Security Basics mailing list archives
urlzone
From: "Adam Pal" <pal_adam () gmx net>
Date: Tue, 20 Oct 2009 11:31:43 +0200
Hi guys, I just read Finjan's analysis about URLzone, so i would like to ask you if anyone has seen it so far or do you have any idea how to grab and analyse this malicious code? Filenames wont work since those seem to be more or less random.
From what i read it hooks in svchost, so do you know if it shows up at tasklist /svc or will it undermine the command and hide itself?
Any entries in the registry? Certain ports for communication to master or patterns in the TCP? Thanks in advance, Adam -- Jetzt kostenlos herunterladen: Internet Explorer 8 und Mozilla Firefox 3.5 - sicherer, schneller und einfacher! http://portal.gmx.net/de/go/chbrowser ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- urlzone Adam Pal (Oct 20)