exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files from Ofir Arkin

Email addressofir at sys-security.com
First Active2000-07-02
Last Active2006-09-26
Bypassing_NAC_Solutions_Whitepaper.pdf
Posted Sep 26, 2006
Authored by Ofir Arkin | Site insightix.com

Bypassing network access control (NAC) systems - This whitepaper examines the different strategies used to provide network access controls. The flaws associated with the different network access control (NAC) solutions are also presented. These flaws allow the complete bypass of each and every NAC mechanism currently offered on the market.

tags | paper
SHA-256 | 7dc8e38caef9108f721a21493544a4ba21ddafddf32210c7962320556e319394
xprobe2-0.3.tar.gz
Posted Aug 5, 2005
Authored by Ofir Arkin, Fyodor Yarochkin, Meder Kydyraliev | Site prdownloads.sourceforge.net

Xprobe2 is a remote active OS fingerprinting tool which uses advanced techniques such as fuzzy logic.

Changes: New application-based OS fingerprinting modules (SMB, SNMP). Several bug fixes (i.e. pcap sniffing).
tags | remote
systems | unix
SHA-256 | 12a9d0a2f38da8bb74c9e1cd96b2019802632cf55f8948384aafd417bb79a164
xprobe2-0.2.2.tar.gz
Posted Feb 18, 2005
Authored by Ofir Arkin, Fyodor Yarochkin, Meder Kydyraliev | Site prdownloads.sourceforge.net

Xprobe2 0.2.2 is a remote active OS fingerprinting tool which uses advanced techniques such as fuzzy logic.

tags | remote
systems | unix
SHA-256 | bfe28acfadb1c41490347ff80010ed5272e944a5815887a49a8c7804009fd2f5
xprobe2-0.2.1.tar.gz
Posted Dec 31, 2004
Authored by Ofir Arkin, Fyodor Yarochkin, Meder Kydyraliev | Site sys-security.com

Xprobe2 is a remote active operating system fingerprinting tool. Xprobe2 uses advanced techniques, such as the usage of fuzzy logic to match fingerprinting results with the tool's signature database and unique fingerprinting methods to provide accurate results.

Changes: A number of bugs have been fixed and more features have been introduced.
tags | tool, remote, scanner
systems | unix
SHA-256 | a7c860e4e8a3594085cb1bdd36e217130c0b305b4b86ba63af7e86675be16fc9
xprobe2-0.2rc1.tar.gz
Posted Aug 12, 2003
Authored by Ofir Arkin, Fyodor Yarochkin | Site sys-security.com

Xprobe2 is a fuzzy remote OS fingerprinting tool with functionality that is heavily based on Xprobe, but also uses other OS fingerprinting techniques.

tags | tool, remote, scanner
systems | unix
SHA-256 | 39ae8f922b7ad534dc831806dfe878af00f52f8ad85783f7631269f2cfe573b5
atstake_etherleak_report.pdf
Posted Jan 6, 2003
Authored by Ofir Arkin | Site atstake.com

Multiple platforms ethernet Network Interface Card (NIC) device drivers incorrectly handle frame padding, allowing an attacker to view slices of previously transmitted packets or portions of kernel memory due to poor programming practices. Several implementation methods are discussed in this white paper.

tags | kernel
SHA-256 | daec269b3fe04ddf8ce145fdfc529beb7cb202da14e9fcd184457b800d6f711d
Atstake Security Advisory 03-01-06.1
Posted Jan 6, 2003
Authored by Ofir Arkin, Atstake | Site atstake.com

Atstake Security Advisory A010603-1 - Multiple platform ethernet Network Interface Card (NIC) device drivers incorrectly handle frame padding, allowing an attacker to view slices of previously transmitted packets or portions of kernel memory. This vulnerability is the result of incorrect implementations of RFC requirements and poor programming practices, the combination of which results in several variations of this information leakage vulnerability. The simplest method to implement this attack is to send ICMP packets and watch for kernel memory in the replies. PDF report on this issue available here.

tags | kernel
SHA-256 | 08e892f8893b2271d8dd4a438785fa2838ad83e1bafff8e9b8f1aa5864ceb555
SecurityIPTelephonyNetworks.pdf
Posted Nov 25, 2002
Authored by Ofir Arkin

IP Telephony based networks, which might be a core part of our Telephony infrastructure in the near future, introduce caveats and security concerns which traditional telephony based networks do not have to deal with, have long forgotten about, or have learned to cope with. The security risk is usually overshadowed by the technological hype and the way IP Telephony equipment manufacturers push the technology to the masses. This paper highlights the different security risk factors with IP Telephony based networks.

tags | paper
SHA-256 | 10fdc19e837a48d2132e421740f1be97f5a4b7f2e8d40525080b86f72461e49f
The_Trivial_Cisco_IP_Phones_Compromise.pdf
Posted Sep 21, 2002
Authored by Ofir Arkin | Site sys-security.com

The Cisco SIP-based IP Phone 7960 contains severe vulnerabilities which allow complete control of a user's credentials; total subversion of a user's settings for the IP Telephony network, and the ability to subvert the entire IP Telephony environment. Malicious access to a user's credentials enables "Call Hijacking", "Registration Hijacking", "Call Tracking", and other voice related attacks.

