|
Submission Analysis
A mechanism has been put in place for the submission
of suspected or confirmed malicious software, including scripts,
mobile code, log files of suspected activity, and viruses.
Signatures or fingerprints of code become important in solving
the problem and developing a fix. Especially true in the event
of Internet worms such as “I Love You” and “Ramen”. While this
is corrective vice preventative action, it does help the masses
that might be otherwise touched by some ill-intentioned cyber
malware.
If you suspect a virus or your system has been compromised and
you have log files and/or residual scripts, you can submit them
to Whitehats.ca. We will do some cursory analysis and if it is
deemed to be malicious, we will post a fix, offer advice, and/or
forward it on to the appropriate commercial labs for action. Confidentiality
will be a top priority. Sanitization of logs and/or correlating
data indicating vulnerabilities in an organizations security will
be carried out wherever possible, however Whitehats.ca maintains
the right to post analysis on submitted materials within the Whitehats.ca
domain and material submitted becomes the property of Whitehats.ca
to redistribute as the site members see fit.
Submission Instructions
1. Digitally sign your submission with PGP. This will authenticate
the origin and verify the integrity of submissions. Unsigned submissions
will not receive any reply or follow-up from Whitehats.ca.
|
|
PGP is an acronym
for Pretty
Good Privacy. It is a public key encryption
system developed by Network Associates Inc. A freeware
version of PGP is available from MIT
(some licensing restrictions apply). More information
on PGP is available at www.pgp.com.
|
|
2. Compress the code or attachment with WinZip
and password protect the file with the password "infected".
3. Email the submission to info@whitehats.ca.
Include details of your case with the submission.
|
