Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Internet Security | DShield SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Updating early and often; NPR gets it right

Updating early and often

I plan to follow the new model of updating the diary "as it happens," today. Make sure to catch up on the weekend's events and take a look at the past two handler's entries.

NPR gets it right

When I hear news on TV or radio about a computer incident I have to wince and brace myself. This morning on NPR's All Things Considered, I was pleasantly surprised to hear a report that didn't make me want to throw the radio. The article is available .
Some of the notable quotes:

"you can't stop Identify Theft with firewalls"

"it's social engineering, not hacking"

"I will be disappointed if they apply only technology"

What I'm reading today

Over my morning OJ I'm perusing:

AWStats exploitation on-going

WE received another report this morning from a server that was exploited via the . I did a bit of
to get a ballpark exposure assesment. Google can see nearly 451,000 installations of AWStats. About 25% of these are vulnerable. A quick breakdown across the "Big Three" Top-Level-Domains: 60% .com, 20% .org,

Michael Ligh has submitted an analysis of a rootkit delivered by such an exploit which is available on his

Albert Einstein's Birthday today

Albert Einstein was born on this day in 1879.
Kevin Liston

292 Posts
ISC Handler
Mar 14th 2005

Sign Up for Free or Log In to start participating in the conversation!