| Javascript Feeds RSS Feed Security Dashboard | SearchSecurity.com |
|
Denial of Service
|
|
Social Engineering
|
|
SQL Injection
|
|
Basic Self-assessment: Go Hack Yourself One of the greatest fears of the system administrator is the thought of their network being compromised. There are many threats, constantly bombarding the defenses of computer networks. If an intruder has physical access to a machine, they will be able to remove or damage parts of the system.
By Barry Dowell, 04/25/2004
|
|
Hacker Tools and their Signatures, Part Three: Rootkits This is the third installment of a series devoted to examining hacker tools and their signatures. In this installment we will be looking at some of the signatures related to the KOH rootkit. The purpose of this paper is to assist the reader in detecting the KOH rootkit. Through this process, it is hoped that the reader will also learn steps to take to defend against the installation of these types of rootkits.
By Toby Miller, 04/22/2004
|
|
Hacker Tools and their Signatures, Part Two: Juno and Unisploit This is the second installment in the Hacker Tools and Their Signatures series, a series written to assist system administrators, security administrators, and the security community as a whole to identify and understand the tools that are being used in the hacker community. The first article examined the Berkley Internet Name Domain exploit bind8x.c. This installment will focus on two tools: Juno and Unisploit. This paper will provide a detailed analysis of these tools, including tcpdump examples and other useful references. This paper assumes that the reader is familiar with the TCP/IP protocol and other related protocols.
By Toby Miller, 04/22/2004
|
|
Hacker Tools and Their Signatures, Part One: bind8x.c This article is the first in a series of papers detailing hacker exploits/tools and their signatures. This installment will examine the Berkley Internet Name Domain exploit bind8x.c. The discussion will cover the details of bind8x.c and provide signatures that will assist an IDS analyst in detecting it. This paper assumes that the reader has some basic knowledge of TCP/IP and understands the tcpdump format.
By Toby Miller, 04/22/2004
|
|
War Dialing This paper will give the reader general information on war dialing, war dialing tools and general steps you can take to protect your network from unwanted intruders, that may try to gain access to your network via unauthorized or poorly managed modems.
By Michael Gunn, 04/18/2004
|
|
Battle for the Internet: The War is On! There is a battle raging between security professionals and hackers. By placing people into the shoes of a hacker, and teaching them the skills to gain access to a system, one is better able to defend against them. The first step is "Foot Printing/Reconnaissance." As a hacker, we dig up information on companies/individuals by mirroring their websites, using search engines, whois databases and traceroute. Next, we move on to "Scanning." We ping their computers, look at which ports are open, identify their operating system, map their networks, and see if they have any available modem connections. Then we move on to "Enumeration," looking at valid user accounts and network shares.
By Kevin J. Owens, 04/18/2004
|
|
Packet Sniffing In a Switched Environment This paper focuses on the threat of packet sniffing in a switched environment, and briefly explores the effect in a non-switched environment. Detail is given on techniques such as "ARP (Address Resolution Protocol) spoofing", which can allow an attacker to eavesdrop on network traffic in a switched environment. Third party tools exist which permit sniffing on a switched network. The result of running some of these tools on an isolated, switched network is presented; it clearly demonstrates that the threat they pose is real and significant. The final section covers ways to mitigate the threat of network sniffing in both non-switched and switched environments. It is proposed that encryption is the only true defense to the threat of sniffing.
By Tom King, 04/17/2004
|
|
Redefining the Role of Information Warfare in Chinese Strategy Information warfare is generally understood as "actions taken to affect adversary information and information systems, while defending one's own information and information systems." In this paper, a theory is introduced that China is currently executing a patient and deceptive form of information warfare that redefines the boundaries of Western definitions of the concept. China's efforts are designed to advance its economic state, maintain its national unity, significantly improve its technological and military capabilities, and increase its regional and global influence -- all with minimal or no fighting and without alarming the West. This theory is supported by diverse sources that relate directly to China's grand strategy and strategic heritage.
By Edward Sobiesk, 04/14/2004
|
|
Information Warfare: An Analysis of the Threat of Cyberterrorism Towards the US Critical Infrastructure The purpose of this paper is to explore the possibility of a terrorist group launching an information warfare attack against our infrastructure and to answer the question: Is the US ready to defend against a cyber attack? I will define cyberterrorism, information warfare, from both an offensive and defensive standpoint, and define the aspects of the national infrastructure. I will examine the current trends of terrorist groups and focus on their information warfare capabilities to see if it is possible for a group like Hammas, Hezbolla, or al- Qaeda to commit to an all out information warfare attack aimed at crippling or destroying the US infrastructure. Finally, I will analyze the current US posture towards cyber warfare and terrorism.
By Shannon M. Lawson, 04/14/2004
|
|
Can Cyberterrorists Actually Kill People? Just imagine, if civilization as we know it could fall into such a panic and possibly spiral out of control over a relatively minor programming error, what would happen if somebody sat down and starting causing these kinds of malfunctions on purpose? Could terrorists or rogue nation soldiers kill people while tapping away in their living rooms, using nothing more than a dial-up internet connection and laptop computer they ordered from an ad in the back of a magazine?
By Scott Anthony Newton, 04/14/2004
|
|
Page: 12 3 4567 |
