Archive | Network Hacking


08 May 2006 | 8,155 views

SinFP – Next Generation OS Detection Tool

OS Fingerprinting is an important part of any penetration test or hack as it allows you focus your efforts a lot more effeciently when point testing, rather than throwing everything at a machine like a script kiddy would. So let’s introduce a new option, other than p0f and xprobe2. SinFP is a new approach to [...]

Continue Reading


05 May 2006 | 17,087 views

The MIT IP Packet Spoofing Project – Can We Spoof IP Packets?

Now this is a VERY interesting project, as I’ve always said the majority of DoS attacks and DDoS attacks (90%+) could be stopped if all the ISP’s null routed packets which DO NOT originate from IP blocks they own, e.g. spoofed packets. Basically the project has been established to see if you can spoof IP [...]

Continue Reading


03 May 2006 | 70,894 views

Medusa Password Cracker Version 1.1 Now Available For Download

Medusa is a speedy, massively parallel, modular, login brute-forcer for network services created by the geeks at Foofus.net. It currently has modules for the following services: CVS, FTP, HTTP, IMAP, MS-SQL, MySQL, NCP (NetWare), PcAnywhere, POP3, PostgreSQL, rexec, rlogin, rsh, SMB, SMTP (VRFY), SNMP, SSHv2, SVN, Telnet, VmAuthd, VNC, and a generic wrapper module. While [...]

Continue Reading


27 March 2006 | 8,297 views

Sealing Wafter – Defend Against OS Fingerprinting for OpenBSD

One way to defend against OS fingerprinting from tools such as nmap, queso, p0f, xprobe etc is to change the metrics that they base their analysis on. One way to do this with OpenBSD is to use Sealing Wafter. Goals of Sealing Wafter: 1. To reduce OS detection based on well known fingerprints network stack [...]

Continue Reading


18 March 2006 | 12,169 views

Security Cloak – Mask Against TCP/IP Fingerprinting for Windows

I’ve seen quite a lot of discussion lately on how to ‘defend against nmap’ or how to change the properties of your TCP/IP Stack so your Windows OS appears to be something else (As in you can guess the OS from the TTL value passed back in a TCP/IP packet). One way you can do [...]

Continue Reading


10 March 2006 | 22,776 views

SSL VPNs and OpenVPN – Part IV

4. Brief How-to …. Creating Multiple clients to Single site tunnels. Example of using PKI to create a client-to-site VPN: For a road warrior or roaming/multiple user scenario, static keys based VPNs don’t scale well. You will need to implement a PKI if you have Hub and Spoke architecture of VPN. From the OpenVPN.net website: [...]

Continue Reading


09 March 2006 | 21,409 views

SSL VPNs and OpenVPN – Part III

3. Brief How-to ….. OpenVPN and Site-to-Site Tunnels. OpenVPN can be implemented either Site-to-site or client-server model. I will take example configurations of both models. If you want to implement site-to-site configuration, the best way is to use static-keys instead of PKI. Using static keys, you can have your VPN tunnel up and running in [...]

Continue Reading


08 March 2006 | 16,441 views

SSL VPNs and OpenVPN – Part II

2. Why OpenVPN Here, in this article, I will lay down the emphasis on one important Open-Source SSL VPN software written by James Yonan and contributed by several others, which proposes security without the inherent complexity of IPsec AND using a trusted design of client component and VPN server. Usually VPNs require end points which [...]

Continue Reading


07 March 2006 | 27,229 views

SSL VPNs and Using OpenVPN

Requirement: To connect to a VPN server in a different country. Situation: A country which has proxies at every gateway. Issues: VPN based on IPSec is fussy when it comes across networks which are NAT’ted/ proxied. The Security Parameters Indexes don’t match and clients do not get connected. Objective: To connect VPN server in a [...]

Continue Reading


15 February 2006 | 9,476 views

Nmap 4.01 Released – New Features

Nmap (“Network Mapper”) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts [...]

Continue Reading