SEARCH RESULTS
 
Showing 1-3 of 3 records
1
 
Expand article

Storm-Bot stripshow analysis

2007-12-23 22:06:00 by Russ McRee in HolisticInfoSec.org
 
...ttle time sync, allow ourselves through the firewall, then bind, listen, and wait First, add another registry entry 0cd2d RegCreateKeyExA (HKLMSoftwareMicrosoftWindowsITStorageFinders then start connecting 71a54cee LoadLibraryA(C:WINDOWSsystem32mswsock.dll)=71a50000 77e7ac53 CreateRemoteThread(h=ffffffff, start=71a519c4 40d9f1 connect(...
 
Tags: 40d9f1 connect, w32tm config syncfromflags, config, time, quick time check, w32tm config, exe, src78, dst192
 
 
 
 
Expand article

EPTS: Proposed Event Processing Definitions, September 20, 2006

2008-08-21 05:47:11 by Tim Bass in The Complex Event Processing Blog
 
...TTL), and a description of the payload, which is comprehensive information related to the activity that occurred. Events expire when the TTL has elapsed, unless the event processing agent has instructions to consume them prior to that time event channel (n.) a communications channel in which events are transmitted from event source to event...
 
Tags: event, event-object, business process management, process, event correlation, process refinement, simple, simple event, process events
 
 
 
 
Expand article

Visualized Storm fireworks for your 4th of July

The Article has images
2008-07-03 20:54:00 by Russ McRee in HolisticInfoSec.org
...ttle AfterGlow magic tcpdump -vttttnnelr /home/rmcree/pcap/fireworks.pcap | ./tcpdump2csv.pl "sip dip ttl" | perl ../graph/afterglow.pl -c /home/rmcree/afterglow/src/perl/graph/color.properties -p 2 | neato -Tgif -o fireworks.gif , and the results look just like the fireworks we hoped they would Happy 4th of July everyone Except you Storm...
 
Tags: 4th, fireworks, july, security visualization, happy 4th, peers config list, afterglow, visualization workshop slides, raffael marty
 
 
 
 
 
Showing 1-3 of 3 records
1
 
RELATED VIDEO
Expand / Minimize
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia