Episode27

From PaulDotCom Security Weekly

Stories For Discussion

Microsoft patches - Exchange, possible worm (need more info)

Spycar - A new Spyware test suite from Tom Liston.

Blue Security Gets DoS'd - Vigilante DDoS'ing, fun stuff.

- Macfee Announces AV for Mac - "McAfee stirred the pot of fecal matter", Larry's words not mine :)

Return of the bot herder - He's back, with an all new outfit, an orange jumpsuit.

SinFP - A brand new OS fingerprinting tool. Kewl.

Packet Sniffing Detection - My only comment on this paper, use the -nn option to tcpdump. :)

SNMP + GRE Attack! - Nice paper on exploiting SNMP and GRE tunnels to hijack a network.

YASV (Yet Another Sendmail Vulnerability) - I think it saw Internet Explorer trying to catch up...

Internet Explorer DoS - Oh wait, here is an exploit for an unpatched DoS vuln in IE, just to show Sendmail that IE can hang

Report a bug go to jail - Name sames it all

Link for Atari-Boy's Site

Hacking Hollywood - Johhny Long's talk to Schmoocon

Other Stories Of Interest

SecureDVD - A collection of cool Linux bootable distros all security related.

Failures of the Security Industry - Anyone see this? Thoughts?

Leave feedback for this story - Don't just have an opion leave some feedback and make a change.

Web Application Attack Tools - Asinthe, EOR, Achilles, Nikto, WebScarab

New Mac Adds "No Virus for me" - Is Mac really asking for it with these adds? Even my wife comments that it's probably pissing people off and causing unwanted attention to the platform.