onHacks

Hi guys this is Log0, not that I’m dead, but I’m very well alive.

For the whole December and some January, I’ve been working for OWASP China on some projects – thus taking my full attention. And I have been busy on picking up some bits of life and my side project – yes! Working on it! It’s coming in this January!

The 2009 is a fantastic year! I am aiming well for 2010 and will aim to advance fully into my interests. More to that next time… meanwhile, stay tooned. =)

Random Chatter

Last night, I was waken by a call that a server was not working. This server is hosting an online judging system (similar to uva.onlinejudge.org, which has algorithmic problems that users can solve). I took a quick look at the compilation process and web pages, everything looked good except it always return “Compilation Error” no matter what was the content in source code (even a HelloWorld!). By manually compiled the source code, the compilation error message gave more detail information about the root cause…Not enough space to link the object files! When I did a “df”, it said that the data partition was used 100%!!

After a deeper investigation, I discovered that one of the user was preparing questions on the machine, and generated a 12GB test data unexpectedly. Since this is a very old machine, it only has a 14GB hard disk for data storage and it already had 2GB data on it. This is kind of DoS attack since no one can submit sources to the judging system even though they can navigate to it.

Lesson learned: We should have restriction on storage usage of each user instead of unlimited.

Any other suggestion to prevent this happen again?

Random Chatter DoS

Yup, suddenly I decided to be a speaker than a seat warmer.

The topic will be “A DIY Botnet Tracking System”. I will share my own self-built tool for botnet tracking tool, and the problems one might meet during doing so.

If anyone planning to show up at ISF 2009, be sure to drop by and grab a drink!

Random Chatter ISF2009

OWASP简介：

OWASP是一个开源的、非盈利的全球性安全组织，致力于应用软件的安全研究。我们的使命是使应用软件更加安全，使企业和组织能够对应用安全风 险作出更清晰的决策。目前OWASP全球拥有130个分会近万名会员，共同推动了安全标准、安全测试工具、安全指导手册等应用安全技术的发展。 　　近几年，OWASP峰会以及各国OWASP年会均取得了巨大的成功，推动了数以百万的IT从业人员对应用安全的关注以及理解，并为各类企业的应用安全 提供了明确的指引。作为OWASP中国的第一届年会，OWASP安全专家将为大家带来精彩的演讲

CISRG简介：

CISRG是一个活跃的技术研究团队，团队成员都拥有自己特定的技术研究方向，目前的研究方向主要有：操作系统内核、逆向工程、漏洞挖掘、WEB漏洞挖掘及漏洞利用、渗透测试、信息搜集与社会工程。

议题征集范围（不限于以下范围）

• 应用程序威胁建模及其防御技术
• WEB2.0方向的安全技术
• WEB应用程序漏洞挖掘及分析
• 数据及数据库安全
• 浏览器安全（Firefox、IE、Safari、Chrome等）
• 操作系统研究（Vista、Windows7）
• 逆向工程
• 反恶意代码前瞻性技术
• 漏洞挖掘技术
• 智能移动设备安全研究
• 硬件设备安全性研究
• 取证分析
• 入侵检测
• 点对点网络
• 渗透测试

参会者票价

10月31日前报名：￥300
10月31日后报名：￥500

付款方式

户名：杭州安恒信息技术有限公司
账号：77818100000385
开户行：杭州银行科技支行
交款事项：写明姓名，注明年会

会议时间安排

2009年11月12日
2009年11月13日
全天两日

会议地点

中国 上海
详细地址：待定

联系我们

联系人：刘彦俊（小姐）
联系电话：+86 137 1380 7300
电子邮箱：rip@owasp.org

===

I should be there. Are you coming? =)

Random Chatter ISF2009

SecurityTube – Security related video tutorial, have fun learning!.

Random Chatter Tutorial

Log0 here, lately my main posts are a bit sparse. That is because I am busy in my nightly studies and also my day job work. Yes, I am a day job software developer developing enterprise security software, and at night I am a security enthusiast on botnet tracking, honeypots, and other stuffs. So with regard to “Who is Hacking Me?“, I am progressing with infiltration into certain botnets, and built a tool to extract botnet info automatically (woo, just finished just now). I hope to port it to windows, of course. If you got suggestions, please send me an email, love to chat. I’ve added my email to the “Who are We?” page.

Yea, hac.ka  is also very busy. So spam him! =)

I will release and talk more in details in the coming few posts, also going into more technical too. I will clean up and document any useful tools I’ve built/used.

Random Chatter

Page 1. OnHacks team is born. We are a group of geeks gathering together in exchange of our sharings in security, malware, spanning in web application, network, operating system, cryptography, and much much more. We think such knowledge sharing should be for who are interested, as many of the generous hackers who strived to share their knowledge.

Our posts will be mainly in English, but in general we will try to include Cantonese and Simplified Chinese support, as so to share across China.

Random Chatter China