Section: .. / papers / general /
| /// File Name: |
FiTechSummit_final_paper.pdf |
Description:
|
This presentation was given by the keynote speaker at the FiTech Summit 2005. It is entitled "How It's Difficult to Ruin a Good Name: An Analysis of Reputational Risk".
| | Author: | Kenneth F. Belva | | Homepage: | http://www.ftusecurity.com | | File Size: | 436192 | | Last Modified: | Sep 26 01:04:13 2005 |
| MD5 Checksum: | 5131f07bb7a4df687b2eb4106ce4c174 |
|
| /// File Name: |
security-policy.pdf |
Description:
|
This paper outlines the strategies and managing of the processes behind implementing a successful Security Policy. Additionally, it gives recommendations for the creation of a Security Awareness Program, where the main objective would be to provide a staff with a better understanding of the issues stated in a security policy.
| | Author: | Dancho Danchev | | Homepage: | http://www.windowsecurity.com/ | | File Size: | 556798 | | Last Modified: | Sep 20 02:38:36 2005 |
| MD5 Checksum: | b57d540352ef547932a99d43e16c848d |
|
| /// File Name: |
050819-securing-mac-os-x-tiger.pdf |
Description:
|
Corsaire (www.corsaire.com/white-papers/) has released a fully updated version of their guide to securing Mac OS X to cover the new security features offered by Mac OS X 10.4 Tiger (such as ACLs) as well as incorporating additional security guidelines that were omitted in the original (10.3) guide.
| | Author: | Stephen de Vries | | Homepage: | http://www.corsaire.com/white-papers/ | | File Size: | 751834 | | Last Modified: | Aug 26 00:55:07 2005 |
| MD5 Checksum: | 021cca9d23a8be3656a5f08e6bc300ec |
|
| /// File Name: |
OSFingerPrint.pdf |
Description:
|
Chatter on the Wire: A look at excessive network traffic and what it can mean to network security. This paper takes a look at past Active and Passive OS Fingerprinting tools and where to go with them in the future. It is primarily geared towards how to use passive OS identification to its greatest potential using every packet that flows across the network, not just tcp packets.
| | Author: | Eric Kollman aka xnih | | Homepage: | http://myweb.cableone.net/xnih | | File Size: | 271704 | | Last Modified: | Aug 9 04:57:09 2005 |
| MD5 Checksum: | 828d73dffef771e060631997bc7e87a4 |
|
| /// File Name: |
NTLMhttp.txt |
Description:
|
Interesting write up regarding the faulty logic of using NTLM HTTP authentication and how it does not mix well with HTTP proxies.
| | Author: | Amit Klein | | File Size: | 12286 | | Last Modified: | Jul 19 10:43:40 2005 |
| MD5 Checksum: | 0da67587751762cebd0c64d797eaf2ef |
|
| /// File Name: |
kernel-3.tbz |
Description:
|
Project Freedocs Volume 1 - A collection of tutorials regarding kernel programming.
| | Author: | Bugghy,Bugghy | | Homepage: | http://rootshell.be/~vaidab | | Changes: | Added more kernel related tutorials and tools. | | File Size: | 7595495 | | Last Modified: | May 22 14:47:08 2005 |
| MD5 Checksum: | 1b1f4c52eddd173f17806a73e96b2035 |
|
| /// File Name: |
blackmagic.txt |
Description:
|
Practical guide to advanced network attack and reconnaissance techniques using Python. Includes topics such as firewalking, port scanning, ARP poisoning, and DNS poisoning.
| | Author: | detach | | Homepage: | http://hackaholic.org/ | | File Size: | 35177 | | Last Modified: | Mar 29 00:14:10 2005 |
| MD5 Checksum: | 97334b9d53d7c7dff332a3214a16bd86 |
|
| /// File Name: |
WebApp_HTTPMod.pdf |
Description:
|
Web Application Defense At The Gates - Leveraging IHttpModule. Whitepaper describing how the IHttpModule that comes with the .Net framework can be used to man-in-the-middle HTTP transactions in order to help filter against input validation attacks.
