Section: .. / papers / general /
| /// File Name: |
digital.voodoo.zip |
Description:
|
PSS gets "texts for newbies" by the bucketload. However, this is quite different. It has the "newbie hacking basics" presented in a tasteful and useful manner. Later, it goes into "novice/intermediate" tactics that many as piring (though not yet leet) hackers will find usefull. And finally, in sections such as Firewall Penetration experienced hackers will find valuable theroritical and practical tactics and techniques. All in all, Digital Voodoo is a great reference and resource for hacker and security specialist alike.
| | Author: | Kurruppt2k | | File Size: | 151747 | | Last Modified: | Nov 19 13:29:55 1999 |
| MD5 Checksum: | a9c5600f3200d9fca11d33ee4c748b2e |
|
| /// File Name: |
draft-gont-opsec-ip-security-01.txt |
Description:
|
This is the IETF Internet-Draft entitled "Security Assessment of the Internet Protocol version 4", which is heavily based on the "Security Assessment of the Internet Protocol".
| | Author: | Fernando Gont | | Homepage: | http://www.ietf.org/ | | File Size: | 166263 | | Last Modified: | Sep 2 23:30:05 2008 |
| MD5 Checksum: | 8df28368bfb0390ab4b35fd2f97b23a2 |
|
| /// File Name: |
draft-ietf-tsvwg-port-randomization..> |
Description:
|
This document describes a simple and efficient method for random selection of a client port number, such that the possibility of an attacker guessing the exact value is reduced. While this is not a replacement for cryptographic methods, the described port number randomization algorithms provide improved security/obfuscation with very little effort and without any key management overhead. The mechanisms described in this document are a local modification that may be incrementally deployed, and that does not violate the specifications of any of the transport protocols that may benefit from it, such as TCP, UDP, SCTP, DCCP, and RTP.
| | Author: | Michael Vittrup Larsen,Fernando Gont | | Homepage: | http://www.ietf.org/ | | File Size: | 38321 | | Last Modified: | Dec 7 19:38:08 2007 |
| MD5 Checksum: | a6d891234260fe58cfc46cda8aea2f7c |
|
| /// File Name: |
draft-ietf-tsvwg-port-randomization..> |
Description:
|
This document describes a simple and efficient method for random selection of a client port number, such that the possibility of an attacker guessing the exact value is reduced. While this is not a replacement for cryptographic methods, the described port number randomization algorithms provide improved security/obfuscation with very little effort and without any key management overhead. The mechanisms described in this document are a local modification that may be incrementally deployed, and that does not violate the specifications of any of the transport protocols that may benefit from it, such as TCP, UDP, SCTP, DCCP, and RTP.
| | Author: | Michael Vittrup Larsen,Fernando Gont | | Homepage: | http://www.ietf.org/ | | File Size: | 43889 | | Last Modified: | Jul 16 20:13:04 2008 |
| MD5 Checksum: | 3169ae2876e24bcbe919b97c4fecdeb4 |
|
| /// File Name: |
draft-ietf-tsvwg-port-randomization..> |
Description:
|
This document describes a simple and efficient method for random selection of a client port number, such that the possibility of an attacker guessing the exact value is reduced. While this is not a replacement for cryptographic methods, the described port number randomization algorithms provide improved security/obfuscation with very little effort and without any key management overhead. The mechanisms described in this document are a local modification that may be incrementally deployed, and that does not violate the specifications of any of the transport protocols that may benefit from it, such as TCP, UDP, SCTP, DCCP, and RTP.
| | Author: | Michael Vittrup Larsen,Fernando Gont | | Homepage: | http://www.ietf.org/ | | Changes: | This new revision of the document addresses the feedback we got from Amit Klein, Matthias Bethke, and Alfred Hoenes. | | File Size: | 49484 | | Last Modified: | Sep 2 23:27:10 2008 |
| MD5 Checksum: | 7148e6b60b79983dd6d3afc806fb28d5 |
|
| /// File Name: |
draft-larsen.tgz |
Description:
|
Recently, awareness has been raised about a number of "blind" attacks that can be performed against the Transmission Control Protocol (TCP) and similar protocols. The consequences of these attacks range from throughput-reduction to broken connections or data corruption. These attacks rely on the attacker's ability to guess or know the four- tuple (Source Address, Destination Address, Source port, Destination Port) that identifies the transport protocol instance to be attacked. This document describes a simple and efficient method for random selection of the client port number, such that the possibility of an attacker guessing the exact value is reduced. While this is not a replacement for cryptographic methods, the described port number randomization algorithms provide improved security/obfuscation with very little effort and without any key management overhead. Both text and pdf formats of this paper are included.
