Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 04:26:00 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1302950769&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Fdocs%2Finfosec%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1302950769.1338179160.1338179160.1338179160.1%3B%2B__utmz%3D32867617.1338179160.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/34360/challenges.tgz http://packetstormsecurity.org/files/34360/challenges.tgz http://packetstormsecurity.org/files/34360/challenges.tgz.html Wed, 15 Sep 2004 04:39:00 GMT This package contains example vulnerable C programs. The best way to learn exploit coding is by doing it. Start your search with the index.html. There are examples of buffer overflows (stack and heap) and format string vulnerabilities. All examples are exploitable with a standard linux/x86 environment. http://packetstormsecurity.org/files/13836/ids.html http://packetstormsecurity.org/files/13836/ids.html http://packetstormsecurity.org/files/13836/ids.html.html Wed, 15 Aug 2001 05:13:58 GMT Structural Versus Operational Intrusion Detection - Intrusion Detection White Paper - short and basic, comments requested. http://packetstormsecurity.org/files/21882/forensics.kye.html http://packetstormsecurity.org/files/21882/forensics.kye.html http://packetstormsecurity.org/files/21882/forensics.kye.html.html Mon, 22 May 2000 17:27:04 GMT "Know Your Enemy: A Forensic Analysis". This paper is a continuation of the Know Your Enemy series. The first three papers covered the tools and tactics of the black-hat community. This paper, the fourth of the series, studies step by step a successful attack of a system. However, instead of focusing on the tools and tactics used, we will focus on how we learned what happened and pieced the information together. The purpose is to give you the forensic skills necessary to analyze and learn on your own the threats your organization faces. http://packetstormsecurity.org/files/13843/network-intrusion-detection.htm http://packetstormsecurity.org/files/13843/network-intrusion-detection.htm http://packetstormsecurity.org/files/13843/network-intrusion-detection.htm.html Fri, 28 Jan 2000 00:48:41 GMT FAQ: Network Intrusion Detection Systems version 0.8.1 - (Updated Jan 17, 2000) This FAQ has lots of excellent info on IDS systems, with a good focus on how they work. http://packetstormsecurity.org/files/13810/backdoors.txt http://packetstormsecurity.org/files/13810/backdoors.txt http://packetstormsecurity.org/files/13810/backdoors.txt.html Tue, 17 Aug 1999 00:10:58 GMT Document detailing different types of backdoors. http://packetstormsecurity.org/files/13813/cidf.txt http://packetstormsecurity.org/files/13813/cidf.txt http://packetstormsecurity.org/files/13813/cidf.txt.html Tue, 17 Aug 1999 00:10:58 GMT No information is available for this file. http://packetstormsecurity.org/files/13822/cracker.txt http://packetstormsecurity.org/files/13822/cracker.txt http://packetstormsecurity.org/files/13822/cracker.txt.html Tue, 17 Aug 1999 00:10:58 GMT "Techniques Adopted by 'System Crackers' When Attempting To Break Into Corporate or Sensitive Private Networks." Whitepaper by Network Security Solutions, Ltd. http://packetstormsecurity.org/files/13829/ftp-paper.txt http://packetstormsecurity.org/files/13829/ftp-paper.txt http://packetstormsecurity.org/files/13829/ftp-paper.txt.html Tue, 17 Aug 1999 00:10:58 GMT No information is available for this file. http://packetstormsecurity.org/files/13831/hedrick-intro.txt http://packetstormsecurity.org/files/13831/hedrick-intro.txt http://packetstormsecurity.org/files/13831/hedrick-intro.txt.html Tue, 17 Aug 1999 00:10:58 GMT No information is available for this file. http://packetstormsecurity.org/files/13845/ntob.htm http://packetstormsecurity.org/files/13845/ntob.htm http://packetstormsecurity.org/files/13845/ntob.htm.html Tue, 17 Aug 1999 00:10:58 GMT NOT the Orange Book - Guide to the Definition, Specification, Tasking, and Documentation for the Development of Secure Computer Systems -- Including Condensations of the Members of the Rainbow Series and Related Documents". http://packetstormsecurity.org/files/13853/sequence_attacks.txt http://packetstormsecurity.org/files/13853/sequence_attacks.txt http://packetstormsecurity.org/files/13853/sequence_attacks.txt.html Tue, 17 Aug 1999 00:10:58 GMT No information is available for this file. http://packetstormsecurity.org/files/13857/them_and_us.txt http://packetstormsecurity.org/files/13857/them_and_us.txt http://packetstormsecurity.org/files/13857/them_and_us.txt.html Tue, 17 Aug 1999 00:10:58 GMT No information is available for this file. http://packetstormsecurity.org/files/13812/cifs.txt http://packetstormsecurity.org/files/13812/cifs.txt http://packetstormsecurity.org/files/13812/cifs.txt.html Tue, 17 Aug 1999 00:10:57 GMT No information is available for this file. http://packetstormsecurity.org/files/13814/common.attacks.html http://packetstormsecurity.org/files/13814/common.attacks.html http://packetstormsecurity.org/files/13814/common.attacks.html.html Tue, 17 Aug 1999 00:10:57 GMT Common System Intrusion Methods - An excellent whitepaper that describes the most common methods for gaining access to a target host. http://packetstormsecurity.org/files/13825/enemy.html http://packetstormsecurity.org/files/13825/enemy.html http://packetstormsecurity.org/files/13825/enemy.html.html Tue, 17 Aug 1999 00:10:57 GMT Know