Symantec Connect
  • Login
  • Register
  • All of Connect
    • All of Connect
    • Backup and Archiving
    • Endpoint Management & Virtualization
    • Storage and Clustering
    • Security
    • Inside Symantec
    • Vision User Conference
    • Partners
    • Developers
    •  
  • Overview
  • Forums
  • Articles
  • Blogs
  • Downloads
  • Events
  • Videos
  • Groups
  • Ideas

Security Response: Showing posts by Anthony Roe: Showing posts in EnglishSyndicate content

Login to participate
Black Hat Review - Conclusion
Anthony Roe | August 14, 2008
0 comments

Well, sadly the time seemed to fly by and last week's conference ended more quickly than I would have liked. I didn't have the time to stay in Vegas and attend the DEFCON conference either. Even though I really wanted to see Christopher Tarnovsky demonstrate smartcard/microcontroller fault induction in person, I decided to attend briefings that greatly complemented the briefings that I attended previously. Particularly, I enjoyed Felix Lindners ("FX") briefing entitled “Developments in Cisco IOS Forensics”, which actually did a lot to ease my previous fears that the defensive side of the arms race for Cisco IOS was being left behind.

 

Felix began his talk by explaining the impact of successful exploitation of Cisco IOS vulnerabilities, providing some details about Cisco IOS internals, and then...

Read more
Tags: Endpoint Protection (AntiVirus), Emerging Threats, Security, Security Response
Black Hat Review - Day 1
Anthony Roe | August 13, 2008
0 comments

The first day of the Black Hat conference briefings came to an end and in retrospect, it was far from bland. From Professor Angell’s esoteric keynote speech touching on how the combination of computers and human activity systems can spawn systemic risk, to a Palace 1 conference room packed wall-to-wall with eager ears ready to listen to Dan Kaminsky deliver his briefing for DNS titled “DNS Goodness.”

In fact, the room was packed so much that an organizer dryly announced over the PA system: “Speakers in parallel talks, you can’t skip your talks even though nobody is going to be there.” It was a good briefing, but it was two other entirely separate briefings that stole the show for me, by a huge margin actually. Neither of these briefings received an abnormal amount of limelight, but both of them involved appliances that are very commonly used in inter- and intra-network infrastructure. The briefings “Cisco IOS Shellcodes and Backdoors” by Gyan Chawdhary and Varun Uppal...

Read more
Tags: Endpoint Protection (AntiVirus), Emerging Threats, Security, Security Response
A day in the life of Peacomm?
Anthony Roe | October 22, 2007
0 comments

A bot network tends to fluctuate such thatthe number of members of the network wax and wane over time. I basethis understanding on my regular observation of modern botnets and theobservations of my peers (please see pg. 41 of ISTR Volume X).In the past, IRC protocol-based botnets fell victim to an “AchillesHeel” situation if the single central server being used to control thenetwork was taken down, because the network without a controller wouldfall apart.

The miscreants that choose to build and control these bot networksbegan to develop innovative methods that could bolster theirreliability. With this goal, Fast-flux DNS tactics were employed toprovide redundancy so that these networks were more difficult to takedown. Trojan.Peacomm (also known as “Storm Worm”) employed the Overnetprotocol – a...

Read more
Tags: Endpoint Protection (AntiVirus), Malicious Code, Security, Security Response

About Security Response Blog

Our security research centers around the world provide unparalleled analysis of and protection from malware, security risks, vulnerabilities, and spam.
Filter by:

Blog Tags

10.x 11.x 9.x and Earlier Antivirus2010 Backdoor.Tidserv Brightmail Gateway Emerging Threats Endpoint Encryption Endpoint Protection (AntiVirus) Endpoint Protection Small Business Enterprise Security Manager Evolution of Security General Symantec IT Healthcare Landscape IT Risk Management Internet Security Threat Report Live PC Care Malicious Code Misleading Applications Mobile & Wireless Online Fraud Password Management Restore Security Security Risks Spam Sykipot SymbOS.Exy Symbian Trojan.FakeAV Trojan.Zbot VirusDoctor Vulnerabilities & Exploits Windows Zeus
© 2010
  • Symantec Corporation
  • Contact Us
  • Get RSS
  • Privacy Policy
  • Symantec.com