interesting information security bits

I'm sitting at home this evening and I should have been doing any number of productive things, but foremost on my mind for some bizarre reason was the question "What kinds of stats can I generate from my bits posts?" I know, I know, you were thinking the exact same thing πŸ™‚

So, with the help of a quick wget call to Delicious (wget --no-check-certificate -O <output.file> https://<username>:<password><tagyouwant>), a little awk, sort, and uniq magicΒ  plus a pivot table in Excel I bring you stats!

Current Number of Interesting Information Security Bits Posts = 1687

Number of Unique Sites = 428

Number of Links to Most Frequently Referenced Site = 60

Most Frequently Referenced Site =

This is a bit distorted. For some reason all the direct links go to instead of the blog from which they came.

Number of Links to Most Frequently Referenced Non-"news" Site = 46

Most Frequently Referenced Non-"news" Site =

Number of Links to Most Infrequently Referenced Site = 1 ( 230 sites tied)

The top 20 non-"news" sites:

What does all this tell us? I have no idea, but it was fun to do πŸ˜‰ I will be creating a blog roll that contains the Top 20 referenced non-"news" sites and updating it periodically for those who are interested.



Good afternoon everybody. Here are few things worth taking a gander.

Dave Lewis over at Liquidmatrix points us to an service that appears to be very helpful. It is a service offered by Jane's that tracks terrorism and insurgent activities around the globe. As Dave states, it's a bit pricey for an individual, but probably well worth it for corporations that have global exposure.

Richard's latest Snort Report is up. He helps us Justify Snort. Good reading.

Paul Melson has a list of Malware Analysis tools you can use to dig into the guts of those pesky malicious files.

@dacort twitted a pointer to an article on Sun's site that talks about five areas that must be addressed to keep Web scale deployments safe from attack.

In a follow-up post to a previous missive about the static code analysis shortcomings, Rafal Los brings us a solution, Hybrid Analysis. Good stuff.

That's it for now. Have a great day.



First, I changed the title of these posts to be a little more clear. Maybe nobody else cares, but it was bothering me πŸ™‚ Anyway, on with the show.

Jennifer posted on Friday about a new revision of 8.2.1x being put out. She points out some items that the new -REV is going to have included.

Matthew Hinman has the first post of what will be a very interesting series on malware analysis and reverse engineering. Well worth the read. I look forward to the posts to come.

Another great post by GNUCITIZEN on using plain old telnet and bash to perform portscans. Cool stuff.

Ory's blog at Watchfire has a pointer to Charles which is a nifty looking tool. It's a proxy that, among other things, lets you simulate line speeds and act as a man-in-the middle https proxy enabling you to "debug" https sessions. πŸ™‚

A list of "hacker tools" is brought to us by Dark Visitor. We should probably be keeping any eye out for any of these tools showing up on our networks/systems.

Have great day folks!