Category Archives: Forensic Analysis

Some rudimentary forensics on stuff sent my way

Exploit Analysis, Random Drive-by

10/16/2005 – 9:54 pm

Detection
At September 27th, 13:37 Eastern, I received two bounced messages from my internal mail server. It was unable to send mail from my fake internal domain through Bellsouth’s SMTP server, which I use as a smarthost. Reviewing the bounce, it was immediately apparent it had a large amount of internal information about the [...]

By jasonb | Comments (0)

gr8 picture trojan using AIM

9/21/2005 – 10:06 am

I found this rather amusing, as it has been happening on IRC for more than a decade now. (Perhaps on ICQ and AIM as well, but the majority of people on my lists are clued users.)
Anyway, last night I get a strange IM.

Message from infecteduser at 21:08:14
damn gr8 picture [...]

By jasonb | Comments (0)