Hacking Citrix
Citrix is a Remote Desktop application that is becoming widely popular. It is built off of Microsoft's Terminal Services RDP (Remote Desktop Protocol). Unlike Terminal Services, Citrixs' lines of products allow the administrator to specify certain applications to be run on the server. This allows them to control which programs they want to allow the end user to execute. There exists an interesting gray line for the security of citrix applications due to the mixing of both citrix technology, and microsoft technology. With an application that allows users remote access to not only published programs, but remote desktops, a serious threat arises.
Thursday, September 26, 2002
Security Gateway
SecurityGateway.com is an exciting, innovative online resource. It is a uniquely designed portal, or “gateway” to a vast world of security industry related news and information. Whether you are a professional working in the security or public safety fields, a business owner or a residential consumer, SecurityGateway.com has something for you. You’ll have quick and easy access to industry news, trends and information – all in one place.
Explore and experience SecurityGateway.com for yourself.
SecurityGateway.com is an exciting, innovative online resource. It is a uniquely designed portal, or “gateway” to a vast world of security industry related news and information. Whether you are a professional working in the security or public safety fields, a business owner or a residential consumer, SecurityGateway.com has something for you. You’ll have quick and easy access to industry news, trends and information – all in one place.
Explore and experience SecurityGateway.com for yourself.
Securing Linux 101: Reasonable Steps to Detect and Prevent Blackhats
In the age of Web-based archives of packaged break-in tools (“script kits”) being run by inexperienced hackers (“script kiddies”), it’s increasingly important not to overreact when you suspect that a break-in has occurred. This article helps provide ideas, methods, and checklists for detecting blackhats and securing your Linux box. The article also provides a list of resources.
In the age of Web-based archives of packaged break-in tools (“script kits”) being run by inexperienced hackers (“script kiddies”), it’s increasingly important not to overreact when you suspect that a break-in has occurred. This article helps provide ideas, methods, and checklists for detecting blackhats and securing your Linux box. The article also provides a list of resources.
Remote Management of Win2K Servers: Three Secure
It's a common scenario: your company has an IIS Web server sitting 300 miles away at a high-bandwith, air-conditioned and power-regulated co-location center. The network is stable and the price is right, but you must completely manage the server remotely; you can't just go sit down at the console whenever you want. Remote management presents several problems, the most obvious being that the traffic between you and the server is travelling across the public Internet, available for others to sniff. Another problem is that remote administration normally involves installing software and opening ports, both of which increase the attack surface of your server. The goal when selecting a remote administration solution is to make sure that you (and only you) can do your job without exposing the server to additional risk.
It's a common scenario: your company has an IIS Web server sitting 300 miles away at a high-bandwith, air-conditioned and power-regulated co-location center. The network is stable and the price is right, but you must completely manage the server remotely; you can't just go sit down at the console whenever you want. Remote management presents several problems, the most obvious being that the traffic between you and the server is travelling across the public Internet, available for others to sniff. Another problem is that remote administration normally involves installing software and opening ports, both of which increase the attack surface of your server. The goal when selecting a remote administration solution is to make sure that you (and only you) can do your job without exposing the server to additional risk.
Secure Programming in PHP
The goal of this paper is not only to show common threats and challenges of programming secure PHP applications but also to show you practical methods for doing so. The wonderful thing about PHP is that people with little or even no programming experience are able to achieve simple goals very quickly. The problem, on the other hand, is that many programmers are not really conscious about what is going behind the curtains. Security and convenience do not often go hand in hand -- but they can.
The goal of this paper is not only to show common threats and challenges of programming secure PHP applications but also to show you practical methods for doing so. The wonderful thing about PHP is that people with little or even no programming experience are able to achieve simple goals very quickly. The problem, on the other hand, is that many programmers are not really conscious about what is going behind the curtains. Security and convenience do not often go hand in hand -- but they can.
The Art of Unspoofing
The amount and frequency of denial of service attacks are escalating. It is becoming harder to track down the source who initiates them due to trace-evasion techniques. A raw interface to the networking stack allows anyone to send spoofed packets to a target host, eliminating the ability of its administrator to determine the origin of the attack. In today's world of e-commerce and globalization, the devastating attacks and the inability to determine their source can be devastating. It gives small companies a bad name, and destroys the good reputations of larger companies.
The ability to track down the source that uses spoofing techniques will certainly increase the chance to catch those attacking, and will force people to think of more intricate ways to attack servers on the net. This paper describes a few ways to track down these sort of attacks up to the last link in the chain (the attacker himself), or at least his ISP.
The amount and frequency of denial of service attacks are escalating. It is becoming harder to track down the source who initiates them due to trace-evasion techniques. A raw interface to the networking stack allows anyone to send spoofed packets to a target host, eliminating the ability of its administrator to determine the origin of the attack. In today's world of e-commerce and globalization, the devastating attacks and the inability to determine their source can be devastating. It gives small companies a bad name, and destroys the good reputations of larger companies.
