Fork me on GitHub
Its the Code garbage collector. Mind dumps of daily coding antics from a frustrated silly little man. VBS, PHP, TCL, TK, PERL, C++, JAVA....what now? Ruby?
No Wait.. It should be just RUBY!

20070122

Apache redirect direct linked images...

don’t direct link images .. bad things happen
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http[s]?://(www\.)?yoururl\.com/.*$ [NC]
RewriteRule \.(gif|jpg|jpeg|bmp)$ redirected_image.jpg [L]
- credit fif3

20070111

Detecting VMMs - virtual machine monitors

Red Pill...

int swallow_redpill () {
unsigned char m[2+4], rpill[] = "\x0f\x01\x0d\x00\x00\x00\x00\xc3";
*((unsigned*)&rpill[3]) = (unsigned)m;
((void(*)())&rpill)();
return (m[5]>0xd0) ? 1 : 0;
}


redpill.c

redpill.exe
TrapKit.de info..

VMware fingerprint codes
scoopy doo - A VMware Fingerprint Suite

jerry - A(nother) VMware Fingerprinter

20070104

Northern Virginia Security Groups

NoVA Sec

Pure technical gatherings for security professionals in the northern Virginia area. Check your certifications at the door

http://novasec.blogspot.com/

OWASP NoVA
OWASP chapter meetings are free and open to anyone interested in application security.
http://www.owasp.org/

20070103

MOAB / MOKB / VIZSEC '06

Well to catch up a little on the vuln world.. There's a couple things I'm watching.

Month of Apple Bugs

Info-Pull's MoAB

PoC/Exploit are included with every release.. how nice.

Month Of Kernel Bugs

Info-Pull's the MoKB

Numerous Kernel bugs listed for FreeBSD 6.1, Linux 2.6, as well as OS X.


Retirement of Elsenot.com
Else not has officially closed its doors for updates..
"ElseNot part one is done. ElseNot part two may or may not start." ~ Layne


Conference VIZSEC '06

The preceding for the conference held on November 3rd 2006 have been posted. There are alot really interesting white papers.. here are a couple of interest..

2D Visualizations
"VAST: Visualizing Autonomous System Topology"

- Jon Oberheide, Manish Karir and Dionysus Blazakis [whitepaper] [presentation]

"FlowTag: A Collaborative Attack-Analysis, Reporting, and Sharing Tool for Security Researchers"

- Christopher P. Lee and John A. Copeland [whitepaper] [presentation]

"Understanding Multistage Attacks by Attack-Track based Visualization of Heterogeneous Event Streams"

- Sunu Mathew, Richard Giomundo, Shambhu J. Upadhyaya, Moises Sudit, Adam Stotz [whitepaper] [presentation]

"Visual Toolkit for Network Security Experiment Specification and Data Analysis"

- Lunquan Li, Peng Liu, George Kesidis [whitepaper] [presentation]

"An Intelligent, Interactive Tool for Exploration and Visualization of Time-Oriented Security Data"

- Asaf Shabtai, Denis Klimov, Yuval Shahar, and Yuval Elovici[whitepaper] [presentation]

"Visualizing DNS Traffic"

- Pin Ren, John Kristoff and Bruce Gooch [whitepaper] [presentation]


3D Visualizations
"Interactively Combining 2D and 3D Visualization for Network Traffic Monitoring"

- Erwan Le Malecot, Masayoshi Kohara, Yoshiaki Hori, and Kouichi Sakurai [whitepaper] [presentation]

"Real-Time Collaborative Network Monitoring and Control Using 3D Game Engines for Representation and Interaction"

- Warren Harrop and Grenville Armitage [whitepaper] [presentation]