TOMOYO Linux on Android ãªè©±goroh_kun @goroh_kun p-04dã§ã‚‚è¡Œã£ã¦ã„ã‚‹ã§ã‚ã‚ã†ã€execveã®ä½¿ç”¨åˆ¶é™ã«ã¤ã„ã¦ã®è«–æ–‡ã€‚ã‚¿ã‚¹ã‚¯æ§‹é€ ä½“ã«execveã®ç¦æ¢ãƒ•ãƒ©ã‚°ã‚’è¿½åŠ ã—ã¦ã‚ã‚‹ã¨ã‹ã€ãªã‚‹ã»ã©ã€‚ 2012-06-13 08:33:06
MWS 2012 ãƒãƒ³ã‚ºã‚ªãƒ³ 事å‰ç”³ã—è¾¼ã¿æ¡ˆå†… – IIJ Security Diary
å‰å›žã®ãƒ–ãƒã‚°ã§ãŠä¼ãˆã—ãŸã¨ãŠã‚Šã€MWS 2012 ã§ã‚¤ãƒ³ã‚·ãƒ‡ãƒ³ãƒˆãƒ¬ã‚¹ãƒãƒ³ã‚¹ã®ãƒãƒ³ã‚ºã‚ªãƒ³ã‚’実施ã„ãŸã—ã¾ã™ã€‚CSS/MWS 2012 ã®å‚åŠ è€…ã¯ã©ãªãŸã§ã‚‚å‚åŠ ã„ãŸã ã‘ã¾ã™ã®ã§ã€ãµã‚‹ã£ã¦ã”å‚åŠ ãã ã•ã„。 ãŸã ã—ã€ä¼šå ´ã‚„リソースã®é–¢ä¿‚ã‹ã‚‰ã€å‚åŠ äººæ•°ã‚’åˆ¶é™ã—ã¦ã„ã¾ã™ã€‚å¸ãŒç©ºã„ã¦ã„ã‚Œã°å½“æ—¥å‚åŠ ã‚‚å¯èƒ½ã§ã™ãŒã€å½“æ—¥ã®åº§å¸ã‚‚事å‰ç”³ã—è¾¼ã¿ã•ã‚ŒãŸæ–¹ã‚’優先致ã—ã¾ã™ã®ã§ã€ä¸‹è¨˜ã‚’ã”覧ã„ãŸã ãã€ãŠæ—©ã‚ã«ãŠç”³ã—è¾¼ã¿ãã ã•ã„。 タイトル インシデントレスãƒãƒ³ã‚¹ (フォレンジック調査ã€ãƒžãƒ«ã‚¦ã‚§ã‚¢è§£æž) 日時 2012å¹´11月1æ—¥(木) 8:40-11:20 å ´æ‰€ ãã«ã³ããƒ¡ãƒƒã‚»ï¼ˆå³¶æ ¹çœŒç«‹ç”£æ¥äº¤æµä¼šé¤¨ï¼‰ä¼šå ´6 (401会è°å®¤) 〒690-0826 å³¶æ ¹çœŒæ¾æ±Ÿå¸‚å¦åœ’å—1ä¸ç›®2番1å· ä¼šå ´ã®ãƒ¬ã‚¤ã‚¢ã‚¦ãƒˆä¸Šã€å¾Œã‚ã®æ–¹ã®å¸ã‹ã‚‰ã¯ã‚¹ã‚¯ãƒªãƒ¼ãƒ³ãŒè¦‹ãˆã«ãã„å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚ã¾ãŸã€å½“æ—¥å‚åŠ ã®æ–¹ã¯ã€å¾Œæ–¹ã®å¸ã«ãªã‚‹å¯èƒ½æ€§ãŒã‚ã‚Šã¾ã™ã€‚ æä¾› æ ªå¼ä¼šç¤¾
OWASP Mantra - Free and Open Source Browser based Security Framework
Anubis - Analyze infected files for malware Comodo Automated Analysis System - Check executable files for malware CWSandbox - Automated malware analysis and sandbox EUREKA Malware Analysis Internet Service - Automated Malware binary analysis service Norman SandBox - FREE online Malware analysis ThreatExpert - Check suspicious file online VirusTotal - Analyzes suspicious files and URLs for viruses/
ä¿è·ãƒ¢ãƒ¼ãƒ‰ã®æ˜‡æ ¼ãƒ€ã‚¤ã‚¢ãƒã‚°ã‚’ç†è§£ã™ã‚‹
Understanding the Protected Mode Elevation Dialog http://blogs.msdn.com/b/ieinternals/archive/2009/12/01/understanding-internet-explorer-security-protected-mode-elevation-dialog.aspx ãšã„ã¶ã‚“å¤ã„記事ã«ãªã‚Šã¾ã™ãŒã€ä»Šã¾ã§ Windows XP 環境ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ãŒ Windows 7 / Windows 8 ã®ç’°å¢ƒã«æ›´æ–°ã™ã‚‹ã‚±ãƒ¼ã‚¹ã¯ä»Šå¹´å¤šãã†ãªã®ã§ã€æ”¹ã‚ã¦ç¢ºèªã™ã‚‹æ„味ã§ã‚‚æ„外ã¨çŸ¥ã‚‰ã‚Œã¦ã„ãªã„ä¿è·ãƒ¢ãƒ¼ãƒ‰ã®å‹•ä½œã«ã¤ã„ã¦ã®è©±é¡Œã‚’一ã¤è¨³ã—ã¦ã¿ã¾ã—ãŸã€‚特ã«ã€Œè¨±å¯ã—ãªã„ã€ã‚’クリックã—ã¦ã„ã‚‹é™ã‚Šã¯ã“ã®ãƒ€ã‚¤ã‚¢ãƒã‚°ãŒæ°¸é ã«å‡ºç¶šã‘ã‚‹ã€ã¨ã„ã†è©±ã¯èˆˆå‘³æ·±ã„ã§ã™ã。 以下ã®æ–‡ç« 㯠EricLaw’s IEInternals ã® 2009/1
Computer Security
Dan Boneh, John Mitchell and Dawn Song Class starts February 2012 The Course In this class you will learn how to design secure systems and write secure code. You will learn how to find vulnerabilities in code and how to design software systems that limit the impact of security vulnerabilities. We will focus on principles for building secure systems and give many real world examples. In addition, t
