‘Analytical Log Interface’ was built to sit on top of OSSEC (built on OSSEC 2.6) and requires 0 modifications to OSSEC or the database schema that ships with OSSEC. AnaLogi requires a Webserver sporting PHP and MySQL. Written for inhouse analysis work, released under GPL to give something back – it’s intended to help you […]
Archives for 2012
MySQL 1 Liner Hack Gives Root Access Without Password
The latest news that has hit the streets is the occurence of the easiest hack ever, if you have local shell access (any user privelege level) and you can connect to MySQL – you can get root access to MySQL within a few seconds. I tried this yesterday on one of my servers on Ubuntu […]
CERT Triage Tools – Vulnerability Impact Assessment Tool
The CERT Triage Tools can be used to assist software vendors and analysts in identifying the impact of defects discovered through techniques such as fuzz testing and prioritizing their remediation in the software development process. The CERT Triage Tools include a GNU Debugger (GDB) extension called “exploitable” that classifies Linux application bugs by severity and […]
Bitdefender Internet Security 2012 Review
Introduction I do examine Security Software now and then to see what’s going on, if there are any new developments and what the state of affairs is when it comes to consumer grade Antivirus and Firewall software. Countermeasures are useful, especially when it comes to less tech savvy users (which we may happen to live […]
Complex Cyberwar Tool ‘Flamer’ Found Infecting Computers In Iran & Israel
In December last year, Microsoft released the patch for the vulnerability used by Duqu to propogate itself across Windows desktops. The other nasty worm going around was Stuxnet – both cyberwarfare tools, and most recently a piece of malware claimed to be more sophisticated than both has been found infecting computers in the middle east. […]