StopBadware is a website that publishes reports on websites that distribute malware. They also allow for you to submit your own link for site that you would like for them to review. The work with the FTC to have sites shutdown. I am planning on using their site my first malware reverse engineering. I can compare my findings to what they have found to make sure I can get good at figuring out what malware does that others haven’t analyzed yet.

I created this site to document projects that I work on. There are a couple of reasons why I go thru the hassle of documentation. The main reason is that I don’t forget anything and the other which is just gravy is that maybe someone else will be able to follow along and not have to jump through all the hoops to learn the same thing that I did. They can also use my documentation to reproduce the steps it took to come to the same end result and hopefully expand upon that. This is the first of many posts to come related to these projects.

My first project will document the steps needed to collect and reverse engineer Windows malware. I’ve never done this before, but have experience with Honeywalls. I used them at the CarolinaCon 2005 Capture the Flag event. For the collection part of this project, I’m going to be using a Honeywall, Nepenthes, HoneyC, and possibly Capture-HPC. The host OS for the Honeywall and Capture will be Windows XP with no service packs installed. Read the rest of this entry »

I started this blog after a failed attempt to create a community website where members could share information related to the Information Security field. The site fell flat on it’s face due to only one person posting information to share. I have to admit that I didn’t add much myself due to lack of time. I created a tutorial on how to add stuff to the site. I did start to add a firewall presentation that I had given in the past, but I never finished creating the content for it. I think that the few people that were on the site did benefit from the forum. Members were able to ask questions about things that they didn’t understand or wanted to learn more about. The site eventually became a place where I kept my thoughts and notes on projects that I worked on. Since the focus of the site changed, I felt that a blog was more appropriate. I will eventually add a forum to this site so that others can share information that they have learned or ask questions outside of the scope of what I post here.

More to come later…