| | Author: | Fernando Gont,M. Larsen | | File Size: | 33774 | | Last Modified: | Feb 13 03:14:47 2007 |
| MD5 Checksum: | ea07aacce03e720b7693eb3d90822d48 |
|
| /// File Name: |
dragons.ps |
Description:
|
There Be Dragons: A description of the wide variety of attacks attempted on the AT&T Internet firewall
| | File Size: | 185040 | | Last Modified: | Oct 1 17:22:48 1999 |
| MD5 Checksum: | 8371b4bd6f034127760bcbf6aeb3f12a |
|
| /// File Name: |
dsniff_netmon.txt |
Description:
|
Network Monitoring with Dsniff - This is a practical step by step guide showing how to use Dsniff, MRTG, IP Flow Meter, Tcpdump, NTOP, and Ngrep, and others. It also provides a discussion of how and why we should monitor network traffic.
| | Author: | Duane Dunston | | Homepage: | http://www.linuxsecurity.com | | File Size: | 35792 | | Last Modified: | May 30 19:31:31 2001 |
| MD5 Checksum: | 7aef6c3ab9be70806f9c0895d74a0a5d |
|
| /// File Name: |
dtors.txt |
Description:
|
Overwriting the .dtors section - This paper presents a concise explanation of a technique to gain control of a C program's flow of execution given that it has been compiled with gcc. This exploit technique has several advantages over changing the stack pointer, including ease of determining the exact position where we want to write and point to our shellcode, and is simpler than a GOT patch.
| | Author: | Juan M. Bello Rivas | | Homepage: | http://www.synnergy.net | | File Size: | 10059 | | Last Modified: | Dec 12 22:53:04 2000 |
| MD5 Checksum: | f693cc32d668324c2205e77036aa3fd1 |
|
| /// File Name: |
elf-1.tbz |
Description:
|
Project Freedocs Volume 3 - A collection of tutorials regarding elf programming.
| | Author: | Bugghy | | Homepage: | http://vaida.bogdan.googlepages.com/ | | File Size: | 650891 | | Last Modified: | Sep 9 04:05:32 2004 |
| MD5 Checksum: | 1e8c74bcb9a66fd9d469b5f26afa165e |
|
| /// File Name: |
ENG_in_a_nutshell.pdf |
Description:
|
Exploit Creation - The Random Approach. A paper about using Encore Next Generation techniques to create exploits.
| | Author: | Nelson Brito | | File Size: | 165713 | | Last Modified: | Oct 6 22:24:31 2008 |
| MD5 Checksum: | dd9d916dd9cd088ebacdbac525cd7a78 |
|
| /// File Name: |
enterprise_specific_security.sxw.pd..> |
Description:
|
White-paper that discusses how large enterprises use a different class of software than small companies. This software and the environment it is purchased in is subject to particular constraints that often require a different strategy. This paper presents the problems with concrete and current examples and suggests some solutions.
| | Author: | Dave Aitel | | Homepage: | http://www.immunitysec.com/ | | File Size: | 292287 | | Last Modified: | Apr 2 05:54:00 2004 |
| MD5 Checksum: | f08fdd20ce1f278a7a74b4d4494b495b |
|
| /// File Name: |
estcsirc.ps |
Description:
|
Establishing a Computer Security Incident Response Capability: Procedures and issues for establishing a computer security incident response team
| | File Size: | 292992 | | Last Modified: | Oct 1 17:22:48 1999 |
| MD5 Checksum: | 82e372f26332e3e0945c8805f2ad381c |
|
| /// File Name: |
evilBushLovingMachines.txt |
Description:
|
Apparently some voting machines in New Mexico have decided to pick the opposite candidate of the ones early voters are choosing. More proof that electronic voting systems cannot be used in such an infant stage.
