Anatomy of pharming - how your money is stolen

Release Date: 2005-05
25795639345e69174d39ff
Rating: 1 vote

Articles

  • Pharming – DNS cache poisoning attacks
    We explain how DNS cache poisoning attacks work, then demonstrate how such attacks are used in the new financial fraud technique called pharming. Finally, we test the most popular DNS cache server resistance to DNS cache poisoning attacks. Read Online
    - Robert Tomaszewski
  • Robot Wars - How Botnets Work
    We discuss the concept of bots and botnets, then explain how they operate and how victim computers are infected. A practical example of creating a botnet using one of the available tools is presented. We also teach how to protect a computer from being exploited by a botnet. Read Online
    - Massimiliano Romano, Simone Rosignoli, Ennio Giannini
  • Voice over IP security - SIP and RTP protocols
    We provide a detailed overview of protocols used in Voice over IP (VoIP) transmissions, particularly of the SIP protocol. Then we take a look at seven most common, most effective and best-described methods of attacking VoIP, and how these methods can be applied in practice. Read Online
    - Tobias Glemser, Reto Lorenz
  • Exploiting Java VM security vulnerabilities
    We present the security model of the Java virtual machine, then describe several methods of attacking it. Described techniques include taking advantage of sandbox holes, direct access to memory and a differential analysis of power consumption. Finally, we describe how an audit of Java VM is conducted. Read Online
    - Tomasz Rybicki
  • Advanced SQL Injection Techniques
    We demonstrate how to execute advanced attacks against syntax and logic of the SQL language. Several interesting tricks involving SQL injection are presented. Finally, we discuss basic methods of protecting applications against SQL injection attacks. Read Online
    - Mike Shema
  • Linux shellcode optimisation
    Let's write four simple shellcodes from scratch, starting with programs in C, then converting them into assembly. Afterwards let's prepare them for shellcode use and finally optimise them. Read Online
    - Michał Piotrowski
  • Bad Tools Make Bad Software - an interview with Dan J. Bernstein
    Dan, well-known for his controversial opinions, and for creating such systems as qmail or djbdns, talks with us about non-ethical approach of *NIX distributors, alleged bugs in qmail, methods used to write secure applications, DNS and hash function security, and more Read Online
    - hakin9.org
  • A new RFC proposal
    This document specifies the User Awareness Factor (UAF) - a new standard for security measurements. The User Awareness Factor is based on one, simple principle, which is believed to hold for an infinite time: most users are lame. Read Online
    -
  • Security Tools - Firestarter 1.0.3
    A graphical interface for creating simple rules for a netfilter/iptables-based firewall. Read Online
    -
Back

Comments

195 comments, Add comment
Add comment

Advertisement