| | Author: | Shreeraj Shah | | Homepage: | http://www.net-square.com/ | | File Size: | 199513 | | Last Modified: | Mar 25 00:04:18 2005 |
| MD5 Checksum: | 4b2e7e176a2fc54e80924b01621117e7 |
|
| /// File Name: |
NISR-AntiBruteForce.pdf |
Description:
|
Authentication processes in web-based applications are frequently vulnerable to automated brute force guessing attacks. Whilst commonly proposed solutions make use of escalating time delays and minimum lockout threshold strategies, these tend to prove ineffectual in real attacks and may actually promote additional attack vectors. Resource metering through client-side computationally intensive "electronic payments" can provide an alternative strategy in defending against brute force guessing attacks. This whitepaper discusses how such a solution works and the security advantages it can bring.
| | Author: | Gunter Ollmann | | Homepage: | http://www.nextgenss.com/ | | File Size: | 489812 | | Last Modified: | Mar 22 10:46:18 2005 |
| MD5 Checksum: | 0b4494791f61ecd4804eee34f97360b8 |
|
| /// File Name: |
botnet.tgz |
Description:
|
KYE: Tracking Bots. A whitepaper produced by the German Honeynet Project that looks at the individuals and organization that run botnets.
| | Homepage: | http://www.honeynet.org/ | | File Size: | 50375 | | Last Modified: | Mar 17 02:22:27 2005 |
| MD5 Checksum: | 00408e62b61746075b189692d8332ac7 |
|
| /// File Name: |
022805.txt |
Description:
|
This paper describes several techniques for exposing file contents using the site search functionality. It is assumed that a site contains documents which are not visible/accessible to external users. Such documents are typically future PR items, or future security advisories, uploaded to the website beforehand. However, the site is also searchable via an internal search facility, which does have access to those documents, and as such, they are indexed by it not via web crawling, but rather, via direct access to the files. Therein lies the security breach.
| | Author: | Amit Klein | | Homepage: | http://webappsec.org/ | | File Size: | 25702 | | Last Modified: | Feb 28 19:15:11 2005 |
| MD5 Checksum: | 87eb98b564a55d22d12c7b83e9641965 |
|
| /// File Name: |
WebApp_Footprints_Disco.pdf |
Description:
|
White paper discussing web application footprints and discovery methodology for web servers hosting multiple web applications.
| | Author: | Shreeraj Shah | | Homepage: | http://www.net-square.com/ | | File Size: | 176061 | | Last Modified: | Feb 22 22:08:59 2005 |
| MD5 Checksum: | 82336e368c3d8dab95146586a8ffda39 |
|
| /// File Name: |
WIPv011.tgz |
Description:
|
Whitepaper giving an overview of a security assessment against Windows NT machines when penetration testing. Provides insight from both attacker and administrative perspectives.
| | Author: | Adrian Pastor aka pagvac | | File Size: | 740406 | | Last Modified: | Jan 26 23:29:09 2005 |
| MD5 Checksum: | 6c638d17610ae47a614b8c4765cfc7b1 |
|
| /// File Name: |
votehack.txt |
Description:
|
Article about evidence mounting that the vote was hacked. The FBI has been called in to Florida.
| | Author: | Thom Hartmann | | Homepage: | http://CommonDreams.org | | File Size: | 14240 | | Last Modified: | Nov 10 01:49:51 2004 |
| MD5 Checksum: | 2c398b6336f2e2e0d98f62a2048297f1 |
|
| /// File Name: |
blackbox.txt |
Description:
|
Freedom of Information requests at http://www.blackboxvoting.org have unearthed two Ciber certification reports indicating that security and tamperability was NOT TESTED and that several state elections directors, a secretary of state, and computer consultant Dr. Britain Williams signed off on the report anyway, certifying it.
| | Homepage: | http://www.blackboxvoting.org/ | | File Size: | 34214 | | Last Modified: | Nov 10 01:41:32 2004 |
| MD5 Checksum: | 5285a64d546396feed26c988ae5debc3 |
|
| /// File Name: |
2004_11.txt |
Description:
|
Electronic Frontier Foundation Media Release - Presidential Votes Miscast on E-voting Machines Across the Country. Voters from at least half a dozen states reported that touch-screen voting machines had incorrectly recorded their choices, including for president.