New Security Assertions in “Windows 8†– Alex Ionescu’s Blog
Alex Ionescu’s Blog Windows Internals, Thoughts on Security, and Reverse Engineering Anyone reversing “Windows 8†will now find a non-familiar piece of code, whenever a list insertion operation is performed on a LIST_ENTRY: .text:00401B65 mov edx, [eax] .text:00401B67 mov ecx, [eax+4] .text:00401B6A cmp [edx+4], eax .text:00401B6D jnz SecurityAssertion .text:00401B73 cmp [ecx], eax .text:00401B75
Software Security Notes --- ソフトウェアプãƒãƒ†ã‚¯ã‚·ãƒ§ãƒ³ã«é–¢ã™ã‚‹ãƒ¡ãƒ¢
2004.11.8 ソフトウェアプãƒãƒ†ã‚¯ã‚·ãƒ§ãƒ³ã®ã‚µãƒ¼ãƒ™ã‚¤è«–æ–‡ ã“ã®åˆ†é‡Žã®ã‚µãƒ¼ãƒ™ã‚¤ã¨ã—ã¦ï¼Œå¤ãã¯1989å¹´ã®Groverã®è‘—書[1], 1993å¹´ã®Cohenã®è«–æ–‡[2]ãŒã‚り, è¿‘å¹´ã§ã¯Collbergã¨Thomborson[3],Mainら[4],van Oorschot[5], Naumovichã¨Memon[6],石間ら[7]ã®æ–‡çŒ®ãŒã‚る. [1] D. Grover (ed),"The protection of computer software - its tech-nology and applications," The British Computer Society Mono-graphs in Informatics, Cambridge University Press, 1989 (Second Edition 1992). [2] F. Cohen, "Oper
GRC | Security Now! Episode Archive Â
Our weekly audio security column & podcast by Steve Gibson and Leo Laporte TechTV's Leo Laporte and I spend somewhat shy of two hours each week to discuss important issues of personal computer security. Sometimes we'll discuss something that just happened. Sometimes we'll talk about long-standing problems, concerns, or solutions. Either way, every week we endeavor to produce something interesting
CERT Societe Generale - Publications
CERT Societe Generale provides easy to use operational incident best practices. These cheat sheets are dedicated to incident handling and cover multiple fields in which a CERT team can be involved. One IRM exists for each security incident we're used to dealing with. These cheat sheets have been written in English and Russian, and translated into Spanish by Francisco Neira from the OAS. CERT Socie
åˆå¿ƒè€…Webアプリケーション開発者ãŒãƒã‚§ãƒƒã‚¯ã™ã¹ãæƒ…å ±æº2011 - ãƒãƒ‹ãƒ¼ãƒãƒƒã‚¿ãƒ¼ã®éƒ¨å±‹
毎年æ’例ã®è¨ºæ–å‰æº–å‚™ã¨ã—ã¦é–‹ç™ºè€…å‘ã‘ã«ã€ã€Œåˆå¿ƒè€…Webアプリケーション開発者ãŒãƒã‚§ãƒƒã‚¯ã™ã¹ãæƒ…å ±æºã€ã‚’集ã‚ã¦ã„ã‚‹ã®ã§ã€çš†ã•ã‚“ã«ã‚‚ã”紹介。他ã«è¿½åŠ ã—ãŸæ–¹ãŒè‰¯ã„æƒ…å ±æºãŒã‚ã£ãŸå ´åˆã¯ã”指摘ã„ãŸã ã‘ã‚‹ã¨åŠ©ã‹ã‚Šã¾ã™ã€‚ 上ã‹ã‚‰é‡è¦ãªé †ã€‚★ãŒã¨ã‚Šã‚ãˆãšèªã‚“ã©ã‘ã€ã®å¿…é ˆã€‚å¿…é ˆã®ãƒã‚¤ãƒ³ãƒˆã¯ã€çŸæœŸé–“ã§å¤§é›‘把ã«ç¶²ç¾…çš„ã«ãƒã‚¤ãƒ³ãƒˆãŒæ•´ç†ã•ã‚Œã¦ã„ã‚‹ã‚‚ã®ã€‚ å¾³ä¸¸æœ¬ã‚’å¿…é ˆã«å…¥ã‚Œã‚‹ã‹è¿·ã£ãŸã‘ã©ã€ã‚ã®åŽšã•ã¯ã€ä¸‡äººã¯èªã‚ãªã„ã®ã§ã€ä¸Šä½ãƒ©ãƒ³ã‚¯ã ã‘ã©å¿…é ˆã‹ã‚‰ã¯ã¯ãšã—ãŸã€‚ ★Webサイト構築 安全ãªã‚¦ã‚§ãƒ–サイトã®ä½œã‚Šæ–¹ 改訂第5版 http://www.ipa.go.jp/security/vuln/websecurity.html æºå¸¯ã‚¦ã‚§ãƒ–サイトã®å®Ÿè£…æ–¹æ³•ã‚’è¿½åŠ ã‚»ã‚ュリティ実装 ãƒã‚§ãƒƒã‚¯ãƒªã‚¹ãƒˆï¼ˆExcelå½¢å¼ã€33KB) 安全ãªSQLã®å‘¼ã³å‡ºã—方(全40ページã€714KB) ★発注仕様 発注者ã®ãŸã‚ã®Webシステムï¼Webアプ
