Real Name | Steffen Wendzel |
---|---|
Email address | private |
Website | www.wendzel.de |
First Active | 2003-12-06 |
Last Active | 2008-05-01 |
AstroCam versions 2.5.0 through 2.7.3 suffer from a cross site scripting vulnerability.
f0d70dc471b487e095c1c1b658f70d9feacc28f774495582874721a4dffe478d
phcct (protocol hopping covert channel tool) is a tiny and basic proof of concept implementation of a protocol hopping covert channel.
fa2070ea1a9984526ed0db20a7b0bcaa4c0c972d18a7c5e8f3f227e8d2ac4866
Whitepaper titled Protocol Hopping Covert Channels - Protocol Hopping Covert Channels (PHCC) are a way to realize covert channels that switch between different protocols while a covert channel is established. PHCCs even can use a randomized protocol order and a mixed packet order to transfer packets what makes them hard to detect.
5e860930cb5e0a371339c0311a86cb658c505870ba95e5089106907f07b049f8
VSTT is a multi-protocol tunneling tool. It accepts input by TCP stream sockets and FIFOs, and can send data via TCP, POP3, and ICMP tunneling.
906cf187f8625fe4338d2fff5566de082b124c6eb209039b666449da2d70187f
fupids2 is a so-called human oriented IDS based on the FUPIDS project. fupids2 calculates an attacker level for every user on all Unix/Linux/BSD systems in the network. It looks at the behavior of the user (the programs the user uses, the daytime the user is active, the building and room the user uses, the part of the room in which the user sits, and so on) and reports if the user engages in behavior that is unusual for that person. This method can often detect accounts overtaken by attackers.
7b09b1d8cf07ed76ec812c3b36cc8b257ecad914ca8417aef1f660b97f2314cb
fupids (the fuzzy userprofile intrusion detection system) is a user-profile based IDS for the OpenBSD kernel. It modifies certain syscalls in order to detect suspicious behavior. For example, it watches for network devices being set to promiscuous mode, and it watches for the creation of listen() sockets by users. fupids also handles a program profile for your local users, and it can find attackers who overtake existing accounts.
4e9cc0678668210a8cf5cdfdd6a784ddc84e0d69450b7fb0433efd8453efd073