One more comment on the ip blocking...you could configure socks to have your browser appear to come from a different IP address and change it frequently. Amazon's EC2 cloud service would allow you to do that (but it costs a bit of money)...
On Thu, Oct 4, 2007 at 1:51 AM, Joe <[EMAIL PROTECTED]> wrote: > Hi > > I have some interesting to you: > > How you are dealing with malware who identificates your dedicated > machines by using some tricks to detect any virtualisation or emulation > software? And how you make sure that the server on which malware is > hosted do not block your ip addresse? How do you build system states and > compare to some other states (kernel hooks or file system comparing)? > What about malware which needs user interaction to become installed? > > Thanks for your answers :). > > Kind Regards > > Joe > > Joe Security > www.joebox.org > > _______________________________________________ > Capture-HPC mailing list > Capture-HPC@public.honeynet.org > https://public.honeynet.org/mailman/listinfo/capture-hpc > -- ---- Web: http://www.mcs.vuw.ac.nz/~cseifert PGP key http://www.mcs.vuw.ac.nz/~cseifert/pgpkey.txt Primary key fingerprint: E979 0D9A 9187 D821 F86F B712 C8DB 0583 B046 BAEF
_______________________________________________ Capture-HPC mailing list Capture-HPC@public.honeynet.org https://public.honeynet.org/mailman/listinfo/capture-hpc