| | Author: | Jim Ludwick | | Homepage: | http://abqjournal.com/elex/246845elex10-22-04.htm | | File Size: | 5000 | | Last Modified: | Oct 27 00:32:07 2004 |
| MD5 Checksum: | 4bab988931293345f41299af59140d96 |
|
| /// File Name: |
ewdd.pdf |
Description:
|
Exploiting Windows Device Drivers - this paper introduces device driver exploitation techniques, provides detailed descriptions of techniques used and includes full exploit code with sample vulnerable driver code for testing purposes.
| | Author: | Piotr Bania | | Homepage: | http://pb.specialised.info/ | | File Size: | 232971 | | Last Modified: | Oct 18 19:40:44 2005 |
| MD5 Checksum: | c5eaa08dfb7ca0000e1705388a72e1a3 |
|
| /// File Name: |
exploits-1.tbz |
Description:
|
Project Freedocs Volume 2 - A collection of tutorials regarding exploit programming.
| | Author: | Bugghy | | Homepage: | http://vaida.bogdan.googlepages.com/ | | File Size: | 2716757 | | Last Modified: | Sep 9 04:09:10 2004 |
| MD5 Checksum: | b8f9b25d88c0e4e0d06263221a540306 |
|
| /// File Name: |
FiTechSummit_final_paper.pdf |
Description:
|
This presentation was given by the keynote speaker at the FiTech Summit 2005. It is entitled "How It's Difficult to Ruin a Good Name: An Analysis of Reputational Risk".
| | Author: | Kenneth F. Belva | | Homepage: | http://www.ftusecurity.com | | File Size: | 436192 | | Last Modified: | Sep 26 01:04:13 2005 |
| MD5 Checksum: | 5131f07bb7a4df687b2eb4106ce4c174 |
|
| /// File Name: |
Footprinting-faq-v0_1.txt |
Description:
|
Footprinting FAQ - How to remotely determine the network addresses of a company.
| | Author: | Tag | | Homepage: | http://liun.hektik.org | | File Size: | 9292 | | Last Modified: | Jan 8 20:03:42 2001 |
| MD5 Checksum: | 4799e7a486e8e33828020f8e4a3c0a40 |
|
| /// File Name: |
forensic.ps |
Description:
|
Software Forensics: Can We Track Code to its Authors? An idea that it may be possible to identify the authors of malicious software by the style and features of their programs
| | File Size: | 55685 | | Last Modified: | Oct 1 17:22:48 1999 |
| MD5 Checksum: | 5018d4d563a55cc02e45ec51023319a1 |
|
| /// File Name: |
freebsd.org-report.txt |
Description:
|
How Freebsd.org was hacked - By combining insecurities in two CGI scripts, www.freebsd.org was taken over by Nohican and Frank Van Vliet.
| | Author: | Joost Pol aka Nohican,Karin | | File Size: | 8658 | | Last Modified: | Dec 16 22:07:56 2000 |
| MD5 Checksum: | abb904a3dc90dec5904922b683308e4e |
|
| /// File Name: |
fuat.ps |
Description:
|
Security Breaches: Five Recent Incidents at Columbia University: A detailed account of five break-ins at Columbia University, and the steps taken to stop them
| | File Size: | 93312 | | Last Modified: | Oct 1 17:22:48 1999 |
| MD5 Checksum: | 9c1282556e93fd564da6d7918e5e3fdb |
|
| /// File Name: |
hacker.txt |
Description:
|
The Social Organization of the Computer Underground: The author's thesis for a master's degree in sociology
| | File Size: | 148104 | | Last Modified: | Oct 1 17:22:48 1999 |
| MD5 Checksum: | 57716ad30fbae4458022e1e6c454cb7b |
|
| /// File Name: |
hacker_society.txt |
Description:
|
Hacker Society Whitepaper - Rarely does the media explain the ethics, codes, rules and regulations that govern this mysterious society. A society that exists known solely amongst underground. A professional approach has not been taken in analysing this mysterious sub culture.
| | Author: | Gilbert Alaverdian | | File Size: | 22417 | | Last Modified: | Apr 18 18:26:21 2000 |
| MD5 Checksum: | 54d79d3a9903f99483b036f02bfd7768 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