| | Author: | Cindy Cohn,Matt Zimmerman | | Homepage: | http://www.eff.org/news/archives/2004_11.php#002062 | | File Size: | 3620 | | Last Modified: | Nov 4 22:43:21 2004 |
| MD5 Checksum: | 801f5c3f4e63747cba6eb681b9c7e8f4 |
|
| /// File Name: |
evilBushLovingMachines.txt |
Description:
|
Apparently some voting machines in New Mexico have decided to pick the opposite candidate of the ones early voters are choosing. More proof that electronic voting systems cannot be used in such an infant stage.
| | Author: | Jim Ludwick | | Homepage: | http://abqjournal.com/elex/246845elex10-22-04.htm | | File Size: | 5000 | | Last Modified: | Oct 27 00:32:07 2004 |
| MD5 Checksum: | 4bab988931293345f41299af59140d96 |
|
| /// File Name: |
Complete_Spyware_Whitepaper.pdf |
Description:
|
This is a fairly light-weight introduction to what spyware is, what it does, and how to detect/block it. Mostly, it refers to other tools rather than giving any new info, but it does have a reasonable overview of different tools.
| | Author: | Jonathan Read | | Homepage: | http://www.anti-trojan.org | | File Size: | 31599 | | Last Modified: | Oct 24 16:36:43 2004 |
| MD5 Checksum: | e18b31695e0d8689709e3ea4c42d5240 |
|
| /// File Name: |
asm-1.tbz |
Description:
|
Project Freedocs Volume 4 - A collection of tutorials regarding asm programming.
| | Author: | Bugghy | | Homepage: | http://vaida.bogdan.googlepages.com/ | | File Size: | 876790 | | Last Modified: | Sep 9 04:11:55 2004 |
| MD5 Checksum: | 36dbbc1321d22b50c15c4c125e5e506a |
|
| /// File Name: |
kernel-1.tbz |
Description:
|
Project Freedocs Volume 1 - A collection of tutorials regarding kernel programming.
| | Author: | Bugghy | | Homepage: | http://vaida.bogdan.googlepages.com/ | | File Size: | 13051902 | | Last Modified: | Sep 9 04:10:02 2004 |
| MD5 Checksum: | 4a12608dde411e4a41050e00821dcc61 |
|
| /// File Name: |
exploits-1.tbz |
Description:
|
Project Freedocs Volume 2 - A collection of tutorials regarding exploit programming.
| | Author: | Bugghy | | Homepage: | http://vaida.bogdan.googlepages.com/ | | File Size: | 2716757 | | Last Modified: | Sep 9 04:09:10 2004 |
| MD5 Checksum: | b8f9b25d88c0e4e0d06263221a540306 |
|
| /// File Name: |
elf-1.tbz |
Description:
|
Project Freedocs Volume 3 - A collection of tutorials regarding elf programming.
| | Author: | Bugghy | | Homepage: | http://vaida.bogdan.googlepages.com/ | | File Size: | 650891 | | Last Modified: | Sep 9 04:05:32 2004 |
| MD5 Checksum: | 1e8c74bcb9a66fd9d469b5f26afa165e |
|
| /// File Name: |
timesync.html |
Description:
|
White paper discussing the fact that many modern networks are extremely dependant on a centralized time resource and the negative aspects of a network not having one.
| | Author: | 3APA3A | | Homepage: | http://www.security.nnov.ru/advisories/timesync.asp | | File Size: | 22180 | | Last Modified: | Aug 20 03:54:26 2004 |
| MD5 Checksum: | b4fcd8bce74ebb05e8db85ae5c200d7c |
|
| /// File Name: |
sthuy_article_openvpn_29940810.B.zi..> |
Description:
|
This whitepaper discusses OpenVPN as a free, secure, and easy to use and configure SSL-Based VPN solution. It offers various scenarios of use.
| | Author: | Stijn Huyghe | | File Size: | 1646498 | | Last Modified: | Aug 13 11:10:26 2004 |
| MD5 Checksum: | bd0687e11edb3c819cbc5613c99044bc |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
