Hey guys -- it's been a really tough month for all of us, and we really and truely need your help to provide us with some content for the e-zine. The current team is completely bogged down with real-world situations, which in turn means we need to look towards our affiliates to perhaps get some of their content on board. Certainly not the best of situations I'm sure you'd agree. Eitherways, HELP US OUT!
By: obscure
Note: This article first appeared over at our affiliates site EyeOnSecurity.net. The original article can be found here.
By: obscure
Note: This article first appeared over at our affiliates site EyeOnSecurity.net. The original article can be found here.
Feeling secure just because you're behind a firewall, have the latest virus signatures and running a top of the range IDS? You shouldn't, at least not unless you unplugg your modem, NIC or whatever, especially if you're browsing the 'net (i.e. websites) using your favorite browsers.
By: spoonfork
--] 1.0 Introduction
This article focuses on analysis of Nessus attacks using Snort. In this
article, I will present some of the common Nessus attack signatures. This
will hopefully help security analyst to detect attacks that are generated
by the Nessus security scanner.
--] 1.1 Nessus Security Scanner
By: The Hacktivist
Note: This article first appeared over at our affiliates site The Hacktivist. The original article can be viewed here.
Interview with Hat, founder of proxy-elites, an organization whose goal is to assist Internet users to bypass censorship enforced by their local authorities.
Q1. When were the proxy-elites founded and what were its initial goals?
By: Netcrash
When I audit the security of a network,
one of the first things that I do is look at the password selection policy.
Most good administrators have laid down strict guidelines on the selection of
passwords. Passwords are the forefront of network security. Why bother putting
a $50,000 firewall in place if the password could be cracked in minutes by a 12
year old? We must take steps to improve network security. A good way to do this
is select better passwords.
Primary
criterion for a good password is:
By: spoonfork (spoonfork@hackinthebox.org)
--] Introduction
The following is an analysis of the Tuxkit rootkit, written by a Dutch group
called Tuxtendo. This rootkit was found in one of the honeypots that we
set up. The honeypot was a stock installation of Redhat 7.0, with a few
services running. None of the software, such as named, sendmail and the
printer daemon were patched.
By: Tierra (2600 Salt Lake City)
By: Fiend(2600 Salt Lake City)
Basic Information:
It is assumed that the reader is familiar with the concept of dynamic driven websites and
speficially with server-side languages that deliver content from a datebase. A slight
knowledge of SQL and how database interact with the server is helpful. A deep
understanding isn't required for this document.
Test Enviorment:
Server:
Apache/1.3.22 (Darwin) PHP/4.0.6 mod_ssl/2.8.5 OpenSSL/0.9.6b
Database:
MySQL 3.23.36
