Section: .. / papers / general /
| /// File Name: |
clientexp.tgz |
Description:
|
Paper on exploiting security issues in client and other non-server software. Includes a sample exploit against tar.
| | Author: | Mixter | | File Size: | 54408 | | Last Modified: | Dec 17 17:18:15 1999 |
| MD5 Checksum: | 12a081e6bef3be60e4b9c4e5f4f087d9 |
|
| /// File Name: |
code_auditing_in_c.txt |
Description:
|
A small whitepaper discussing code auditing in C.
| | Author: | Tal0n | | File Size: | 52888 | | Last Modified: | Aug 11 18:29:07 2007 |
| MD5 Checksum: | 25bd0a787a7800bcf71980d9c707f205 |
|
| /// File Name: |
AveOfAttack.pdf |
Description:
|
A New Avenue of Attack: Event-Driven System Vulnerabilities. This paper gives more technical details to security vulnerabilities in event-driven systems and relates it to Information Warfare.
| | Author: | Simos Xenitellis | | Homepage: | http://www.isg.rhul.ac.uk/~simos/event_demo/ | | File Size: | 51408 | | Last Modified: | Aug 11 19:06:53 2002 |
| MD5 Checksum: | f75606876872b209db3c27c173b8f830 |
|
| /// File Name: |
botnet.tgz |
Description:
|
KYE: Tracking Bots. A whitepaper produced by the German Honeynet Project that looks at the individuals and organization that run botnets.
| | Homepage: | http://www.honeynet.org/ | | File Size: | 50375 | | Last Modified: | Mar 17 02:22:27 2005 |
| MD5 Checksum: | 00408e62b61746075b189692d8332ac7 |
|
| /// File Name: |
draft-ietf-tsvwg-port-randomization..> |
Description:
|
This document describes a simple and efficient method for random selection of a client port number, such that the possibility of an attacker guessing the exact value is reduced. While this is not a replacement for cryptographic methods, the described port number randomization algorithms provide improved security/obfuscation with very little effort and without any key management overhead. The mechanisms described in this document are a local modification that may be incrementally deployed, and that does not violate the specifications of any of the transport protocols that may benefit from it, such as TCP, UDP, SCTP, DCCP, and RTP.
| | Author: | Michael Vittrup Larsen,Fernando Gont | | Homepage: | http://www.ietf.org/ | | Changes: | This new revision of the document addresses the feedback we got from Amit Klein, Matthias Bethke, and Alfred Hoenes. | | File Size: | 49484 | | Last Modified: | Sep 2 23:27:10 2008 |
| MD5 Checksum: | 7148e6b60b79983dd6d3afc806fb28d5 |
|
| /// File Name: |
agents.txt |
Description:
|
The Evolution of Malicious Agents. This paper examines the evolution of malicious agents by analyzing features and limitations of popular viruses, worms, and trojans, detailing the possibility of a new breed of malicious agents currently being developed on the Internet.
| | Author: | Lenny Zeltser | | Homepage: | http://www.zeltser.com/agents | | File Size: | 48331 | | Last Modified: | May 3 18:20:38 2000 |
| MD5 Checksum: | badaef580cc6781fc436d7fe02f5cce9 |
|
| /// File Name: |
041607.html |
Description:
|
The Web Application Security Consortium is proud to present 'The Importance of Application Classification in Secure Application Development'.
| | Author: | Rohit Sethi | | Homepage: | http://www.webappsec.org/ | | File Size: | 44216 | | Last Modified: | Apr 18 20:40:46 2007 |
| MD5 Checksum: | 067f062ee0605f2c9e32f8a6614d533c |
|
| /// File Name: |
draft-ietf-tsvwg-port-randomization..> |
Description:
|
This document describes a simple and efficient method for random selection of a client port number, such that the possibility of an attacker guessing the exact value is reduced. While this is not a replacement for cryptographic methods, the described port number randomization algorithms provide improved security/obfuscation with very little effort and without any key management overhead. The mechanisms described in this document are a local modification that may be incrementally deployed, and that does not violate the specifications of any of the transport protocols that may benefit from it, such as TCP, UDP, SCTP, DCCP, and RTP.