The ability to track down the source that uses spoofing techniques will certainly increase the chance to catch those attacking, and will force people to think of more intricate ways to attack servers on the net. This paper describes a few ways to track down these sort of attacks up to the last link in the chain (the attacker himself), or at least his ISP.
The BSDs: Sophisticated, Powerful, and (Mostly) Free
What is BSD? If you ask a typical computer "expert," he or she is likely to reply (incorrectly!) that it is "an operating system." The correct answer, however, is more complex than that. BSD is -- among other things -- a culture, a philosophy, and a growing collection of software, most (though not all) of which is available for free and with source code.
Here are the origins of BSD and the operating systems it has spawned. BSD stands for "Berkeley Software Distribution," the name first given to the University of California at Berkeley's own toolkit of enhancements for the UNIX operating system. Created by the students and faculty, BSD was not part of UNIX itself, which was created by Bell Labs. Rather, it was a widely distributed package of software enhancements for UNIX -- a supplement that made the operating system, which was originally strictly a research vehicle, useful in the real world.
Over time, however, BSD took on a life of its own. It evolved to include replacements for nearly every part of UNIX -- so much so that only the omission of six computer files prevented it from being a complete operating system by itself. Industrious programmers quickly developed replacements for these six files and made the BSDs into usable operating systems.
What is BSD? If you ask a typical computer "expert," he or she is likely to reply (incorrectly!) that it is "an operating system." The correct answer, however, is more complex than that. BSD is -- among other things -- a culture, a philosophy, and a growing collection of software, most (though not all) of which is available for free and with source code.
Here are the origins of BSD and the operating systems it has spawned. BSD stands for "Berkeley Software Distribution," the name first given to the University of California at Berkeley's own toolkit of enhancements for the UNIX operating system. Created by the students and faculty, BSD was not part of UNIX itself, which was created by Bell Labs. Rather, it was a widely distributed package of software enhancements for UNIX -- a supplement that made the operating system, which was originally strictly a research vehicle, useful in the real world.
Over time, however, BSD took on a life of its own. It evolved to include replacements for nearly every part of UNIX -- so much so that only the omission of six computer files prevented it from being a complete operating system by itself. Industrious programmers quickly developed replacements for these six files and made the BSDs into usable operating systems.
The BSDs: Sophisticated, Powerful, and (Mostly) Free
What is BSD? If you ask a typical computer "expert," he or she is likely to reply (incorrectly!) that it is "an operating system." The correct answer, however, is more complex than that. BSD is -- among other things -- a culture, a philosophy, and a growing collection of software, most (though not all) of which is available for free and with source code.
Here are the origins of BSD and the operating systems it has spawned. BSD stands for "Berkeley Software Distribution," the name first given to the University of California at Berkeley's own toolkit of enhancements for the UNIX operating system. Created by the students and faculty, BSD was not part of UNIX itself, which was created by Bell Labs. Rather, it was a widely distributed package of software enhancements for UNIX -- a supplement that made the operating system, which was originally strictly a research vehicle, useful in the real world.
Over time, however, BSD took on a life of its own. It evolved to include replacements for nearly every part of UNIX -- so much so that only the omission of six computer files prevented it from being a complete operating system by itself. Industrious programmers quickly developed replacements for these six files and made the BSDs into usable operating systems.
What is BSD? If you ask a typical computer "expert," he or she is likely to reply (incorrectly!) that it is "an operating system." The correct answer, however, is more complex than that. BSD is -- among other things -- a culture, a philosophy, and a growing collection of software, most (though not all) of which is available for free and with source code.
Here are the origins of BSD and the operating systems it has spawned. BSD stands for "Berkeley Software Distribution," the name first given to the University of California at Berkeley's own toolkit of enhancements for the UNIX operating system. Created by the students and faculty, BSD was not part of UNIX itself, which was created by Bell Labs. Rather, it was a widely distributed package of software enhancements for UNIX -- a supplement that made the operating system, which was originally strictly a research vehicle, useful in the real world.
Over time, however, BSD took on a life of its own. It evolved to include replacements for nearly every part of UNIX -- so much so that only the omission of six computer files prevented it from being a complete operating system by itself. Industrious programmers quickly developed replacements for these six files and made the BSDs into usable operating systems.
Tuesday, September 24, 2002
ngSniff
ngSniff is a command line sniffer for win2k or higher. It does not require any packet driver, so it is a "must have" tool for penetration tests.
ngSniff is a command line sniffer for win2k or higher. It does not require any packet driver, so it is a "must have" tool for penetration tests.
Manipulating Microsoft SQL Server Using SQL Injection
This paper will focus on advanced techniques that can be used in an attack on an application utilizing Microsoft SQL Server as a backend. These techniques demonstrate how an attacker could use a SQL Injection vulnerability to retrieve the database content from behind a firewall and penetrate the internal network.
This paper will focus on advanced techniques that can be used in an attack on an application utilizing Microsoft SQL Server as a backend. These techniques demonstrate how an attacker could use a SQL Injection vulnerability to retrieve the database content from behind a firewall and penetrate the internal network.
IBM Delivers Security For Wireless LANs
IBM on Monday released several security services that are designed to plug holes in corporate wireless LANs.
