seeing is believing
Showing 1 - 25 of 51 RSS Feed

Files

TLS / SSLv3 Vulnerability Whitepaper
Posted Dec 1, 2009
Authored by Thierry Zoller

This paper explains the TLS / SSLv3 vulnerability for a broader audience and summarizes the information that is currently available. This is an update to the original release.

Changes: Added FTPS analysis, new attacks against HTTPS (injecting responses and downgrading to HTTP).
tags | paper, protocol
MD5 | c5beb910e8fe191ec7d383166a44716c
TLS / SSLv3 Vulnerability Explained
Posted Nov 18, 2009
Authored by Thierry Zoller

This paper explains the TLS / SSLv3 vulnerability for a broader audience and summarizes the information that is currently available.

tags | paper, protocol
MD5 | 8c7187ef4886ebc3a72ea1e852e95794
Covert TCP/IP Network Channels Using Whitenoise Protocol
Posted Oct 5, 2009
Authored by Michal Rogala | Site michalrogala.com

Whitepaper called Covert TCP/IP Network Channels Using Whitenoise Protocol.

tags | paper, tcp, protocol
MD5 | e6bb7832d41723e763bd717dfaec0c82
dns-writeup.txt
Posted Jul 23, 2008
Authored by Monsieur Aglie

Interesting write up discussing DNS cache poisoning then and now.

tags | paper, protocol
MD5 | a0d975e9261838a800c2ee206625f579
protocolhopping.txt
Posted Nov 14, 2007
Authored by Steffen Wendzel | Site wendzel.de

Whitepaper titled Protocol Hopping Covert Channels - Protocol Hopping Covert Channels (PHCC) are a way to realize covert channels that switch between different protocols while a covert channel is established. PHCCs even can use a randomized protocol order and a mixed packet order to transfer packets what makes them hard to detect.

tags | paper, protocol
MD5 | 5d320776e626989ea1b25f67aac58b25
WAFUTFF.pdf
Posted Sep 5, 2007
Authored by Tim Brown | Site nth-dimension.org.uk

Whitepaper entitled "Writing a fuzzer using the Fuzzled framework". The paper includes some of the techniques used to dismantle protocols including documentation, observation and static analysis.

tags | paper, protocol, fuzzer
MD5 | add66aa7259bcf872fdab3c30ab0c06d
Insecurities_in_AoE.pdf
Posted Oct 3, 2006
Authored by Morgan Marquis-Boire | Site security-assessment.com

ATA over Ethernet (AoE) is an open standards based protocol that allows direct network access to disk drives by client hosts. This paper investigates the insecurities present in the ATA over Ethernet (AoE) protocol and presents some attacks that exploit various vulnerabilities in the protocol.

tags | paper, vulnerability, protocol
MD5 | 88b59f8845764d6106e7c2427f76b9c8
SFTPtutorial.html
Posted Mar 29, 2005
Authored by John K. Norden

Whitepaper discussing the use and setup of SFTP in the business place.

tags | paper, protocol
MD5 | 8126602bfbde02e90f2613928dbd6078
SlippingInTheWindow_v1.0.doc
Posted Apr 23, 2004
Authored by Paul A. Watson | Site terrorist.net

Full whitepaper by Paul (Tony) Watson entitled Slipping in the Window: TCP Reset Attacks.

tags | paper, tcp, protocol
advisories | CVE-2004-0230
MD5 | b26f786303bd4a9d222a70a397a82501
SlippingInTheWindow_v1.0.ppt
Posted Apr 23, 2004
Authored by Paul A. Watson | Site terrorist.net

Powerpoint presentation by Paul (Tony) Watson entitled Slipping in the Window: TCP Reset Attacks. This presentation was original given at CanSecWest 2004.

tags | paper, tcp, protocol
advisories | CVE-2004-0230
MD5 | a1b0b84aa9945d244882a533e78ee295
UKdnsTest.txt
Posted Oct 16, 2003
Authored by STE Jones | Site NetworkPenetration.com

Network Penetration conducted a survey at the start of 2003 to check the status of the United Kingdom's DNS infrastructure. This paper discusses the second run of what was tested, the results, some sample zone transfers, and recommendations.

tags | paper, protocol
MD5 | 7841d7b80b30c00c25fb3d7f0498b3fb
SMB-RSVP.txt
Posted Aug 13, 2003
Authored by STE Jones | Site networkpenetration.com

