VPN Discovery 6/2005

Release Date: 2005-11
12-2005
Rating: 5 votes

Articles

  • Detection of sniffing in switched networks
    Sniffing in switched networks is typically conducted using one of two methods: MAC flooding or ARP spoofing. However, unlike sniffing in traditional, hub-based networks, both these methods are active and so can be detected – though sometimes this is not easy. Read Online
  • Detection of sniffing in switched networks

    Sniffing in switched networks is typically conducted using one of two methods: MAC flooding or ARP spoofing. However, unlike sniffing in traditional, hub-based networks, both these methods are active and so can be detected – though sometimes this is not easy.


  • IPsec VPN discovery and fingerprinting
    Many people believe that IPsec VPN systems are invisible and inherently secure. However, in reality most implementations can be easily detected and fingerprinted. Once this step is achieved, a successful attack is only a matter of time. Read Online
  • Port knocking from the inside out
    Leaving a port open to the public is like an invitation for an intruder. Unfortunately, most services such as HTTP or SMTP need to be open for everyone to see. However, some of the more critical services may be accessible only when required. Here's where port knocking comes in. Read Online
  • Total control – low-level network access
    Developing applications that directly access layers of the ISO/OSI model can be a difficult task, frequently requiring non-standard packet formatting. Help is at hand, however, in the form of the WinPcap and libnet libraries, which put the programmer in total control of the content being sent out into the network. Read Online
  • Attacks on layer two of the OSI model
    Layer two of OSI model is one of the weakest links when trying to assure network security in an organization. It is also one of the most commonly ignored, because there aren't many public implementations of layer two attacks. However, a successful attack on layer two can be just as dangerous as any other. Read Online
  • ArpAlert 0.4.10
    ArpAlert is intended for controlling access to LANs. The utility listens for ARP requests and compares them against a list of authorised MAC addresses. ArpAlert is used in corporate security solutions. Read Online
  • How to create polymorphic shellcode
    In the last issue of hakin9 magazine, we learned how to create and modify shellcode. We have also studied the common problems related to shellcode and the techniques of working around them. In this article, we will learn about polymorphism and how to create shellcode that does not get detected by intrusion detection systems. Read Online
  • Hold on to thine cash
    Is the most logical for all us to take all money out of the bank and hide it under the pillow? Read Online
  • Exploiting format string vulnerabilities
    In the second half of 2000, a whole new class of exploits was discovered, shocking the IT security community. It turned out that a vast array of programs, including well-known applications such as wu-ftpd, Apache with PHP3 or screen, have serious vulnerabilities – and all because of format strings. Read Online
Back

Comments

160 comments, Add comment
Add comment

Advertisement