Skip to main content

Posts

Showing posts from 2008
Memerangi "phishing" dengan "Phish" "Phishing" memanipulasi kejahilan pengguna Internet dan ketidaktahuan mereka mengenai protokol, URL dan sebagainya yang berkait. Untuk menguji samada anda benar-benar mampu untuk mengenalpasti laman "phishing", cubalah main permainan ini! klik sini
Unlucky John apt-get install lame john Reading package lists... Done Building dependency tree Reading state information... Done The following NEW packages will be installed: john lame 0 upgraded, 2 newly installed, 0 to remove and 27 not upgraded. Need to get 823kB of archives. After this operation, 1901kB of additional disk space will be used. Get:1 http://my.archive.ubuntu.com hardy/main john 1.6-40.3ubuntu1 [548kB] Get:2 http://my.archive.ubuntu.com hardy/multiverse lame 3.97-0.0 [275kB] Fetched 823kB in 55s (14.9kB/s) Selecting previously deselected package john. (Reading database ... 258521 files and directories currently installed.) Unpacking john (from .../john_1.6-40.3ubuntu1_i386.deb) ... Selecting previously deselected package lame. Unpacking lame (from .../lame_3.97-0.0_i386.deb) ... Setting up john (1.6-40.3ubuntu1) ... Setting up lame (3.97-0.0) ...
Publication listed in PNM PNM - Perpustakaan Negara Malaysia (?) indexed my publication into their database: here Author Muhammad Najmi Ahmad Zabidi Main Title Projek lokalisasi perisian sumber terbuka : usaha perkembangan , harapan dan realiti / Muhammad Najmi Ahmad Zabidi Host Item Free and Open Source Software conference : 2003: Subang Jaya p. 105-113 Subject Open source software Subject Computer software Notes Bibl. Call No. (Rujukan) 005.309595 FRE f M Record Status
Walimah@ Bagan Datoh on 26th Jan 2009 source *and we shall accumulating, categorizing excuses for not attending the event.
Life with Due Dates Nikah 26 Okt 2008 Father in Law passed away 19 Nov 2008 TOEFL 10 Jan 2009 GRE 5 Feb 2009 My death? My first baby born?
Malware Challenge 2008 Results source Contest Results In all, we received 29 submissions to the contest. All of the papers showed their own unique approach to the challenge which made it very difficult to pick who received any prizes. However, after reading through all the submissions we picked the ones we felt were written the best, performed the best analysis and demonstrated theri knowledge in a way which was most learnable by others. Top 3 Submissions Emre Bastuz * Ajit Gaddam Dan Roberts Runner Ups Chetan Ganatra * Scott Knight Apneet Jolly Tareq Saade Ryan Hayward Michal Dida * Stephen Davis ITT Tech Team Dan Kieta * Those marked are not eligible to receive prizes since they reside outside of North America. However, we wanted to recognize their excellent contribution to the contest. Rest of Submissions Jerome Segura Anthony Lineberry Melissa E. Team Lipstick Brian Almond Hanel Spirit Cat Muhammad Najmi Ahmad Zabidi 0xbaddead
Offline(hopefully) enjoying *real life* Your hot blog author will be offline, soul searching for real life out there. He will be back once he got something to blog. But somehow since he got dial up access in kampung, he might hardly to offline unless his mum pinches him. I just wonder whether this blog has its own reader. Looking at the traffic it tells somebody's here.
