Cupfighter.net

By Stephan Chenette (schenette@websense.com)

This talk is accompanied with the release of Fireshark, a Firefox plugin. It can be downloaded here: fireshark.org

Compromised legitimate websites have increased 225% in the last 12 months.

Stephan wrote the Fireshark too to address the problem of analyzing malware serving legitimate site. He found that to date there was no tools that are available today gave him the information that he needed.

Most malware landing pages use exploit kits that will try to use about 25 exploits. These kids are highly obfuscated. Most analysis tools are well known by the bad guys and are thus protected against de-obfuscation.

What is Fireshark?
Read more…

Similar as OpenSSH Authentication Using Kerberos, but now Transparent Kerberos Authentication via Apache against Active Directory using mod_auth_kerb. This enables SSO from IE and Firefox on Apache, IE and Firefox configurations to enable this are also described in the document.

Abstract:  The Apache authentication module mod_auth_kerb allows Apache to authenticate users against a Kerberos KDC including one from ActiveDirectory. Kerberos itself can be fairly complex to set up. This guide will attempt to show the specific steps required to make this possible as well as discuss security limitations specific to the interoperability matters. This guide assumes a basic understanding of Kerberos V and that the Active Directory domain controller is properly configured prior to starting this process.

Technical Analysis: Apache with mod_auth_kerb and Windows Server