[Dailydave] Dshell versus INNUENDO
Ben Creitz
creitz at gmail.com
Tue Feb 3 20:51:51 EST 2015
Damn--I just registered
HMAQTD5H6IASATS3FUWI4QNTOVCF6G7AUIAX6JBY2AR3RUJ5R.biz to help market my
ruggedized radio gear to the military.
I hope the person writing detection regexes didn't cut any corners.
B
On Tue, Feb 3, 2015 at 2:06 PM, Dave Aitel <dave at immunityinc.com> wrote:
> The US Army recently released DShell
> <http://gizmodo.com/the-army-just-open-sourced-its-security-software-1683023527>,
> which they've been using to do network incident response, as open source.
> Part of it is a DNS decoder
> <https://github.com/USArmyResearchLab/Dshell/blob/master/decoders/dns/innuendo-dns.py>
> that tries to find INNUENDO traffic. Although they developed it only by
> looking at our demonstration video <https://vimeo.com/115206626> (note:
> email admin at immunityinc.com for an eval copy of INNUENDO!) we can confirm
> their script works (see below).
>
> It may, or may not, work against the *next* version of INNUENDO. ;>
>
> Thanks,
> Dave Aitel
> Immunity, Inc.
>
> [image: Dshell image]
>
> _______________________________________________
> Dailydave mailing list
> Dailydave at lists.immunityinc.com
> https://lists.immunityinc.com/mailman/listinfo/dailydave
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20150203/acf44b42/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dshell.png
Type: image/png
Size: 270242 bytes
Desc: not available
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20150203/acf44b42/attachment-0001.png>
More information about the Dailydave
mailing list