Numerous tools exist which allow one to determine what service runs on some given port and what software provides it. Let us attempt to understand how they work, then ponder upon whether it would be possible (or easy) to trick them.
Author: Piotr Sobolewski
Source: http://hakin9.org Hakin9 2/2006
What you will learn...
- what is application level fingerprinting,
- what techniques it uses,
- which tools can you use to carry out application level fingerprinting,
- which techniques these tools use and its consequences,
- are the results provided by tools reliable,
- is it difficult (possible) to trick the tools.
What you should know...
- how the Internet works and know basic Linux commands.
If you have a computer
As people create new defences for backdoors, intruders are forced to innovate new techniques to keep pace with the rapidly progressing security industry. One of such techniques is packet sniffing backdoors. Let's learn how they work by writing our own Proof-of-Concept tool.
Author: Brandon Edwards
Source: http://hakin9.org Hakin9 1/2006
What you will learn...
- how the packet sniffing backdoor technique works,
- how to use this technique in practice.
What you should know...
- Linux TCP/IP networking basics,
- C programming basics,
- Linux networking using libpcap.
A new backdoor technique which has evolved from the need to bypass a local firewall (like Netfilter), without embedding code or connecting back, is packet sniffing. This style of
Would you put confidential information on a postcard and send it to your friends, colleagues, or business partners? Well, no. But why would you put confidential information in an e-mail and send it around the world?
Author: Lars Packschies
Source: http://hakin9.org Hakin9 1/2006
What
Before starting to cook your covert channel, you first have to think about the receipt (recette): decide how your covert channel will look like, what it will be used for (antipasti or dessert ?) and finally when you'll have your
A little-talked-about network security technique has proven one of the most effective means of defense against Denial-of-Service attacks and a successful means of threat data collection. In this article we will explore advanced network defense applications using stationary and event-driven
Over the past decade, event correlation has become a prominent event processing technique in many domains (network and security management, intrusion detection, etc.). However, existing open-source log monitoring tools don't support it well. In this paper, we will discuss how
What is the link between kernel hackers (in this article we will use the term kernel instead of the core of an Operating System), corporations having webmarketing businesses which develop spywares or adwares to profile websurfers and corporations like Sony
GFI LANguard Network Security Scanner is a tool for scanning one or more computers connected to a network. Scan results include a security assessment and a list of vulnerabilities found.
Author: Tomasz Nidecki
Source: http://hakin9.org Hakin9 1/2006
Quick start. Suppose you want to assess
Network intrusion detection requires a suite of tools, including traditional, signature-based NIDS such as snort. In this article we examine how to use common tools together to provide multilayered protection in case one measure should fail, and to provide maximum
A shellcode is an essential part of any exploit. During attack, it is injected into the target application and performs the desired actions within it. However, the basic rules for building shellcodes are not too widely known, even though they
SQL Injection attacks target the core of a web application: its database. Their most significant impact enables an attacker to retrieve, modify, or delete arbitrary data. It is a serious threat to any application with a database back-end and a
Java has taken control of the programming world. It runs on servers, appears as browser applets, increasingly takes over mobile phones – it's even made its way into smartcards. It is usually seen as a highly secure operating environment, but