アクセンãƒãƒ¥ã‚¢ | 日本 | Let There Be Change
<section id="hero_custom" class="hero_custom"> <video aria-hidden="true" role="presentation" class="hero_custom__background hero_custom__background--video" webkit-playsinline="true" playsinline="true" loop="true" autoplay="true" muted="true"> <source src="/content/dam/system-files/acom/custom-code/change-more/media/custom-rad-hero-bg-video.mp4" type="video/mp4" /> </video> <a class="hero_custom__c
IT Security and Hacking knowledge base - SecDocs
Learn, hack! Hacking and security documentation: slides, papers, video and audio recordings. All in high-quality, daily updated, avoiding security crap documents. Spreading hacking knowledge, for free, enjoy. Follow on . × How to navigate this website In the navbar, the black bar on top, you have the common short link for the site functions. The information are showed in two navigation panel, you
Why Python Pickle is Insecure | Nadia Alramli's Blog
Python pickle is a powerful serialization module. It is the most common method to serialize and deserialize Python object structures. The pickle module has an optimized cousin called cPickle that is written in C. In this article I'm going to refer to both modules by the name pickle unless I mention otherwise. The security issues I'm going to discuss apply to both of them. I'm going to show how unp
Wiki: Passwords
WARNING: Wiki content is an archive, no promise about quality! Password dictionaries These are dictionaries that come with tools/worms/etc, designed for cracking passwords. As far as I know, I'm not breaking any licensing agreements by mirroring them with credit; if you don't want me to host one of these files, let me know and I'll remove it. Name Compressed Uncompressed Notes
Open Security Training - Security and Hacking Tools
Objective We started SecurityTube.net in mid 2008 to serve as a place for sharing knowledge in computer and network security topics. The below videos created by our team over the last 2 years is the first step in that direction. Hope you like them! Video Series Assembly Language Primer for Hackers Series (Linux) Assembly Primer for Hackers (Part 1) System Organization http://www.securitytube.ne
ランã‚ング
ランã‚ング
ãŠçŸ¥ã‚‰ã›
リリースã€éšœå®³æƒ…å ±ãªã©ã®ã‚µãƒ¼ãƒ“スã®ãŠçŸ¥ã‚‰ã›
最新ã®äººæ°—エントリーã®é…ä¿¡
j次ã®ãƒ–ックマーク
kå‰ã®ãƒ–ックマーク
lã‚ã¨ã§èªã‚€
eコメント一覧を開ã
oページを開ã
Finding the weak link in Windows binaries - Source Boston 2012 slides
Google Code Archive - Long-term storage for Google Code Project Hosting.
Developer Tools - Sony Developer World
http://homepage2.nifty.com/protocol/index.html
AutoDiff :: http://autodiff.piotrbania.com ::
{{#tags}}- {{label}}
{{/tags}}