| Javascript Feeds RSS Feed Security Dashboard | SearchSecurity.com |
|
Downloads
|
|
Nessus
|
|
Nmap
|
|
User Info and User Dump Tutorial The UserInfo and UserDump tools enumerate user credentials on Microsoft OS's as null sessions. Null sessions allow an anonymous attackers to extract a great deal of information about a system, most importantly, account names. They are dangerous because they allow attackers to pull juicy user data from the machine. Windows NT, 2000 and even Server 2003 domain controllers are susceptible to enumeration using null sessions. The key point to take away on null sessions and enumeration is that you can obtain account names to use on dictionary attacks and other information like last logon, privileges, and when and if the password expires. It even gives you the logon hours so we aren’t knocking on the door when the user should be asleep and not able to log in.
By Chris Gates, 06/28/2005
|
|
NetCat Tutorial Throughout this tutorial, I will be giving examples on Linux systems. The official Netcat homepage makes no reference to Windows systems, however I have successfully built Netcat from source under Cygwin, and you can find a Win32 copy built by ‘@Stake’ and all examples used below are fully supported under Windows.
Adam Palmer,
06/13/2005
|
|
Monitoring Network Traffic Reading network traffic is essential for system administrators, network engineers, and security analysts. At some point there will be a need to read the network traffic directly instead of monitoring application level details. Examples of situations that might require monitoring network traffic are, auditing network security, debugging network configurations, and analyzing usage patterns. For this task we use network monitoring software, or network sniffers, that sniff the traffic your computer is able to see on the network. What exactly your computer can see really depends on how the network is laid out, but the easiest way to figure out what it can see is just start sniffing.
LearnSecurityOnline,
06/08/2005
|
|
Introduction to Netstat Tutorial Netstat is a versatile tool catered for the windows platform by means of the MS-DOS (now a days referred to as "Command Prompt") command line. Netstat is also used in other platforms and operating systems apart from Windows such as Unix and Linux. In the following thesis I will demonstrate the security-oriented uses for this basic DOS and bash command designed for the newbie.
By LearnSecurityOnline, 05/25/2005
|
|
Ethereal and NMap This is the first in a series of excerpts from chapter 7 of Incident Response, published in August 2001 by O'Reilly. This excerpt covers two tools used by hackers to detect weaknesses in your network. You can use these tools to detect these same weaknesses before hackers get a chance to.
By Richard Forno and Kenneth R. van Wyk, 05/20/2004
|
|
Guarded Memory Move (GMM) The Guarded Memory Move tool gets handy when you have to study buffer overflows and you need to catch them together with a "good" stack image. When a stack overflow has been exploited, the back trace is already gone together with good information about parameters and local variables, that are of vital importance when trying to understand how the attacker is trying to work out the exploit.
By Davide Libenzi, 05/03/2004
|
|
Security Applications for Cisco NetFlow Data Good network security requires good network monitoring. Network monitoring provides baseline information about normal network behavior and can alert staff to potential problems. During or after a security incident, the data collected with network monitoring tools can assist network managers in determining what has happened, what remediation needs to be done, and how to prevent future occurrences. Cisco did not design NetFlow services with security analysis in mind; the problems inherent in the flow data demonstrate that. Nonetheless, NetFlow data has been and can be profitably used for security-related analysis. NetFlow can provide otherwise hard-to gather information; it allows network managers to view traffic patterns without having to deploy sniffers or LAN probes on every segment. While neither silver bullet nor Swiss army knife, NetFlow data can provide network managers with a rich source of fairly compact data for security-related tasks.
04/03/2004
|
|
Using MOM 2000 to Secure Servers The primary focus of this document is to show how MOM 2000 out of the box can address many security issues and act as your eyes and ears on every managed machine. Furthermore to address the NetIQ security Management Pack for MOM 2000 and its functions. As well as demonstrate functionality and capabilities of the two products together in an enterprise helping administrators make their servers more secure therefore reducing risk and increasing uptime. This will cover the history of MOM 2000, the architecture behind it, and why NetIQ is so interested in this Microsoft product. This will also show some features and functionality of a systems management product in the face of security.
03/31/2004
|
|
Password Cracking with L0phtCrack 3.0 This paper was designed to describe how most password crackers operate. In today’s world of security, password security is one of the priorities for all authentication-based protected systems. There are many types of security that can be introduced in a system and one could not possibly describe them all at once but the authentication process is based on one or a combination of these three facts criteria: Something you know, Something you are, and Something you have. For the sake of this paper, only the first fact will be touched.
03/24/2004
|
|
Netcat The TCP/IP Swiss Army Knife Netcat is a tool that every security professional should be aware of and possibly have in their ‘security tool box’. In May/June of 2000, insecure.org conducted a survey of 1200 Nmap users from the Nmap- ackers mailing list to determine their favorite security tools. Netcat was the second most popular tool, not including Nmap1. A quick search on securityportal (www.securityportal.com) found 166 matches of netcat. Most of the matches describe or use netcat in some way. Netcat is a utility that is able to write and read data across TCP and UDP network connections. If you are responsible for network or system security it essential that you understand the capabilities of netcat.
03/24/2004
|
|
Page: 1 234 |
