got a new gig! pretty exciting. getting to focus in on web app stuff, and am working w/ folk who have some talent and exp... just bein around, listening, and asking questions should help me learn plenty of good stuff.
i'm in corp world wearing a suit atm w/ the new gig, but it's just a disguise ;)
so, along that vein of blending in but being different, i stopped looking at webapps and went back to a project brought up at my local citysec a while back. basically a discussion over how to detect malware the way potter is talking about coming up in vegas (iiuc: looking at the extremities of the bell curve of network flows to identify malware).
so i got a vm to kick around and found some live malware which was described as running over http... i've got a lot of analysis to do, and who knows if i'll ever get to what i want w/ it, but it's been interesting (and of course, there were unintended consiquences ;). here's some excerpts in a .txt so the blog doesn't completely dork the formatting...
Wednesday, July 30, 2008
Subscribe to:
Post Comments (Atom)
2 comments:
What malware was that? New-ish stuff? Older?
newish (around for a yearish?)... google around for http malware and it'll pop up. propagates via mail attachments...
Post a Comment