Techniques for hacking systems. A Beginners Guide to Hacking Un*x
A Glossary of Computer Security Terms
A NAP/PA file about VAX/VMS machines
A Strict Anomoly Detection Model for Intrusion Detection Systems by sasha / beetle
The base-rate fallacy is one of the cornerstones of Bayesian statistics, stemming from Bayes theorem that describes the relationship between a conditional probability and its opposite, i.e. with the condition transposed.
A Un*x tutorial part 1
A Un*x tutorial part 2
A beginning guide to help you hack unix systems. E
A companion to VaxBuster's phile in Phrack 41
A few Unix password hackers
A hint for the 555 account on AOL
A letter from the national computer systems laboratory
A text file for newbies...
Advanced Host Detection: Techniques To Validate Host-Connectivity by dethy
Security Engineers spend a tireless amount of effort to block and filter packet anomalies in an internetwork connected environment. Advanced host mapping bypasses many forms of intrusion detection systems, filters, and routers, essentially enabling an attacker to map and discover previously unknown firewalled hosts.
Advanced VMS hacking
All about VAX/VMS
An Architectural Overview of UNIX Network Security
An in- depth guide to hacking UNIX and the concept
An introduction to UNIX - Kernighan
Analysis Techniques for Detecting Coordinated Attacks and Probes by John Green , David Marchette and Stephen Northcutt
Coordinated attacks and probes have been observed against several networks that we protect. We describe some of these attacks and provide insight into how and why they are carried out. We also suggest hypotheses for some of the more puzzling probes. Methods for detecting these coordinated attacks are provided.
Analysis of SSH crc32 Compensation Attack Detector Exploit by David A. Dittrich
Once in the system, a series of operating system commands were replaced with trojan horses to provide back doors for later entry and to conceal the presence of the intruders in the system. A second SSH server was run on a high numbered port (39999/tcp).
Another vulnerability of early ATM's
Audio Distribution System Hacking
Backdooring Binary Objects by klog
Weakening a system in order to keep control over it (or simply to alter some of its functionality) has been detailed in many other papers. From userland code modification to trojan kernel code, most of the common backdooring techniques are either too dirty, or just not portable enough.
Beginner's guide to hacking VAX Systems
Best guide to hacking by neophyte
Bibliography Computer Security Reports
Bibliography of Computer Security Articles
Bibliography of Computer Security Manuals
Bibliography of Computer Security Periodicals
Bibliography of Guidelines
Bibliography of Technical Papers on Computer Security
Bibliography of computer security documents
Biliography of computer security articles
Bill Wall's List of Computer Hacker Incidents by Bill Wall
Hacker incidents from 1961 - 2001!
Bugs for Windows NT
Cards and the Networks - Very helpful
Changing Your Grades by Aaron Winters
How to hack your school and change your grades quickly, quietly, and without a trace. Sometimes.
Common Gateway Interface (CGI) Security, Part 1
Common Gateway Interface (CGI) Security, Part 2
Common Gateway Interface (CGI) Security, Part 3
Common Gateway Interface (CGI) Security, Part 4
Common Gateway Interface (CGI) Security, Part 5
Common Gateway Interface (CGI) Security, Part 6
Common UNIX System Configurations That Can Be Expl
Computer Security Organizations
Computer Security by E.A.Bedwell
Computer Users's Guide to the Protection of Information
Computer jargon
Computer security planning
Computer system ID and password security alert
Custom Local Area Signalling Services
Default Logins & P/W's for VAX
Default Un*x account
Default Unix passwords
Defeating Forensic Analysis on Unix by the grugq
To facilitate a useful discussion of anti-forensic strategies it is important that the reader possess certain background information. In particular, the understanding of anti-forensic file system sanitization requires the comprehension of basic Unix file system organisation. And, of course, the understanding of any anti-forensic theory demands at least a rudimentary grasp of digital forensic methodology and practise.
Defeating Sniffers and Intrusion Detection Systems by horizon
The purpose of this article is to demonstrate some techniques that can be used to defeat sniffers and intrusion detection systems. This article focuses mainly on confusing your average "hacker" sniffer, with some rough coverage of Intrusion Detection Systems (IDS).
