Sandbox technique would be utilized for filtering out malicious data from the data at rest and on motion. The technique known as Deep Content Inspection (i.e. DCI) can be applied with Sandbox against the data on motion.
The content below itemizes multiple Sandbox solutions.
Commonly used Online solutions are:
Malwr,
Anubis,
ThreatExpert,
Comodo,
ThreatTrack ThreatAnalyzer,
Xandora,
CWSandbox (not updated since April 2010),
Malbox (not updated since May 2011, developers site not accessible anymore).
Commonly used Standalone solutions are:
Cuckoo,
ReVirt (not updated since June 2003),
Sandboxie,
Buster,
Minibis (not updated since June 2011),
Remnux,
Zero Wine Tryout,
Truman (not updated since January 2006),
BitBlaze (not updated since September 2009).
Saturday, May 20, 2017
How to back up the rules of Windows Firewall in Windows 2003
Normally, all Windows-Firewall rules in Windows 2003 are stored at a specific key shown as follows.
HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy
Therefore, backing up the key above is able to back up all rules. Whenever recovering rules is in needs, importing the key is able to achieve the purpose right away.
HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy
Therefore, backing up the key above is able to back up all rules. Whenever recovering rules is in needs, importing the key is able to achieve the purpose right away.
Sunday, May 14, 2017
Suggestion regarding Wannacry from Symantec
https://www.symantec.com/connect/blogs/what-you-need-know-about-wannacry-ransomware
Sunday, May 7, 2017
RMIAS
https://upload.wikimedia.org/wikipedia/commons/d/da/A_Reference_Model_of_Information_Assurance_and_Security_%28RMIAS%29.png
What make security products eligible to be sold?
There are multiple credentials being supposed to be obtain before being sold. Those credentials are shown as follows:
- IPv6 Ready Logo Site | Phase-2 (https://www.ipv6ready.org/)
- VERACODE (https://www.veracode.com/)
- FCC (https://www.fcc.gov/)
- CB (http://www.iecee.org/certification/certificates/)
- CE (https://ec.europa.eu/growth/single-market/ce-marking_en)
Wednesday, May 3, 2017
Why would an administrator deploy a honeypot?
The answers below are from R.I.T.
1) To learn about hacker techniques
2) To lure attackers away from critical systems
3) To allow administrators to refine firewall rules
1) To learn about hacker techniques
2) To lure attackers away from critical systems
3) To allow administrators to refine firewall rules
Tuesday, May 2, 2017
Solve the issue of missing library files
Add those folders containing the corresponding library files to /etc/ld.so.conf before running the ldconfig command. There is an example shown as follows.
#sudo echo "/usr/local/lib" >> /etc/ld.so.conf
#sudo ldconfig
#sudo echo "/usr/local/lib" >> /etc/ld.so.conf
#sudo ldconfig
Subscribe to:
Posts (Atom)