Section: .. / papers / general /
| /// File Name: |
sthuy_article_openvpn_29940810.B.zi..> |
Description:
|
This whitepaper discusses OpenVPN as a free, secure, and easy to use and configure SSL-Based VPN solution. It offers various scenarios of use.
| | Author: | Stijn Huyghe | | File Size: | 1646498 | | Last Modified: | Aug 13 11:10:26 2004 |
| MD5 Checksum: | bd0687e11edb3c819cbc5613c99044bc |
|
| /// File Name: |
SyscalltableAMD64EN.txt |
Description:
|
Whitepaper titled "How to get sys_call_table on amd64 under Linux".
| | Author: | pouik | | File Size: | 9327 | | Last Modified: | Oct 18 19:35:23 2006 |
| MD5 Checksum: | cb8bcc65f01e76177ffea9b98ef6102c |
|
| /// File Name: |
tempest.pdf |
Description:
|
The story regarding how the United States first learned about the fundamental security vulnerability called "compromising emanations" is revealed for the first time in this 1972 paper called TEMPEST: A Signal Problem.
| | Homepage: | http://www.nsa.gov/ | | File Size: | 284750 | | Last Modified: | Apr 29 21:06:17 2008 |
| MD5 Checksum: | 6930f3cfa80a029f63102875a3947dcc |
|
| /// File Name: |
timesync.html |
Description:
|
White paper discussing the fact that many modern networks are extremely dependant on a centralized time resource and the negative aspects of a network not having one.
| | Author: | 3APA3A | | Homepage: | http://www.security.nnov.ru/advisories/timesync.asp | | File Size: | 22180 | | Last Modified: | Aug 20 03:54:26 2004 |
| MD5 Checksum: | b4fcd8bce74ebb05e8db85ae5c200d7c |
|
| /// File Name: |
tools.ps |
Description:
|
Automated Tools for Testing Computer System Vulnerability: Discusses some of the automated tools for checking the security of a wide variety of systems
| | File Size: | 309577 | | Last Modified: | Oct 1 17:22:48 1999 |
| MD5 Checksum: | 5375d8a3754042a2e917bff30f5c3cdf |
|
| /// File Name: |
TopologyDOS.pdf |
Description:
|
This paper re-examines the denial-of-service issue. It looks at the techniques used to accomplish denial of service including process recovery, resource destruction (crash), and resource overload. Looking at how DOS functions allows for the design of other DOS attacks aimed at the processes used by the operating system, the network protocols and the users.
| | Author: | Coretez Giovanni | | Homepage: | http://www.8thport.com | | File Size: | 74536 | | Last Modified: | Jul 12 14:42:31 2000 |
| MD5 Checksum: | 690a78612efc13f42762b3aaa8fca700 |
|
| /// File Name: |
transparency.txt |
Description:
|
This paper discusses full disclosure, the necessity of legitimate network scanning, and the results of criminalizing security research and information. Overreactions to harmless activities not crossing legal boundaries are leading to a scenario where anyone acquiring basic information about a system needs to be afraid about potential consequences.
| | Author: | Mixter | | Homepage: | http://mixter.warrior2k.com | | File Size: | 10257 | | Last Modified: | Nov 13 16:29:15 2000 |
| MD5 Checksum: | 6392ac2ef70447827974be8b88605ec2 |
|
| /// File Name: |
UBehavior.zip |
Description:
|
Whitepaper discussing the exploitation of uninitialized data.
| | Author: | mercy | | Homepage: | http://www.felinemenace.org/ | | File Size: | 372833 | | Last Modified: | Jan 4 00:17:44 2006 |
| MD5 Checksum: | d247ac8afbe9033ebea4e8d93a16806b |
|
| /// File Name: |
vdwgreport.pdf |
Description:
|
The US Department of Homeland Security's "Vulnerability Disclosure Framework" document.
| | Homepage: | http://www.dhs.gov/ | | File Size: | 307070 | | Last Modified: | Jan 13 17:07:56 2007 |
| MD5 Checksum: | 6bdc9752e2b650847982d521426669e4 |
|
| /// File Name: |
virtualmachines.txt |
Description:
|
Paper discussing various ways of detecting virtual machines regardless of the OS used.
| | Author: | Bipin Gautam | | File Size: | 4678 | | Last Modified: | Oct 27 15:33:01 2006 |
| MD5 Checksum: | 21cbc35e13a2ab126eacb9eee82dd46d |
|
| /// File Name: |
VNSECON07-JA-Exploit_development.pd..> |
Description:
|
Whitepaper discussing how to speed up the exploit development process as presented at VNSECON07.
| | Author: | Jerome Athias | | File Size: | 1698766 | | Last Modified: | Aug 9 22:22:28 2007 |
| MD5 Checksum: | 06a895e8ac593460d4bfdf6ec7692a60 |
|
| /// File Name: |
vote.pdf |
Description:
|
Analysis of an Electronic Voting System - This paper describes several security flaws in Diebold electronic voting machines. Voters may be able to cast multiple ballots with little built in traceability, administrative functions can be performed by regular voters, and inside poll workers, software developers, and janitors can rig the vote. The smart card system is insecure and uses plaintext passwords. The code appears unaudited and there is no ability to do a paper recount.
| | Author: | Adam Stubblefield,Tadayoshi Kohno,Dan S. Wallach,Aviel D. Rubin | | File Size: | 244831 | | Last Modified: | Oct 31 14:21:22 2003 |
| MD5 Checksum: | 3b6981806063c69b646d789f3f009136 |
|
| /// File Name: |
votehack.txt |
Description:
|
Article about evidence mounting that the vote was hacked. The FBI has been called in to Florida.
