INCLUDE_DATA

Archive for November, 2008

MetaSploit Framework 3.2

Thursday, November 20th, 2008

No, the above image does not have anything to do with what I’m going to blog about. I just find it creative and amusing. :)

Well anyways, MetaSploit Framework 3.2 is released. Almost all modules have IPv6 support now and there’s a bunch of other cool new updates. Be sure to check it out!

As a side note, Onn Chee has pointed out in the security meetup mailing list, a presentation by Tim Bass on the insecurity of proxy caches. See his blog post and his presentation (presented at OWASP AppSec Asia 2008). It’s a good read.

Tags: , ,
Posted in Bits and Pieces | No Comments »

Side Project: TwitImage

Tuesday, November 11th, 2008

Lately I’ve been working (somewhat) on a little side project that’s got nothing to do with security - TwitImage

Basically what TwitImage does is to retrieve your latest Twitter update every hour and display it on an image on a background. You can login to TwitImage using your Twitter username and password (courtesy of Twitter’s REST API) to modify how you want your TwitImage to look like. You are free to change fonts, font size, font colour, text alignment and save them to be generated that way each time.

Yes, I know the site looks ugly for now. :)

Yes, I know the site looks ugly for now. :)

Hope you guys enjoy TwitImage :)

A complementary desktop application Twitella (made with Flex / AIR) was created by Chalit. It rides on the REST API as well and provides all the functionalities that Twitter provides, allowing you to post status updates, direct messages and all. You don’t have to put up with all of Twitter’s timeouts either. ;)

Enjoy these apps :)

Tags: , ,
Posted in Random | No Comments »

VirusBulletin 2008, ToorCon X, OWASP NYC 2008, HITB Media

Sunday, November 9th, 2008

Virus Bulletin 2008 Slides -
http://www.virusbtn.com/conference/vb2008/slides/index

ToorCon X Presentations -
http://security4all.blogspot.com/2008/11/toorcon-x-presentations-online-plus.html

OWASP 2008 Videos -
http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference

HITB Slides -
http://conference.hitb.org/hitbsecconf2008kl/materials/

Tags: , , , ,
Posted in Events | No Comments »

Thoughts on Ching Tim Meng’s HITB 2008 Presentation

Friday, November 7th, 2008

So the last lab session I attended during HITB was Ching Tim Meng’s presentation on malware detection and removal with antivirus.

VIRUS! DIE!
VIRUS! DIE!

In his presentation, he purports that malware requires the stability of the system to survive, and defines malware as a “software designed to infiltrate or damage a system without the owner’s informed consent”. He goes on to list types of malware, including trojan horses, viruses, worms, logic bombs, etc.

I feel that he made one big mistake in that assumption. Let’s take for example -

I’m sure everyone remembers this little dialog box here. The Blaster Worm certainly did not require the stability of the system to survive. In fact, making the system unstable and unusable (after a minute) (without typing shutdown -a) was its primary and only goal.

Witty Worm

Witty Worm

Not too far back in 2004, Witty was discovered. And yes, it does destroy the system as well. In fact, it would corrupt the system so much to the extent that at one point, the worm itself would cease to exist.

I’m sure there are more of these malware out there that aren’t as well known, but they do, somehow or another, infect and corrupt your system, one way or another.

However, while his methods of removing malware are not always foolproof and his assumption isn’t exactly accurate either, I would say that his effort was commendable and his method was easy enough for most to understand.

Tags: , , , ,
Posted in Thoughts and Responses | 3 Comments »