2018-01-01 - WHAT TO EXPECT FROM MALWARE-TRAFFIC-ANALYSIS.NET IN 2018

I generally don't do new year's resolutions.  Instead, as the months go by, I usually find things to finish before the end of the year.  This year was no exception.

First, I purchased an SSL certificate, made some adjustments, and now malware-traffic-analysis.net can do HTTPS.  Over the years, people have asked for this, and it's finally happened.

 


Shown above:  This site as HTTPS in a browser bar.

 

Another thing?  I've finished updating all of my old blog entries that had links directly to pcap files.  Now all that traffic is in password-protected zip archives (see my "About this blog" page for the password).  Why do this?  Because these pcaps have malicious activity that can trigger alerts.  I started using zip archives for all pcaps sometime in late 2015, but that left hundreds of blog posts with direct links to pcaps.  I've been cleaning these up in my spare time, and as 2017 came to a close, the job is finally done.

On this blog, there's now a separate page to list my non-technical blog posts like this one.  Back in July, I wrote a post about my experience at SANSFIRE 2017.  That story was likely to get lost in the sea of posts with pcaps and malware, so it's now in its own separate section.  I'm a big fan of blogs by people like Lesley Carhart (her blog at tisiphone.net is one of many examples), so I'd like to publish my own insight on various information security (infosec)-related issues.

Although I don't have any resolutions, I do have plans for 2018.  For example, this year I plan to run an all-day traffic analysis workshop.  I've submitted a proposal to BSides Charm for this coming April, and I also hope to run a training session at the AUSCERT 2018 security conference.

I also plan to submit for more speaking engagements this year.  First up is BSides Tampa next month in February 2018.  I think there are still tickets available (link).  At least, there were when I wrote this.

 


Shown above:  @BSidesTampa tweet stating I've been accepted as a speaker for this year's event.

 

What else?  I hope to publish more guest blog posts on this site.  I only had one last year.  If anyone knows someone who would like to publish a technical analysis of malware-related network traffic, feel free to email me at my blog address.

Otherwise, this blog should provide more of the same as 2018 progresses.  Expect to see more technical blog posts and more traffic analysis exercises.

I am both proud and humbled to be part of this amazing infosec community as we enter the new year, and I hope everyone has a good 2018!

 

Click here to return to the main page.