When trying metric_fu, gem told me quite gently, though persistently, that it did not know about metric_fu. Blimey. You’ve got to look around the Intarnetz, but then you can find the stuff you need to get more than one repository.
So, what’s the trick?
gem sources
lists the sources that are already available.
gem sources -a http://gems.github.com
adds that source to the other sources. Jay! That’s what we needed,
I like filesystems. They’re not sexy, they do not feel good, but boy, are the fun to write. Ars Technica has a very good, albeit long, article on most filesystems ever seen on this planet.
I wanted to write about BotHunter for quite some time, but, alas, the holidays interfered.
BotHunter is basically a fully passive analyser based on the Snort tool. The text on their website says:
BotHunterTM is a novel, dialog-correlation-based engine (patent-pending), which recognizes the communication patterns of malware-infected computers within your network perimeter. BotHunterTM is a passive traffic monitoring system, which ties together the dialog trail of inbound intrusion alarms with those outbound communication patterns that are highly indicative of successful local host infection. When a sequence of in and outbound dialog warnings are found to match BotHunter’s infection dialog model, a consolidated report is produced to capture all of the relevant events and event sources that played a role during the infection process.
They presented a paper at the 16th USENIX Security Symposium. It’s well worth reading.
VMWare will release a Mac OSX version of VMWare which will enable MacOS to run Windows applications in parallell. Just what Parallels also does. It will be quite a test to see which of the two will be best. For now, VMWare will run the 64bit versions of Vista and XP as well.
But, I must say, I await the arrival of Linux on my mac most. I can’t wait.
The official release will be about $40, but you can also download a 30day trial.
Technorati Tags: Forensics