tags | vulnerability
systems | cisco
SHA-256 | 775d0f76b0e61116c24faadb64e4e6d7c65c070d2fdff3244d75ff800336571f
ICMP_Scanning_v3.0.zip
Posted Jun 5, 2001
Authored by Ofir Arkin | Site sys-security.com

ICMP Usage in Scanning v3.0 - This paper outlines what can be done with the ICMP protocol regarding scanning. Although it may seem harmless at first glance, this paper includes details on plain Host Detection techniques, Advanced Host Detection techniques, Inverse Mapping, Trace routing, OS fingerprinting methods with ICMP, and which ICMP traffic should be filtered on a Filtering Device.

Changes: Version 3.0 introduces significant changes made to the text. Includes some host based security measures available with Linux based on Kernel 2.4.x and with Sun Solaris 8 and a snort rule base for dealing with the ICMP tricks illustrated within the text.
tags | paper, protocol
SHA-256 | 75cc3f1aca7052c3ce41ac23e57dd34c03d0762e2b433480c810bfd580de6b74
ICMP_Scanning_v2.5.pdf
Posted Dec 23, 2000
Authored by Ofir Arkin | Site sys-security.com

ICMP Usage in Scanning v2.5 - This paper outlines what can be done with the ICMP protocol regarding scanning. Although it may seem harmless at first glance, this paper includes details on plain Host Detection techniques, Advanced Host Detection techniques, Inverse Mapping, Trace routing, OS fingerprinting methods with ICMP, and which ICMP traffic should be filtered on a Filtering Device.

Changes: This version introduces a few new OS fingerprinting methods, some of which use ICMP error messages, allowing a remote OS fingerprint even if all the ports are closed. Also a lot of information on ICMP error messages has been added. Also added some snort rules.
tags | paper, protocol
SHA-256 | f24d4c556d3ee9ffcb8171a788a947a60fbd2ff30a032eb88fe0fcf710c8c75f
Unverified_Fields_1.0.pdf
Posted Oct 15, 2000
Authored by Ofir Arkin | Site sys-security.com

The following problem (as discussed in this paper) has not yet been identified. Certain firewalls today, will not authenticate the validity of certain protocol fields within the packet they are processing. The risk is exposure of information, mainly unique patterns of behavior produced by the probed machines answering our crafted queries. Those patterns will help a malicious computer attacker to identify the operating systems in use. Postscript version available here.

tags | paper, protocol
SHA-256 | 01f95aa24a6313bdb216740349840e313f3e263f418774043ced01d6a4d91d56
ICMP_Scanning_v2.01.pdf
Posted Sep 13, 2000
Authored by Ofir Arkin | Site sys-security.com

ICMP Usage in Scanning v2.01 - This paper outlines what can be done with the ICMP protocol regarding scanning. The paper deals with plain Host Detection techniques, Advanced Host Detection techniques, Inverse Mapping, Trace routing, OS fingerprinting methods with ICMP, and which ICMP traffic should be filtered on a Filtering Device.

Changes: Quite a large number of new OS fingerprinting methods using ICMP, which I have discovered are introduced with this revision. Among those methods, some can be used in order to identify Microsoft Windows 2000 machines; One would allow us to distinguish between Microsoft Windows operating system machines and the rest of the world; Another would allow us to distinguish between SUN Solaris machines and the rest of the world. More methods are introduced in the paper.
tags | paper, protocol
SHA-256 | 1ff9c1a751e358458994c2d61f241f21e90f086d7913e3155237dfdc53b0edab
trojan_list.txt
Posted Sep 13, 2000
Authored by Ofir Arkin | Site sys-security.com

This is a list of the ports which trojans run on. Updated Aug 2000, lists 350 trojans and thier default port. Newest version of this list available here. Archive password is set to p4ssw0rd. Use at your own risk.

tags | trojan
SHA-256 | 3e1809812271d23eb04ede26e54c8aa3db1ba2160ff2c809ca459101541ee74a
windows2000.fingerprint.txt
Posted Aug 16, 2000
Authored by Ofir Arkin | Site sys-security.com

Windows 2000 machines can reliably be identified remotely because they do not correctly respond to ICMP query messages with a nonstandard Type-of-Service value.

tags | paper
systems | windows
SHA-256 | 47afc4eb164d7d4d223a0ea4749e7ca0101efeb95f9269d96b699b461e1f7355
ICMP_Scanning.pdf
Posted Jul 2, 2000
Authored by Ofir Arkin | Site sys-security.com

ICMP Usage in Scanning - The Internet Control Message Protocol is one of the most complex protocols in the TCP/IP protocol suite regarding its security hazards. This paper gives very in depth information, including discussion of all the ICMP types, ICMP sweeps, host detection using ICMP error messages, ACL detection, Inverse mapping, OS fingerprinting, filtering ICMP, and much more.

tags | paper, tcp, protocol
SHA-256 | cba2c555ea2ff70406bd3779943851977291fe2773d03df8d43d252019598a28
Page 1 of 1
Back1Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close