Friday, January 10, 2003

Group aims to strengthen Web services
A group of information technology companies published a specification Thursday designed to improve the reliability of business applications that use Web services.
WS-Reliability, if accepted as a standard and adopted by Web services providers, will let a company ensure that a message sent between two different applications is delivered reliably. For example, a company could send a purchase order to a supplier via a Web service and be guaranteed that the message was either successfully delivered and performed its function, or that the transmission failed.

Wednesday, January 08, 2003

E-Evidence Info
Welcome to the E-Evidence Information and Resource site. Within these pages, you will find a compilation of links to material related to all aspects of Digital Forensics and Electronic Evidence.
This site is a 'side effect' of my research and learning process conducted in connection with my position as Project Manager at the Computer Forensic Research and Development Center at Utica College, and in my ongoing search to find timely material to present to the students enrolled in the Computer Forensic course that I have been teaching here at Utica College.
I had found few sites providing more than a handful of resources, or links to other sites that may contain such material (see 'Links to Links' for a compilation of other such sites). So, I have decided to share this compilation of resources with the Digital Forensics community.

Tuesday, January 07, 2003

Flaw Found in Ethernet Device Drivers
Security researchers have discovered a serious vulnerability that may be present in many Ethernet device drivers that is causing the devices to broadcast sensitive information over networks.
According to the IEEE's Ethernet standard, packets transmitted on an Ethernet network should be a minimum of 46 bytes. If, as sometimes happens with protocols such as IP, a higher layer protocol requires less than 46 bytes, the Ethernet frames are supposed to be padded with null data. However, researchers at @stake Inc., in Cambridge, Mass., have discovered that many drivers instead pad packets with data from previously transmitted Ethernet frames.

Monday, January 06, 2003

LogAnalysis.Org
Loganalysis.org is a volunteer not-for-profit organization devoted to furthering the state of the art in computer systems log analysis through dissemination of information and sharing of resources.
The work on this site is based on tbird's log analysis page that has been a work-in-progress for a number of years. Marcus Ranum expanded it into a full-blown website. Today the information on loganalysis.org is managed by tbird and Marcus as a community resource.

Sunday, January 05, 2003

rpat - Realtime Proxy Abuse Triangulation
A customer in the web hosting business was experiencing repeated attempts at password guessing for a subscription site on his servers. The source IP addresses were scattered all over the world, and a bit of investigation showed that they were unrelated anonymous web proxies: clearly the perpetrator was trying to avoid detection.
He had methods to detect hacked accounts, so in practice this wasn't impacting his business too much, but it was an annoyance nevertheless. He asked me to investigate.