Defeating Solaris/SPARC Non-Executable Stack Protection by Horizon
I've recently been playing around with bypassing the non-executable stack protection that Solaris 2.6 provides. I'm referring to the mechanism that you control with the noexec_user_stack option in /etc/system. I've found it's quite possible to bypass this protection, using methods described previously on this list. Specifically, I have had success in adapting the return into libc methods introduced by Solar Designer and Nergal to Solaris/SPARC.
Defense Information Infrastructure Common Operatin
Denial Of Service Attacks by Hans Husman
Denial of service is about without permission knocking off services, for example through crashing the whole system. This kind of attacks are easy to launch and it is hard to protect a system against them. The basic problem is that Unix assumes that users on the system or on other systems will be well behaved.
DoD Common Messaging System
DoD Information Security Program, Jan 1997
DoD Password Management Guideline (CSC- STD- 002- 85: The Green B
DoD Required Operational Messaging Characteristics
DoD SEIWG- 012 Mag- Stripe Encoding, A Plain Languag
DoD Secure Data Network System's Message Security
Evading Intrusion Detection by Seclabs
There are many different ways in which network traffic can be obtained by a network intrusion detection system (IDS). This document demonstrates that one class of network IDS, which relies on passive network packet capture (commonly referred to as ?sniffing?), is fundamentally flawed. We show that sniffer-based IDS is, as a technology, immature, and thus cannot be relied upon for network security.
Examples of Computer Intrusion at the Naval Surfac
Explanation of ENA and computer conferencing
FORTEZZA File Protection (National Security Agency
File on hacking Unix System V's
Franken Gibe's Unix Command Bible
General TRW Information
Generally Accepted System Security Principles (GASSP)
Getting Admin by Cra58cker
This guide will list all the possible ways there is to get Admin access when you have physical access to a Windows NT Machine! A must Read to all the Hackers\Crackers\Administrators.
Getting better access on any UNIX system
Goverment Open Systems Interconnection Profile (GOSIP)
Guidance to Federal Agencies on the use of Trusted
Guide to RSTS
HP- UX Trusted Operating System Random Man page
Hacker Journeys Through NASA's Secret World
While tripping through NASAs most sensitive computer files, Ricky Wittman suddenly realized he was in trouble. Big trouble.
Hackers handbook
Hacking ATM's
Hacking Chilton Corporation Credit
Hacking Directories #1
Hacking Directories #2
Hacking Directories #3
Hacking Directories #4
Hacking Rite Aid Healthnotes Computers by Omega Red
Wanna learn about health? Or shutdown Rite Aid computers? You can do both on a little trip to Rite Aid and with this tiny article.
Hacking UNIX - Jester Sluggo
Hacking UNIX and VAX
Hacking UNIX on a VAX
Hacking VAX's & Unix
Hacking Webpages by Scrocklez Kilor
How to get into a webpages with a guiding methode and one of the easiest ways of getting superuser access through anonymous ftp access into a webpage. First you need learn a little about the password file.
Hacking Windows Users by protonigger
A comprehensive guide to remotely exploiting Windows home users.
Hacking credit card codes
Hacking passwords
Hacking techniques - from Out Of The Inner Circle
Hacking the vax - commands & default pws
Hacking tutorial
Hacking with Windows by OzScarecrow
This is a very easy method to hack using Windows.
Hacking your school by Timmeh
Have you ever dreamed of gaining total control of your school's computers? Now you can. I have tested this out so don't worry - it WILL work. I thought I should share this with all of you. All I can say is - HAVE FUN!!!
Hardening Windows NT Workstation
Edit your registry and make it much harder for hackers to crack into your Windows NT Workstation system.
Holding On To Root by Anonymous
This article is intended to show you how to hold onto root once you have it. It is intended for hackers and administrators alike.
Holding onto Root Access Once You Get It
How Hackers Do What They Do (DoD)
How Mitnick Hacked Tsutomu Shimomura with an IP Sequence Attack by Tsutomu Shimomura
Two different attack mechanisms were used. IP source address spoofing and TCP sequence number prediction were used to gain initial access to a diskless workstation being used mostly as an X terminal. After root access had been obtained, an existing connection to another system was hijacked by means of a loadable kernel STREAMS module.
How to Break Into Email Accounts by protonigger
A comprehensive guide to an all-to-commonly asked question.
