Expert analysis
Simplicity and Awareness – Keys to Network Security
Few people believe that maintaining a sound network security posture is easy. Those who do are deluding themselves, unless they practice two fundamental tenets of security: …
Red Hat 7.3 has been released
Red Hat, Inc. released Red Hat Linux version 7.3, a highly configurable OS designed for deployments ranging from games and personal productivity to file, print and web …
Upcoming security conferences in 2002
Conference: 14th Annual Computer Security Incident Handling Conference (FIRST 2002) Date: June 24-28, 2002 Place: Hilton Waikoloa Village, Hawaii URL: The FIRST conference …
Remote Timing Techniques
This paper describes remote timing techniques based on TCP/IP intrinsic operation and options. The techniques are used for careful observation of the TCP/IP data stream to …
Anti-Trojan and Trojan Detection with In-Kernel Digital Signature testing of Executables
This paper presents a somewhat compute expensive way to detect or deny the activity of Trojan or otherwise modified executable files that may have been tampered with in any …
Know Your Enemy: Passive Fingerprinting
This paper details how to passively learn about the enemy, without them knowing about it. Specifically, how to determine the operating system of a remote host using passive …
Know Your Enemy: Worms at War
See how worms probe for and compromise vulnerable Microsoft Windows systems. Based on the first Microsoft honeypot compromised in the Honeynet Project. Read the paper in HTML …
Know Your Enemy: Motives
This paper studies the motives and psychology of the black-hat community, in their own words. Read the paper in HTML format here.
Know Your Enemy: A Forensics Analysis
This paper studies step by step a successful attack of a system. However, instead of focusing on the tools and tactics used, we focus on our analysis techniques and how we …
Know Your Enemy: III
What happens after the script kiddie gains root. Specifically, how they cover their tracks while they monitor your system. The paper goes through step by step on a system that …
Know Your Enemy: II
How to determine what the enemy is doing by analyzing your system log files. Includes examples based on two commonly used scanning tools, sscan and nmap. Read the paper in …
Know Your Enemy
The tools and methodology of the most common black-hat threat on the Internet, the Script Kiddie. By understanding how they attack and what they are looking for, you can …