Articles

Hooking-oriented size disassembler for malware analysis

Day after day, malware researchers, forensic analysts or administrators have to face security threats on information systems. The objective can be to analyse unauthorised intrusions, to protect users from viruses, or to prevent a system from being compromised. To achieve…

Steganos Security Suite 6

Steganos Security Suite 6 is a complete security package with different userfriendly tools for protecting PC combining encryption with steganography. Author: Carlos Ruiz Moreno Source: https://hakin9.org Hakin9 2/2006 Quick start. Let´s imagine you want to increase the security level in your Windows box,…

WS-DNS-BFX

WS-DNS-BFX extracts valid hosts from DNS servers that don’t allow zone transfers. Support IPv4, IPv6, Threads and extract multiple IPs in servers with NLB, HA, etc. Author: Daniel de Oliveira Silva Source: https://hakin9.org Hakin9 2/2006 Quick start. Everybody knows that the first step…

Can one fool application-layer fingerprinting?

Numerous tools exist which allow one to determine what service runs on some given port and what software provides it. Let us attempt to understand how they work, then ponder upon whether it would be possible (or easy) to trick…

Writing advanced Linux backdoors – packet sniffing

As people create new defences for backdoors, intruders are forced to innovate new techniques to keep pace with the rapidly progressing security industry. One of such techniques is packet sniffing backdoors. Let’s learn how they work by writing our own…

Cryptography for Mail and Data

Would you put confidential information on a postcard and send it to your friends, colleagues, or business partners? Well, no. But why would you put confidential information in an e-mail and send it around the world? Author: Lars Packschies Source: https://hakin9.org Hakin9 1/2006…

How to cook a covert channel

Before starting to cook your covert channel, you first have to think about the receipt (recette): decide how your covert channel will look like, what it will be used for (antipasti or dessert ?) and finally when you’ll have your…

Network Defense Applications using IP Sinkholes

A little-talked-about network security technique has proven one of the most effective means of defense against Denial-of-Service attacks and a successful means of threat data collection. In this article we will explore advanced network defense applications using stationary and event-driven…

Rootkits under Windows platforms

What is the link between kernel hackers (in this article we will use the term kernel instead of the core of an Operating System), corporations having webmarketing businesses which develop spywares or adwares to profile websurfers and corporations like Sony…

GFI LANguard Network Security Scanner

GFI LANguard Network Security Scanner is a tool for scanning one or more computers connected to a network. Scan results include a security assessment and a list of vulnerabilities found. Author: Tomasz Nidecki Source: https://hakin9.org Hakin9 1/2006 Quick start. Suppose you want to…

Intrusion Detection in the Wild

Network intrusion detection requires a suite of tools, including traditional, signature-based NIDS such as snort. In this article we examine how to use common tools together to provide multilayered protection in case one measure should fail, and to provide maximum…