The 8th International Conference on CRYPTOLOGY AND NETWORK SECURITY (CANS 2009)
12 - 14 December 2009
Kanazawa, Ishikawa, Japan
http://www.rcis.aist.go.jp/cans2009/
ISC Twitter/Google Snort Signatures
http://seclists.org/fulldisclosure/2009/May/0132.html
The first signature is designed to detect Google non-security related announcement articles on the ISC Diary; this seems to be a topic of extreme interest for some ISC Handlers despite having little to no security value. I am unsure if this is a result of "Slow News Day" syndrome or another behavorial oddity which manifests at ISC. This will detect on "Google is slow" style articles as well, however, I am sure this signature will require more tweaking as ISC encourages handing over more personal data to a 3rd party under the guise of functionality.
The second signature is designed to detect Joel peddling Twitter on the isc.sans.org Diary, as again, this isn't security related. I suspect the Twitter signature may tend to fire more than the Google as Joel tends to get excited about "Tweeting" and "Twittering" and this spills over into the ISC Diary anytime he's the "Handler on Duty".
WinAppDbg module v1.1
http://winappdbg.sourceforge.net/
The WinAppDbg python module allows developers to quickly code instrumentation scripts in Python under a Windows environment.
