|
Product Review - Mandiant Highlighter Today we are looking at Mandiant Highlighter; Log and Text File Viewer Product home page can be found here Cost: Free! Overview MANDIANT Highlighter is a log file analysis tool. Highlighter provides a graphical component to log analysis that helps the analyst identify patterns. Highlighter also provides a number of features aimed at . . . → Read More: Mandiant Highlighter – Log and Text File Viewer Review Using TCP DUMP on windows This will cover how to use command line TCPDUMP on Windows. Software Windump Winpcap Examples
div.ex { width:290px; padding:10px; border:5px solid gray; margin:0px; } div.ex2 { width:290px; padding:10px; border:5px solid blue; margin:0px; } #para1 { text-align:center; color:black; font-family: arial, “lucida console”, sans-serif; font-size:2em; } #para2 { text-align:center; color:black; font-family: arial, “lucida console”, sans-serif; font-size:4em; } #para3 { text-align:center; color:white; font-family: arial, “lucida console”, sans-serif; font-size:4em; } figure, .image-wrap { . . . → Read More: shopkick scans To check if twitter acct hacked you can look at the recent pastebin posts ( page 1 | page 2 | page 3 | page 4 | page 5 ) and do a find for your username. Additionally a number of websites will search all known publicly posted “hacked” to see if your email or account . . . → Read More: check if twitter acct hacked Let’s say you wanted to hash windows files against a known good set of hashes. Here’s how to do it! Required Tools md5deep nsrlquery You’ll also need a server to query against. Luckily Kyrus has provided a nsrlserver (beta), known as the Kyrus NSRL Lookup Service!
What’s nsrlquery? nsrlquery is an umbrella project that’s home to . . . → Read More: hash windows files against known good set looking for a hash windows shell extension? Hashtab is probably one of the best.
HashTab provides OS extensions to calculate file hashes. HashTab supports many hash algorithms such as MD5, SHA1, SHA2, RipeMD, HAVAL and Whirlpool. HashTab is supported as a Windows shell extension and a Mac Finder plugin. HashTab provides an easy way to verify file integrity and authenticity
. . . → Read More: hash windows shell extension File carving is the process of reassembling computer files from fragments in the absence of filesystem metadata. The carving process makes use of knowledge of common file structures, information contained in files, and heuristics regarding how filesystems fragment data. Fusing these three sources of information, a file carving system infers which fragments belong together. File . . . → Read More: File Carving Software F-Secure has created a free tool that automates the detection and removal of the widespread Flashback Mac OS X malware. How to use the tools: 1) Download FlashbackRemoval.zip to the Mac machine you want to scan. 2) Double-click the zip package to unzip it in the current folder. 3) Double-click the FlashBack Removal app to run the tool. 4) Follow the instructions to check . . . → Read More: detect flashback mac Honeynet/Honeywall Implementation Routing of malicious traffic and forensic analysis
Steve Stonebraker 11/22/2010
A detailed implementation of a full interaction honeypot and honeywall in a virtualized VMWare environment is presented. The benefits and drawbacks of this type of this type of implementation are explained. The importance of proper . . . → Read More: Honeynet honeywall howto to detect the mac flashback virus (courtesy of cnet.com) How does it work? The Flashback malware injects code into applications (specifically Web browsers) that will be executed when they run, and which then send screenshots and other personal information to remote servers. First step: Exploiting Java When you encounter the malicious Web page containing the . . . → Read More: detect mac flashback |
|||
|
Copyright © 2013 Brakertech - All Rights Reserved i can haz interweb |
|||
