I launched a new portal that deals with visualization of log files:
The portal can only survive if people- you – take an active part in contributing content.
There are multiple resources available where community input is most welcome:
* Graph Exchange: The idea is that people can submit their graphs, explain why they think the graphs are useful, and how they generated them.
* Parser Exchange: To generate graphs, you need to parse your data. This is a place where you can submit your parsers.
* Links: A whole bunch of links around data analysis and visualization.
* Discussions: A free forum where you can start discussions around the topics of log visualization and analysis.
Let me know what you think and most importantly, submit your graphs: http://secviz.org/?q=image/tid/1
This is from Raffael Marty, from ArcSight (which I'll forgive him for… just once 🙂 ), on the LogAnalysis mailing list. For my customers and others that are dealing with security log analysis, this website may prove useful.
The audio from Andrew “bunnie” Huang's free talk at USC last night is
online, thanks to students Mike Jones and Andy Sternberg. Bunnie came
to fame for breaking the crypto on the Xbox, enabling the creation of
Xbox Linux, and is now working with the startup he founded, Chumby
, which makes an open media-player/device.
Bunnie's talk was a fantastic exegesis on the mind of a
reverse-engineer, the perils and promise of hardware hacking, and the
pursuit of business models that encourage smart customers to get the
most out of their devices.
From Boing Boing.
Here begins a series of challenges! Can you find the secret in #0001?
md5 : 354CC60C4486F842C347C8742D2905BC
update : [11/06/2006] : I am adding hints to incoming questions to ensure progress.
Hint 1 : The challenge is not to see who does not run the unknown executable (good try though!)
I will say that it is benign in every way; however caution should
always be taken in using a non-production machine and non-admin mode.
Hint 2 : The MD5 hash is only that of the executable and nothing more.
Hint 3 : In testing this on other machines I’ve unexpectedly found part of the solution so if you are lucky you will to. (If you do find it you can quickly build a tool to discover more… but now perhaps I’ve said too much!)
Hint 4 : No crypto is involved in any scripting.
Click here to download the Challenge.
A FRAUDSTER outwitted sophisticated banking security systems by using an ordinary MP3 music player to bug cash machines and steal customers’ credit card secrets.
Maxwell Parsons, 41, was the central figure in a gang who went on to steal goods worth hundreds of thousands of pounds in high street stores across Britain.
Parsons or other gang members would use MP3 portable music players
to record data transmitted from free-standing ATM cash machines. The
data was then converted to readable numbers using a separate computer
The phone line running from the machine to an ordinary BT
white socket was unplugged and a two-way adaptor inserted. The MP3
player was then placed between the ATM machine’s output cable and the
The player would record the tones, which resemble the kind of sound emitted by a fax machine.
These were then interpreted using a modem line tap, or MLT,
acquired from Canada, or passed through a computer software program
bought illicitly in Ukraine.
Read the full article on The Times Online.