Archive

Archive for the ‘General’ Category

Duqu Detector Toolkit to Recognize New Variant — Latest Update

March 23rd, 2012 No comments

 

Categories: General Tags:

CrySyS Releases Duqu Detector

November 21st, 2011 ۱ comment

The lab that par­tic­i­pat­ed in the dis­cov­ery of the Duqu tro­jan has devel­oped a detec­tor toolk­it that can find Duqu infec­tions on a com­put­er or in a whole net­work. The toolk­it, released by the Lab­o­ra­to­ry of Cryp­tog­ra­phy and Sys­tem Secu­ri­ty (CrySyS), uses sig­na­ture and heuris­tics meth­ods to find traces of Duqu infec­tions even when bits of the mal­ware have already been removed from a PC.

The toolk­it search­es for a range of dif­fer­ent Duqu relat­ed sus­pi­cious files and known indi­ca­tors to detect the cur­rent or past pres­ence of the tro­jan. How­ev­er, as with all anom­aly detec­tion tools, it is pos­si­ble that it gen­er­ates false pos­i­tives.

There­fore, pro­fes­sion­al per­son­nel is need­ed to elab­o­rate the result­ing log files of the tool and decide about fur­ther steps.

The toolk­it, which includes the source code, can be down­loaded from here

http://www.honeynet.ir/software/duqu/duqudetector-v1_02.zip

Categories: General Tags:

How To Install Scientific Linux 6.1

October 25th, 2011 No comments

http://www.howtoforge.com/how-to-install-scientific-linux‑6.1

Categories: General, Linux Tags:

Welcome to Iran Honeynet Project

April 28th, 2011 ۲ comments

Wel­come to Iran Hon­eynet Project

Categories: General Tags: