mario's profileMontreal blog on Interne...BlogLists Tools Help

Montreal blog on Internet Security Software

mario

Location
LinkedIn
http://www.linkedin.com/in/0utlaw

Twitter
http://twitter.com/0utlaw

Xbox Live GamerCard

senshido360
Xbox Live GamerCard
Rep:
5/5 stars
Score:
4425
Zone:
Underground
NHL 2K9Feeding Frenzy 2WALL•ELEGO® Indiana Jones™Geometry Wars Evolved²
May 08

SuperShield When running an App you just aren't sure about...

If you go to my http://superconfigure.com website you will find my latest (my 3rd such utility) tool.
 
I write such things in my spare time, which isn't oo often.
 
SuperShield launches an application with Low Integrity and severely restricts what is can access.
 
Here is a snapshot showing IE launched as a chile process of SuperShield, notice the ILlevel.
 
 
Here is a snapshot showing file IE8 reads normally.
 
 
Absolutely none of these files are touched by IE 8 if it is launched by SuperShield!!
April 22

More Good Security papers

Thwarting Virtual Machine Detection (Tom Liston, Ed Skoudis,)
http://handlers.sans.org/tliston/ThwartingVMDetection_Liston_Skoudis.pdf
 
 
 
The following are from the Helsinki University of Technology:
 

Windows Operating System: Antivirus Perspective (Kimmo Kasslin)
https://noppa.tkk.fi/noppa/kurssi/t-110.6220/luennot/windows_operating_system.pdf
 
 
 
 
 
 
April 17

Notes for Windows 7 for Developers

Use the following GetVersionEx() fields to determine iff running on Windows 7
osvi.dwMajorVersion == 6 && osvi.dwMinorVersion == 1
 
Windows 7 has a policy control that can optionally enforce that AppInit DLLs must be digitally signed in order to load; and some DLLs may
not load into critical OS processes.
 
A service can be started or stopped based on an event.
 
IE 8, User Agent string contains "Trident/4.0", even in IE7 compatibility mode.
 
IE 8 will have DEP enabled by default.
 
IE 8 will have a malware Url filtering, on top of the existing phishing Url filtering.
April 15

Collection of Security Presentations


ISP Security - Real World Techniques II
http://www.nanog.org/mtg-0210/ppt/ispsecure.pdf

Industry/Government Infrastructure Vulnerability Assessment: Background and Recommendations
http://www.nanog.org/mtg-0206/ppt/avi.ppt

Trends in Denial of Service Attack Technology
http://www.nanog.org/mtg-0110/ppt/houle.ppt

Diversion & Sieving Techniques to Defeat DDoS
http://www.nanog.org/mtg-0110/ppt/afek.ppt

ISP Security - Real World Techniques
Remote Triggered Black Hole Filtering and Backscatter Traceback
http://www.nanog.org/mtg-0110/ppt/greene.pdf

Upcoming Security Conferences

30th IEEE Symposium on Security & Privacy
http://oakland09.cs.virginia.edu/
May 17-20, 2009, Oakland, California

LayerOne
http://layerone.info/
May 23-24, 2009, Anaheim, CA

ISS World
Intelligence Support Systems for Lawful Interception, Criminal Investigations and Intelligence Gathering
http://www.issworldtraining.com/ISS_EUROPE/
3-5 June 2009, Prague, CZ

2009 Techno Conference
http://www.techsec.com/html/Techno2009.html
May 31 - June 3, 2009, Myrtle Beach

The North American Network Operators' Group, NANOG
http://www.nanog.org/
June 14-17, 2009, Philadelphia, Pennsylvania

SANSFIRE 2009
http://www.sans.org/sansfire09/
June 13-22, 2009, Baltimore, MD

Hacker Space Festival
http://www.hackerspace.net/start
June 26-30, 2009, Paris

12th International Symposium On Recent Advances In Intrusion Detection
http://www.rennes.supelec.fr/RAID2009/
September 23-25, 2009, Saint-Malo, Brittany, France

ISC East
International Security Conference
http://www.isc365.com/isc_east_08.aspx
October 28-29, 2009 New York

Deep Sec
Annual European two-day in-depth conference on computer, network, and application security.
https://deepsec.net/
November 17-20, 2009, Vienna Austria