Welcome
If you have any questions or comments, please e-mail us at mrcorp@yahoo.com
All information at Mrcorp.Net has been gathered from personal experiences, SANS teachings, or real professionals in the field.
Home of the Honeynet@Home project 2003!
Home of the OS Scan Project!
OS Scan 2004
Once again, it’s that time. The time when we take some of the more
popular operating systems used today, and see how they compare out of
the box and with their latest security patches. The purpose of this project
is to see how Linux stacks up against Windows XP, or Solaris against Windows
2003. Check out OS SCAN 2004!!!
I'm Back...
It's been a year, and I have dedicated my efforts to www.infosecwriters.com. However, I have some new projects coming out that this site will be used for staging. As always, I look forward to your comments. Please email me mrcorp@yahoo.com.
Reverse Engineering Worm_Mimail
While at SANS in Washington DC in July, I took a class given by Lenny Zeltser. A true genius when it comes to reverse engineering malware. So using some of his techniques, I have reverse engineered the latest Internet threat, Worm_Mimail.
Combating SPAM Problems in a Corporate Environment
Brien M. Posey has written a paper on everbodys favorite topic, SPAM. He touches on the corporate perspective and gives a quick review of products to help battle the spamsters.
New Site
Due to hosting problems, we have decided to move the site to a professional hosting service. Additionally, the Honeynet@home project will receive more attention as the connection and old site hardware will now be incorporated in to the project.
Cookies Revelaed
This is a paper written by Abhishek Bhuyan on Cookies. He discusses what cookies are, what are they used for and how they work. There is a good example included on how Cookies work, making this a worthy read.
ID Management Presentation
Brian Cincera presented ID management at this months Infraguard FBI meeting. Brian has more than 12 years of professional experience in the design, development, and implementation of enterprise security and network infrastructure systems. Experience in developing security policies and standards, application and infrastructure security testing and mitigation programs and implementing security monitoring and management capabilities. Experience in enterprise-wide security assessments evaluating people, process and technical risks and controls. Deep Program Management experience with design and deployment of mission-critical network and security infrastructure
Honeypot Series: Design of a Linux Honeypot
This is a paper written by Stephen Holcroft back in April 2002. He covers the details of building a Linux 6.2 Honeypot that includes details on proper analyzing. This is a very informative paper and a recomended reading.
Honeypot Series: Analysis of Linux Honeypot Compromise
This is a paper written by Stephen Holcroft back in April 2002. It is an analysis he did of a compromised Linux 6.2 Honeypot. This is a very informative paper and a recomended reading.
Preview of the Honeynet Peer-to-Peer Study
I have decided to post a preview of the Peer-to-Peer Application study that is being performed on the Honeynet@home network. This study is meant to demonstrate any risks of using some of the more popular peer-to-peer applications available like Kazaa and Bearshare. This paper will be updated and proofed shortly for release at www.infosecwriters.com.
Product Review: InsideOut Firewall Reporter
Relevant Technologies has put together a review of the product "InsideOut Firewall Reporter". This product analyzes data produced in common firewall logs.
Enterprise Identity Management Presentation
Brian Cincera presented this Powerpoint presentation at the NY Infraguard meeting in May. Brian is a Security Practice Engineer for Greenwich Technology.
OS Scan 2003: Solaris 9
Solaris 9 on Sparc hardware has been added to the OS Scan project.
Reverse Engineering Malware (Microsoft Update Email Fakes)
This paper is designed for the semi-technical. Using some of the best tools today to study an Internet Hoax's affect on a system that are becoming quit common. In this report, you will see detailed analysis of registry and file system changes, a review of the delivery method as well as a peek into the malware.
Internet Hoaxes
This paper is designed for the typical non-technical audience on Internet Hoaxes. Over the last few weeks we have received several of these "convincing" emails, and decided to do our part in educating our readers. Read our paper "Internet Hoaxes" in an HTML Powerpoint presentation.
OS Scan 2003: Windows Server 2003
Windows Server 2003 Beta has been added to the OS Scan project. A re-scan of the official release will be posted when available. Take a look at how it compared to Windows 2000 Server.
OS Scan 2003: Solaris 8
Solaris 8 on Sparc hardware has been added to the OS Scan project.
OS Scan 2003: Windows XP
Windows XP has been added to the OS Scan project.
OS Scan 2003: Windows 2000 Server
It's time again for the annual OS Scan project. This year, we look at the latest server Operating Systems and compare them against each other using the new and improved Nessus 2.0 technology and NMAP. Windows 2000 Server is the first OS to be analyzed.
What is it?
The Honeynet@home has kicked off full blast! We will be releasing packet
captures of specific traffic logs to and from the Honeynet. The goal
is to give a reference point to packets and associated attacks. Check
out the new section "Packet Analysis". New links in the title bar at
the top and at the bottom allow quick access.
Don't Take Code Red Lightly
Larz has just completed a paper entitled "Dont take Code Red Lightly".
Abstract: "In confronting malware, there is nothing innovative about new strains of Klez, Yaha, SirCam and Code Red. Yet all of these worms have demonstrated unprecedented staying power on the Internet despite the existence of patches, anti-virus signatures, personal firewall protection and Intrusion Detection technology. Why are these threats so prolific and why do new threats gain traction so quickly if all they amount to are retread malicious code?
This paper analyzes the patterns of emerging malware and presents a strategy
to assist network and security administrators in addressing "new"
yet old threats."
Selling Security to Management and the Business
I got an idea to take notes on what I have learned and what experienced from presenting and selling security to upper management. This paper provides notes that are essential to anyone who is presenting security.
A Practical Approach to Defeating NMAP OS-Fingerprinting
David Barroso Berrueta has written a fascinating paper on this subject. This paper is in PDF format.
Email Security
Ian Briggs has written a paper that focuses on email security. Well referenced and covers a lot of ground, a definite must read!