|
Timing Attacks - execution path analysis (2/2007)  »Aimject The author presents a tool which facilitates man-in-the-middle attacks against AOL instant Messenger's OSCAR protocol via a simple GTK interface. Learn more on this useful device. »Nmap It is probably one of the most famous free, open source utilities. The author describes Network Mapper developed by Fiodor enabling user to explore the network and audit the security level. Nmap's design focuses on rapid, large-scale scans. For more info read this short report. »Metasploit – exploring framework Thanks to his article you will acquire a general knowledge on how exploiting works as well as some more detailed information on The Metasploit Project – an interesting security initiative. Moreover – the author explains how to exploit services by the means of Metasploit. »Fuzzing technique Fuzzing is one of the latest techniques employed when looking for the bugs. Having read this article you will know what fuzzing exactly is; what are its theoretical basics and what makes it so efficient. Last but not least you will learn how to write and use your own fuzzer. »In remembrance of timing attacks This text sheds the light on performing timing analysis over the execution path of a program, leading to valid usernames identification on Unix and other services. »Testing Intrusion Detection Systems Thanks to this article you will get to know shellcode polymorphism techniques and how polymorphic shellcode works. The authors illustrate the difficulties behind shellcode generation tool and many more of the technique's features. »Attacking adjacent memory stack regions and software vulnerabilities complexity theory This writing presents how to exploit adjacent memory regions in the stack and what is the easiest way of classifying attacks and vulnerabilities in regards to vulnerability complexity theory. »Spam – Virus Checking Gateway There is no Internet user who has not been annoyed by Spam. IT specialist are trying to create a tool or a system which would be able to deal with the extent of the spam problem. Thanks to this writing the reader will learn how to analyze the spam issues and how to configure and customize an antispam-antivirus system. »Firewall leak testing In this section we present our readers' opinions on advantages & disadvantages of firewalls they have used. You can find out if the prizes are adequate to the quality, what are the main problems that the users experienced and finally you will see the rating.  »An interview with Matt Jonkman This month, hakin9 talks to Matt Jonkman known to our readers as hakin9 columnist. Matt has been into IT for a long time now and the network engeneering and security as well as intrusion detection have always belonged to his main interests. He took part in launching an open-source research community for intrusion detection. »John Viega's IT career It is a section presenting to our readers how interesting and complex working in the IT security field might be, and how much satisfaction being IT security community activist can bring. What's new in the latest hakin9.live version (3.2-aur.) and what must-have applications we grant you + Cisco Certified Network Associate Course, part 2 on our CDs. |
|
