帰ったら読むmemo．

15 April, 2007

* New Tool, Capture BAT: The New Zealand chapter announces the first release of Capture BAT, a behavioral analysis tool for the Win32 operating system family. Capture BAT is able to monitor the state of a system during the execution of applications and processing of documents, which provides an analyst with insights on how the software operates even if no source code is available. Capture BAT monitors state changes on a low kernel level and can be used across various Win32 operating system versions and configurations.
* New Tool, Arania: From members of the Mexico chapter. The objetive of this code it's detect this kind of attacks on production web servers, and download the remote code for future analisys. The new version of arania can detect remote code inclusion or proxy checking throw the apache logs (in the default format).
* Usenix HotBots Conference: Chaired by Honeyent members Niels Provos and Thorsten Holz, the first USENIX workshop on Hot Topics in Understanding Botnets was held in Boston on April 10th. Several Honeynet members were attending and gave presentations.