VMWare Rootkits, The Next Big Threat?

Lab rats at Microsoft Research and the University of Michigan have teamed up to create prototypes for virtual machine-based rootkits that significantly push the envelope for hiding malware and that can maintain control of a target operating system. The proof-of-concept rootkit, called SubVirt, exploits known security flaws and drops a VMM (virtual machine monitor) underneath […]

Tags: , , , , ,

Posted in: Malware | Add a Comment

JTR (Password Cracking) – John the Ripper 1.7 Released – FINALLY

The new “features” this time are primarily performance improvements possible due to the use of better algorithms (bringing more inherent parallelism of trying multiple candidate passwords down to processor instruction level), better optimized code, and new hardware capabilities (such as AltiVec available on PowerPC G4 and G5 processors). In particular, John the Ripper 1.7 is […]

Tags: , , , ,

Posted in: Hacking Tools, Password Cracking | Add a Comment

UK Could be Going TOO Far With Digital Laws

Types of activities that will become illegal under the proposed laws include making or supplying “hacking tools”- computer programmes or code that can help crack passwords or bypass security systems – and will be punishable by up to two years in prison. Isn’t this legitimate action for any security enthusiast, hobbiest or professional involved in […]

Tags: , , , ,

Posted in: General News | Add a Comment

Post-Mortem Data Destruction

1. Introduction This article describes and partly implements a method to delete or re-locate, potentially sensitive and / or incriminating information from your UNIX flavoured machine, after the sad event of your death. An older version of this article has been published before, yet it has since disappeared from the Internet and the Google cache; […]

Tags: , , , , , ,

Posted in: Countermeasures, Privacy, UNIX Hacking | Add a Comment

SSL VPNs and OpenVPN – Part IV

4. Brief How-to …. Creating Multiple clients to Single site tunnels. Example of using PKI to create a client-to-site VPN: For a road warrior or roaming/multiple user scenario, static keys based VPNs don’t scale well. You will need to implement a PKI if you have Hub and Spoke architecture of VPN. From the OpenVPN.net website: […]

Tags: , , , , , ,

Posted in: Linux Hacking, Network Hacking, Security Software | Add a Comment

Windows Rootkits

Windows Rootkits are a big rarity in this modern web hacking tehnology… I won’t speak exactly about rootkits, because it’s impropriate to call them that way… why? Well rootkits are programs that aid you in getting access to root level users… So in the case we are using Windows rootkits we should call them admkits […]

Tags: , , , ,

Posted in: Malware, Windows Hacking | Add a Comment

SSL VPNs and OpenVPN – Part III

3. Brief How-to ….. OpenVPN and Site-to-Site Tunnels. OpenVPN can be implemented either Site-to-site or client-server model. I will take example configurations of both models. If you want to implement site-to-site configuration, the best way is to use static-keys instead of PKI. Using static keys, you can have your VPN tunnel up and running in […]

Tags: , , , , , ,

Posted in: Linux Hacking, Network Hacking, Security Software | Add a Comment

SSL VPNs and OpenVPN – Part II

2. Why OpenVPN Here, in this article, I will lay down the emphasis on one important Open-Source SSL VPN software written by James Yonan and contributed by several others, which proposes security without the inherent complexity of IPsec AND using a trusted design of client component and VPN server. Usually VPNs require end points which […]

Tags: , , , , , ,

Posted in: Linux Hacking, Network Hacking, Security Software | Add a Comment

SSL VPNs and Using OpenVPN

Requirement: To connect to a VPN server in a different country. Situation: A country which has proxies at every gateway. Issues: VPN based on IPSec is fussy when it comes across networks which are NAT’ted/ proxied. The Security Parameters Indexes don’t match and clients do not get connected. Objective: To connect VPN server in a […]

Tags: , , , , , ,

Posted in: Linux Hacking, Network Hacking, Security Software | Add a Comment

Latest RIAA Bullshit – Fair Use Policy – Can’t Use YOUR CDs on YOUR iPod

Amazing, now ripping YOUR OWN CD’s to use on YOUR iPod is not fair use according to the new DMCA rulings currently being created. As part of the on-going DMCA rule-making proceedings, the RIAA and other copyright industry associations submitted a filing that included this gem as part of their argument that space-shifting and format-shifting […]

Tags: , , , , , , ,

Posted in: General News | Add a Comment