tip : rightclick on the links and open in a new tab

Belgian IT-blogs that I read

english

http://blog.didierstevens.com/ hell of a securityresearcher

http://blog.rootshell.be/  writes about pertinent securitystuff

http://blog.brucon.org/  the securityconference in Belgium

https://twitter.com/security4all  wellconnected securityman

dutch

http://groundzero.skynetblogs.be   follows the anonymous tradition of EKZ 

@mailforlen Informationstreams that will continue to flow for now

1. http://www.netvibes.com/mailforlen  an index and overview and platform with online services

2. http://twitter.com/#!/mailforlen   realtime online information and my reading in scribd (downloads) 

My twitter lists with more than 400 specialised realtime newstwitterfeeds that I follow in organised lists

• @mailforlen/antispam
• @mailforlen/forensics
• @mailforlen/securityvids
• @mailforlen/securitefr
• @mailforlen/tools-freeware
• @mailforlen/exploits
• @mailforlen/secmagz
• @mailforlen/privacy
• @mailforlen/security-events security events
• @mailforlen/virus-tweets
• @mailforlen/security internet security
• @mailforlen/wikileaks
• @mailforlen/terrorism
• @mailforlen/edemocracy 
• @mailforlen/news-society
• @mailforlen/technews

3. http://www.diigo.com/profile/mailforlen  archived links and articles

the following are public lists 

• ·  belgium 642 items
• ·  business 1616 items
• ·  copyrights 141 items
• ·  documents 5342 items
• ·  freeware 5006 items
• ·  fun 2140 items
• ·  international 383 items
• ·  network 1449 items
• ·  privacy 4284 items
• ·  science nature 185 items,
• ·  search 514 items
• ·  Security 14436 items,
• ·  society 2624 items
• ·  technews 124 items
• ·  terrorism 1213 items
• ·  web2.0 1719 items,
• ·  webmaster 926 items,

4. books and documents  http://www.scribd.com/llavens 

the following groups are publicly available

• ecology  See all 215 documents

• crime  See all 89 documents

• Belgium  See all 23 documents

• privacy  See all 275 documents

• literature  See all 431 documents

•  philosophy  See all 885 documents

• fun or practical  See all 542 documents

• français  See all 174 documents

• terrorism   See all 520 documents

• international   See all 806 documents

• law and copyrights   See all 246 documents

• art  See all 530 documents

• science   See all 540 documents

• english  See all 296 documents

• politics See all 494 documents

• history  See all 957 documents

• security  See all 999 documents

• security2 See all 78 documents

• IT general    See all 989 documents

• ITgeneral2  See all 71 documents

• web2.0  See all 999 documents

•         web2 II  See all 42 documents

• business   See all 986 documents

• business2  See all 752 documents

• recipes   See all 87 documents

same writer

http://belsec.skynetblogs.be

with links to thousands of more of resources and free stuff

according to Arbor networks

    Microsoft Windows ASN.1 Library buffer overflow attempt     10.63     +100.0 %     CVE-2003-0818     36.0%
    ASN.1 constructed bit string     8.35     +100.0 %     CVE-2005-1935     28.3%
    Microsoft Windows Server Service buffer overflow attempt     3.61     +100.0 %     CVE-2006-3439     12.2%
    SMB-DS srvsvc NetrPathCanonicalize WriteAndX little endian overflow attempt     2.85     +100.0 %     CVE-2006-3439     9.6%
    Microsoft Windows RPC Heap Corruption buffer overflow attempt     2.23     +154.9%     CVE-2003-0715

and the attackers are

    81.240.75.77 (77.75-240-81.adsl-dyn.isp.belgacom.be)     6.70     22.7%
    87.65.120.45     6.12     20.7%
    91.182.255.26 (26.255-182-91.adsl-dyn.isp.belgacom.be)     1.89     6.4%
    80.200.83.2 (2.83-200-80.adsl-dyn.isp.belgacom.be)     1.59     5.4%
    80.200.11.241 (241.11-200-80.adsl-dyn.isp.belgacom.be)     1.30     4.4%
    91.181.170.200     1.01     3.4%
    91.182.80.30     0.62

Inbound Attacks 7 Outbound Attacks 0 Maximum packet rate 118.28 k pps Maximum traffic rate 114.45 Mbps Attack class Misuse: 7 Attack subclass Total Traffic: 1,
https://atlas.arbor.net/cc/BE

any protection yet ?

162.15-66-87.adsl-static.isp.belgacom.be:84
brocanteonline.be
cms.intago.be
cofisk.be
cust213-242.dsl.versadsl.be
demo.joomlashop.be
detoxshop.be
promnight.be
service-online.be
steam-games.be
webwatcher.be
worldwide-forum.be
www.echecs.hurlu.be
www.energie-habitat.be
www.fabster.be
www.h4x0rs.be
www.nongjangbelgium.be
www.prestavit.be
www.site-keys.be
www.topcopy.be
www.urmet.be

http://www.mailscanner.eu/phishing.bad.sites.conf.master

allevropenscamp.be
hertas.be
modefgtlll.be
nidlenaleorte.be
qewasqs.be
rst-prodllvp1.be

http://www.joewein.net/dl/bl/dom-bl.txt

Belgium has gone up to rank 4 of the risk index of Arbor Networks. (just an indicator, not a bible)

The reason is that it has captured command and control botnet traffic from some infected posts on the Belgacom network.

The posts on the Belgacom network that were responsable for this traffic yesterday are

194.78.157.167         
    194.78.97.197       
    194.78.113.213        
    194.78.56.208     
    194.109.125.65 (644.ae0.cr2.3d12.xs4all.net)        
    194.78.190.181         
    194.78.99.38         
    194.78.185.84         
    194.78.215.147        
    194.109.125.88