Friday, May 17, 2002

Rooivalk secrets take wings
Thieves who broke into the closely guarded Denel complex in Kempton Park knew exactly what they wanted.

Only computer hard disks containing information of the Rooivalk attack helicopter were stolen in the burglary that shows signs of industrial espionage.

From evidence in the investigation thus far it appears the thieves knew exactly what they wanted and were not interested in computer equipment when they burgled the Denel aviation department.

The National Intelligence Agency (NIA) has joined police in the investigation, said NIA spokesperson Lorna Daniels on Wednesday.

Thursday, May 16, 2002

Content-Based Image Retrieval from forensic Databases
The doctoral thesis "Content-Based Image Retrieval from forensic Databases", (public defense University Utrecht, 19 June, 10.30) in PDF format.
PortSentry for Attack Detection, Part One
Portsentry by Psionic Technologies is a component of their TriSentry suite of attack detection tools: portsentry, hostsentry, and logsentry. This article is the first of a two-part series that will describe in detail how Portsentry works from both a theoretical and a technical point of view.The second article will discuss installing, configuring, and tailoring PortSentry for individual systems.

Tuesday, May 14, 2002

Feds Out-Hack Russian Hackers
"The Russians just sat down and entered their passwords. It couldn't have been any better than that." Richard Eaton, creator of WinWhatWhere Investigator program.
First Steps in Achieving Network Security
The security-aware manager will support hiring someone with specialized security expertise to work with the IT team to create a secure network.

The events of September 11th raised the public's awareness of the need for increased security in all aspects of life. Reports from the U.S. government that the next targets for terrorists might well be the country's information infrastructure have highlighted the need for improved network security .

At the same time, corporate end-users have been hit with viruses and worms that have disrupted and damaged computer systems. Words like "Code Red" and "Nimda" have become part of the corporate vernacular.

The heightened awareness within corporate America has led to the question, "What is network security?"

Monday, May 13, 2002

g4u - Harddisk Image Cloning for PCs
g4u ("ghost for unix") is a NetBSD-based bootfloppy that allows easy cloning of PC harddisks to deploy a common setup on a number of PCs using FTP. The floppy offers two functions. First is to upload the compressed image of a local harddisk to a FTP server. Other is to restore that image via FTP, uncompress it and write it back to disk; network configuration is fetched via DHCP. As the harddisk is processes as a image, any filesystem and operating system can be deployed using g4u.
Top Secret Messenger (TSM)
Top Secret Messenger (TSM) is a powerful and secure public-encryption with fully and seamlessly integrated plugins for popular instant messengers and e-mail clients such as, ICQ (America Online), Outlook Express and Outlook (Microsoft), and Miranda MSN and ICQ clone (as well as many others currently in development)

Sunday, May 12, 2002

The art of gaining local access
Local hacking is, what I myself call, the way of gaining access to a computer while actually sitting at it. This article is a short listing of my experience in this area.
An Indepth Guide in Hacking UNIX and the concept of Basic Networking
I believe that hacking into any system requires knowledge of the Operating system itself.Basically what I will try to do is make you more familiar with UNIX operation ,its usefull commands that will be advantageous to you as a hacker.This article contains in depth explainations.
Decoding IPsec
Understanding the Protocols of Virtual Private Networks.
SSL Certificates HOWTO
A first hand approach on how to manage a certificate authority (CA), and issue or sign certificates to be used for secure web, secure e-mail, or signing code and other usages. This HOWTO will also deal with non-linux applications: there is no use to issue certificates if you can't use them... All applications won't be listed here, but please, send me additional paragraphs and corrections. As indicated in the introduction, this documents is an hand-on HOWTO, and it is therefore required that you consult the man pages of the OpenSSL software. You should as well read security books to learn how your security could be compromised. Certificates are meant to increase the security of your transactions, it is VERY important that you understand all the security implications of your actions and what security OpenSSL does not provide.