malphx://blog

Aller au contenu | Aller au menu | Aller à la recherche

mercredi, mars 24 2010

Honeynet Project's FC2010/2 - My submission

Par malphx le mercredi, mars 24 2010, 13:48 - Network Forensics



The second "2010" Forensic Challenge published by the Honeynet Project is now closed, and the results have been published.
This time the investigators (or contestants) had to dissect a pcap file containing network traces of "browsers under attack".
The analysis revealed that a "lab setup" has been used to mimic the interactions between victim's browsers and some malicious Web sites.
Feel free to review my submission, all the winners submissions and the solution given by the Honeynet Project's Team.
I haved scored 43/43 for this one, and so I'm one of the 4 winners
I'm now waiting the publication of #3 ('Banking Troubles'), which promises to be very interresting.
Finally, I would also like to thank all the Honeynet Project's team for giving us such interresting and educationnal contests !

aucun commentaire aucun rétrolien

mardi, février 16 2010

Honeynet: Challenge 1 of the Forensic Challenge 2010

Par malphx le mardi, février 16 2010, 13:49 - Network Forensics


I've participated in the last Honeynet Challenge.
This Challenge ran from Jan 18th 2010 to Feb 15th 2010.

It was about the analysis of a PCAP trace file containing an attack.
Results have been published,
and I'm proud of my #2 position in this contest.
You could find my submission on The Honeynet Project's website.

aucun commentaire aucun rétrolien

samedi, février 6 2010

Another solution to the Network Forensics Puzzle #3

Par malphx le samedi, février 6 2010, 11:13 - Network Forensics

Well, submissions for this contest are closed since 4 days now. So I think it's time for me to publish my solution...

Lire la suite...

aucun commentaire aucun rétrolien 3 annexes

mardi, novembre 24 2009

Network forensics contest Puzzle#2: my solution

Par malphx le mardi, novembre 24 2009, 23:32 - Network Forensics

Update: Well, results have been published, and (Wow !) I'm one of the 2 winners of this challenge. What a great surprise ! A lot of good work have been done by the other finalists, too. You really have to view their submissions.

Now that the deadline is past, and the official answers have been published on the Network Forensics Puzzle Contest.
it's now time for me to publish my own submission.
For this one, i've written 2 tools in ruby.The first is named smtpdump and could be used to retrieve interresting informations on SMTP conversations in a pcap file. The second docxtract is able to extract files from a docx archive.

Well, this time, it seems the challenge will be hard...
Some of the contestants have already published their own solutions or tools, and all the solutions i've already read so far are really good ones !

aucun commentaire aucun rétrolien

dimanche, novembre 25 2007

Adéquation musicale

Par malphx le dimanche, novembre 25 2007, 23:48 - ego

Testez votre compatibilité musicale avec...

Lire la suite...

aucun commentaire aucun rétrolien

- page 2 de 4 -