Arnoth.net Documentation Trove

technods:programming:perl

earnoth — 2010-03-09T11:07:53-06:00

Epoch stuff Going from seconds since epoch: use POSIX; strftime("%a %b %e %H:%M:%S %Y %z %Z", localtime($time)); or print scalar gmtime $time; Going to seconds since epoch: use Time::Local; $date_epoch = timelocal($sec, $min, $hr, $day, $month-1, $year-1900);

techdocs:security:clamav

earnoth — 2010-03-07T09:33:58-06:00

Compile and install Install process, works on 9.04 and 8.04n apt-get install zlib1g-dev libncurses5-dev groupadd clamav useradd -g clamav clamav ./configure && make && make install Configure ClamAV Tailor the following config files to taste: /usr/local/etc/clamav.conf /usr/local/etc/freshclam.conf Run clamconf

techdocs:security

earnoth — 2010-02-25T11:34:19-06:00

Nepenthes Nepenthes Notes Anti-Virus ClamAV notes Malware Research Malware research notes Snort Dependencies on Ubuntu 8.04n: apt-get install libpcap0.8-dev pcre libpcre3-dev

techdocs:programming - created

earnoth — 2010-02-19T11:31:30-06:00

Perl Notes

techdocs

earnoth — 2010-02-19T11:30:38-06:00

Technical Documents Here is where all the documentation for my personal geeky work goes. Vim Technical Documents MythTV Technical Documents VMWare Technical Documents Ubuntu Technical Documents Linux Technical Documents Windows Technical Documents

techdocs:security:malware:9d64e6a0dc6a3353770916d53350c2ac

earnoth — 2010-01-23T14:58:29-06:00

Research Notes for bd618f92139641ac7a2800c9f895a2ce Summary Notes 2010-01-23 Executed on WinXPHomeSP2 running in VMware Server 1.0.0 build 28343. Installed an agent that started massive communications with a multitude of hosts on the Internet, primarily over port 80 but seeming to use encrypted channels.

techdocs:ubuntu:general

earnoth — 2010-01-23T14:12:49-06:00

Ubuntu General Documents This section contains my documentation for generic features that are typically common across different Ubuntu versions. Administration Installing package clusters Using Apt, one can install many different packages for a purpose using the meta-packages. For example, the different developer packages (gcc, make, bison, etc) required for compiling most different open source projects can be installed using build-essential:

techdocs:security:malware

earnoth — 2010-01-23T13:51:44-06:00

Tracking Sites malware irc control sites Research Notes e797cdc4dc4badc3c639bfc2f71240b6 53e38a165518036db28523eed3bac45e 289567012392e5739fcd5f73043a005e 3018e3b251119fd3215489f1f233a328 1f443c0271f1d699164521fb8b3dd408

techdocs:linux:commandline

earnoth — 2010-01-11T19:08:25-06:00

The following is a list of useful commands that I've learned for Linux, but that I use so rarely, I tend to forget until I need them again. Creating a CD ISO To rip an entire normal data-cd (ISO filesystem) from a CD-ROM: dd if=/dev/cdrom of=my_cd_image.iso Making an ISO from a file system To create an iso using files in Linux:

techdocs:security:malware:0fc38cc0e7f8f732a79b976fd79d9a76 - created

earnoth — 2010-01-10T21:46:51-06:00

Research Notes for 0fc38cc0e7f8f732a79b976fd79d9a76 Summary Notes 2010-01-10 Executed on WinXPHomeSP2 running in VMware Server 1.0.0 build 28343, OS complains that the file “is not a valid Win32 application”. Links virustotal analysis

techdocs:security:malware:1df34209b750a6651f94388897d0f737 - created

earnoth — 2010-01-10T21:41:37-06:00

Research Notes for 1df34209b750a6651f94388897d0f737 Summary Notes 2010-01-10 Executed on WinXPHomeSP2 running in VMware Server 1.0.0 build 28343. Received a dialog box that exclaimed, “W32.NytemareV2 says 'Your kung-fu is no good!'” Will try on a bare-metal victim device tomorrow.