Port knocking from the inside out
Leaving a port open to the public is like an invitation for an intruder. Unfortunately, most services such as HTTP or SMTP need to be open for everyone to see. However, some of the more critical services may be accessible only when required. Here's where port knocking comes in.
|
Total control – low-level network access
Developing applications that directly access layers of the ISO/OSI model can be a difficult task, frequently requiring non-standard packet formatting. Help is at hand, however, in the form of the WinPcap and libnet libraries, which put the programmer in total control of the content being sent out into the network.
|
Wi-Fi security – WEP, WPA and WPA2
Wi-Fi (Wireless Fidelity) is one of today’s leading wireless technologies. However, one configuration aspect all too often goes unnoticed: security. Let's have a closer look at the level of security of encryption methods used in modern Wi-Fi implementations.
|
Tools - Acunetix web vulnerability scanner
Carlos shows you how to scan directory structure and perform automatically an entire set of typical attacks that gets profit of configuration or programming errors using Acunetix scanner.
|
ECOM: plugins for Symbian OS
This article presents an introduction to ECOM - the plugin framework for the Symbian operating system. From my own professional experience I know that Symbian plugins can be extremely useful, but the first contact with the ECOM framework can be somewhat overwhelming, especially if you\'re just getting to know Symbian itself.
|
Custom IPTables extensions
We will show you how to implement the required functionality yourself by writing an extension module when the firewall is based on IPTables. What's more, you'll be surprised just how easy it is.
|
Advanced L2.6KM rootkit development
Pablo will focus on the development of a rootkit for the 2.6 series of the Linux Kernel. Techniques and methods of hiding the attacker actions within the system will be the primary target, along with discussing how to detect rootkits in the owned box: know your enemy, know thyself.
|
Automating the exploitation process on Linux x86
We describe some automation buffer overflow bugs identification methods and compare some techniques. We present a tool which could identify them and produce exploit code would definitely ease the burden.
|
Secure Linux - security kit review
Linux systems are fairly resistant to intrusion attempts. However, for certain applications requiring very high security levels, the features found in standard distributions may prove insufficient. This article examines several of the most popular ways to increase Linux system security at kernel level.
|
C/C++ Programming Tools under Linux
Within this article Maciej'll attempt to familiarise the Readers with basic techniques and tools assisting the programmer in course of developing both less and more complex software.
|
Security Tools - Firestarter 1.0.3
A graphical interface for creating simple rules for a netfilter/iptables-based firewall.
|
Linux shellcode optimisation
Let's write four simple shellcodes from scratch, starting with programs in C, then converting them into assembly. Afterwards let's prepare them for shellcode use and finally optimise them.
|
Writing advanced Linux backdoors – packet sniffing
People create new defences for backdoors and intruders are forced to
innovate new techniques to keep pace with the rapidly progressing
security industry e.g. packet sniffing backdoors. Brandon describes how
they work by writing our own proof-of-concept tool.
|
Storing Confidential Data in GNU/Linux
hakin9.live 2.8-ng helpfull in this tutorial, can be downloaded from
our mirrors listed here:
This tutorial is a supplement to the Storing confidential data on
GNU/Linux (Hakin9 01/2005) article. We assume that all the following
examples will be carried out using the Hakin9 Live CD which came with
the magazine.
|
Tutorial for the article Automating the exploitation process on Linux x86
This document is a tutorial accompanying the article Automating the exploitation process on Linux x86,
demonstrating how the utility described in the article can be used to
automatically generate an exploit for a vulnerable application.
|
|
