Lost+Found: Honeybots, Perl application protection, Bletchley digitised

Too short for news, too good to lose; Lost+Found is a round up of useful security information. Today: A bot modifies instant messages, virus analysts live dangerously, a new version of Windows debugger OllyDbg, an intrusion detection system for Perl web applications and Bletchley Park goes digital.

• A group of researchers have presented a paper on 'honeybots', which use man-in-the-middle attacks to interpose themselves between two IRC clients and replace specific keywords and links included in messages with their own keywords and links to spam websites.
• Virus analysts live dangerous lives, especially when debugging malware claiming to be from Chuck Norris, which carries the extra risk of falling foul of a roundhouse kick.
• Version 2 of open source Windows debugger OllyDbg, popular with security specialists for its plug-in support, has been released. However, as yet there are no plug-ins available for the completely rewritten new version of the debugger.
• A Perl port of PHPIDS, an intrusion detection system for PHP web applications, has been released, with the aim of equipping Perl developers with a means of protecting their web applications from cross-site scripting, cross-site request forgery and SQL injection attacks.
• The archives of legendary code-breaking centre Bletchley Park are to be digitised and made available online. Hewlett-Packard has donated a number of scanners which, over the next three years, volunteers will use to scan million of once top secret documents.

(crve)