| | Author: | Thom Hartmann | | Homepage: | http://CommonDreams.org | | File Size: | 14240 | | Last Modified: | Nov 10 01:49:51 2004 |
| MD5 Checksum: | 2c398b6336f2e2e0d98f62a2048297f1 |
|
| /// File Name: |
VT-belva-dekay-final.pdf |
Description:
|
Whitepaper titled "Creating Business Through Virtual Trust: How to Gain and Sustain a Competitive Advantage Using Information Security".
| | Author: | Kenneth F. Belva,Sam H. Dekay | | Homepage: | http://www.ftusecurity.com/ | | File Size: | 187709 | | Last Modified: | Aug 28 23:09:56 2006 |
| MD5 Checksum: | 7f6b399cf8ffbbe96ca5477648dc7c60 |
|
| /// File Name: |
vuln-trends.txt |
Description:
|
The primary goal of this whitepaper is to provide analysis that studies research trends using publicly reported vulnerabilities.
| | Author: | Steven M. Christey | | Homepage: | http://cwe.mitre.org/ | | File Size: | 77213 | | Last Modified: | Oct 8 23:02:12 2006 |
| MD5 Checksum: | 72c0a21ea7ec0241752f95032c5650bf |
|
| /// File Name: |
WASC-TC-v1_0.txt |
Description:
|
Whitepaper detailing the Threat Classification system for the Web Application Security Consortium. The Web Security Threat Classification is a cooperative effort to clarify and organize the threats to the security of a web site. The members of the Web Application Security Consortium have created this project to develop and promote industry standard terminology for describing these issues. Application developers, security professionals, software vendors, and compliance auditors will have the ability to access a consistent language for web security related issues.
| | Homepage: | http://www.webappsec.org | | File Size: | 118904 | | Last Modified: | Oct 7 00:18:31 2005 |
| MD5 Checksum: | 71a846da8ad5c8d4f051c2340114b530 |
|
| /// File Name: |
wasc_wass_2007.pdf |
Description:
|
The Web Application Security Consortium (WASC) is pleased to announce the WASC Web Application Security Statistics Project 2007. This initiative is a collaborative industry wide effort to pool together sanitized website vulnerability data and to gain a better understanding about the web application vulnerability landscape. The overall statistics includes analysis results of 32,717 sites and 69,476 vulnerabilities of different degrees of severity.
| | Homepage: | http://www.webappsec.org/ | | File Size: | 173892 | | Last Modified: | Sep 8 18:38:56 2008 |
| MD5 Checksum: | 86567ab3f61b08ab7690e05b87500656 |
|
| /// File Name: |
WebApp_Footprints_Disco.pdf |
Description:
|
White paper discussing web application footprints and discovery methodology for web servers hosting multiple web applications.
| | Author: | Shreeraj Shah | | Homepage: | http://www.net-square.com/ | | File Size: | 176061 | | Last Modified: | Feb 22 22:08:59 2005 |
| MD5 Checksum: | 82336e368c3d8dab95146586a8ffda39 |
|
| /// File Name: |
WebApp_HTTPMod.pdf |
Description:
|
Web Application Defense At The Gates - Leveraging IHttpModule. Whitepaper describing how the IHttpModule that comes with the .Net framework can be used to man-in-the-middle HTTP transactions in order to help filter against input validation attacks.
| | Author: | Shreeraj Shah | | Homepage: | http://www.net-square.com/ | | File Size: | 199513 | | Last Modified: | Mar 25 00:04:18 2005 |
| MD5 Checksum: | 4b2e7e176a2fc54e80924b01621117e7 |
|
| /// File Name: |
webhack.pdf |
Description:
|
Whitepaper discussing simple web hacking techniques.
| | Author: | Nikolaos Rangos | | File Size: | 193580 | | Last Modified: | Jul 28 11:18:01 2008 |
| MD5 Checksum: | 4d69db9891c1fa3cd11b93d5e1c50d34 |
|
| /// File Name: |
whitepaper_httpresponse.pdf |
Description:
|
Divide and Conquer - HTTP Response Splitting, Web Cache Poisoning Attacks, and Related Topics. This whitepaper discusses a new application attack technique and provides use cases.
| | Author: | Amit Klein | | File Size: | 297302 | | Last Modified: | Mar 4 18:07:00 2004 |
| MD5 Checksum: | a88cdaabfffc1297b09a899e0cadf9c1 |
|
| /// File Name: |
WIPv011.tgz |
Description:
|
Whitepaper giving an overview of a security assessment against Windows NT machines when penetration testing. Provides insight from both attacker and administrative perspectives.
| | Author: | Adrian Pastor aka pagvac | | File Size: | 740406 | | Last Modified: | Jan 26 23:29:09 2005 |
| MD5 Checksum: | 6c638d17610ae47a614b8c4765cfc7b1 |
|
| /// File Name: |
wiretap.pdf |
Description:
|
Signaling Vulnerabilities In Wiretapping Systems. This white paper discusses vulnerabilities and countermeasures that exist within commonly used wiretapping systems by the government.
| | Author: | Micah Sherr,Eric Cronin,Sandy Clark,Matt Blaze | | Homepage: | http://www.crypto.com/papers/wiretapping/ | | File Size: | 464443 | | Last Modified: | Dec 10 16:37:51 2005 |
| MD5 Checksum: | 60ff9fa476112db51624c46807aa29b8 |
|
| /// File Name: |
wmf-faq.txt |
Description:
|
A brief faq regarding the recent Microsoft Windows WMF vulnerability.
| | Author: | H D Moore | | File Size: | 3905 | | Last Modified: | Jan 8 00:13:49 2006 |
| MD5 Checksum: | c4aa0fb7f467b7586999221784a46bb7 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
