Linux Software & Blog
My Blog
Projects: The personal costs
Jul 20th
When you do open source development, especially as an independent developer, there is a constant struggle that must be balanced between that of work and personal obligations. As any open source developer will tell you, 99% of the time, the projects we develop fall strictly into the realm of personal time, no matter how much they may apply to our work field. It is difficult to justify the time that is required in maintaining one let alone a series of active projects when you also work a full-time job while trying to have some semblance of a life.
So, when you More >
Bot Networks: Jacking the Jackers
Jul 6th
One of the more interesting parts of my malware hunting routine is when I notice new command & control hubs for bot networks in the source of ircbot malware content. I am not the type to just look and not play, I always dive into these networks and poke around. When it gets really fun is when the attackers get lazy thinking they are untouchable and leave open their irc networks with a series of simple administrator nick names that can be used to control the bots on the network.
So, what I sometimes do is sign into these irc networks, More >
Facebook Inbox Message Disclosure Vulnerability
Jun 23rd
Title: Facebook Inbox Message Disclosure Vulnerability Published: June 24th 2010 Credit: Ryan MacDonald Severity: Information/Privacy Disclosure Vulnerable: Facebook Messaging System BigPipe Performance Pipelining Summary: A vulnerability exists in facebooks messaging system that allows an attacker to view the addressed users, subject and inbox preview text (120 characters) of message contents for recently sent/received messages (last 6) on a users account. Technical Details: BigPipe Pipeling java script code embedded into the source code of ALL PAGES under the “messages” section on facebook, preloads message data that can be arbitrarily read through malicious client side java script or other client side objects. The offending java script specifically is the More >
rfxn.com In Numbers
May 27th
Yup, nothing to see here except numbers…
2,018: Downloads of the newest project, Linux Malware Detect, month to date. 2,294: Signatures for Linux Malware Detect. 6,207: Downloads for all projects for the month to date. 14,176: Google results with link backs to rfxn.com or related domains (i.e: r-fx.org, rfxn.org etc..). 30,061: Active APF installations relative to unique IP’s fetching the reserved.networks file daily. 70,826: Project downloads for the last 12 months, May 2009 – April 2010. 133,931: Total visitor session to rfxn.com, month to date. 258,154: The number of web sites protected by APF (passed unique install IP’s to domainsbyip.com). 1,231,604: Total hits to rfxn.com, month to date.
More >Linux Malware Detect v1.3.6: Loose Ends
May 24th
In LMD 1.3.3 there was allot of changes, 29 to be exact, that made LMD much more robust and especially the monitoring component, much more usable. If that release was about making good things better, then this release is about bringing loose ends together. I spent a couple of days running LMD through its paces along with having many people help me test it and during that process, we brought allot of little things to the surface that needed fixing or revising.
In total, there has been 31 changes, fixes or new additions to LMD since that 1.3.3 release on the More >
