usaid.blogspot.com
Zhuowei's Security Space: 10/2004
http://usaid.blogspot.com/2004_10_01_archive.html
My Research on Network Security. Packet crafting for firewall and IDS products? How to collect the audit trails and feed to firewall or IDS for analysis? Here is a good paper about it. Http:/ www.securityfocus.com/infocus/1787. Http:/ www.securityfocus.com/infocus/1791. Posted by ilili @ 9:36 AM. Intrusion detection, honey pots. The following websites are useful for the intrusion detection primer. Http:/ www.honeypots.net/. Posted by ilili @ 9:35 AM. I am using w.bloggar. Posted by ilili @ 6:29 AM.
usaid.blogspot.com
Zhuowei's Security Space: 03/2006
http://usaid.blogspot.com/2006_03_01_archive.html
My Research on Network Security. Infection Vectors of Worms, Spams, Spims. This is a good website for infection vectors about worms, spams, spims. The article is professional. Http:/ www.infectionvectors.com/. Posted by ilili @ 6:34 PM. Phrack: a forum on exploits. Docs on buffer overflow. Windows NTSTATUS List - from http:/ source.winehq. Hiding Resources under Windows BOX, RootKits? Infection Vectors of Worms, Spams, Spims. Using free() to exploit heap vulnerabilities. Two blogs on worm and honeypot.
usaid.blogspot.com
Zhuowei's Security Space: 08/2005
http://usaid.blogspot.com/2005_08_01_archive.html
My Research on Network Security. Some researchers and courses. Guofei has maintained a researcher list in his website. Http:/ home.cc.gatech.edu/guofei/4. At the same time, in my NTU website, there is a research database for intrusion detection. The list is not complete and not maintained well, but some big guys are in the list. Http:/ www.ntu.edu.sg/home5/pg01316106/myFavorites.htm. Posted by ilili @ 8:18 AM. Yeah, thesis draft is ready. :). Posted by ilili @ 7:48 AM. Phrack: a forum on exploits. Using ...
usaid.blogspot.com
Zhuowei's Security Space: 09/2004
http://usaid.blogspot.com/2004_09_01_archive.html
My Research on Network Security. Small Snail from Night Safari. Posted by ilili @ 9:44 PM. I take it from my webcam tonight when test the hello tools to post the blogger information. Posted by ilili @ 6:25 AM. I am completing my paper on MFS-MSS session, but as I will submit it to WITS, whose deadline is very near. I am a little worry about my work, I have to do it stay up tonight and tomorrow night.:). Posted by ilili @ 4:18 AM. Night Safari at 15-Sep-2004. Posted by ilili @ 4:08 AM. Using unlink macro ...
usaid.blogspot.com
Zhuowei's Security Space: 06/2005
http://usaid.blogspot.com/2005_06_01_archive.html
My Research on Network Security. My Homepage Blog moves to blogspot. Fortunately, I have gotten some travel support from PAKDD conference, many thanks to the organizer. During this period, my notebook has been spoilt for a long time so that I cannot get some work through conveniently. However, all have been the past. With my supervisor's permission, I will start my thesis writing after coming back from the conference. Cheers.:). It is a really a tough job for writing such a paper within 10 days.:(. My pa...
usaid.blogspot.com
Zhuowei's Security Space: 07/2004
http://usaid.blogspot.com/2004_07_01_archive.html
My Research on Network Security. I am developing and experimenting one technique on intrusion detection called USAID. It is so promising that it can give the answers to most problems related to intrusion detection. Posted by ilili @ 3:04 AM. Phrack: a forum on exploits. Docs on buffer overflow. Windows NTSTATUS List - from http:/ source.winehq. Hiding Resources under Windows BOX, RootKits? Infection Vectors of Worms, Spams, Spims. Using free() to exploit heap vulnerabilities. Some researchers and courses.
usaid.blogspot.com
Zhuowei's Security Space: 12/2006
http://usaid.blogspot.com/2006_12_01_archive.html
My Research on Network Security. Windows NTSTATUS List - from http:/ source.winehq.org/source/dlls/ntdll/error.c. Static const DWORD table 00000102[32] =. ERROR TIMEOUT, /* 00000102 (STATUS TIMEOUT) */. ERROR IO PENDING, /* 00000103 (STATUS PENDING) */. ERROR MR MID NOT FOUND, /* 00000104 (STATUS REPARSE) */. ERROR MORE DATA, /* 00000105 (STATUS MORE ENTRIES) */. ERROR NOT ALL ASSIGNED, /* 00000106 (STATUS NOT ALL ASSIGNED) */. ERROR SOME NOT MAPPED, /* 00000107 (STATUS SOME NOT MAPPED) */. 184 ERROR MR ...
usaid.blogspot.com
Zhuowei's Security Space: 11/2004
http://usaid.blogspot.com/2004_11_01_archive.html
My Research on Network Security. Exerpted from Usenix review. Http:/ www.unixreview.com/documents/s=9233/ur0407m/. Nor did Wednesday's plenary speaker, Bruce Schneier. Schneier began by remarking that this was an "interesting time for security." He went on to say that security is always a trade-off, and "there is no such thing as absolute security". Posted by ilili @ 10:51 PM. A good website for intrusion detection. Http:/ www.secguru.com/index.php/content/category/6/145/115/. Posted by ilili @ 2:36 AM.
usaid.blogspot.com
Zhuowei's Security Space: 02/2006
http://usaid.blogspot.com/2006_02_01_archive.html
My Research on Network Security. Using free() to exploit heap vulnerabilities. In order to achieve the exploit objective using free() in memory management. The following requirements should be met:. 1 Overwriting the chunk which will be free()'d using heap overflow or other vulnerabilities, such as double free. The overwritten chunk header should be designed deliberately. 2 Constructing at least one fake-chunk within the heap or stack. Posted by ilili @ 11:19 PM. With BK ( the address of the shellcode.