Video Screencast Help
Search Video Help Close Back
to help
New in the Rewards Catalog: Vouchers for "Symantec Technical Specialist" and "Symantec Certified Specialist" exams.

Security Response

Showing posts tagged with Endpoint Protection (AntiVirus) remove filter
Showing posts by Anthony Roe remove filter
Black Hat Review - Conclusion
Anthony Roe | 14 Aug 2008 | 0 comments

Well, sadly the time seemed to fly by and last week's conference ended more quickly than I would have liked. I didn't have the time to stay in Vegas and attend the DEFCON conference either. Even though I really wanted to see Christopher Tarnovsky demonstrate smartcard/microcontroller fault induction in person, I decided to attend briefings that greatly complemented the briefings that I attended previously. Particularly, I enjoyed Felix Lindners ("FX") briefing entitled “Developments in Cisco IOS Forensics”, which actually did a lot to ease my previous fears that the defensive side of the arms race for Cisco IOS was being left behind.

 

Felix began his talk by explaining the impact of successful exploitation of Cisco IOS vulnerabilities, providing some details about Cisco IOS internals, and then...

Read more
Black Hat Review - Day 1
Anthony Roe | 13 Aug 2008 | 0 comments

The first day of the Black Hat conference briefings came to an end and in retrospect, it was far from bland. From Professor Angell’s esoteric keynote speech touching on how the combination of computers and human activity systems can spawn systemic risk, to a Palace 1 conference room packed wall-to-wall with eager ears ready to listen to Dan Kaminsky deliver his briefing for DNS titled “DNS Goodness.”

In fact, the room was packed so much that an organizer dryly announced over the PA system: “Speakers in parallel talks, you can’t skip your talks even though nobody is going to be there.” It was a good briefing, but it was two other entirely separate briefings that stole the show for me, by a huge margin actually. Neither of these briefings received an abnormal amount of limelight, but both of them involved appliances that are very commonly used in inter- and intra-network infrastructure. The briefings “Cisco IOS Shellcodes and Backdoors” by Gyan Chawdhary and Varun Uppal...

Read more
A day in the life of Peacomm?
Anthony Roe | 21 Oct 2007 | 0 comments

A bot network tends to fluctuate such thatthe number of members of the network wax and wane over time. I basethis understanding on my regular observation of modern botnets and theobservations of my peers (please see pg. 41 of ISTR Volume X).In the past, IRC protocol-based botnets fell victim to an “AchillesHeel” situation if the single central server being used to control thenetwork was taken down, because the network without a controller wouldfall apart.

The miscreants that choose to build and control these bot networksbegan to develop innovative methods that could bolster theirreliability. With this goal, Fast-flux DNS tactics were employed toprovide redundancy so that these networks were more difficult to takedown. Trojan.Peacomm (also known as “Storm Worm”) employed the Overnetprotocol – a...

Read more

Technical Support

Symantec.com

Store

Community Stats

Total Content Items
Members
258,794