Open Problem : Why should I go to US for Phd? I already bought TOEFL/GRE books and that cost me around RM180(approx USD60). Now that I discussed and influeced by several ideologies I become hesitate again with the effort. Where should I go for my Phd study? I was initially plan to AUS but then after several search, I don't really think I'm interested to work with the topic.. though under the security theme. Next, I was phone interviewed by an interviewer from UK but seems the sponsoring institution no longer favor on sponsoring students to UK. Also, thinking of doing only research will lead to the real depth of micro problem, I'm thinking to get exposed to broader issue/circulation of the intended problem. What that suppose to mean? It means I have a thought to master several areas related to my research interest. Say, my research interest will be around malware analysis. I would like to learn on Machine Learning, which under the AI theme, also, Systems Programming since de
Read only if you have time for ALLAH إقرأه فقط إن كنت تمتلك وقت لـ الله Let me tell you, make sure you read all the way to the bottom. I almost deleted this email but I was blessed when I got to the end دعني أخبرك، تأكد أنك ستقراه الى النهاية. لقد كدت احذفه ولكني بوركت عندما وصلت إلى نهايته ALLAH,'This is the message title'!! when I received this e-mail, I thought... ' الله ' هو عنوان الرسالة !! عندما وصلتني هذه الرسالة, فكرت.... I don't have time for this... And, this is really inappropriate during work. أنه ليس لدي الوقت لمثل هذه الأشياء وأنه ليس من المناسب أن اقرأ مثل هذه الأشياء خلال العمل Then, I realized that this kind of thinking is.... Exactly, what has caused lot of the problems in our world today. بعد ذلك انتبهت, أن هذا النوع من التفكير هو تماماً السبب في جعل عالمنا مليء بالمشاكل حالياً We try to keep ALLAH in MASJIDS on FRIDAY... لقد حاولنا جعل الله والدين في المساجد أيام الجمعة Maybe, FRIDAY night... أو ليلة الجمعة And, the unlikely event of a MAGHRIB S
Machine Learning for Network Security Another informative link from Down Song, a prof @ Berkeley http://www.cs.berkeley.edu/~dawnsong/networking.html
Machine Learning for Computer Security I stumbled to several website.. since I'm searching work on malware detection rate improvement. Found a few http://mls-nips07.first.fraunhofer.de/ Also works by Terran Lane (I emailed him once) http://www.cs.unm.edu/~terran/publications Seems that many faculty that I stumbled into were alumnus of Purdue (specifically in Computer Security domain).
Busy as a bee Today- I should submit my research proposal - perhaps at least general idea what you intend to accomplish for Also, have to accomplish few stuffs before my big day ... including planning sightseeing somewhere locally. Not money ma ... Every morning I start to pick up things, move them to my new house... slowly moving from the currently rented flat house which I lived for more than a year.
Berdebar-debar untuk bersama si_dia
Raya like no others. Boom! The self made cannon made by the kampung folks booming during the raya days, as usual I tried to figure out how many cannons out there which I can archive their picture. Unfortunately, I only found one, which the same arch as last year.
Pidgin-Facebook plugin After I got my gtalk enabled on my Pidgin, now that I'm thinking of whether somebody already did something on Facebook. Yeah it's there! Here Work on multiplatform.. since I'm working on Ubuntu now, .deb worked just fine: dpkg -i pidgin-facebookchat-1.35.deb Selecting previously deselected package pidgin-facebookchat. (Reading database ... 179380 files and directories currently installed.) Unpacking pidgin-facebookchat (from pidgin-facebookchat-1.35.deb) ... Setting up pidgin-facebookchat (1.35) ... :-)
Louisiana @ Lafayette! Mr/Ms Najmi, Your qualifications appear to be good, and we will be pleased to consider your application. If you will give your mailing address, I will ask our office to send you our application packet, with all forms and requirements of our programs. You may wish to visit our web site at http://www.cacs.louisiana.edu/ and that of the Graduate School http://www.louisiana.edu/Academic/GradSchool/ . Fee schedules will be at http://bursar.louisiana.edu/ . You may also apply online. Deadlines for application are 1 November for Spring, and 1 April for Fall, if you wish to be considered for assistantship. CACS and the Graduate School require a BS degree with GPA >= 2.75, or First Class honors from universities using that system. We require the GRE, General Test, with GRE-V >= 380, Q >= 600, and TOEFL >= 80(new online). --------- CACS, ULL tapi baru ni masa Gustav alert tu dengornya area selatan2 ni la yang kelam kabut kena. Ish ish... sukarnya!
As Time Goes By.... Hi Najmi, The best way to figure out if I'd like to have you as a PhD student, and if you'd like to have me as your advisor, would be to meet and talk. We can do that once you start USC in Fall. I looked over your CV and papers you sent. This is nice work for BSc degree. What you want to do during your MS and PhD is to expand on the research part. Best way to do this, and also to improve writing style and language, is to read a lot of research papers so that would be my first suggestion. Look at top security conferences such as USENIX, CCS or security papers at networking conferences SIGCOMM, Infocom, NDSS and NSDI. The length of the study depends on both your topic and your work. You usually are ready to graduate once you had 3-5 papers from your topic published at good conferences. Publishing takes time and that's the major source that defines when one can graduate. That, and finishing the work on the topic - but since you need to finish the work anywa
[wtr] Rumah sekitar Taman Melati, julat RM400-800 sebulan Mula duduk: Nov 2008 Contact saya dengan komen di komen sini. Atau call 019 387 0980 Spam akan dihantar ke /dev/null
Nobody will care about out existence.... we are merely just statistics!
