Section: .. / papers / general /
| /// File Name: |
linux_kernel_do_brk.pdf |
Description:
|
Whitepaper discussing the do_brk() bug found in the Linux kernel versions 2.4.22 and below.
| | Author: | Paul Starzetz | | Homepage: | http://isec.pl | | File Size: | 60395 | | Last Modified: | Dec 5 07:22:00 2003 |
| MD5 Checksum: | 15510d93f5459f12cff4614494ae9be9 |
|
| /// File Name: |
malware-trends.pdf |
Description:
|
What are the driving forces behind the rise of malware? Who is behind it, and what tactics do they use? How are vendors responding, and what should organizations, researchers, and end users keep in mind for the upcoming future? These and many other questions will be discussed in this article, combining security experience, business logic, a little bit of psychology, market trends, and personal chats with knowledgeable folks from the industry.
| | Author: | Dancho Danchev | | Homepage: | http://ddanchev.blogspot.com/ | | File Size: | 990531 | | Last Modified: | Jan 11 01:05:37 2006 |
| MD5 Checksum: | 3452a22642ccd435f41d3b4b964fec30 |
|
| /// File Name: |
mi018en.htm |
Description:
|
Shellcode programming for SCO. All examples are taken from a SCO OpenServer 5.0.4 machine so some of them may not work under another SCO type of Unix (like unixware) although I have tried to make it as portable as possible.
| | Author: | Renegade Master | | Homepage: | http://hispahack.ccc.de/en/index.html | | File Size: | 22438 | | Last Modified: | Jan 27 15:21:23 2000 |
| MD5 Checksum: | e2cf541e7912b8ad9f967cc885c076c9 |
|
| /// File Name: |
MiddleMan.pdf |
Description:
|
Paper explaining man-in-the-middle attacks, using a secure web connection as an example.
| | Author: | Coretez Giovanni | | Homepage: | http://www.8thport.com | | File Size: | 23949 | | Last Modified: | Feb 23 03:18:18 2000 |
| MD5 Checksum: | 973f3acfc65b90435e2c51884eef8682 |
|
| /// File Name: |
mk.pdf |
Description:
|
Rights Amplification in Master-Keyed Mechanical Locks - This paper describes a relatively unknown procedure for obtaining a master key if given access to a tumbler based master keyed lock and any low level key in the system. No special skill or equipment beyond a small number of blank keys and a file is needed, and the attacker does not need to engage in any suspicious behavior at the locks location. Countermeasures are described with provide limited protection under certain circumstances.
| | Author: | Matt Blaze | | Homepage: | http://www.crypto.com | | File Size: | 4039567 | | Last Modified: | Jan 24 03:10:56 2003 |
| MD5 Checksum: | 203c6fc8532d603649f8a707002650ee |
|
| /// File Name: |
modsecips.html |
Description:
|
Securing LAMP - A whitepaper that discusses a methodology to configure, test, and run a Secure LAMP environment.
| | Author: | Jesus Oquendo | | Homepage: | http://www.infiltrated.net/ | | File Size: | 15428 | | Last Modified: | Nov 13 11:14:29 2006 |
| MD5 Checksum: | bcacccdeb14c1322732a9766c791d51a |
|
| /// File Name: |
monitoring-Mar-25-2002.tar.gz |
Description:
|
Monitoring Network Traffic with Dsniff - This is a practical step by step guide showing how to use Dsniff, MRTG, IP Flow Meter, Tcpdump, NTOP, and Ngrep, and others. It also provides a discussion of how and why we should monitor network traffic. Updated version, sgml format.
| | Author: | Patrick Duane Dunston | | File Size: | 27895 | | Last Modified: | Mar 27 12:45:09 2002 |
| MD5 Checksum: | a88382cebd4c76a5098472547a4353ac |
|
| /// File Name: |
MySQL.fingerprint.txt |
Description:
|
Small write-up discussing methodology for fingerprint the type of MySQL database being used when exploiting SQL injection vulnerabilities.
| | Author: | Tonu Samuel | | File Size: | 4317 | | Last Modified: | Feb 23 18:16:00 2004 |
| MD5 Checksum: | c8504f82b10ed47a972f6bbc43dd339e |
|
| /// File Name: |
netcash1.ps |
Description:
|
Electronic Currency for the Internet: A framework for electronic currency for the Internet that provides a real-time electronic payment system
| | File Size: | 71547 | | Last Modified: | Oct 1 17:22:48 1999 |
| MD5 Checksum: | f65699219e8db97425c64266d5bb0efb |
|
| /// File Name: |
netcash2.ps |
Description:
|
NetCash: A Design for Practical Electronic Currency on the Internet: A framework for electronic currency for the Internet that provides a real-time electronic payment system
| | File Size: | 197412 | | Last Modified: | Oct 1 17:22:48 1999 |
| MD5 Checksum: | b4ca5073105cc5c662f6ae7c979c6a7b |
|
| /// File Name: |
NetIntro.txt |
Description:
|
Introduction to Internetworking - Inspired by a cisco class, here is some information on how todays high bandwidth network connections work, and how packets get to thier destination.
| | Author: | RatDance | | Homepage: | http://neoerudition.hypermart.net | | File Size: | 9121 | | Last Modified: | Apr 11 16:04:00 2000 |
| MD5 Checksum: | c7d0a9e9d217aa3f5a8db30735432070 |
|
| /// File Name: |
neural_networks.txt |
Description:
|
NEURAL NETWORKS and their applicability in security field - Neural networks are widely used for prediction, pattern recognition, and classification. Voice or handwriting recognition problems are very hard to solve using standard programs and algorithms. This paper discusses the applicability of neural networks in security applications.