Paper discussing how the Resource reSerVation Protocol (RSVP) is used within the Subnet Bandwidth Management protocol (RFC 2814) and is vulnerable to allowing a rogue host to hijack control of a server via the use of priority assignment.

tags | paper, protocol
MD5 | 8ba022f0018a7724e3cbbb169de22180
covert_paper.txt
Posted Jun 21, 2003
Authored by Simon Castro, Alex Dyatlov | Site gray-world.net

Exploitation of data streams authorized by a network access control system for arbitrary data transfers: tunneling and covert channels over the HTTP protocol.

tags | paper, web, arbitrary, protocol
MD5 | 4536af34036f3ee2b3439ad7b5e85b8b
UDPRemoteControls.txt
Posted Apr 6, 2003
Authored by Angelo Rosiello, rosiello

This paper illustrates how to control server with the UDP protocol. It covers UDP basics, how to spoof datagrams, and gives full source code with explanations. This paper can be used in conjunction with the udp-remote-final.tar.gz package.

tags | paper, remote, udp, spoof, protocol
MD5 | 2f58a7be9b71e80ca6a744a64e0a5e55
newtcp.htm
Posted Sep 11, 2002
Authored by Michal Zalewski | Site lcamtuf.coredump.cx

Strange Attractors and TCP/IP Sequence Number Analysis - One Year Later. Includes cool 3D pictures of the sequence number distribution for several OS's and analyzes the predictability of each. Many OS's have very predictable sequence numbers, allowing non encrypted connections to be spoofed and enabling protocol attacks against encrypted connections.

tags | paper, spoof, tcp, protocol
MD5 | 010445ebec5632199f8b278f617c32ce
routing.pdf
Posted Jul 21, 2001
Authored by FX | Site phenoelit.de

Slides for FX's talk at Defcon 2001 on attacking routing protocols.

tags | paper, protocol
MD5 | 19dd51ca67fffec971b4c19caeb2e365
ICMP_Scanning_v3.0.zip
Posted Jun 5, 2001
Authored by Ofir Arkin | Site sys-security.com

ICMP Usage in Scanning v3.0 - This paper outlines what can be done with the ICMP protocol regarding scanning. Although it may seem harmless at first glance, this paper includes details on plain Host Detection techniques, Advanced Host Detection techniques, Inverse Mapping, Trace routing, OS fingerprinting methods with ICMP, and which ICMP traffic should be filtered on a Filtering Device.

Changes: Version 3.0 introduces significant changes made to the text. Includes some host based security measures available with Linux based on Kernel 2.4.x and with Sun Solaris 8 and a snort rule base for dealing with the ICMP tricks illustrated within the text.
tags | paper, protocol
MD5 | f60a05e7802e4364c022896d78730665
intro_to_arp_spoofing.pdf
Posted Apr 30, 2001
Authored by Sean Whalen

Introduction to Arp Spoofing, a method of exploiting the interaction between IP and Ethernet protocols. Includes discussion of switched sniffing, man in the middle attacks, hijacking, cloning, poisoning and more. Describes the operation of ARPoison, Ettercap, and Parasite.

tags | paper, spoof, protocol
MD5 | d6e4ccb58a50fb399854112178df5955
OW-003-ssh-traffic-analysis.txt
Posted Mar 19, 2001
Authored by Solar Designer | Site openwall.com

Openwall Advisory - Passive Analysis of SSH Traffic. This advisory demonstrates several weaknesses in implementations of SSH protocols. When exploited, they let the attacker obtain sensitive information by passively monitoring encrypted SSH sessions. The information can later be used to speed up brute-force attacks on passwords, including the initial login password and other passwords appearing in interactive SSH sessions, such as those used with su(1) and Cisco IOS "enable" passwords. All attacks described in this advisory require the ability to monitor (sniff) network traffic between one or more SSH servers and clients.

tags | paper, protocol
systems | cisco
MD5 | a6971bfa7f65f86bca364b3a8b03a734
passive.pdf
Posted Jan 18, 2001
Authored by Jose Nazario | Site crimelabs.net

