Starting the ‘Hacker Techniques, Exploits & Incident Handling’ track today!

Today I purchased the Hacker Techniques, Exploits & Incident Handling track from SANS so that I can obtain my GIAC Certified Incident Handler (GCIH) designation.
I’m very excited about this track as I get to:

  1. Evaluate the SANS OnDemand method of instruction which I hope helps me manage my time better than the SelfStudy method.
  2. Learn things I’ve always been curious about but have never had in-depth experience in.

I am hoping that this training will add to my Intrusion Detection In-Depth training and associated GIAC Certified Intrusion Analyst (GCIA) designation I achieved by using the SelfStudy method.

Attacks reported to SANS ISC in the last 5 minutes

A little flash movie showing a sample of traffic submitted to dshield within the last 5 minutes

The width of the line represents the number of packets sent between the two countries:
1 pixel: < 10 2 pixel: < 100 3 pixel: < 1000 4 pixel: < 10000 Note that at this time, there is no 'direction' indicated. The arcs are just connecting source and destination. Any motion is created by your viewer. Assume that countries from which a lot of lines originate are the country of the destination submitting the reports. The color indicates the packet type based on the following classification: Blue: Not categorized. Red: Well known services (Ports 80,53,25,22 ...). Yellow: Windows related traffic (Port 135,137,139... ). Green: P2P Traffic/Afterglow (Port 6881,6346,4672... ).

MS06-040 Advisory

Well I heard from two customers today that are currently experiencing the effects of the MS06-040 worm. They’ve noticed quite a lot of traffic on port 445 and external connection attempt using IRC. For a full writeup please see the following link: MS06-040: BOLO — Be On the LookOut (NEW)

Scroll to top