Category Archives: IT Security

Any security related topics such as posts about vulnerabilities, malware, rootkits

Something interesting on Corrine’s blog

Posted on 2006-12-27 by Oliver

That’s how a privacy company treats the email address of customers and (ordinary) newsletter subscribers. // Oliver

Posted in EN, IT Security, Lava-watch, Software | Leave a comment

Violating GPL to make the big money #2 …

Posted on 2006-12-21 by Oliver

Unbelievable. Even though the company is aware of their violation of the GPL, they don’t give a shit about it as it seems. They have been aware of it for at least one month now, yet their newest release which … Continue reading

Posted in EN, IT Security, Software | Leave a comment

Marketing for security companies now via Secunia!

Posted on 2006-11-19 by Oliver

<sarcasm> A great new opportunity for IT security companies which sell products to detect bugs in software automatically (static analysis) – report some vulnerabilities after running your program on a bunch of software applications and feature your own product in … Continue reading

Posted in EN, IT Security, Software | 3 Comments

Redpill getting colorless?

Posted on 2006-11-05 by Oliver

Although I had posted this already at the malware research forum and received little feedback, I decided to prepare a brief research paper about this topic and post it here. The topic is that the Redpill approach by Joanna Rutkowska … Continue reading

Posted in EN, IT Security, Programming, Reversing, Software | 2 Comments

So IE7 is coming. Who cares anyway?

Posted on 2006-10-08 by Oliver

IE7 is coming. But who cares? This company has given a sh*t on standards for the last 10 years, now all of us are supposed to fix our websites again just because they finally found out that there is a … Continue reading

Posted in EN, IT Security, Software | 7 Comments

Interesting view on the Spamhouse case …

Posted on 2006-10-07 by Oliver

… many people are blaming the judge in the US for Spamhouse’s problems. However, here is a different view on the case. If you are not familiar. An US-based company has sued UK-based Spamhouse – well-known antispam fighters – because … Continue reading

Posted in /dev/null, EN, IT Security | Leave a comment

Spammers stupid like toast bread

Posted on 2006-08-30 by Oliver

Obviously spammers try to get the biggest effect without caring for success. This is why greylisting works so great, I think. I still get daily requests to the sendmail CGI script which is no more vulnerable and turns down all … Continue reading

Posted in EN, IT Security | Leave a comment

Interesting new forensic tool

Posted on 2006-08-29 by Oliver

Today the Software Engineering Institute of the Carnegie Mellon University (CMU) announced a new tool named LiveView on the forensics mailing list at security focus. This tools looks really promising in that it claims to provide a way to create … Continue reading

Posted in EN, IT Security | 1 Comment

Spammers not welcome (2nd part)

Posted on 2006-08-26 by Oliver

Today my logs showed how exactly the spammers exploited the old script. I do not log the mail body, but only sender, recipient and subject, but that’s enough to show the used pattern. In fact the subject variable was used, … Continue reading

Posted in EN, IT Security, Programming | Leave a comment

More about MACkerer2

Posted on 2006-08-26 by Oliver

Lately I wrote an article covering one use of MACkerer2. The described scenario is basically this: You have a subnet or otherwise limited number of IP addresses for one scope A virtually unlimited number of machines is supposed to share … Continue reading

Posted in EN, IT Security, Programming | Leave a comment

Spammers not welcome!

Posted on 2006-08-24 by Oliver

Inspecting my logs recently, I found that there were some strange requests to my Postfix mail server from user www-data. Now any sysadmin could tell you what www-data means but this does not really explain where exactly the requests came … Continue reading

Posted in EN, IT Security, Programming | 1 Comment

AOL changed Active Virus Shield EULA.

Posted on 2006-08-23 by Oliver

According to heise UK, AOL has changed the EULA for the Kaspersky AV rebrand and removed the questionable parts. This is just meant as an update to the last article about Active Virus Shield. // Oliver

Posted in IT Security | Leave a comment

Kaspersky AV rebrand freely available – pitfalls included …

Posted on 2006-08-09 by Oliver

It seems there exists a freely – and legally freely – available version of Kaspersky Antivirus rebranded as AOL – Active Virus Shield. Here in response to the first comment (see below), a quote from their terms of services:

Posted in IT Security | 5 Comments

Agnitum still panicked?! …

Posted on 2006-08-09 by Oliver

Recently I wrote an article about Agnitum, a security software vendor known for its firewall, because of their accusations towards Microsoft. Today I recognized there was a comment of someone from Agnitum at the Sunbelt Blog, so I decided to … Continue reading

Posted in IT Security, Programming, Reversing | Leave a comment

Good idea – warn users of “badware”

Posted on 2006-08-07 by Oliver

StopBadware.org and Google joined forces to warn users of websites that spread malware – or “badware” as they say. This does not include the full spectrum of malware, but one of the nastiest subsets. Good initiative! This will hopefully be … Continue reading

Posted in IT Security | Leave a comment

Agnitum panicked because of Microsoft’s security measures

Posted on 2006-07-27 by Oliver

In the Sunbelt Blog I read today, that Agnitum, vendor known for its firewall mainly, is panicked because of Microsofts Kernel Patch Protection. Sorry, but that caused me to laugh. No idea how new the news are, but to those … Continue reading

Posted in IT Security, Programming, Reversing | 5 Comments