Passive System Fingerprinting using Network Client Applications - Passive target fingerprinting involves the utilization of network traffic between two hosts by a third system to identify the types of systems being used. Because no data is sent to either system by the monitoring party, detection approaches the impossible. Methods which rely solely on the IP options present in normal traffic are limited in the accuracy about the targets. Further inspection is also needed to determine avenues of vulnerability, as well. We describe a method to rapidly identify target operating systems and version, as well as vectors of attack, based on data sent by client applications. While simplistic, it is robust. The accuracy of this method is also quite high in most cases. Four methods of fingerprinting a system are presented, with sample data provided.

tags | paper, protocol
MD5 | b224cd7181e63bc377c194bc105fe9c7
host-detection.doc
Posted Jan 15, 2001
Authored by synnergy, Dethy | Site synnergy.net

Advanced Host Detection - Techniques To Validate Host-Connectivity. Security Engineers spend a tireless amount of effort to block and filter packet anomalies in an internetwork connected environment. Advanced host mapping bypasses many forms of intrusion detection systems, filters, and routers, essentially enabling an attacker to map and discover previously unknown firewalled hosts. Also available in TXT form.

tags | paper, protocol
MD5 | 938010bc0d9b99eb9b35830b0f7a13e7
host-detection.pdf
Posted Jan 15, 2001
Authored by synnergy, Dethy | Site synnergy.net

Advanced Host Detection - Techniques To Validate Host-Connectivity. (PDF) Security Engineers spend a tireless amount of effort to block and filter packet anomalies in an internetwork connected environment. Advanced host mapping bypasses many forms of intrusion detection systems, filters, and routers, essentially enabling an attacker to map and discover previously unknown firewalled hosts. Also available in DOC form.

tags | paper, protocol
MD5 | 2866b8e06c2e023af6d2353b6ac6c628
host-detection.txt
Posted Jan 15, 2001
Authored by synnergy, Dethy | Site synnergy.net

Advanced Host Detection - Techniques To Validate Host-Connectivity. Security Engineers spend a tireless amount of effort to block and filter packet anomalies in an internetwork connected environment. Advanced host mapping bypasses many forms of intrusion detection systems, filters, and routers, essentially enabling an attacker to map and discover previously unknown firewalled hosts. Also available in DOC form.

tags | paper, protocol
MD5 | 29e1aa57dd7594aeb700b3e563f4579a
analisis-remoto-de-sistemas.txt
Posted Jan 13, 2001
Authored by Honoriak

Port Scanning and OS Fingerprinting - In Spanish.

tags | paper, protocol
MD5 | b4d894cbc192bce67cd91bc869bb0807
gre.pdf.gz
Posted Dec 23, 2000
Authored by FX | Site phenoelit.de

This paper describes a possible way to attack hosts with RFC1918 IP addresses behind GRE Tunnels over the Internet.

tags | paper, protocol
MD5 | 74238e97542ad3e67f91ef9f872afd20
Page 1 of 3
Back123Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Even Pokemon Go Was Used By Russia To Meddle In The Election
Posted Oct 13, 2017

tags | headline, government, usa, russia, cyberwar
US Voices Frustration With Warrant-Proof Encryption
Posted Oct 13, 2017

tags | headline, government, privacy, usa, cryptography
An Unknown Hacker Stole Sensitive Data On Australia's War Planes
Posted Oct 13, 2017

tags | headline, hacker, government, australia, data loss, cyberwar
Legacy Office Feature Used In Novel Document Attacks
Posted Oct 13, 2017

tags | headline, hacker, malware, microsoft, flaw
Equifax Rival TransUnion Also Sends Site Visitors To Malicious Pages
Posted Oct 12, 2017

tags | headline, malware
The Myth Of Responsible Encryption: Experts Say It Can't Work
Posted Oct 12, 2017

tags | headline, government, backdoor, cryptography
Equifax Removes Webpage After Malware Issue
Posted Oct 12, 2017

tags | headline, malware, fraud, flaw, adobe
Malware Checks Into Hyatt Hotels Again
Posted Oct 12, 2017

tags | headline, privacy, malware, bank, cybercrime, data loss, fraud
Rick And Morty Episode? Nope, Another CoinMiner
Posted Oct 12, 2017

tags | headline, fraud, cryptography
Judge Says US Government Has No Right To Rummage Through Anti-Trump Protest Website Logs
Posted Oct 12, 2017

tags | headline, government, privacy, usa, fraud
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close