| | Author: | Michael Vittrup Larsen,Fernando Gont | | Homepage: | http://www.ietf.org/ | | File Size: | 43889 | | Last Modified: | Jul 16 20:13:04 2008 |
| MD5 Checksum: | 3169ae2876e24bcbe919b97c4fecdeb4 |
|
| /// File Name: |
seh-paper.txt |
Description:
|
Playing around with SEH (the Structured Exception Handler).
| | Author: | suN8Hclf | | Homepage: | http://www.dark-coders.pl/ | | File Size: | 41425 | | Last Modified: | Aug 18 20:00:12 2008 |
| MD5 Checksum: | 679821c48bb8441a75d5ed76b003bd45 |
|
| /// File Name: |
draft-ietf-tsvwg-port-randomization..> |
Description:
|
This document describes a simple and efficient method for random selection of a client port number, such that the possibility of an attacker guessing the exact value is reduced. While this is not a replacement for cryptographic methods, the described port number randomization algorithms provide improved security/obfuscation with very little effort and without any key management overhead. The mechanisms described in this document are a local modification that may be incrementally deployed, and that does not violate the specifications of any of the transport protocols that may benefit from it, such as TCP, UDP, SCTP, DCCP, and RTP.
| | Author: | Michael Vittrup Larsen,Fernando Gont | | Homepage: | http://www.ietf.org/ | | File Size: | 38321 | | Last Modified: | Dec 7 19:38:08 2007 |
| MD5 Checksum: | a6d891234260fe58cfc46cda8aea2f7c |
|
| /// File Name: |
cgisec.txt |
Description:
|
PERL/CGI Hacking - What makes CGI scripts insecure and how to exploit them.
| | Author: | Tonec | | File Size: | 37250 | | Last Modified: | Jan 15 00:50:21 2001 |
| MD5 Checksum: | 5649ad7dce8adccef9699054adbc31c0 |
|
| /// File Name: |
dsniff_netmon.txt |
Description:
|
Network Monitoring with Dsniff - This is a practical step by step guide showing how to use Dsniff, MRTG, IP Flow Meter, Tcpdump, NTOP, and Ngrep, and others. It also provides a discussion of how and why we should monitor network traffic.
| | Author: | Duane Dunston | | Homepage: | http://www.linuxsecurity.com | | File Size: | 35792 | | Last Modified: | May 30 19:31:31 2001 |
| MD5 Checksum: | 7aef6c3ab9be70806f9c0895d74a0a5d |
|
| /// File Name: |
blackmagic.txt |
Description:
|
Practical guide to advanced network attack and reconnaissance techniques using Python. Includes topics such as firewalking, port scanning, ARP poisoning, and DNS poisoning.
| | Author: | detach | | Homepage: | http://hackaholic.org/ | | File Size: | 35177 | | Last Modified: | Mar 29 00:14:10 2005 |
| MD5 Checksum: | 97334b9d53d7c7dff332a3214a16bd86 |
|
| /// File Name: |
ssh_tunnels.txt |
Description:
|
Encrypted Tunnels using SSH and MindTerm - This paper will discuss using Secure Shell (SSH) and MindTerm to secure organizational communication across the Internet. Easy to setup and reliable software need to be used in order to allow the inexperienced users the ability to quickly establish secure communication channels.
| | Author: | Duane Dunston | | Homepage: | http://www.linuxsecurity.com | | File Size: | 34275 | | Last Modified: | May 30 19:25:25 2001 |
| MD5 Checksum: | c6f772e94054386472ab1a226d50571d |
|
| /// File Name: |
blackbox.txt |
Description:
|
Freedom of Information requests at http://www.blackboxvoting.org have unearthed two Ciber certification reports indicating that security and tamperability was NOT TESTED and that several state elections directors, a secretary of state, and computer consultant Dr. Britain Williams signed off on the report anyway, certifying it.
