Sebek captures from the Nimda window
The Nimda outbreak produced a substantial volume of Sebek captures from my honeypot. A walk through what the captures show about the post-Nimda compromise environment.
Notes from the field
Writing
Long-form thinking on cyber defence, detection, and resilience — from Slackware-era honeypots through to AI-driven SOC analytics.
Showing posts tagged nimda — 3 results.
Nimda aftermath: structural lessons
A week into Nimda. The structural lessons are clearer now than they were on day one. A walk through what defenders should take from this incident.
Nimda: a multivector worm
Yesterday a worm called Nimda appeared, simultaneously exploiting five distinct propagation vectors. The structural complexity is greater than any previous worm. A first writeup before the analysis converges.