The !CVE Project is an initiative to track and identify security issues that are not acknowledged by vendors but still are important for the security community.
b048c73843bf5ec0efa0043743dba221a703c3a314b73dbc5a6b254795d5cb61
This package contains example vulnerable C programs. The best way to learn exploit coding is by doing it. Start your search with the index.html. There are examples of buffer overflows (stack and heap) and format string vulnerabilities. All examples are exploitable with a standard linux/x86 environment.
b4a6e4ad9e67fa0be8869334a9ea7b86a7d1712e80c47179e80a481dd08dbd3b
Structural Versus Operational Intrusion Detection - Intrusion Detection White Paper - short and basic, comments requested.
cfd5087f398936a2452254bff2bf5e88f99d40c2d03717f3d22bf3650b088a50
"Know Your Enemy: A Forensic Analysis". This paper is a continuation of the Know Your Enemy series. The first three papers covered the tools and tactics of the black-hat community. This paper, the fourth of the series, studies step by step a successful attack of a system. However, instead of focusing on the tools and tactics used, we will focus on how we learned what happened and pieced the information together. The purpose is to give you the forensic skills necessary to analyze and learn on your own the threats your organization faces.
709a59fc782615e033bd0631bccf540ce8f53460a2e328ac4dd4649f8becea8f
FAQ: Network Intrusion Detection Systems version 0.8.1 - (Updated Jan 17, 2000) This FAQ has lots of excellent info on IDS systems, with a good focus on how they work.
a7d2cec07495ad088bff2514dbfd692cb4e550d18cfaa7bd73b8f19635a6566a
Document detailing different types of backdoors.
20b21c30683776c1e4002fcb08efa59d52a202f7a8ed9a5ad008826abcb5202f
No information is available for this file.
1e501c4a91f74721c7a394653f3096293f33eef39fb7f2f16bba10fb903bc948
"Techniques Adopted by 'System Crackers' When Attempting To Break Into Corporate or Sensitive Private Networks." Whitepaper by Network Security Solutions, Ltd.
e7bb43a4c6aff93c7b4029e09e4460a1f88032f86d0b14f62e6ecf3bf7ee42af
No information is available for this file.
71ebade9decb1ed861e989815aba008a55a5c60f2419e2da03bca4861b49feac
No information is available for this file.
42d4485875c9b2f6fa5cb7e4b0d7fa7134d1d1a186cbdcc00fbde637f2cf9364
NOT the Orange Book - Guide to the Definition, Specification, Tasking, and Documentation for the Development of Secure Computer Systems -- Including Condensations of the Members of the Rainbow Series and Related Documents".
c6dff998576d157864f2223dd477431e1e887552832d7e05c17ef30e82ff227c
No information is available for this file.
4578d23914c6cbe803decb378ceef46d3b6f84b5a659559f38c299c3d6136bed
No information is available for this file.
ba2224fd89304f4130d0a087a7bcc1ce4546742df472e5f9bd59ae26f5213815
No information is available for this file.
8841b210f5bd95f83036351304c3f47e1ac22907879e22e972c74d34cccb90b9
Common System Intrusion Methods - An excellent whitepaper that describes the most common methods for gaining access to a target host.
f27379be90c80dafb4ccdd9b57f448f86823834e4f56aab2b4c7dee63c469c93
Know Your Enemy: The Attack of the Script Kiddie.
2de0c8fc61b6b8d355c54d853bd8752f9b629566b510e64d522afee7686c459d
The follow-up article to "Know Your Enemy: The Attack of the Script Kiddie", "Know your Enemy II" focuses on intelligence gathering, specifically how to determine what the enemy is doing by analyzing your system log files. Includes examples based on two of the most commonly used scanning tools on the Internet, sscan and nmap.
800df1fbd42d90b7f02443d2f98f5e69be0e2443c0c7b7ad52207739ff603491
Know Your Enemy III: They Gain Root - Third installment of the excellent "Know Your Enemy" series of security whitepapers by Lance Spitzner. This paper focuses on how systems are actually compromised, and what the "script kiddie" does to cover tracks and monitor your network. Includes system logs and keystroke history from an actual system compromise.
8b640e2a96d412ac5c7f6f2b4991c79cb30bccee19af997dc8741dac3e5d8cdf
"Hire A Hacker FAQ" - An excellent, and quite humorous, list of the issues that will invariably come up when people without previous experience in the hacker community try to hire a hacker. Excellent FAQ by Peter Seebach
c75cd4ac15bb256bc320c74150c127cfb09c48e30e68a4200f1cc8066e8f8a03
No information is available for this file.
383b4093dc5800892491ae10f98566b49dd7bca9b60348cd283a61cd445e9e8a
At one time or another, you may find it useful to have two machines with the same physical network address. This is how it is done.
b620a2d250dcb84679b355e85c47a69f4fdf7c005badeea64ef109b28578f22d
"How to Handle and Identify Network Probes" - "Do you know what to do when suspicious network probes are detected on your network? It's surprising, but many people do not follow common sense and simple logic when analyzing malicious network activity. Even worse, when contacting other organizations to complain, security incidents can be misrepresented because all of the facts are not in order, incorrect or even erroneous theories. This paper details a variety of steps that you can take to get the most effectiveness and accuracy from your intrusion detection system. It also concentrates on determining the who, what, why, where, when and how of any network security event so that you can accurately relay this information to others."
8056f5f6db5b5bbbe1618e8241afeacea7523abaf7f66cd4434327c687d8bff4
"How to Handle and Identify Network Probes" - "Do you know what to do when suspicious network probes are detected on your network? It's surprising, but many people do not follow common sense and simple logic when analyzing malicious network activity. Even worse, when contacting other organizations to complain, security incidents can be misrepresented because all of the facts are not in order, incorrect or even erroneous theories. This paper details a variety of steps that you can take to get the most effectiveness and accuracy from your intrusion detection system. It also concentrates on determining the who, what, why, where, when and how of any network security event so that you can accurately relay this information to others."
fb414ed56daf127bd1294a87bdccf553ac30fbc408b5323609313d20687c0b94
The rules of engagement: Testing the security of your enterprise - Very good basic checklist/description related to security assessments - the section on Attack Methodologies is good standard info. Short, but sweet.
b3ec6135b1a5d5f68d8e664fa434279a1b7dc9b91dcafecbe81bb6d373e7d463
Security Focus - This is definitely the most exciting news I've receivved in months. So what is "Security Focus"? In addition to being the new home for the BUGTRAQ mailing list, there will be about a dozen other security-related mailing lists / forums, a huge vulnerability database, products, services, books, papers, articles, tools, news, security resources, event calendars, and much, much more. Security Focus promises to be one hell of a resource.
a4e94fc2fb26cf33f193ceec92c3ef919429313df401426014630d3d30783950