MyEduSec 2008 speakers' slots Click here .... mine is the last slot. Just wondering who is Madihah Saudi, 3 papers are hers.
HEADS UP: KDE l10n EN-ms-MY Progress (as of 12th Aug '08) source
Kisah Lipan dan Pepijat
A new SVN commit after ~2 years svn commit -m "update" desktop_kdebase.po You can track my SVN commit activities here http://cia.vc/stats/author/mnajem
Phrack #65 Hello, I just realized that Phrack #65 was released months back in April 2008. Hardly to keep up since I'm not sure how frequent they release their underground zines. View here
Nak ambik GRE kot Thinking of registering GRE exam.. since applying to US/CA/SING (hmm) means they need this exam to check your sanity level. Ask Prometric for the exam fees.. around USD170 and have to pay by US Dollar . The exam will be held every Thursday, and if you want to retake the buffer is one month. (why?). Some US univ just fine with IELTS.. but most of them need TOEFL. So far I'm not that satisfied with AU/NZ research groups... I do not know whether this is the best decision. As if I just forgotten about Plymouth. Not that I do not want to go there, it just simply I just do not know which is the best place to suit me and my wife wannabe later on. Hopefully can make it, getting my butt outta here for Fall 2009.
“The best methodology for C++ teaching from ground up – an experience in the XYZ University” By me {at} gmail.com, B.MIS, MSc(CS) In this paper we share our experience in delivering the structured programming introduction to the undergraduates whom never learn programming, or had background in C language. We observed this behavior and measure the students by looking at their quantitative output. This hopefully will be towards the effectiveness in teaching and the best measurement to evaluate education methodology. For the milestone we hope that this novel approach will yield to yet another Nobel Laureate winner from Malaysia. Background In XYZ we use C++ as the introductory language, and formerly we used C language. One of the reasons is simply because the advanced subjects in the undergrad years mostly are using object oriented language. For example, books in Data Structure and Algorithm nowadays focusing in C++, and the C version on the same title are slowly taken out from th
Macam bagus Seperti yang anda lihat di dalam gambar, kereta reban ayam sudah berganti dengan kereta satria 1996 ku yang sudah dicat baru.. kos semua ialah RM1,650 untuk cat satu body+ganti penutup depan RM65 untuk logo Proton baru .. ni kedai tu pandai2 ganti... but then since dia dah pasang aku malas nak gaduh la.. kalau ikutkan mana boleh macam tu.. simply kau je nak ganti.. kalau free takpe la.. macam mana kalau logo tu somebody kasi ke or simply aku nak preserve as most antique car. Not everything must be new.. tawkeh! RM28 untuk lampu depan belah kiri yang pecah.. tu pun sama aku tak bagitau suruh ganti.. aku ada plan nak pi Brothers saja tukar. But this one OK kot. Cuma aku tak survey la tempat lain kan tengok harga.. kot2 lagi murah. I'm thinking of tukar power window belah kiri punya rotor since jammed kerap sangat, especially kalau aku turunkan abis langsung tak boleh naik! Kalau hujan ke apa kan naya je. Aku tanya harga kat situ RM110.. before minyak naik dulu aku buat ka
Kucing betul (meow 10x) Balik kampung ada kucing... then geletek kucing pastu baru kasi makan.. hoho..
Keta spare + reban ayam bergerak Aku hantar keta satria aku pergi ketuk+cat satu body... RM1600 hengget. Then kedai tu janji nak kasi keta spare (aku dah agak la keta cabuk).. so aku ikut pomen tu pergi ampang.. dekat rumah tunang aku. Then sampai sana aku tengok dia kasi keta saga aeroback.... dia punya wiper dan lampu switch ko tau guna pulas macam radio tu.. damn serious aku tak penah tengok.. Yang paling jijik dinding luar keta tu penuh taik burung... so aku sabor je.. then aku bawak balik keta tu dari ampang... trafik jem la plak.. sampai depan sket dari flamingo.. dang!!!!! enjin berenti. Aku bengang betui... so aku takde plak nombor cawangan bengkel tu kat taman melati.. so aku check resit aku dulu-dulu dalam wallet.. takde nombor tepon!!!! Last-last dah dekat 1/2 jam aku call tunang aku mintak dia pergi bengkel tu kasi tau aku tersadai kat MRR2... mula2 lane tengah tu.. nasib la trafik jem.. then aku tolak keta tu kat tengah2 susur masuk dari flamingo dan MRR2.. lepak situ.. ju
Usenix papers for HotSec 2008 I just checked on this.. you can download the papers here
Am I really fit to that_great_school Response from one prof that I emailed: Hello, I am no longer taking PhD students in the area of security. My suggestion is that you apply to Purdue , Dartmouth, George Mason, Johns Hopkins . Best wishes on your education. --prof Oh boy!
