Thursday, May 02, 2002

Ethernet Packet Sniffer "GreedyDog"
GreedyDog is the ethernet packet sniffer forLinux, FreeBSD, OpenBSD, NetBSD, Solaris, AIX, MacOSX, and Windows2000/Xp. GreedyDog keeps stream of each TCP session and writes to logfile. So, to make a session stream, it is not necessary to reconstruct the packets which are fragmented, logfile can be analysed very easily. This feature is useful to log the comparatively large session such as telnet. Administrator can watch the telnet session of remote user as one stream unit until the connection close, if cracker makes telnet session to other network by way of administrated network, gdd can log all activities of cracker as one stream that includes other network. Furthermore, gdd have IDS function based on "grep&action".gdd monitors session stream, if suspicious action is detected, gdd executes specified action.
Step inside the world of hacking
The world of computer hackers is a constant cat-and-mouse game between “white hats” and “black hats.” Some white hats use “honeypots” to learn about their enemy. Honeypots look like normal Web servers to a black hat, but they are really traps with special software that allow white hats to track every step a computer vandal takes. Click above to see, step by step, a full-blown attack by a black hat aimed at a honeypot, through both the eyes of the hacker and the white hat stopping her.

Monday, April 29, 2002

Definitions and Value of Honeypots
Over the past several years there has been a growing interest in honeypots and honeypot related technologies. Honeypots are not a new technology, they were first explained by a couple of very good papers by several icons in computer security, Cliff Stoll's book the "Cuckoo's Egg", and Steve Bellovin and Bill Cheswick's paper "An Evening with Berferd." This paper attempts to take their work further and discuss what honeypots are, how they can add value to an organization, and several honeypot solutions. There are a variety of misconceptions on what a honeypot is, how it works, and how it adds value. It is hoped this paper helps clear up those issues. Also, few people realize the risk and issues involved with honeypots. Though honeypots made add value, the time and resources involved may best focused on greater priorities.
making a one-way CAT5 cable
For IDS deployments a.k.a. a sniffbox.
Computer Forensics - by Ibas
Electronic evidence and information gathering have become central issues in an increasing number of conflicts and crimes. In situations ranging from the suspicion of disloyalty by staff and information theft, to other serious crimes, Ibas can assist in gathering and documenting electronic evidence.

Ibas offer services to the police, prosecuting authorities, lawyers and public and private companies in cases involving seizure and analysis of data. Results and findings can be presented in written reports or through verbal testimony e.g. in legal proceedings. In the information age the field of Computer Forensics is experiencing strong growth. Computer Forensics from Ibas will leverage the expertise and technology built through more than 20 years of experience with Data Recovery and Data Erasure.
Candes Systems Inc.
TEMPEST Computers and Peripherals.