Wednesday, October 23, 2002

Encryption method getting the picture
Researchers have created a new way to encrypt information in a digital image and extract it later without any distortion or loss of information.
A team of scientists from Xerox and the University of Rochester said that the technique, called reversible data hiding, could be used in situations that require proof that an image has not been altered.
Using File Hashes to Reduce Forensic Analysis
The "hashkeeper" paradigm or model was first introduced a number of years ago by Brian Deering of the National Drug Intelligence Center (www.hashkeeper.org). Since then, computer forensic analysts have come to use the term hashkeeper when they discuss ways of using the hash values of files to assist in forensic analysis.

Tuesday, October 22, 2002

Exposing the Underground: Adventures of an Open Proxy Server
This paper discusses the abuse of misconfigured HTTP proxy servers, taking a detailed look at the types of traffic that flow through this underground network. Also discussed is the use of a "honeyproxy", a server designed to look like a misconfigured HTTP proxy. Using such a tool we can spy on the Internet underground without the need for a full-blown honeypot.
EKAHAU
Ekahau Positioning Engine (EPE) is a powerful Java-based positioning server that provides PC and PDA location coordinates (x, y, floor) and tracking features to client applications. EPE includes a stand-alone Manager application for performing the site survey, drawing Ekahau Tracking Rails™, recording site calibration data, tracking wireless devices, and analyzing the positioning accuracy. Ekahau's patent-pending technology features up to 1 meter (3½ ft) average accuracy, enabling people and asset tracking both indoors and outdoors.
Writing a universal backdoor
The idea is to write a simple ( but universal ) backdoor, that is able to perform ANY TASK without knowing ( at the time it is written and installed ) which TASKS it will perform in the future. The backdoor will be very small, containing no coded functionality, but being able to be used for any purpose you don't even know of when you install the backdoor on the victim's PC. Plugin mechanism may be a better description for this kind of backdoor, because anytime your victim is online, you can "plugin" some "feature" and run it on his machine.

This article will focus on the underlying concept, not on the implementation of all the possible "features".

It's an article for people who want to programm a backdoor. Nevertheless it will present a simple ready-to-run backdoor that you just have to compile and install.

AND: I will use Java as the programming language !

Sunday, October 20, 2002

network Security Group
These are descriptions, slides and notes for the monthly OSU SECWOG meetings and for other talks that members of the group have given. In some cases you'll find slides (web, Adobe Acrobat (pdf), postscript...) and in others we just have notes available.
Best Free Computer Forensics Training Materials
A long list of links to training materials.