212.95.32.171 tcp/2351 virus bot master?

So today I had a little run in with a botnet, I believe. I am posting the blog entry to lure googlers here so that they can share some info with me. This just may be the latest 0day variant of the Storm Worm, etc. Post here if you have seen anomalous activity on your network with a seemingly interesting bot master running on 212.95.32.171:tcp/2351. I am having fun playing with this right now...cheers :-)

UPDATE:
A trojan named sysmgr.exe appears to be the culprit on the box initiating these requests. Users were lured by an email spoofed from postcards@hallmark.com mentioning the keywords "Hallmark E-Card" in the subject line. There was a ZIP file with an embedded EXE attached. Once infected, it phones home to the 212. address and tries to contact various external SMTP servers (randomly generated?). Yay...

How to break a HIPAA-compliant web app

I had the opportunity to play with a supposedly HIPAA-compliant web app today. Yes, it si on the Internet. Yes, your health information is vulnerable. You lose. HIPAA is useless. There were so many vulns in this web application that I needed to stop looking to prevent a migraine...

A Remainder Problem

Can you figure this one out?

If s and t are positive integers such that s / t = 64.12, which of the following could be the remainder when s is divided by t?

a) 2
b) 4
c) 8
d) 20
e) 45

Post your proof :-)

The IDA Pro Book

I received an advanced copy of Chris Eagle's The Ida Pro Book from No Starch last month and have been enjoying it greatly. Chris is detail-oriented and doesn't miss much. I have been reviewing the book closely and trying to find errors, but there are very few. I will post a longer review once I have finished it, but from what I have read so far, I would recommend that you pick up a copy. Although I have never met Chris Eagle, I almost took his course on RCE at Black Hat a few years ago. Instead I opted for an Advanced Pen-testing course from SensePost, which was fun too. You can buy it online at various places for a discount, but here is the direct link to No Starch Press.

http://nostarch.com/idapro.htm

I LOVE UNIX!

OMG THANKS TO ALL THE HACKERS WHO WROTE UNIX!!! YOU GUYS ROCK!!! We all suck in comparison :-(

Our Cool New Apartment with Private Tennis Courts/Swimming Pools!

It's pretty cool! It has all this stuff...

COMMUNITY AMENITIES

* 5 Swimming Pools, 4 Spas, Large Wading Pool and Gas BBQs
* Media Center, Billiards Room and Game Room
* Clubhouse and Youth Center w/On-Site Activities Director
* 3 Night-Lit Tennis Courts, 1 Night-Lit Basketball Court
* Outdoor Racquetball, Handball and Volleyball Courts
* High-Tech Fitness Center w/Cardio and Weight Equipment
* Business Center w/Internet Access, Fax and Copier
* Community Park and Play Areas

RESIDENCE FEATURES

* 6 Spacious 1, 2 and 3 Bedroom Floor Plans
* Large Private Patio or Balcony
* Kitchen w/Refrigerator and Microwave
* Walk-In Closets w/Mirrored Wardrobes*
* Inside and Outside Storage Areas*
* Heating/Air Conditioning
* Ceiling Fan in Dining Room*
* Digital/Cable TV Ready
* Wired for High Speed Internet/Multiple Phone Lines
* Cox Internet/Phone/TV Options Available
* Pet friendly w/ dogs up to 40 lbs welcome*

n-gram research!

"""
Here at Google Research we have been using word n-gram models for a variety of R&D projects, such as statistical machine translation, speech recognition, spelling correction, entity detection, information extraction, and others. While such models have usually been estimated from training corpora containing at most a few billion words, we have been harnessing the vast power of Google's datacenters and distributed processing infrastructure to process larger and larger training corpora. We found that there's no data like more data, and scaled up the size of our data by one order of magnitude, and then another, and then one more - resulting in a training corpus of one trillion words from public Web pages.

We believe that the entire research community can benefit from access to such massive amounts of data. It will advance the state of the art, it will focus research in the promising direction of large-scale, data-driven approaches, and it will allow all research groups, no matter how large or small their computing resources, to play together. That's why we decided to share this enormous dataset with everyone. We processed 1,024,908,267,229 words of running text and are publishing the counts for all 1,176,470,663 five-word sequences that appear at least 40 times. There are 13,588,391 unique words, after discarding words that appear less than 200 times.

Watch for an announcement at the Linguistics Data Consortium (LDC), who will be distributing it soon, and then order your set of 6 DVDs. And let us hear from you - we're excited to hear what you will do with the data, and we're always interested in feedback about this dataset, or other potential datasets that might be useful for the research community.
"""

http://googleresearch.blogspot.com/2006/08/all-our-n-gram-are-belong-to-you.html

http://www.ldc.upenn.edu/Catalog/CatalogEntry.jsp?catalogId=LDC2006T13