Coming soon Thank you very much for interest in our program. congratulation , your paper entitled: 1. Effective Malware Analysis with Nepenthes has been accepted and approved by our committee to present for our conference. as for the presentations , shall you have any notes/handouts(ie:power point slides) to be distributed, please submit to us at least a day before the actual presentation day for preparation. to remind you, the fee for each paper is RM650.00 payable on the registration day. thank you very much and congratulation again ------------------------------ MyEduSec 2008 Striving Towards Secured Information http://www.udm.edu.my/ myedusec/2008/
KDE revisited I just went through bulks of my previous papers and what not and I found my previous writings on KDE localization, and presentation slides. I edited few old stuffs (such as email, because it was not being used anymore.. and also updated the blog address). The rest just remain, including my English level at that time. If you have time to read, or simply just want to read it then you refer here: KDE to Malay report [pdf] KDE to Malay presentation [converted to pdf]
Libang-libu (the lemma of choices) Don't ask me what it meant, it just words that I think it fun to put as my topic today. I am pretty much snowed under with tremendous workload ... teaching 3 sections with ~120 students, meetings, seminars in the workplace.. and what not. Alas, I'm not forgetting my pursuit for Phd ... despite I'm worrying whether I'm on par with the rest of the CS scientist (wannabe). Thinking about go to States, looking that_many people from Asia going there, and lotsof them even become the faculty members. Not I'm thinking to become like them(though I admit it is kinda pride working as a faculty member in a place where CS was borned). Now that one thing I don't really like about applying to States is that you_have_to_spend_USDs_for_just_applying. Unlike applying for .AU, where you just simply go to IDP, and send your letters, etc and *they will take care most of the stuffs for you for FREE*... If I'm applying for States, means I've t
Get me out of here Pretty much a joke
API Hooking Ok, I admit it. I stumbled to these words once I read literatures on CWSandbox from Mannheim. Since in Nepenthes we can simply send the newly fetched binaries to the sandboxes, I was like triggered to know what was executed behind them. The method being called as API hooking. The other similar solution being used by Joebox, developed by postgrad student from Switzerland. Anubis from Vienna in the other way around use QEMU ... but if you google around you will see there is one paper written by Symantec researcher refuting on the usage of virtual machines.
Musing Since I got this tiny meenie D430 Lattitude now I always "read" downloaded PDF files while I rest on the sofa, or simply on the floor back home. Usually I checked for Mannheim PDF reports... seems they actively put their research works for e.g in the recent DIMVA 2008 . Apart from that UC Davis, or some other institution which have works on botnet/malware countermeasure, honeypot/net, security visualization (just recently since Bro Adli point it out) .. etc. I'm hardly to understand cryptographic stuffs due to several reasons..though I already took it once. It seems very theoretical which some other geeks might find that interesting, but not me. Usually I'll focus on the application part... but of course who knows I'll find the love on cryptography soon.
Interesting Computer/Network Security Paper Links Usually I just marked by FF bookmark, or just tag with Delicious add on. Now I think I want you guys to read this and comment them out. A lot, by Dawn Song of Berkeley. click here
Afterglow visual from Amun sensor Splendid, awesome.. whatever....! sourcefile dotfile csvfile
Lynis rootkit detector I just tried Lynis , a pretty cool tool developed by a Netherlands security evangelist. Nice ... The checking is pretty thorough.. I think neater compared to rkhunter and chkrootkit.
