"I have two machines here running in an isolated network. I infect one with the malware, and I have the other machine pretending to be the entire Internet," he explained. The second machine, known as a sandnet, is a custom-made tool for analyzing malware in an environment that is isolated, yet provides a virtual Internet for the malware to interact with. "I can sit back and see all the interaction up to point where it [the infected machine] joins botnet's control channel. Then I can take that information, go outside and replicate it. I can see what the real server is doing to get an entire picture of the operation," Stewart said.Link (via /.)
I write books. My latest is a YA science fiction novel called Homeland (it's the sequel to Little Brother). More books: Rapture of the Nerds (a novel, with Charlie Stross); With a Little Help (short stories); and The Great Big Beautiful Tomorrow (novella and nonfic). I speak all over the place and I tweet and tumble, too.