TaoSecurity Blog

Fluffi Bunni (AKA Fluffy Bunny ), infamous web site defacer, was arrested 29 Apr in London by Scotland Yard while attending InfoSecurity Europe 2003 . His real name is Lynn Htun, and he's 24 years old. His first public defacement occurred in Jun 00 and was a Linux box belonging to hogeschoolnederland.nl . His defaced SANS in Jul 01, and I learned a little about the event at the first SANSFIRE conference later that month. Brian Martin chose to comment on the event and used a quote from me to further embarass SANS. Maybe Mr Htun didn't care for his attitude, as Attrition.org was defaced several days later. I did some Google. Groups searches for Mr. Htun and found these results .

PacketStorm alerted me to the 23 Apr release of an exploit taking advantage of these vulnerabilities in Snort 1.9.1 . The code was published by Projet 7 Labs and in its default mode opens a shell from the victimized Snort box to port 45295 on the intruder's machine.

I just read in the latest SANS Training and GIAC Certification Update that two candidates, named as John P. Jenkinson ( described as a contractor for SAIC ) and Lenny Zeltser (a consultant and one of the authors of Inside Network Perimeter Security ) are the first two SANS "GSEs," or "GIAC Security Experts." (GIAC now stands for Global Information Assurance Certification, although in late 1999 it meant Global Incident Analysis Center.) Congratulations, guys! It looks like they both started at the bottom of the six-rung GSE ladder with the GIAC Security Essentials Certification (GSEC) . Neither appears to be a GIAC Certified Forensic Analyst (GCFA) , which isn't required for the GSE cert.

I learned the NSA is teaming up with (ISC)2 to create the Information Systems Security Engineering Professional (ISSEP) certification. According to the press release: [The] (ISSEP) credential [is] for information security professionals who want to work for NSA, either as employees or outside contractors. The new certification will serve as an extension of the CISSP. . . The new domains of the ISSEP will focus on the technical knowledge required of government information systems security engineers such as ISSE processes and government regulations. The ISSEP complements the CISSP by comprehensively addressing the systems engineering side of information security. I like the idea of addressing security "systems engineering," if they follow the ideas of Ross Anderson . I don't find the "government regulations" aspect appealing. On 16 Apr ISC(2) announced two "concentrations" for CISSPs: "the CISSP, Management Concentration and CISSP, Architec...

Amazon.com just posted my four star review of Windows XP Under the Hood . From the review: Let WXPUTH be your guide to a world where graphical user interfaces (GUIs) are optional! Author Brian Knittel introduces the reader to the full range of Windows' command-line capabilities. Through examples, tables, explanations, and humor, WXPUTH doesn't teach everything, but instead concentrates on the most useful features of the Windows command line.

I finally joined a new martial arts school in northern Virginia. It's been two years since I broke my wrist and stopped formal training, and about seven months since my last organized martial arts activity.

I'm reading an interview with three FreeBSD core team members . It's multiple pages but very interesting. From the article: Having two major packaging formats [in Linux], a number of major distributions, all with differing sets and releases of critical libraries, is a management nightmare nobody really wants to tackle. This is why everyone that goes with Linux picks one distro and makes it an organization standard even if it's not the best. FreeBSD is a *system*, not a kernel with a bunch of other stuff thrown on top to make a "distro." The kernel, userland programs, libraries, booting system, etc., are all tested together to make a release that's known good.