Advertise Search Free Magazines Newest Links Categories Register Login

Application Security Architecture Authentication Certifications Corporate Compliance Cryptology Disaster Recovery Enterprise Security Exploits Firewalls Incident Handling Intrusion Detection Link Directory OS Security Podcasts Policies and Procedures Security Basics Security Management Security Tools Servers Standards Techie Humor Video VoIP Vulnerability Management Web Security WIFI Security Worms and Viruses Definition of Exploits What are exploits? An illegal or unethical attack that can take advantage of a system vulnerability. Most Popular Sponsor Backup & Recovery - Top 10 Reasons to Upgrade

Exploits Denial of Service Social Engineering SQL Injection Session Hijacking Packet Analysis TCP session hijacking is a very dangerous attack vector because most systems are vulnerable to it, as most systems use TCP/IP as their primary communication protocol. Newer operating systems have attempted to secure themselves from session hijacking by using pseudo-random number generators to calculate the Initial Sequence Number, making it harder to guess. Any security measure in randomly generating an ISN is ineffective if the attacker is able to sniff ACK packets, as they give all the information required to perform this attack. Read the Article Cross Site Scripting (XSS) FAQ XSS vulnerabilities have been found in all sorts of websites including fbi.gov, yahoo.com, ebay.com and many other popular and important websites. This paper details XSS attacks and hopes to educate you on what they are, how attackers use them and of course how you can prevent them from happening. Read the Article Exploitation The goal of exploitation is to simply make a computer system do something you want it to do, but it is not supposed to do. This really could mean anything, but there are a number of common ways for this to be interpreted. When attacking a remote system, most often it is desired to be able to run code on it. The code may be running as a non privileged user, but anything is a start. Attacking a system when you have the ability to run code on it, or locally, usually implies that the attacker wants to have more control over the system. Read the Article XSS Vulnerabilities, Understimated and Dangerous This paper outlines the dangers of cross site scripting (XSS). XSS is a way to inject script code into a web page making it execute whenever the page loads or a specific event is triggered. It provides examples and focuses on temporary and permanent XSS. Read the Article Identity Techniques Throughout this paper, I examine techniques, as well as some concepts about wholesale tracing (tracing many individuals at one time). You may wonder why this is deemed a security issue. In truth, it really isn't--not yet. However, you will learn that the Internet is a powerful tool for domestic spying. Law-enforcement and intelligence agencies already conduct such practices on the Internet, and for them, the Network is a bonanza. No search warrant is needed to "study" the activity of someone on the Internet. Read the Article Demystifying Google Hacks Google is the world's most popular and powerful search engine. It has the ability to accept pre-defined commands as inputs which then produces unbelievable results. I have been thinking of publishing this paper since long time but due to lack of time I was not able to complete it. I use to add and keep this paper updated when I get tired of my daily research work. I shall also discuss about Google's advance syntaxes and how it can be used as a tool for critical information digging. Read the Article Page: 1 2 3 4 5 6 7 8 Members currently browsing this category:

Copyright 2008 AttackPrevention