| | Author: | haker haker | | File Size: | 6384 | | Last Modified: | Oct 25 20:32:23 2005 |
| MD5 Checksum: | 439ec7f50261d19bfc0c477a4b4d0e12 |
|
| /// File Name: |
newbackdoor-jm.txt |
Description:
|
Whitepaper entitled "Las nuevas backdoors", discussing new techniques in backdoors and sniffing. Written in Spanish.
| | Author: | MegadetH | | File Size: | 13021 | | Last Modified: | Aug 23 21:22:54 2007 |
| MD5 Checksum: | fabb4b532cbb1a91b4f35df1ff229298 |
|
| /// File Name: |
ngreptut.txt |
Description:
|
Simple network grep (ngrep) tutorial that gives a basic overview of some use cases.
| | Author: | d3hydr8 | | Homepage: | http://www.darkc0de.com/ | | File Size: | 12537 | | Last Modified: | Dec 24 18:59:36 2007 |
| MD5 Checksum: | 094f7c35c7872b9e2ffe74ef2b0b9eda |
|
| /// File Name: |
NISR-AntiBruteForce.pdf |
Description:
|
Authentication processes in web-based applications are frequently vulnerable to automated brute force guessing attacks. Whilst commonly proposed solutions make use of escalating time delays and minimum lockout threshold strategies, these tend to prove ineffectual in real attacks and may actually promote additional attack vectors. Resource metering through client-side computationally intensive "electronic payments" can provide an alternative strategy in defending against brute force guessing attacks. This whitepaper discusses how such a solution works and the security advantages it can bring.
| | Author: | Gunter Ollmann | | Homepage: | http://www.nextgenss.com/ | | File Size: | 489812 | | Last Modified: | Mar 22 10:46:18 2005 |
| MD5 Checksum: | 0b4494791f61ecd4804eee34f97360b8 |
|
| /// File Name: |
nist.txt |
Description:
|
Computer User's Guide to the Protection of Information Resources: A report from the US National Institute of Standards and Technology
| | File Size: | 15703 | | Last Modified: | Oct 1 17:22:48 1999 |
| MD5 Checksum: | e816e07f6e520a6bcf8060b352db653f |
|
| /// File Name: |
NTLMhttp.txt |
Description:
|
Interesting write up regarding the faulty logic of using NTLM HTTP authentication and how it does not mix well with HTTP proxies.
| | Author: | Amit Klein | | File Size: | 12286 | | Last Modified: | Jul 19 10:43:40 2005 |
| MD5 Checksum: | 0da67587751762cebd0c64d797eaf2ef |
|
| /// File Name: |
obscure.htm |
Description:
|
How to Obscure Any URL: How Spammers And Scammers Hide and Confuse. There are several tricks that can be used to make it nearly impossable to recognise a URL.
| | Author: | Pchelp | | Homepage: | http://3513587746[at]3466536962/%7ep%63h%65l%70/ | | File Size: | 27310 | | Last Modified: | Dec 3 18:52:29 1999 |
| MD5 Checksum: | ad3dcb6ea959c4b8dbb437c5e54c885a |
|
| /// File Name: |
openbsdacl.html |
Description:
|
OpenBSD Network ACLs for i386 - This paper discusses how to utilize a kernel patch to create local ACLs to restrict local users from using network services. It allows an administrator to deny network access for a user by restricting bind() and connect() to allowed accounts.
| | Author: | Andi | | Homepage: | http://segfault.net/~andi/openbsdacl/ | | File Size: | 2720 | | Last Modified: | Sep 24 00:00:04 2002 |
| MD5 Checksum: | ef934ad372b0f3fae157cfe3995a344c |
|
| /// File Name: |
oracle.security.txt |
Description:
|
Lots of good information on Oracle Database security. From the packet storm forums.
| | Author: | Daemon Root | | File Size: | 29834 | | Last Modified: | Nov 19 04:20:05 2000 |
| MD5 Checksum: | 1f52791b1d4b2027105f7a73d4f60273 |
|
| /// File Name: |
OSFingerPrint.pdf |
Description:
|
Chatter on the Wire: A look at excessive network traffic and what it can mean to network security. This paper takes a look at past Active and Passive OS Fingerprinting tools and where to go with them in the future. It is primarily geared towards how to use passive OS identification to its greatest potential using every packet that flows across the network, not just tcp packets.
| | Author: | Eric Kollman aka xnih | | Homepage: | http://myweb.cableone.net/xnih | | File Size: | 271704 | | Last Modified: | Aug 9 04:57:09 2005 |
| MD5 Checksum: | 828d73dffef771e060631997bc7e87a4 |
|
| /// File Name: |
osvdblive.txt |
Description:
|
OSVDB has announced that they have reached 3,000 stable entries. This Go-Live update discusses new features the site has along with a request for help from the community. Please help support them in any way possible.
| | Homepage: | http://www.osvdb.org/ | | File Size: | 2620 | | Last Modified: | Jun 2 04:00:47 2004 |
| MD5 Checksum: | a3d5199f54323b925961616b81309b1c |
|
| /// File Name: |
overflow.txt |
Description:
|
overflow.txt is a paper written in Spanish which explains buffer overflows and includes sample code.
| | Author: | Venomous | | Homepage: | http://www.rdcrew.com.ar | | File Size: | 11650 | | Last Modified: | Jul 31 18:20:08 2000 |
| MD5 Checksum: | 8fd971431c1591e222406c4440ae125a |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
