Archives

All posts for the month May, 2013

It’s Always Been a Matter of Trust: Web site certificates that aren’t quite ‘right

Posted by karl on 2013-05-26

Posted in: A False Sense of Security. Tagged: certificate authorities, HTTPS certificates, SSL certificates, web server certificates. Leave a Comment

I always cringe when I hear people telling others to ‘just accept the certificate’ when their browser warns them that it is invalid, so I’m going to attempt to use a Billy Joel song and an old TV commercial asking if you’ve ‘ever hired a movie that just wasn’t quite ‘right’, to attempt to explain what browser certificate warnings actually mean and why accepting an invalid certificate could cast rather a gloom over the evening. Continue Reading

Capturing the cna12 MySQL Attacks with Dionaea

Posted by karl on 2013-05-08

Posted in: Malware Analysis. Tagged: cna12.dll, Dionaea, MySQL attacks. Leave a Comment

To analyse the cna12 MySQL attacks, I had to install MySQL Express Server as the attacks were prematurely exiting when connecting to Dionaea. Extracting the binary files from the libpcap files was annoying, so I decided to change Dionaea so that it would automatically extract the binary files used in the cna12 attacks. Continue Reading

Malware Musings

Thoughts on malware and malware analysis

Archives

All posts for the month May, 2013

It’s Always Been a Matter of Trust: Web site certificates that aren’t quite ‘right

Capturing the cna12 MySQL Attacks with Dionaea

Recent Posts

Recent Comments

Archives

Categories

Meta