From Aachen to Mannheim Well, it seems the Germanians did pretty good job on the lightweight honeypot. I just stumbled to the Thorltz's blog, and it seems that I missed something. Yet another honeypot.. amun! Download here Written in Python, I just got it work in seconds, prior to that you've to install python-psycho module. See, the verbose output: .::[Amun - Decoder] compiling siegburg xor decoder ::. .::[Amun - Decoder] compiling plain1 shellcode ::. .::[Amun - Decoder] compiling plain2 shellcode ::. .: :[Amun - Main] ready for evil orders: ::. Among the services (mixed with my valid ssh service) 21/tcp open ftp 22/tcp open ssh 23/tcp open telnet 25/tcp open smtp 42/tcp open nameserver 105/tcp open csnet-ns 110/tcp open pop3 135/tcp open msrpc 139/tcp open netbios-ssn 143/tcp open imap 443/tcp open https 445/tcp open microsoft-ds 554/tcp open rtsp 587/tcp open submission 617/tcp open sco-dtmgr 623/tcp open unknown 631/tcp open ipp 1023
It's so 2000 I bought my first very own desktop PC when I was in my undergrad.. this machine.. still rock on.. doing some funny stuffs. Now part of it already being replaced... new CPU.. new graphic card.. new AC device(I replaced them twice, of course since they're broke already).. and new motherboard(not so new.. I guess it's around 2004). Perhaps the only artifact if I can call them are my Philips 15" monitor and the Low Yat rock solid casing (perhaps, legacy serie). Well, the other part is my laptop.. that's the other new machine.. just 2 years back(almost) and at that time it wasn't el cheapo you know.. RM4,399 (this including the Shell's Petrol Card cost around RM300 voucher). So it's around RM4,100 (USD1500). Not so cheap at that time as well. The stressed part nowadays with the less costs I can get dual core machine.. LoL. This old machine now running the Nepenthes sensor.. emulating few virtual nodes. Next part is my D-Link 5 ports Ethernet swi
Phd Phone Interview I was interviewed by Dr Maria Papadaki from Plymouth Univ, UK regarding my Phd application. There were several Malaysians, and my officemate is doing her research phd there as well. It took for about 45 minutes to discuss things related to the research, the process, funding etc. At first I forgot that UK is included in country which uses DST for their time. Somehow the discussion was OK, but of course given the communication distance, there was jitters. Reminded me to Maxis's ad where people only yelled GOAL after a shortwhile. Same goes . Hopefully I'll get conditional offer, prior to taking IELTS. Now that I can't confirmed the place, there's possibility of going places taking GRE/TOEFL, though it's tough. Are you the like of taking *hard* problem as breakfast?
Reply for previous Purdue/CERIAS admission's pos taken from here Since the commenter using blogger's profile but I can't access his blog, this Prof might suits the profile > here What an honour to have his visit to my lair here.. anyway this were his words: All students are charged an application fee to help cover processing costs. As it is, there are many thousands of applications to the university each year. Applications for grad programs at Purdue are considered by committees of faculty. They look at issues such as transcripts of grades, quality of undergrad program, the student essays, and especially the recommendations. Scores on tests are examined -- especially TOEFL -- and some departments look at GRE scores. The admissions committee picks the students who the committee believes will do well in the program. If there are more qualified candidates than there are positions in the incoming class, then the students are ranked by the committee and the top ones taken to
hmm... in my dreamm..! The admission committee makes the decision in October for spring admission and in January for fall admission for applicants who have submitted their applicaiton. You must decide on your own whetherto apply or not. Make sure you met the admission requirements listed here : Regards, R ---------------------------------------- R Department of Computer Science Lawson Computer Science Building Room 1137 B Purdue University 305 North University Street West Lafayette, IN 47907-2107 USA Phone: (765)494-xxxx Fax: (765)494-xxxx E-mail: xxx@cs.purdue.edu www.cs.purdue.edu/academic_programs/graduate -----Original Message----- From: me Sent: Wednesday, June 25, 2008 6:25 AM To: R Subject: Re: Phd in CS/Cerias Hello, I would like to know how do you select the students, since I've to pay USD55 for the application-so I've to be sure that chances probability to get in. I ask this since CERIAS did not require GRE results for admission, but it seems that the it received qu
