Voice Over IP (VoIP) is one of the hottest buzzwords in contemporary IT, even more so since the last CeBit in March 2005, and a new hope for both service providers and device manufacturers. Countries with good network infrastructure typically have several offers of VoIP bundles, consisting of a hardware router with VoIP functionality and attractive pricing for both Internet access and telephony. VoIP is set to displace stationary telephony solutions sooner or later, but serious security issues tend to go unnoticed in all the hype.
Authors: Tobias Glemser, Reto Lorenz
Source: http://hakin9.org Hakin9 5/2005
What you will learn...
- the basics of the SIP protocol,
- several
Visiting online banking services and other secured sites is becoming increasingly dangerous. Entering your credit card number on a website which looks deceptively similar to that of your bank might end with a considerable sum disappearing from your account. Unfortunately, such attacks are increasingly commonplace nowadays and make use of a new method called pharming.
Author: Mariusz Tomaszewski
Source: http://hakin9.org Hakin9 5/2005
What you will learn...
- how pharming works,
- how DNS cache poisoning attacks are conducted,
- how to defend against pharming,
- which DNS server is the most secure.
What you should know...
- how the DNS protocol works,
- the ISO/OSI reference model,
- the basics of shell programming.
Classic phishing (see Inset How phishing came
Firestarter is a graphical tool for simplifying the process of managing, analysing, supervising and configuring a firewall based on netfilter/iptables. It uses the GTK2 library.
Author: Tomasz Nowak
Source: http://hakin9.org Hakin9 4/2005
Quick start: As an administrator of a Linux server, containing confidential data
An anonymous proxy working on a basis of a distributed network. It allows all applications, which are able to use SOCKS4, to establish anonymous connections via a path randomly chosen from a network of relays. It is also possible to
If you happen to lose important files on your Linux system – for example after a break-in – do not despair. Though it often requires a lot of time, with the help of a good toolkit you can potentially recover
A conscientious mail server administrator should ensure that users get both antivirus and antispam protection. While few users would object to their messages being screened by an antivirus program, using spam scanners is much more controversial. This is because no
Due to errors in the design of the TCP/IP protocol stack, data hidden in network datagrams can become a serious threat. Network steganography takes advantage of superfluous bits in both mandatory and optional TCP header fields.
Author: Łukasz Wójcicki
Source: http://hakin9.org Hakin9 4/2005
What
Many Internet users use socalled personal firewalls, like Softwin BitDefender or Norton Personal Firewall. These applications generate prompts when other programs try to establish Internet connections and block such attempts if they are not confirmed by the user. Nevertheless, there
Bluetooth is rapidly gaining popularity throughout the world, with some 1.5 billion devices expected to support the technology by the end of 2005. However, Bluetooth can also be used for malicious purposes, such as snooping into private data, causing financial
Nowadays, when we talk about information security, we can often hear terms such as Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS) or a mixture of both – Intrusion Detection and Prevention Systems (IDPS). The goal of IDSs is to
Information which should be protected is very often publicly available, revealed by careless or ignorant users. The result is that lots of confidential data is freely available on the Internet – just Google for it.
Author: Michał Piotrowski
Source: http://hakin9.org Hakin9 4/2005
What You
Sam Spade for Windows is a multi-purpose Internet tool containing tools such as whois, dig, traceroute and is enhanced with email header analysis functions. Its main purpose is to obtain information about senders and to prepare abuse reports.
Author: Tomasz Nidecki
Source:
