Category Archives: Uncategorized

Intro to Event Stream Analysis (ESA) & Complex Event Processing (ESPER)

Exploring Event Driven Architectures with Esper https://www.infoq.com/news/2007/05/esper Event stream processing (ESP) monitors streams of event data, analyzing those events for matching conditions and then notifies listeners Complex event processing (CEP) allows the detection of patterns among events WHAT IS COMPLEX … Continue reading

Posted in Uncategorized | Leave a comment

Callback IP List – 16/8/2012

76.89.34.249 72.64.7.218 180.252.254.254 68.11.109.233 129.219.58.25 78.137.161.116 50.81.200.245 173.19.2.108 207.255.241.104 173.30.234.10 208.157.180.50 72.188.70.228 66.55.89.150 201.51.3.12 112.121.178.189 2.180.53.52 108.162.40.50 78.21.199.217 94.249.188.62 72.218.128.8 68.169.130.253 99.250.220.29 151.25.5.119 88.254.254.254 88.253.254.254 74.194.104.238 87.97.119.9 72.213.131.9 1.83.113.212 99.66.12.13 173.216.128.155 83.249.254.254 75.133.57.195 117.254.254.254 74.219.99.6 98.124.25.14 178.202.35.2 93.184.100.116 87.29.249.57 85.197.78.132 … Continue reading

Posted in Uncategorized | Tagged | Leave a comment

ZeroAccess/Siresef Update

Until last week ZeroAccess/Siresef Infected hosts contacting C&C domain on ports 16464, 16465, 16470 and 16471. Currently it switched to port 34354 is now going on wild. Watch out your network for machines going on to internet ips on this … Continue reading

Posted in Uncategorized | Tagged | Leave a comment

ZeroAccess Rootkit Detection

Hi, A quick short overview of ZeroAccess Rootkit, The malware Propagates via Exploit packs (blackhole) and Keygens. It escalates priveliges by faking UAC for Flash Player installer where in it drops malicious dll filer in the flashplayer installer directory which … Continue reading

Posted in Uncategorized | Tagged , , | Leave a comment

Leaveraging Third Party Intelligence to protect your organization

While Having a good traditional secure architecture is important and also very important to have Third Party intellegence to foster security of your organization. Gone are the days reactive security handling protect your organization. Being proactive is highly needed and … Continue reading

Posted in Articles, security, Security Management, Uncategorized | Leave a comment

How do you deal forensics with physically damaged harddisk

How do you show up chain of custody for a physically damaged disk that gives different md5sum every time you compute. mahesh@jacksparrow:~#script (saves all the commands and output to file typescript) mahesh@jacksparrow:~#dd if=/dev/dev2 bs=512 | md5sum (1st time) mahesh@jacksparrow:~#dd if=/dev/dev2 … Continue reading

Posted in Uncategorized | Tagged , , | Leave a comment

20 Critical Security Controls for Effective Cyber Defense

Wow. Lucky to get this. Thanks SANS.Let me match myself the controls to my organization. The automation of these Top 20 Controls will radically lower the cost of security while improving its effectiveness. The US State Department, under CISO John … Continue reading

Posted in Uncategorized | Leave a comment