Skip to main content

Posts

Showing posts from September, 2010

OpenFPC, in other words, Leon is a Ninja

I put this up to basically draw attention to this project.  Leon (a fellow Sourcefire employee and Ninja over in the UK) can explain the project much better than I can, so I'll let him:



OpenFPC is a set of tools that combine to provide a lightweight full-packet network traffic recorder & buffering system. It's design goal is to allow non-expert users to deploy a distributed network traffic recorder on COTS hardware while integrating into existing alert and log management tools.
OpenFPC is described as lightweight because it follows a different design model to other FPC/Network traffic forensic tools that I have seen. It doesn't provide a user with the ability to trigger automatic events (IDS-like functions), or set watch events for anomalous traffic changes (NBA-like functions) as it is assumed external open source, or comercial tools already provide this detection capability. OpenFPC fits in as a companion to provide extra (full packet/traffic stream) data as a bolt-on …

Let me tell you about my past two weeks

The past couple weeks I've had the opportunity to do some really amazing work, something that most people, if they could do, would understand a lot more of what goes on behind the veiled curtain.

The last two weeks I worked for Sourcefire's Vulnerability Research Team (VRT).

First I'd like to say that I've never worked with a more professional organization.  Period.  I came in to do some technical work with them, which consisted of analyzing hundreds of pcaps, tons of analysis, and as a result writing rules for those threats.  We did, kind of a tech exchange type of thing.

Now, we weren't shooting in the dark.  (even though there is no overhead lighting in the VRT offices, and you have to watch for getting hit in the head with a Nerf dart)  The VRT doesn't take the random vulnerability or exploit found on exploit-db.com or milw0rm or whatever, and just bang out a rule for it.  They do labor intensive work.

For instance, I had to write a rule for a vulnerability in …

Verizon Rumored To Replace Google With Bing On All Android Devices

Yesterday, Spetember 9th, Verizon gave a preview to their newest "Android" phone coming out for their network, Samsung's Galaxy S.

It has a 4-in AMOLED screen, 1GHZ Hummingbird Processor, and it has the ability to become a hotspot.  However, Verizon has ruined the phone, and may ruin every phone on their network from now on.  Why?

The thing that makes Android great is it's integration.  Google built the OS, it's integrated into Google's infrastructure, and that's the way it works best.  Just like the iPhone, which works best with Apple's infrastructure (MobileMe, iTunes, etc).

Verizon has decided to cripple this phone by instead of tying it to Google, they have tied it to Bing.  Bing Search, Bing Maps, and instead of Google's awesome navigation app, they have replaced it with Verizon's own Navigation app, which, btw, they cleverly charge you 10 bucks a month to use.

Bloatware..  Blockbuster apps, Tetris apps that charge you money, etc.

To make it w…

The Heart of the Mustang is almost ready

351W Ford for my 1968 Mustang