Rootkits, Capture the Flag, SANS

Rootkits

Checking up on packetstormsecurity.com today I see confirmation of what has been getting a lot of news lately — rootkits. According to pandasoftware (the vendor of the Panda antivirus/antispyware/etc products) there was a substantial increase in rootkits last year.

I believe we’re going to see that activity peak in the next year or two as techniques become more advanced for implementing them. In our SANS class this week some of us have traded ideas about how to implement and also defeat these things. I’ll probably touch more on this later next week.

CTF

I’m all geared up for our little “Capture the Flag” competition tomorrow. This will be the first time i’ve actually tried to hack into something, and i’m eager to see if I can figure it out. I have four computers on in my office right now, and am waiting for the house to catch on fire.

SANS

Sadly, the competition is the last event for the Community SANS Norfolk 2007 event. I’ve had a really good time and met some people who I plan on continuing professional relationships with. Hopefully I can take what I have learned here and better apply myself in this field. I will be writing up a bit of a report on generally what the course was about, and what I took out of it sometime in the next week or two, definitely before the upcoming Shmoocon event in Washington, DC in two weeks.

Shutting down and turning in.

-Chris