Nothing I am aware of, at most it would be a distraction to confuse IR folks.  Do you have a sample of the file?  Maybe a some file just happens to have the string in it that makes AV recognize EICAR.

Anyone heading there this weekend?  What talks are you looking forward to?  The Walt Williams talk seems interesting, maybe Deral Highland's Embedded devices talk.  There also seem to be a couple talks around malware.  For those always looking to setup a lab, there is a talk on that as well.  They seem to have a good range of material.  Hope to meet some EH netters there and have some cool discussions!

http://www.securitybsides.com/w/page/12194141/BSidesBoston

Doesn't appear sold out yet either.

Wife and I have been chatting about moving out of glorious CT and heading down south to FL.  I think after the last couple winters, I may be ready for that change.  So I started peaking at the job boards for the Orlando area and there do seem to be some opportunities.  Just curious if anyone has any suggestions or may know of any additional opportunities for that area.  Another possibility with moving to FL is that the wife would be more tolerant of work related travel.  So I would be open to positions that do not require me to be in any particular geographic location. 

Thanks for your assistance!

I was thinking something like Facebook's session tracking, but that only shows the city/state, app, and the device used.  Or maybe Google's Activity tracking, that gives you an IP address of the last bit of activity, the app and the date/time. 

ZOMG!!! WE ARE DOOMED!!!!! Y2K!!! 12/21/2012!!!  AAAAAHHHHHHH....

oh, here's my wallet....

First question, have you hardened your server to the best of your abilities/knowledge?  Have you covered the Security 101 basics?
renamed default admins?
disabled guest?
use complex passwords?
disable unneeded services?
installed AV and configured it?
enabled the client based firewall and configured it?
Fully patched on both the Operating System and applications?
Ensure any local service/user accounts are running with least privilege access?

If you have done all of that, then you might be ready for a pen test.  And like Xtophertaito suggested, give it a go yourself, you will learn a lot.  Also another good idea is to grab something like OpenVAS or Nessus Community edition and run some vuln scans against your system.  Google on the critical/high findings to learn how to fix them.  Good luck!

Welcome, enjoy the community!

Just listened to that on the way home today, interesting stuff.

Thanks hurtl0cker, I actually grabbed the Ciphers book a couple weeks ago.  Looking forward to reading through that.  Going to work my way through violent python.  And yes, practice practice practice.  I heard someone mention it is best to do a little bit of coding every day than try to do a couple hours in a single day once a week.  Get's the repetition thing going.  once I've had my fill of python I will head back into more web oriented languages and maybe get my web building up to snuff.  My poor domain has laid dormant for far too long and it needs some action.

SEC501 Enterprise Defender, yeah looks like it is due back in June.  So not too long.  I've got a few mini lab projects I want to work on until then.

its not so much about branching out, I do enjoy a bit a pen testing, trying to keep it on the free side or at least less expensive side.  Though I just took a gander at them and 250 bucks and lifetime updates, ability to download the material, not too shabby.  Hmm, may have to review further.  I had a SANS course approved but it is no longer available in on-demand which sort of sucks.  So if that doesn't happen I want to fill that study time with something else. 

Hey m0wgli, if I was looking to go more into pen testing, I would consider it, but right now it's more of a self improvement thing and side hobby.  I want to get better at coding so I figure strengthening my scripting skills will help.

So I made my way through but now I want to keep improving but I like to do that with some applicable projects.  Any suggestions?  I was going to look at the API projects there on Codecademy, I was also going to make my way through the Violent Python book.

It is a very general question and doing a google search for rootkits backdoor trojan might send you in the right direction.  Metasploit could be a good resource but you need to know how to work your way through it.  Also what type of rootkit?  Master boot record?  The rootkit is typically used for persistence as it tends to sit below where traditional AV looks.  It will continue to replace live malware if someone removes it and reboots the device.  There are other uses for rootkits but they depend on what the attacker wants to accomplish.  The key to backdoors is the ability for the attacker to continually connect.  So lots to consider.

PW Safe, I like having the mobile version as well.