add to cart |
quick buy
»
Detection of sniffing in switched networks
Daniel Kaczorowski, Maciej Szmit
Sniffing in switched networks is typically conducted using one of two methods: MAC flooding or ARP spoofing. However, unlike sniffing in traditional, hub-based networks, both these methods are active and so can be detected – though sometimes this is not easy.
[ level: |
type: ]
add to cart |
quick buy
»
IPsec VPN discovery and fingerprinting
Roy Hills
Many people believe that IPsec VPN systems are invisible and inherently secure. However, in reality most implementations can be easily detected and fingerprinted. Once this step is achieved, a successful attack is only a matter of time.
[ level: |
type: ]
add to cart |
quick buy
»
Port knocking from the inside out
Martin Krzywinski
Leaving a port open to the public is like an invitation for an intruder. Unfortunately, most services such as HTTP or SMTP need to be open for everyone to see. However, some of the more critical services may be accessible only when required. Here's where port knocking comes in.
[ level: |
type: ]
add to cart |
quick buy
»
Total control – low-level network access
Konrad Malewski
Developing applications that directly access layers of the ISO/OSI model can be a difficult task, frequently requiring non-standard packet formatting. Help is at hand, however, in the form of the WinPcap and libnet libraries, which put the programmer in total control of the content being sent out into the network.
[ level: |
type: ]
add to cart |
quick buy
»
Attacks on layer two of the OSI model
Alfredo Andrés, David Barroso
Layer two of OSI model is one of the weakest links when trying to assure network security in an organization. It is also one of the most commonly ignored, because there aren't many public implementations of layer two attacks. However, a successful attack on layer two can be just as dangerous as any other.
[ level: |
type: ]
add to cart |
quick buy
»
ArpAlert 0.4.10
Thierry Fournier
ArpAlert is intended for controlling access to LANs. The utility listens for ARP requests and compares them against a list of authorised MAC addresses. ArpAlert is used in corporate security solutions.
[ level: |
type: ]
add to cart |
quick buy
»
How to create polymorphic shellcode
Michal Piotrowski
In the last issue of hakin9 magazine, we learned how to create and modify shellcode. We have also studied the common problems related to shellcode and the techniques of working around them. In this article, we will learn about polymorphism and how to create shellcode that does not get detected by intrusion detection systems.
[ level: |
type: ]
add to cart |
quick buy
»
Exploiting format string vulnerabilities
Piotr Sobolewski, Tomasz Nidecki
In the second half of 2000, a whole new class of exploits was discovered, shocking the IT security community. It turned out that a vast array of programs, including well-known applications such as wu-ftpd, Apache with PHP3 or screen, have serious vulnerabilities – and all because of format strings.
[ level: |
type: ]
|
SDJ Users: 
hakin9 StarterKit IT Practical Solutions for Newbies