Expert analysis
Red Hat 7.3 has been released
Red Hat, Inc. released Red Hat Linux version 7.3, a highly configurable OS designed for deployments ranging from games and personal productivity to file, print and web …
Upcoming security conferences in 2002
Conference: 14th Annual Computer Security Incident Handling Conference (FIRST 2002) Date: June 24-28, 2002 Place: Hilton Waikoloa Village, Hawaii URL: The FIRST conference …
Remote Timing Techniques
This paper describes remote timing techniques based on TCP/IP intrinsic operation and options. The techniques are used for careful observation of the TCP/IP data stream to …
Anti-Trojan and Trojan Detection with In-Kernel Digital Signature testing of Executables
This paper presents a somewhat compute expensive way to detect or deny the activity of Trojan or otherwise modified executable files that may have been tampered with in any …
Know Your Enemy: Passive Fingerprinting
This paper details how to passively learn about the enemy, without them knowing about it. Specifically, how to determine the operating system of a remote host using passive …
Know Your Enemy: Worms at War
See how worms probe for and compromise vulnerable Microsoft Windows systems. Based on the first Microsoft honeypot compromised in the Honeynet Project. Read the paper in HTML …
Know Your Enemy: Motives
This paper studies the motives and psychology of the black-hat community, in their own words. Read the paper in HTML format here.
Know Your Enemy: A Forensics Analysis
This paper studies step by step a successful attack of a system. However, instead of focusing on the tools and tactics used, we focus on our analysis techniques and how we …
Know Your Enemy: III
What happens after the script kiddie gains root. Specifically, how they cover their tracks while they monitor your system. The paper goes through step by step on a system that …
Know Your Enemy: II
How to determine what the enemy is doing by analyzing your system log files. Includes examples based on two commonly used scanning tools, sscan and nmap. Read the paper in …
Know Your Enemy
The tools and methodology of the most common black-hat threat on the Internet, the Script Kiddie. By understanding how they attack and what they are looking for, you can …
A guide to System V Init
So here we go again. After you have exorcised all of the daemons that were haunting your system, you might be interested in all of the boring processes that occur when booting …