Definition of Exploits
What are exploits?
An illegal or unethical attack that can take advantage of a system vulnerability.
|
|
Exploits
|
|
The Future of Information Warfare
The present war against terrorism, precipitated by the decidedly low-tech use of airplanes on September 11, is raising the awareness of corporations and individuals in regards to the security of business and personal information. The attacks of September 11th showed what happens when the information flow of our society is disrupted. Many realize now that disruption of the exchange of business and personal information could be a primary weapon of attackers, and not just the secondary effect of other actions. The idea of warfare using information as a weapon is not new. The obvious place to start getting a handle on the definition of information warfare is the military.
Read the Article
|
Can Cyberterrorists Actually Kill People?
Just imagine, if civilization as we know it could fall into such a panic and possibly spiral out of control over a relatively minor programming error, what would happen if somebody sat down and starting causing these kinds of malfunctions on purpose? Could terrorists or rogue nation soldiers kill people while tapping away in their living rooms, using nothing more than a dial-up internet connection and laptop computer they ordered from an ad in the back of a magazine?
Read the Article
|
Information Warfare: An Analysis of the Threat of Cyberterrorism Towards the US Critical Infrastructure
The purpose of this paper is to explore the possibility of a terrorist group launching an information warfare attack against our infrastructure and to answer the question: Is the US ready to defend against a cyber attack? I will define cyberterrorism, information warfare, from both an offensive and defensive standpoint, and define the aspects of the national infrastructure. I will examine the current trends of terrorist groups and focus on their information warfare capabilities to see if it is possible for a group like Hammas, Hezbolla, or al- Qaeda to commit to an all out information warfare attack aimed at crippling or destroying the US infrastructure. Finally, I will analyze the current US posture towards cyber warfare and terrorism.
Read the Article
|
Redefining the Role of Information Warfare in Chinese Strategy
Information warfare is generally understood as "actions taken to affect adversary information and information systems, while defending one's own information and information systems." In this paper, a theory is introduced that China is currently executing a patient and deceptive form of information warfare that redefines the boundaries of Western definitions of the concept. China's efforts are designed to advance its economic state, maintain its national unity, significantly improve its technological and military capabilities, and increase its regional and global influence -- all with minimal or no fighting and without alarming the West. This theory is supported by diverse sources that relate directly to China's grand strategy and strategic heritage.
Read the Article
|
Packet Sniffing In a Switched Environment
This paper focuses on the threat of packet sniffing in a switched environment, and briefly explores the effect in a non-switched environment. Detail is given on techniques such as "ARP (Address Resolution Protocol) spoofing", which can allow an attacker to eavesdrop on network traffic in a switched environment. Third party tools exist which permit sniffing on a switched network. The result of running some of these tools on an isolated, switched network is presented; it clearly demonstrates that the threat they pose is real and significant. The final section covers ways to mitigate the threat of network sniffing in both non-switched and switched environments. It is proposed that encryption is the only true defense to the threat of sniffing.
Read the Article
|
Battle for the Internet: The War is On!
There is a battle raging between security professionals and hackers. By placing people into the shoes of a hacker, and teaching them the skills to gain access to a system, one is better able to defend against them. The first step is "Foot Printing/Reconnaissance." As a hacker, we dig up information on companies/individuals by mirroring their websites, using search engines, whois databases and traceroute. Next, we move on to "Scanning." We ping their computers, look at which ports are open, identify their operating system, map their networks, and see if they have any available modem connections. Then we move on to "Enumeration," looking at valid user accounts and network shares.
Read the Article
|
War Dialing
This paper will give the reader general information on war dialing, war dialing tools and general steps you can take to protect your network from unwanted intruders, that may try to gain access to your network via unauthorized or poorly managed modems.
Read the Article
|
Hacker Tools and Their Signatures, Part One: bind8x.c
This article is the first in a series of papers detailing hacker exploits/tools and their signatures. This installment will examine the Berkley Internet Name Domain exploit bind8x.c. The discussion will cover the details of bind8x.c and provide signatures that will assist an IDS analyst in detecting it. This paper assumes that the reader has some basic knowledge of TCP/IP and understands the tcpdump format.
Read the Article
|
Hacker Tools and their Signatures, Part Two: Juno and Unisploit
This is the second installment in the Hacker Tools and Their Signatures series, a series written to assist system administrators, security administrators, and the security community as a whole to identify and understand the tools that are being used in the hacker community. The first article examined the Berkley Internet Name Domain exploit bind8x.c. This installment will focus on two tools: Juno and Unisploit. This paper will provide a detailed analysis of these tools, including tcpdump examples and other useful references. This paper assumes that the reader is familiar with the TCP/IP protocol and other related protocols.
Read the Article
|
Hacker Tools and their Signatures, Part Three: Rootkits
This is the third installment of a series devoted to examining hacker tools and their signatures. In this installment we will be looking at some of the signatures related to the KOH rootkit. The purpose of this paper is to assist the reader in detecting the KOH rootkit. Through this process, it is hoped that the reader will also learn steps to take to defend against the installation of these types of rootkits.
Read the Article
|
|
|
Page: 1 2 3 4 5 6 7 8
Members currently browsing this category:
|
|
