You are here: Home
Written By :
on : Friday, 1 Apr, 2005

Intrusion Detection System Internals

Nowadays, when we talk about information security, we can often hear terms such as Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS) or a mixture of both – Intrusion Detection and Prevention Systems (IDPS). The goal of IDSs is to identify attacks or security breaches by monitoring network and host activities. A detailed IDS technology overview is necessary to understand how it works. Author: Antonio Merola Source: http://hakin9.org Hakin9 4/2005 What You Will Learn...
  • what intrusion detection systems are,
  • how to evade IDS solutions,
  • how to protect from evading such systems.
What You Should Know...
  • you should have a basic knowledge about the HTTP protocol,
  • basic knowledge about TCP/IP protocols
Filed under: Articles - Tagged with: , , , , , , , , ,
Written By :
on : Friday, 1 Apr, 2005

Dangerous Google – Searching for Secrets

Information which should be protected is very often publicly available, revealed by careless or ignorant users. The result is that lots of confidential data is freely available on the Internet – just Google for it. Author: Michał Piotrowski Source: http://hakin9.org Hakin9 4/2005 What You Will Learn...
  • how to use Google to find sources of personal information and other confidential data,
  • how to find information about vulnerable systems and Web services,
  • how to locate publicly available network devices using Google.
What You Should Know...
  • how to use a Web browser,
  • basic rules of operation of the HTTP protocol.
Google serves some 80 percent of all search queries on the Internet, making it
Filed under: Articles - Tagged with: , , , ,
Written By :
on : Friday, 1 Apr, 2005

Sam Spade for Windows

Sam Spade for Windows is a multi-purpose Internet tool containing tools such as whois, dig, traceroute and is enhanced with email header analysis functions. Its main purpose is to obtain information about senders and to prepare abuse reports. Author: Tomasz Nidecki Source: 
Written By :
on : Friday, 1 Apr, 2005

PortSentry

PortSentry is a tool, which monitors a system's ports in order to detect scanning attempts. It features mechanisms to block both the particular packets themselves and the host that they originated from. Author: Jan Korzeniowski Source: http://hakin9.org Hakin9 4/2005 Quick start: If we suspect
Written By :
on : Tuesday, 1 Mar, 2005

Physical Security Design

There is no value in spending money to protect data we can recreate; what could possibly happen? – comments like these come from a large percentage of upper management. From employee misuse to industrial espionage to natural disasters, company assets
Written By :
on : Tuesday, 1 Mar, 2005

Protecting Windows Programs from Crackers

A shareware application programmer's work will sooner or later be sabotaged by crackers. Quite often, a crack or keygen can be found on the Internet the very same day that an application is published. There exist, however, effective methods for
Written By :
on : Tuesday, 1 Mar, 2005

Honeypots – Worm Traps

Internet worms spread at a lightning rate, so taking effective countermeasures requires their code to be captured and analysed as soon as possible. Honeypot systems let us capture worms and observe their activity, but can also be used to remove
Written By :
on : Tuesday, 1 Mar, 2005

OS Fingerprinting – How to Remain Unidentified

Every operating system has specifi c features, which can be used to remotely identify its type. In this article, we'll try to modify certain system parameters to deceive remote OS detection programs into believing that our machine runs a different
Written By :
on : Tuesday, 1 Mar, 2005

TEMPEST – Compromising Emanations

TEMPEST, also known as Van Eck Phreaking, is the art of turning involuntary emissions into compromising data. This mainly concerns electromagnetic waves, but it can also be applied to any kind of unwanted emanations induced by the inner workings of
Written By :
on : Tuesday, 1 Mar, 2005

Hiding Kernel Modules in Linux

Placing a rootkit module in the victim's system is only the beginning of an intruder's labours. If the intrusion is to remain undetected, the malicious code must be hidden in a way which does not arouse suspicion. Author: Mariusz Burdach Source: http://hakin9.org Hakin9
Written By :
on : Tuesday, 1 Mar, 2005

SQL Injection Attacks with PHP and MySQL

There are a couple of common attack techniques used against the PHP/MySQL environment. SQL Injection is one of the most frequently used. This technique is about trying to push the application being attacked into a state where it accepts our
Written By :
on : Tuesday, 1 Mar, 2005

Finding and Exploiting Bugs in PHP Code

Programs and scripts developed with PHP, one of the most popular languages, are often vulnerable to different attacks. The reason is not that the language is insecure, but that inexperienced programmers frequently commit design errors. Author: Sacha Fuentes Source: http://hakin9.org Hakin9 2/2005 What you
You are here: Home
Top