| | Homepage: | http://www.blackboxvoting.org/ | | File Size: | 34214 | | Last Modified: | Nov 10 01:41:32 2004 |
| MD5 Checksum: | 5285a64d546396feed26c988ae5debc3 |
|
| /// File Name: |
draft-larsen.tgz |
Description:
|
Recently, awareness has been raised about a number of "blind" attacks that can be performed against the Transmission Control Protocol (TCP) and similar protocols. The consequences of these attacks range from throughput-reduction to broken connections or data corruption. These attacks rely on the attacker's ability to guess or know the four- tuple (Source Address, Destination Address, Source port, Destination Port) that identifies the transport protocol instance to be attacked. This document describes a simple and efficient method for random selection of the client port number, such that the possibility of an attacker guessing the exact value is reduced. While this is not a replacement for cryptographic methods, the described port number randomization algorithms provide improved security/obfuscation with very little effort and without any key management overhead. Both text and pdf formats of this paper are included.
| | Author: | Fernando Gont,M. Larsen | | File Size: | 33774 | | Last Modified: | Feb 13 03:14:47 2007 |
| MD5 Checksum: | ea07aacce03e720b7693eb3d90822d48 |
|
| /// File Name: |
Writing_nasl_scripts.pdf |
Description:
|
Small whitepaper discussing Nessus and the functions related to writing NASL scripts along with some debugging tips.
| | Author: | Hemil Shah | | File Size: | 33273 | | Last Modified: | Jan 29 11:40:43 2007 |
| MD5 Checksum: | 36b024263ba35ed9530a0e4f24d249a9 |
|
| /// File Name: |
Complete_Spyware_Whitepaper.pdf |
Description:
|
This is a fairly light-weight introduction to what spyware is, what it does, and how to detect/block it. Mostly, it refers to other tools rather than giving any new info, but it does have a reasonable overview of different tools.
| | Author: | Jonathan Read | | Homepage: | http://www.anti-trojan.org | | File Size: | 31599 | | Last Modified: | Oct 24 16:36:43 2004 |
| MD5 Checksum: | e18b31695e0d8689709e3ea4c42d5240 |
|
| /// File Name: |
oracle.security.txt |
Description:
|
Lots of good information on Oracle Database security. From the packet storm forums.
| | Author: | Daemon Root | | File Size: | 29834 | | Last Modified: | Nov 19 04:20:05 2000 |
| MD5 Checksum: | 1f52791b1d4b2027105f7a73d4f60273 |
|
| /// File Name: |
reverse_backdoored_binaries.txt |
Description:
|
Well written whitepaper about reverse engineering backdoored binaries. It is meant for the beginner reverse engineer with some knowledge of ELF, C, x86 ASM, and Linux.
| | Author: | Chris | | Homepage: | http://www.cr-secure.net/ | | File Size: | 28027 | | Last Modified: | Apr 19 09:49:00 2004 |
| MD5 Checksum: | 44254a0ab92d356cf69959d3c8060f44 |
|
| /// File Name: |
monitoring-Mar-25-2002.tar.gz |
Description:
|
Monitoring Network Traffic with Dsniff - This is a practical step by step guide showing how to use Dsniff, MRTG, IP Flow Meter, Tcpdump, NTOP, and Ngrep, and others. It also provides a discussion of how and why we should monitor network traffic. Updated version, sgml format.
| | Author: | Patrick Duane Dunston | | File Size: | 27895 | | Last Modified: | Mar 27 12:45:09 2002 |
| MD5 Checksum: | a88382cebd4c76a5098472547a4353ac |
|
| /// File Name: |
AnonMoney.zip |
Description:
|
An interesting paper on using the TOR network to anonymously collect funds with eGold.
| | Author: | Mr Babs | | File Size: | 27881 | | Last Modified: | Apr 28 12:47:57 2006 |
| MD5 Checksum: | dd9e819d06c9b8ad5e1c6d1b4d87ce5c |
|
| /// File Name: |
obscure.htm |
Description:
|
How to Obscure Any URL: How Spammers And Scammers Hide and Confuse. There are several tricks that can be used to make it nearly impossable to recognise a URL.
| | Author: | Pchelp | | Homepage: | http://3513587746[at]3466536962/%7ep%63h%65l%70/ | | File Size: | 27310 | | Last Modified: | Dec 3 18:52:29 1999 |
| MD5 Checksum: | ad3dcb6ea959c4b8dbb437c5e54c885a |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
