Archive | Countermeasures


16 May 2006 | 7,488 views

Browser Security Test – Check Your Browser NOW!

I know this is old, but a lot of people still don’t know about it. It can test for up to date Mozilla, Opera and Internet Explorer flaws, exploits and vulnerabilities. Browser vulnerabilities are a serious issue now. You can see which vulnerabilities they test for here and the statistics of the tests results here. [...]

Continue Reading


15 May 2006 | 7,636 views

OSSEC HIDS – Open Source Host-based Intrusion System

OSSEC HIDS is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, rootkit detection, time-based alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, Solaris and Windows. This is the first version offering native support for Windows (XP/2000/2003). It includes as well a new set of [...]

Continue Reading


19 April 2006 | 38,980 views

Good Password Guidelines – How to Make a Strong/Secure Password

It’s common sense for most people on the hacking side of computer security as we know how easy it is to break a password when it’s only a few characters long or it uses a dictionary word (even if it is postfixed with a couple of digits, a hybrid dictionary attack breaks it pretty fast). [...]

Continue Reading


05 April 2006 | 119,046 views

AJAX: Is your application secure enough?

Introduction We see it all around us, recently. Web applications get niftier by the day by utilising the various new techniques recently introduced in a few web-browsers, like I.E. and Firefox. One of those new techniques involves using Javascript. More specifically, the XmlHttpRequest-class, or object. Webmail applications use it to quickly update the list of [...]

Continue Reading


27 March 2006 | 8,297 views

Sealing Wafter – Defend Against OS Fingerprinting for OpenBSD

One way to defend against OS fingerprinting from tools such as nmap, queso, p0f, xprobe etc is to change the metrics that they base their analysis on. One way to do this with OpenBSD is to use Sealing Wafter. Goals of Sealing Wafter: 1. To reduce OS detection based on well known fingerprints network stack [...]

Continue Reading


18 March 2006 | 12,169 views

Security Cloak – Mask Against TCP/IP Fingerprinting for Windows

I’ve seen quite a lot of discussion lately on how to ‘defend against nmap’ or how to change the properties of your TCP/IP Stack so your Windows OS appears to be something else (As in you can guess the OS from the TTL value passed back in a TCP/IP packet). One way you can do [...]

Continue Reading


10 March 2006 | 13,736 views

Post-Mortem Data Destruction

1. Introduction This article describes and partly implements a method to delete or re-locate, potentially sensitive and / or incriminating information from your UNIX flavoured machine, after the sad event of your death. An older version of this article has been published before, yet it has since disappeared from the Internet and the Google cache; [...]

Continue Reading