Mrcorp.Net Security


OS Scan 2004
July 23, 2004

Once again, it’s that time. The time when we take some of the more popular operating systems used today, and see how they compare out of the box and with their latest security patches. The purpose of this project is to see how Linux stacks up against Windows XP, or Solaris against Windows 2003. Check out OS SCAN 2004!!!

I'm Back...
July 22, 2004

It's been a year, and I have dedicated my efforts to However, I have some new projects coming out that this site will be used for staging. As always, I look forward to your comments. Please email me

Reverse Engineering Worm_Mimail
August 1, 2003

While at SANS in Washington DC in July, I took a class given by Lenny Zeltser. A true genius when it comes to reverse engineering malware. So using some of his techniques, I have reverse engineered the latest Internet threat, Worm_Mimail.

Combating SPAM Problems in a Corporate Environment
July 8, 2003

Brien M. Posey has written a paper on everbodys favorite topic, SPAM. He touches on the corporate perspective and gives a quick review of products to help battle the spamsters.

New Site
July 8, 2003

Due to hosting problems, we have decided to move the site to a professional hosting service. Additionally, the Honeynet@home project will receive more attention as the connection and old site hardware will now be incorporated in to the project.

Cookies Revelaed
June 19, 2003

This is a paper written by Abhishek Bhuyan on Cookies. He discusses what cookies are, what are they used for and how they work. There is a good example included on how Cookies work, making this a worthy read.

ID Management Presentation
June 11, 2003

Brian Cincera presented ID management at this months Infraguard FBI meeting. Brian has more than 12 years of professional experience in the design, development, and implementation of enterprise security and network infrastructure systems. Experience in developing security policies and standards, application and infrastructure security testing and mitigation programs and implementing security monitoring and management capabilities. Experience in enterprise-wide security assessments evaluating people, process and technical risks and controls. Deep Program Management experience with design and deployment of mission-critical network and security infrastructure

Honeypot Series: Design of a Linux Honeypot
June 9, 2003

This is a paper written by Stephen Holcroft back in April 2002. He covers the details of building a Linux 6.2 Honeypot that includes details on proper analyzing. This is a very informative paper and a recomended reading.

Honeypot Series: Analysis of Linux Honeypot Compromise
June 8, 2003

This is a paper written by Stephen Holcroft back in April 2002. It is an analysis he did of a compromised Linux 6.2 Honeypot. This is a very informative paper and a recomended reading.

Preview of the Honeynet Peer-to-Peer Study
June 3, 2003

I have decided to post a preview of the Peer-to-Peer Application study that is being performed on the Honeynet@home network. This study is meant to demonstrate any risks of using some of the more popular peer-to-peer applications available like Kazaa and Bearshare. This paper will be updated and proofed shortly for release at

Product Review: InsideOut Firewall Reporter
June 3, 2003

Relevant Technologies has put together a review of the product "InsideOut Firewall Reporter". This product analyzes data produced in common firewall logs.

Enterprise Identity Management Presentation
June 2, 2003

Brian Cincera presented this Powerpoint presentation at the NY Infraguard meeting in May. Brian is a Security Practice Engineer for Greenwich Technology.

OS Scan 2003: Solaris 9
MAY 20, 2003

Solaris 9 on Sparc hardware has been added to the OS Scan project.

Reverse Engineering Malware (Microsoft Update Email Fakes)
May 19, 2003

This paper is designed for the semi-technical. Using some of the best tools today to study an Internet Hoax's affect on a system that are becoming quit common. In this report, you will see detailed analysis of registry and file system changes, a review of the delivery method as well as a peek into the malware.

Internet Hoaxes
May 11, 2003

This paper is designed for the typical non-technical audience on Internet Hoaxes. Over the last few weeks we have received several of these "convincing" emails, and decided to do our part in educating our readers. Read our paper "Internet Hoaxes" in an HTML Powerpoint presentation.

OS Scan 2003: Windows Server 2003
April 29, 2003

Windows Server 2003 Beta has been added to the OS Scan project. A re-scan of the official release will be posted when available. Take a look at how it compared to Windows 2000 Server.

OS Scan 2003: Solaris 8
April 28, 2003

Solaris 8 on Sparc hardware has been added to the OS Scan project.

OS Scan 2003: Windows XP
April 20, 2003

Windows XP has been added to the OS Scan project.

OS Scan 2003: Windows 2000 Server
April 12, 2003

It's time again for the annual OS Scan project. This year, we look at the latest server Operating Systems and compare them against each other using the new and improved Nessus 2.0 technology and NMAP. Windows 2000 Server is the first OS to be analyzed.

What is it?
March 25, 2003

The Honeynet@home has kicked off full blast! We will be releasing packet captures of specific traffic logs to and from the Honeynet. The goal is to give a reference point to packets and associated attacks. Check out the new section "Packet Analysis". New links in the title bar at the top and at the bottom allow quick access.

Don't Take Code Red Lightly
March 23, 2003

Larz has just completed a paper entitled "Dont take Code Red Lightly".

Abstract: "In confronting malware, there is nothing innovative about new strains of Klez, Yaha, SirCam and Code Red. Yet all of these worms have demonstrated unprecedented staying power on the Internet despite the existence of patches, anti-virus signatures, personal firewall protection and Intrusion Detection technology. Why are these threats so prolific and why do new threats gain traction so quickly if all they amount to are retread malicious code?

This paper analyzes the patterns of emerging malware and presents a strategy to assist network and security administrators in addressing "new" yet old threats."

Selling Security to Management and the Business
March 18, 2003

I got an idea to take notes on what I have learned and what experienced from presenting and selling security to upper management. This paper provides notes that are essential to anyone who is presenting security.

A Practical Approach to Defeating NMAP OS-Fingerprinting
March 17, 2003

David Barroso Berrueta has written a fascinating paper on this subject. This paper is in PDF format.

Email Security
February 4, 2003

Ian Briggs has written a paper that focuses on email security. Well referenced and covers a lot of ground, a definite must read!