Arbor Threat Intelligence

Arbor's Security Engineering & Response Team (ASERT) Blog
image description

Gone Aren’t the Days of Spoofing

Reading a slew of comments associated with a Slashdot post titled Can You Spoof IP Packets? I found a response stating “…every self-respecting network operator has RPF (or some other antispoof-ingress filter) enabled at the edge. Gone are the days of spoofing”. For more than […]

Read more

Nugache: TCP port 8 Bot

Over this past weekend, ASERT received samples of the Nugache bot and analyzed them Monday morning. Nugache has been noticed because it appears to employ P2P to communicate rather than a more traditional IRC channel. People have been discussing it as a Waste-based protocol, the […]

Read more

The Enemy Within

Amidst the daily headlines heralding the rise of massive zombie armies and malevolent teenage hackers in far-off countries, it’s easy to lose sight of one of the biggest threats to your network. And you may be surprised by this oft overlooked enemy to uptime and […]

Read more

Some Q1 ’06 Phishing Stats

This morning, on one of the malicious activity tracking lists that we subscribe to, someone asked about phishing stats for Q1 2006. I got curious, too, so I ran stats on the feed going into our Active Threat Feed (ATF) phishing policy, and came up […]

Read more

Inflammatory Accusations

I recently wandered into Ann Arbor’s (and the first ever) Borders Books & Music store where I came upon a magazine titled “Skeptical Inquirer – The Magazine for Science and Reason.” At the bottom of the magazine cover, I read the text “Published by the […]

Read more

Vulnerability Complexities

Dave Goldsmith had a great post earlier today which I would like to point out to anyone who hasn’t read it yet. With comments like, “I’m quite positive that when this vulnerability reached Sun Microsystems, someone’s head exploded”, I found his commentary very amusing. Even […]

Read more