Sunday, August 21, 2005

BSDnews » Issue #2 » Using Dummynet for Traffic Shaping on FreeBSD

Monday, August 15, 2005

Thursday, August 11, 2005

Monday, August 08, 2005

sniffing network traffic in python

sniffing network traffic in python

sniffing network traffic in python

sniffing network traffic in python

flowgrep - TCP/UDP/IP stream 'grep' tool

flowgrep - TCP/UDP/IP stream 'grep' tool

Python links

Here's some decent python links:

Overview
Python tutorial

Packet captures
python-libpcap

Dugsong creations for packet capture:
simple pcap modulepypcap
Simplified packet creation/parsing: dpkt
low level networking routines (C/C++/Python/Perl): libdnet

fwlogwatch

fwlogwatch

LogAnalysis.Org

LogAnalysis.Org

WallFire: wflogs - the firewall log analyzer of the WallFire project - Hervé Eychenne

WallFire: wflogs - the firewall log analyzer of the WallFire project - Hervé Eychenne

OSSIM (Open Source Security Information Management)

OSSIM (Open Source Security Information Management)

OSSIM (Open Source Security Information Management)

OSSIM (Open Source Security Information Management)

eEye Digital Security - Vulnerability Management Solutions

eEye Digital Security - Vulnerability Management Solutions

Network Admission Control - Cisco Systems

Network Admission Control - Cisco Systems

Detecting Worms and Abnormal Activities with NetFlow, Part 2

Detecting Worms and Abnormal Activities with NetFlow, Part 2

Detecting Worms and Abnormal Activities with NetFlow, Part 1

Detecting Worms and Abnormal Activities with NetFlow, Part 1

Detecting Worms and Abnormal Activities with NetFlow, Part 1

Detecting Worms and Abnormal Activities with NetFlow, Part 1

Sunday, August 07, 2005

worm blog

Here's a worm blog. Discusses various aspects of how worms are and novell (well, that's subjective) approaches to containing them. Of course the obvious one would include people applying patches as they're available or using an operating system that isn't broken..

The Island (2005)

Just sawThe Island; it was a lot better than I was anticipating and by most accounts very pleased with what they put forward. For a summer action flick, it was well worth the matinee that I paid for.

Wednesday, August 03, 2005

Bitvise Home Page

Bitvise makes a very good commercial SSH server for WIntel and optionally supports tunnelling included a SSH tunneled Remote Desktop.

CNN.com - Geeks flex hacker muscles at Defcon - Aug 2, 2005

I wonder if this has anything to do with this. To quote the CNN article: "Among the exposed sheep were an engineer from Cisco Systems Inc., multiple employees from Apple Computer Inc. and a Harvard professor." Gee, warm fuzzies all around...


Excerpt from cisco.com:

Authentication Required

IMPORTANT NOTICE:

* Cisco has determined that Cisco.com password protection has been compromised.
* As a precautionary measure, Cisco has reset your password. To receive your new password, send a blank e-mail, from the account which you entered upon registration, to cco-locksmith@cisco.com. Account details with a new random password will be e-mailed to you.
* Because of a large number of requests, registered Cisco.com users may experience delays in receiving the new passwords.
* This incident does not appear to be due to a weakness in Cisco products or technologies.


Monday, August 01, 2005

Fake Phrack 63

The germans finally sobered up and released Phrack #63 for the masses. They claim it will be the last one but we all damn well know that it won't be; its just they haven't found anyone to pass the torch just as route passed it onto them.