The services are meant to address some of the weak spots in wireless networking that make enterprises nervous about allowing access to e-business applications from increasingly popular wireless devices.
IBM on Monday released several security services that are designed to plug holes in corporate wireless LANs.
The services are meant to address some of the weak spots in wireless networking that make enterprises nervous about allowing access to e-business applications from increasingly popular wireless devices.
Fake AP
Black Alchemy's Fake AP generates thousands of counterfeit 802.11b access points. Hide in plain sight amongst Fake AP's cacophony of beacon frames. As part of a honeypot or as an instrument of your site security plan, Fake AP confuses Wardrivers, NetStumblers, Script Kiddies, and other undesirables.
Black Alchemy's Fake AP generates thousands of counterfeit 802.11b access points. Hide in plain sight amongst Fake AP's cacophony of beacon frames. As part of a honeypot or as an instrument of your site security plan, Fake AP confuses Wardrivers, NetStumblers, Script Kiddies, and other undesirables.
Wireless Scanning – Wardriving / Warchalking
In my previous article about wireless security and hacking, I introduced common security threats in WLANs and ways that wireless hackers use them to break into a wireless network. Before a wireless hacker breaks into a WLAN, he/she must identify a suitable open network to launch her/his attack. This article explains what the common methods for wireless scanning are, and how to get protected against them as well.
In my previous article about wireless security and hacking, I introduced common security threats in WLANs and ways that wireless hackers use them to break into a wireless network. Before a wireless hacker breaks into a WLAN, he/she must identify a suitable open network to launch her/his attack. This article explains what the common methods for wireless scanning are, and how to get protected against them as well.
SucKIT
The SucKIT is easy-to-use, Linux-i386 kernel-based rootkit. The code
stays in memory through /dev/kmem trick, without help of LKM support nor System.map or such things. Everything is done on the fly. It can hide PIDs, files, tcp/udp/raw sockets, sniff TTYs. Next, it have integrated TTY shell access (xor sha1) which can be invoked through any running service on a server. No compiling on target box needed, one binary can work on any of 2.2.x & 2.4.x kernels precompiled (libc-free).
The SucKIT is easy-to-use, Linux-i386 kernel-based rootkit. The code
stays in memory through /dev/kmem trick, without help of LKM support nor System.map or such things. Everything is done on the fly. It can hide PIDs, files, tcp/udp/raw sockets, sniff TTYs. Next, it have integrated TTY shell access (xor sha1) which can be invoked through any running service on a server. No compiling on target box needed, one binary can work on any of 2.2.x & 2.4.x kernels precompiled (libc-free).
Monday, September 23, 2002
The Case For Ethical Hacking
An excerpt from The CISSP Prep Guide: Mastering The Ten Domains of Computer Security.
An excerpt from The CISSP Prep Guide: Mastering The Ten Domains of Computer Security.
Want secure e-mail? Train users
Despite the huge volume of business-related e-mail and the pent-up demand for secure e-mail solutions, encrypted e-mail is still the exception rather than the rule. As organizations evaluate the maturing technologies for secure e-mail, both policy and user training issues must be examined. Often, project plans become so caught up in the technical pros, cons, and differentiators that the goal is overlooked, as is the significant hurdle of user acceptance and utilization of any proposed secure e-mail technology. We advise that organizations examine possible solutions for their merit and security, the usability of such solutions, as well as the user training and education that will be required for successful deployment.
Despite the huge volume of business-related e-mail and the pent-up demand for secure e-mail solutions, encrypted e-mail is still the exception rather than the rule. As organizations evaluate the maturing technologies for secure e-mail, both policy and user training issues must be examined. Often, project plans become so caught up in the technical pros, cons, and differentiators that the goal is overlooked, as is the significant hurdle of user acceptance and utilization of any proposed secure e-mail technology. We advise that organizations examine possible solutions for their merit and security, the usability of such solutions, as well as the user training and education that will be required for successful deployment.
PHENOELIT
You are entering the lands of packets, brute force and misuse of trust.
This is a dark land. Full of problems and choices. Be carefull when you use your knowledge. Be also carefull with your tools and weapons. Never underestimate your enemy.
You are entering the lands of packets, brute force and misuse of trust.
This is a dark land. Full of problems and choices. Be carefull when you use your knowledge. Be also carefull with your tools and weapons. Never underestimate your enemy.
Sunday, September 22, 2002
Remote Administration Tool PART 1
This article discusses about programming a remote administration utility using Winsock component in Visual Basic 6. This is the first part of this series and it is for newbies. This section helps you to build an utility to send messages from client to the server. In the coming sections we will be discussing about programming advanced features(to the server like making it a FTP server or Telnet server etc…) to make it a perfect remote administration tool.
This article discusses about programming a remote administration utility using Winsock component in Visual Basic 6. This is the first part of this series and it is for newbies. This section helps you to build an utility to send messages from client to the server. In the coming sections we will be discussing about programming advanced features(to the server like making it a FTP server or Telnet server etc…) to make it a perfect remote administration tool.
Subscribe to:
Posts (Atom)
