Re: Collecting Malware
- From: Aarón Mizrachi <unmanarc@xxxxxxxxx>
- Date: Thu, 16 Jul 2009 19:44:19 -0430
On Jueves 16 Julio 2009 07:44:01 Brian Pohlman escribió:
I'm looking to get "spammed" or "attacked" so to speak for the purpose
of collecting malware for analysis. I've set up a few vulnerable
machines on my network, made some changes to my router to expose those
machines. I've also signed up for various email addresses in hopes
that something comes (malicious attachments) through that way. My
question is, what is the best way to collect malware, if there is even
one solid method?
well, you can use honeypot/honeynet project (already suggested).
Another option is download it from the web: http://vx.netlux.org/vl.php
And also you can use your way using phys or virtual machines, but be careful.
Virii/Malware experimentation could be illegal in some states/countries, even
for study/research purposes, having a virii stuff could be illegal.
Be careful also on restrict the outgoing traffic by firewall rules. You could be
banned from your ISP if your stuff is trying to propagate outside your walls.
---------------
i also suggest to have multiple ip addresses with different provider. It is
relative to the spread method used by the malware, but, having more ip's is a
good way to speed up the recollection.
Also, you can recollect it on "quarantine basket" from antivirus protected
computers. Usually, the best place to find a lot of virus is a "cyber coffee".
You can talk with a cyber administrator to collect the malware. (Well, it
depends on your country, in mine is a popular internet access method)
----------------
Despite some people who thinks that having a stuff is a serious offense, i think
that our job is to protect the network, but, if we don't know the enemy, how
can you protect the net? be blinded is not so useful when you are planning a
strategy against some threat.
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL
certificate. We look at how SSL works, how it benefits your company and
how your customers can tell if a site is secure. You will find out how to
test, purchase, install and use a thawte Digital Certificate on your Apache
web server. Throughout, best practices for set-up are highlighted to help
you ensure efficient ongoing management of your encryption keys and digital
certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f72
7d1 ------------------------------------------------------------------------
--
Ing. Aaron G. Mizrachi P.
http://www.unmanarc.com
Mobil 1: + 58 416-6143543
Mobil 2: + 58 424-2412503
BBPIN: 0x 247066C1
Attachment:
signature.asc
Description: This is a digitally signed message part.
- References:
- Collecting Malware
- From: Brian Pohlman
- Collecting Malware
- Prev by Date: Re: Authentication solution
- Next by Date: Re: powerbook with nmap superpowers
- Previous by thread: Re: Collecting Malware
- Next by thread: RE: Collecting Malware
- Index(es):
Relevant Pages
|
