Archive | Network Hacking


28 June 2006 | 5,174 views

Web Services Attack Frequency Increasing

As we’ve reported a few times recently, more and more attacks being aimed at Web Services such as Orkut, MySpace, Ebay and others. As more people turn to web applications for everyday tasks like e-mail, friendship and payments, cyber criminals are following them in search of bank account details and other valuable data, security researchers [...]

Continue Reading


21 June 2006 | 9,419 views

Yersinia 0.7 Released with 802.1x Support – Layer 2 Attack Framework

Yersinia is a network tool designed to take advantage of some weakeness in different network protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems. It’s a very useful for any network based penetration testing or vulnerability assessment. There isn’t many tools working on Layer 2 and this [...]

Continue Reading


19 June 2006 | 6,752 views

SinFP v2.00 Released – Next Generation OS Detection Tool

OS Fingerprinting is an important part of any penetration test or hack as it allows you focus your efforts a lot more effeciently when point testing, rather than throwing everything at a machine like a script kiddy would. So let’s introduce a new option, other than p0f and xprobe2. SinFP uses the aforementioned limitations as [...]

Continue Reading


22 May 2006 | 6,815 views

The Ultimate Net Monitoring Tool – Semantic Traffic Analyzer

Packet sniffing goes hi-tech? What’s wrong with ethereal? The equipment that technician Mark Klein learned was installed in the National Security Agency’s “secret room” inside AT&T’s San Francisco switching office isn’t some sinister Big Brother box designed solely to help governments eavesdrop on citizens’ internet communications. Rather, it’s a powerful commercial network-analysis product with all [...]

Continue Reading


08 May 2006 | 8,175 views

SinFP – Next Generation OS Detection Tool

OS Fingerprinting is an important part of any penetration test or hack as it allows you focus your efforts a lot more effeciently when point testing, rather than throwing everything at a machine like a script kiddy would. So let’s introduce a new option, other than p0f and xprobe2. SinFP is a new approach to [...]

Continue Reading


05 May 2006 | 17,108 views

The MIT IP Packet Spoofing Project – Can We Spoof IP Packets?

Now this is a VERY interesting project, as I’ve always said the majority of DoS attacks and DDoS attacks (90%+) could be stopped if all the ISP’s null routed packets which DO NOT originate from IP blocks they own, e.g. spoofed packets. Basically the project has been established to see if you can spoof IP [...]

Continue Reading


03 May 2006 | 71,291 views

Medusa Password Cracker Version 1.1 Now Available For Download

Medusa is a speedy, massively parallel, modular, login brute-forcer for network services created by the geeks at Foofus.net. It currently has modules for the following services: CVS, FTP, HTTP, IMAP, MS-SQL, MySQL, NCP (NetWare), PcAnywhere, POP3, PostgreSQL, rexec, rlogin, rsh, SMB, SMTP (VRFY), SNMP, SSHv2, SVN, Telnet, VmAuthd, VNC, and a generic wrapper module. While [...]

Continue Reading


27 March 2006 | 8,305 views

Sealing Wafter – Defend Against OS Fingerprinting for OpenBSD

One way to defend against OS fingerprinting from tools such as nmap, queso, p0f, xprobe etc is to change the metrics that they base their analysis on. One way to do this with OpenBSD is to use Sealing Wafter. Goals of Sealing Wafter: 1. To reduce OS detection based on well known fingerprints network stack [...]

Continue Reading


18 March 2006 | 12,173 views

Security Cloak – Mask Against TCP/IP Fingerprinting for Windows

I’ve seen quite a lot of discussion lately on how to ‘defend against nmap’ or how to change the properties of your TCP/IP Stack so your Windows OS appears to be something else (As in you can guess the OS from the TTL value passed back in a TCP/IP packet). One way you can do [...]

Continue Reading


10 March 2006 | 22,791 views

SSL VPNs and OpenVPN – Part IV

4. Brief How-to …. Creating Multiple clients to Single site tunnels. Example of using PKI to create a client-to-site VPN: For a road warrior or roaming/multiple user scenario, static keys based VPNs don’t scale well. You will need to implement a PKI if you have Hub and Spoke architecture of VPN. From the OpenVPN.net website: [...]

Continue Reading