy to be able to detect whether your binary / script / program / software is running under a virtual machine and / or a similar controlled environment. For example: You have a network of nodes where you want your binary to run but you want it to behave [...]
