READ HAKIN9′S TUTORIALS AND BECOME NETWORK SECURITY & SQL INJECTION MASTER

Dear Readers,

Our latest issue focuses on Network Security and SQL Injection.
The broad term of Network Security is discussed through the issue and presented also with regard to one of the popular threats – SQL injection attacks.

Hey there, I’m not Dead Yet “Port Knocking” !!!
By Ali Hadi, Information Security Researcher
For a glance people might think ”hey, what’s this guy talking about; Port-Knocking is dead!”. Even though new security solutions have arised, the Port Knocking concept has not died or become extinct. In my opinion, Port Knocking is an amazing concept which can still be used to secure our public services. Port Knocking not only can add security to poor written or unsecured services, but add another layer of security to services that were already built with security ideas in mind.

Covert Channels in a Nutshell
By Ayman M. ElZoghby, CISSP, CISM, CISA, Information Security Consultant and Academic Researcher
Covert channel (CC) analysis is a solid and long standing academic discipline. We are going to discuss this subject and put it in a nutshell, so you would be able to see a different aspect of network security and recommend the right risk mitigation techniques to minimize those CC risks and achieving the CIA of your business assets.

Security: Methods to explore Windows 8 and Windows 7 
By Rafael Fontes, Co-Founder at Grey Hat and member of “French Backtrack Team”
This article will help everybody to understand techniques to exploit the operating system Microsoft Windows 8.

Deeper Inside the Network
By Yehia Mamdouh, CCNA, CEH
When hackers attack a certain network for information leakage or certain damage, the main target for them is usually a network server. Essential for the attacker is network mapping and a sound plan of how what and when to attack. Problem is that Network servers cannot be attacked directly. You should rather attack a vulnerable client in the network and then from there attack the server. This technique is commonly called Pivoting and we are going to show you how to use that technique which can be done for example with Metasploit.

SQL Injection Attacks
By Tomaz Kastrun, BI Developer
SQL Injection is a method of injecting potentially malicious code and therefore exploiting the security vulnerability. SQL injection happens against the database, normally through a website form or through the data layer of an application.

DATABASE PROTECTION:

SQL Injections
By Daniel Calbimonte, SQL Server Consultant for Databases and Business Intelligence
This article describes how to protect your Database from a particular attack from web pages or applications called sql injection. It gives a brief introduction to the sql injection and how to avoid it.

Learning How to Protect Your Networks by Attacking Them
By Ismael Gonzalez D., Security Researcher, CEH, MCP, MCDTS, MCSA, LPIC-1
Even the slightest information about a network in the wrong hands can be a stepping stone and eventually lead to total ownership. No network and/or computer system is immune against all kind of attacks 24/7.

SQL Injection: Threat to web
By Himanshu Bhardwaj
In today’s age of the internet, where almost everything is online and the rest going online. People depend increasingly on information available on the internet, from fairy tales to astronomical reasearch data a lot of possible information is available through the internet. People find the internet a golden source of information. Each and every bit of information is available online. But this can be a potential risk, what happens if someone alters or removes chunks of your precious (stored) data. You could lose a lot of valuable information and invested time perhaps not that important to other people.

Zero-Day A Future Threat, And How To Protect Your Data
By Rafael Fontes, Co-Founder at Grey Hat and member of “French Backtrack Team”
It is known that practically all software has security flaws (programming problems that give individuals opportunities to explore previously nonexistent), many of these vulnerabilities not yet discovered, and hundreds are corrected every month through the packages available organizations affected, sometimes new versions and updates.

EXTRA:

The Importance of Cryptography and Security Experts in Society
By Rafael Fontes, Co-Founder at Grey Hat and member of “French Backtrack Team”
The hacker culture and resulting philosophy is a dynamic one and changing over the decades, an everlasting ongoing evolution. It’s true that hackers/security researchers not only contribute to a safer digital presence but also stand at the beginning of the newest technological developments. The true pioneers. The security industry versus crackers (cyber criminals) ratrace is just a spin off. The term hacker has more to it than the avarage public opinion reveals. The whole hacker landscape (blackhat, greyhat, whitehat, bughunter, researchers, academics..) and any mix is of imminent importance. And not only the Brazilian corporations appreciate their involvement for the good or worse.