Your Enemy: The Attack of the Script Kiddie. http://packetstormsecurity.org/files/13826/enemy2.html http://packetstormsecurity.org/files/13826/enemy2.html http://packetstormsecurity.org/files/13826/enemy2.html.html Tue, 17 Aug 1999 00:10:57 GMT The follow-up article to "Know Your Enemy: The Attack of the Script Kiddie", "Know your Enemy II" focuses on intelligence gathering, specifically how to determine what the enemy is doing by analyzing your system log files. Includes examples based on two of the most commonly used scanning tools on the Internet, sscan and nmap. http://packetstormsecurity.org/files/13827/enemy3.html http://packetstormsecurity.org/files/13827/enemy3.html http://packetstormsecurity.org/files/13827/enemy3.html.html Tue, 17 Aug 1999 00:10:57 GMT Know Your Enemy III: They Gain Root - Third installment of the excellent "Know Your Enemy" series of security whitepapers by Lance Spitzner. This paper focuses on how systems are actually compromised, and what the "script kiddie" does to cover tracks and monitor your network. Includes system logs and keystroke history from an actual system compromise. http://packetstormsecurity.org/files/13832/hire.a.hacker.html http://packetstormsecurity.org/files/13832/hire.a.hacker.html http://packetstormsecurity.org/files/13832/hire.a.hacker.html.html Tue, 17 Aug 1999 00:10:57 GMT "Hire A Hacker FAQ" - An excellent, and quite humorous, list of the issues that will invariably come up when people without previous experience in the hacker community try to hire a hacker. Excellent FAQ by Peter Seebach http://packetstormsecurity.org/files/13838/improve_by_breakin.txt http://packetstormsecurity.org/files/13838/improve_by_breakin.txt http://packetstormsecurity.org/files/13838/improve_by_breakin.txt.html Tue, 17 Aug 1999 00:10:57 GMT No information is available for this file. http://packetstormsecurity.org/files/13842/mac_address_cloning.pdf http://packetstormsecurity.org/files/13842/mac_address_cloning.pdf http://packetstormsecurity.org/files/13842/mac_address_cloning.pdf.html Tue, 17 Aug 1999 00:10:57 GMT At one time or another, you may find it useful to have two machines with the same physical network address. This is how it is done. http://packetstormsecurity.org/files/13847/probes.html http://packetstormsecurity.org/files/13847/probes.html http://packetstormsecurity.org/files/13847/probes.html.html Tue, 17 Aug 1999 00:10:57 GMT "How to Handle and Identify Network Probes" - "Do you know what to do when suspicious network probes are detected on your network? It's surprising, but many people do not follow common sense and simple logic when analyzing malicious network activity. Even worse, when contacting other organizations to complain, security incidents can be misrepresented because all of the facts are not in order, incorrect or even erroneous theories. This paper details a variety of steps that you can take to get the most effectiveness and accuracy from your intrusion detection system. It also concentrates on determining the who, what, why, where, when and how of any network security event so that you can accurately relay this information to others." http://packetstormsecurity.org/files/13848/probes.txt http://packetstormsecurity.org/files/13848/probes.txt http://packetstormsecurity.org/files/13848/probes.txt.html Tue, 17 Aug 1999 00:10:57 GMT "How to Handle and Identify Network Probes" - "Do you know what to do when suspicious network probes are detected on your network? It's surprising, but many people do not follow common sense and simple logic when analyzing malicious network activity. Even worse, when contacting other organizations to complain, security incidents can be misrepresented because all of the facts are not in order, incorrect or even erroneous theories. This paper details a variety of steps that you can take to get the most effectiveness and accuracy from your intrusion detection system. It also concentrates on determining the who, what, why, where, when and how of any network security event so that you can accurately relay this information to others." http://packetstormsecurity.org/files/13849/rules.of.engagement.txt http://packetstormsecurity.org/files/13849/rules.of.engagement.txt http://packetstormsecurity.org/files/13849/rules.of.engagement.txt.html Tue, 17 Aug 1999 00:10:57 GMT The rules of engagement: Testing the security of your enterprise - Very good basic checklist/description related to security assessments - the section on Attack Methodologies is good standard info. Short, but sweet. http://packetstormsecurity.org/files/13852/securityfocus.txt http://packetstormsecurity.org/files/13852/securityfocus.txt http://packetstormsecurity.org/files/13852/securityfocus.txt.html Tue, 17 Aug 1999 00:10:57 GMT Security Focus - This is definitely the most exciting news I've receivved in months. So what is "Security Focus"? In addition to being the new home for the BUGTRAQ mailing list, there will be about a dozen other security-related mailing lists / forums, a huge vulnerability database, products, services, books, papers, articles, tools, news, security resources, event calendars, and much, much more. Security Focus promises to be one hell of a resource. http://packetstormsecurity.org/files/13856/theguide.txt http://packetstormsecurity.org/files/13856/theguide.txt http://packetstormsecurity.org/files/13856/theguide.txt.html Tue, 17 Aug 1999 00:10:57 GMT No information is available for this file.