[nepenthes] Using Anubis Python script We can use this python script to automate/mocking the automated submission triggered by Nepenthes... root@nuvox:~/binaries# ./submit_to_anubis.py * -e mailaku @ gmail.com Successfully submitted the sample. Get the task result at http://analysis.seclab.tuwien.ac.at/result.php?taskid =f474d3ae50475c6451031f37d2d283fd Successfully submitted the sample. Get the task result at http://analysis.seclab.tuwien.ac.at/result.php?taskid =357c926ee5bfeb6471185f4fb403b55c Successfully submitted the sample. Get the task result at http://analysis.seclab.tuwien.ac.at/result.php?taskid =0c75b6d90af30124155cf3c69cce504b Could not submit the sample. Successfully submitted the sample. Get the task result at http://analysis.seclab.tuwien.ac.at/result.php?taskid =fd7ca9e064aef6d499121a4956a2d9fa Could not submit the sample. Could not submit the sample. Successfully submitted the sample. Get the task result at http://analysis.seclab.tuwien.ac.at/result.php?taskid =639c
[nepenthes] Screen shot of hex dumps
[nepenthes] Emulating physical nodes Since the higher number of sensor we get, the huge coverage of outbreak we can cover, so I opt to choose the Neil's and his pal way of doing things: for i in `seq 230 254`;do ip addr add X.X.X.$i/24 brd + dev eth0;done This of course just cover the range of X.X.X.230 until X.X.X.254 . Still finding method to simulate say 10,000 nodes since IPv6 address will be fine. Nobody really use ipv6 here, I guess. Run, ip add show You should see things similar like this: 1: lo: mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: mtu 1500 qdisc pfifo_fast qlen 1000 inet X.X.X.139/24 brd X.X.X.255 scope global eth0 inet X.X.X.230/24 brd X.X.X.255 scope global secondary eth0 inet X.X.X.231/24 brd X.X.X.255 scope global secondary eth0 inet X.X.X.232/24 brd X.X.X.255 scope global secondary eth
[darknet-cymru] meet ryan conolly I volunteering myself in any way for Cymru's Darknet Project . Actually before I attended Ryan's talk in Westin Hotel Imbi, I already read about the Cymru, IMS and CAIDA stuffs but hardly to get the picture. Now that since Ryan replying my emails and why not for a meetup. So I asked Sharuzzaman to accompany me and we met just 11am this morning. Wow, it lasts around 3 hours, as if there was a business negotiation (laugh). Ryan nicely shared his experiences and darknet's implementation stuffs. So I offered him whether it's possible for educational JV and why not for a "academic" talk on Darknet/security advosaries stuffs. Hope you'll arrive here in Gombak, I'll arrange a slot for, if possible. Students would be happy then. Script to create and resize to 640x480 resolution that I used for pix above: for i in *.jpg;do convert -size 640x480 -font helvetica -fill white -pointsize 16 -draw 'text 10,550 "Meeting with
[clamav] submission added source Submission-ID: 3571791 Sender: me Added: Trojan.Kolabc.BFY Virus name alias: Net-Worm.Win32.Kolabc.bfy (Kaspersky AVP)
[clamav] Submission not added source Erk.. somebody else already made it. Submission-ID: 3026528 Sender: me Submission notes: Already detected as Worm.Kolab-284 Added: No Virus name alias: Net-Worm.Win32.Kolabc.sd (Kaspersky AVP), Trojan.Packed.470 (Drweb), Packer.XComp.A (Bitdefender)
[nepenthes] New binary notification Description Risk Autostart capabilities : This executable registers processes to be executed at system start. This could result in unwanted actions to be performed automatically. Changes security settings of Internet Explorer : This system alteration could seriously affect safety surfing the World Wide Web. Joins IRC Network : The executable connects to an IRC network, most probably functioning as a zombie in a botnet. Performs Address Scan : The executable scans a range of IP Addresses. In most cases these scans identify more potential vulnerable targets. The analysis of your file is finished. You can find your report at http://analysis.seclab.tuwien .
[CWsandbox-mannheim and nepenthes] Just this morning I was being alerted by the email sent by CWsandbox-mannheim. At last I received analysis email from them. It seems that one of these malwares which they analyzed considered *known* already since I already sent the binary manually to ClamAV: click here analysis details for Sdbot-8639 <-- just wondering where the rest 5 binaries' report..shouldn't they being analyzed as well? analysis from different AV vendors
[clam-av and nepenthes] Sharuzzaman mentioned to me that instead of using virustotal, we can help clam-av (which however given on Windows, I prefer to use AVG since Clam-av definition considered pretty much obselete), to update clam-av's virus definition. However, if you refer to my previous post, AVG on Linux detect less malware compared to Clam-av. This is awesome! Means that, the new malware that I got from the junkyard in /var/lib/nepenthes, given it was/*they were* signaled by Clam-av as "OK" I must send them straight away. (Well, if you have spare time. Consider this as your social community service ;) ). Though the submission per person restricted only up to TWO files only, you can manually email the personnel to send more than that. Interested to help? Send using this form Sample submission report (both malware accepted), click here Submission-ID: 3434478 Sender: nama aku Added: Trojan.SdBot-8639 Virus name alias: Net-Worm.Win32.Kolabc.aws (Kaspersky AVP), Packer.