Última actualització: 01/02/2007; 00:53:01

Weblog d'en Xavi Caballé «En la fèrtil, rica e deleitosa illa d'Anglaterra habitava un cavaller valentíssim, noble de llinatge e molt més de virtuds» «Tirant lo Blanc» de Joanot Martorell

dilluns, 15 / gener / 2007 «Comfortably numb» There is no pain, you are receding. A distant ships smoke on the horizon. You are only coming through in waves. Your lips move but I can't hear what you're sayin. When I was a child I had a fever. My hands felt just like two balloons. Now I got that feeling once again. I can't explain, you would not understand. This is not how I am. I have become comfortably numb.   Comfortably Numb Pink Floyd   | 21:35 (# Enllaç permanent) | Comentaris: | Trackback: uninformed, revista online d'informàtica forense Número 6 de la revista Uninformed. Alguns dels articles interessants: Exploiting 802.11 Wireless Driver Vulnerabilities on Windows, per Johnny Cache, H D Moore i skape This paper describes the process of identifying and exploiting 802.11 wireless device driver vulnerabilities on Windows. This process is described in terms of two steps: pre-exploitation and exploitation. The pre-exploitation step provides a basic introduction to the 802.11 protocol along with a description of the tools and libraries the authors used to create a basic 802.11 protocol fuzzer. The exploitation step describes the common elements of an 802.11 wireless device driver exploit.   Subverting PatchGuard Version 2 Windows Vista x64 and recently hotfixed versions of the Windows Server 2003 x64 kernel contain an updated version of Microsoft's kernel-mode patch prevention technology known as PatchGuard. This new version of PatchGuard improves on the previous version in several ways, primarily dealing with attempts to increase the difficulty of bypassing PatchGuard from the perspective of an independent software vendor (ISV) deploying a driver that patches the kernel.   Locreate: An Anagram for Relocate This paper presents a proof of concept executable packer that does not use any custom code to unpack binaries at execution time. This is different from typical packers which generally rely on packed executables containing code that is used to perform the inverse of the packing operation at runtime. Instead of depending on custom code, the technique described in this paper uses documented behavior of the dynamic loader as a mechanism for performing the unpacking operation.   | 21:30 (# Enllaç permanent) | Comentaris: | Trackback: Guia de seguretat en 60 minuts [NSA] The 60 Minute Network Security Guide (First Steps Towards a Secure Network Environment). Guia de la NSA sobre les mesures de protecció bàsiques, per tal que puguin ser llegides en una hora. | 10:05 (# Enllaç permanent) | Comentaris: | Trackback: Teniu una vulnerabilitat explotable remotament a l'IE 7 o a Windows Vista? Si la resposta afirmativa, aleshores iDefense us en ofereix entre 8.000 i 12.000 dòlars Q1 2007 Quarterly Vulnerability Challenge: Remote Arbitrary Code Execution Vulnerabilities in Vista & IE 7.0 To help assuage this uncertainty, iDefense Labs is pleased to announce the Q1, 2007 quarterly challenge. iDefense will pay $8,000 for each submitted vulnerability that allows an attacker to remotely exploit and execute arbitrary code on either of these two products. Technologies Covered: Microsoft Internet Explorer 7.0 Microsoft Windows Vista   Vulnerability Challenge Ground Rules: The vulnerability must be remotely exploitable and must allow arbitrary code execution in a default installation of one of the technologies listed above The vulnerability must exist in the latest version of the affected technology with all available patches/upgrades applied 'RC' (Release candidate), 'Beta', 'Technology Preview' and similar versions of the listed technologies are not included in this challenge The vulnerability must be original and not previously disclosed either publicly or to the vendor by another party The vulnerability cannot be caused by or require any additional third party software installed on the target system The vulnerability must not require additional social engineering beyond browsing a malicious site Working Exploit Challenge: In addition to the $8,000 award for the submitted vulnerability, iDefense will pay from $2,000 to $4,000 for working exploit code that exploits the submitted vulnerability.   | 09:54 (# Enllaç permanent) | Comentaris: | Trackback: © Copyright 1996-2007 Xavier Caballe. . Si no s'indica expressament el contrari, el material publicat en aquest weblog es distribueix d'acord amb la llicència Creative Commons. El contingut és responsabilitat única i exclusivament del seu autor i no té cap relació amb les seves activitats professionals.

Gener 2007 Diu Dil Dim Dim Dij Div Dis   1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31       Des   Feb Indiqueu el text a cercar Enviar el formulari de cerca Contingut actualitzat   Portada   Quands.cat   Llibrevell.cat Categories   Fotoblog   Treo 600 Planeta Softcatalà Darrers comentaris Arxiu 2007 Gen Feb Mar Abr Mai Jun Jul Ago Set Oct Nov Des 2006 Gen Feb Mar Abr Mai Jun Jul Ago Set Oct Nov Des 2005 Gen Feb Mar Abr Mai Jun Jul Ago Set Oct Nov Des 2004 Gen Feb Mar Abr Mai Jun Jul Ago Set Oct Nov Des 2003 Jun Jul Ago Set Oct Nov Des Contingut antic (ja no s'actualitza) Viatge Suïssa 2003 Articles (fins maig 2003) Van Morrison Notícies d'OS/2 Versions anteriors d'aquesta pàgina   2000-2003   1997-2000   1996-1997 Webs d'amics jcea Vicent Partal Jordi Mas Toni Hermoso Mercè Molist Mina Nabona-Jassans Gurus Scripting News Jon Udell Bruce Sterling Bruce Schneier Howard Rheingold Reflexiones e irreflexiones Atalaya Cuaderno de bitácora Linotipo Pedro Jorge Romero Seguretat reversing.org Seguridad de la información Somiatruites, Ciberderechos      en la red eN Espiral ~> Juanma Merino Navega seguro PDA CosesPalm PalmCat CanalPDA.com Cultura El Llibreter