How to Hack a Hotmail Account by Richard "Terminalkillah" Evans
To hack a hotmail account (well it isnt really hacking) download the trojan Sub7 send your victim (preferably your buddy's) the sub7 server with some lame exuse that it's porn or something. Make sure they install it.
How to Hack into VAX
How to Make alt. Newsgroups and Get Sysadmins to Carry Them
How to defeat security
How to dial out on the modem of a Unix system
How useful ARE longer passwords?
Info about pagers
Info on /dev/nit
Info on Dynamic Password Cards (Smartcards)
Internet FAQ: WWW, MUDs, Gophers, FTP, Finger, Etc
Interpreting Network Traffic: A Network Intrusion Detector's Look by Richard Bejtlich
While the interpretation techniques explained here are pertinent to activity logged by a NIDS or firewall, I approach the subject from the NIDS angle. This my favorite subject, and I present this data with a warning: know the inner workings of your NIDS, or suffer frequent false positives and false conclusions.
Introduction to VMS
Intrustion Detection Project (DoD)
List of all unix commands from Unix System V
Loads of great technical information on ATM cards
Local Area Detection of Incoming War Dial Activity by Dan Powell, Steve Schuster
Cracker attack plans often include attempts to gain access to target local computing and networking resources via war dialed entry around firewall-protected gateways. This paper describes two methods for organizations to reduce this risk in environments where removal of unknown modems is not feasible.
Magnetic Stripe Technology and Beyond
Mail Server Attack by Explicit
This is a little theory i have devloped and started to test but never followed through with attacking e-mail servers.
Management Guide to the Protection of Information
Management Guide to the Protection of Information Resources
Microsoft Passport Account Hijack Attack by Obscure
To steal the session cookie, there are three methods. In this paper I discuss the third option: Fooling the System.
Much information on ATMs and PIN security
Multilevel Security in the Department of the Defen
NARC's guide to UNIX
NCSA Draft Security Policy
NCSA Policy Concerning Secuity Product Reviews
NCSL Bulletin: Bibliography of computer security glossaries
NCSL Bulletin: Review of Federal Agency computer security
NFS Tracing by Passive Network Monitoring, 1992
NSA's ORANGE book on trusted computer systems
NTIS catalog of computer security products
Naval Surface Warfare Center AIS FAQ
Naval Surface Warfare Center AIS Security Domain E
Naval Surface Warfare Center's Risk Assesment Form
Naval Surface Warfare Center's Risk Assesment Form
Navy's Computer Incident Response Guidebook for In
NeXT Security Bugs
NetBIOS Hacking by XeNobiTe
This tutorial will explain how to connect to a remote computer which has file and print sharing on. (Windows 9x/ME)
Operations Security (OPSEC): The Basics
Packet Stealing with bind
Paper on Internet Security Attacks (Spoofing), 199
Password Cracking Using Focused Dictionaries by Paul Bobby
Can the chances of cracking an individual?s password be improved by using a more focused dictionary? This dictionary would contain words and information that have a specific relationship to the owner of the targeted password.
Playing Hide and Seek, Unix style by Phreak Accident
A "how-to" in successfully hiding and removing your electronic footprints while gaining unauthorized access to someone else's computer system (Unix in this case).
Professor Falken's Guide to Code Hacking
Psycho- Social Factors in the Implementation of Inf
RSTS Basic information
RSTS Hacking
RSTS Programming
RSTS commands
RSTS hacking
RSTSE Hacking (DEC)
Recovering from a UNIX Root Compromise
Reduce Net Zero to Zero by Anonymous
How to get rid of that annoying Net Z banner and gain a couple kb/s.
Remotely snarf yppasswd files
Security Guidelines for Goverment Employees
Signs That Your System Might Have Been Compromised
Simple Active Attack Against TCP by Laurent Joncheray
Passive attacks using sniffers are becoming more and more frequent on the Internet. The attacker obtains a user id and password that allows him to logon as that user. In order to prevent such attacks people have been using identification schemes such as one-time password [skey] or ticketing identification [kerberos].
Site Security Handbook
Sniffin' the Ether by Alaric
A sniffer is a program that puts a NIC (Network Interface Card), also known as an Ethernet card, (one of the necessary pieces of hardware to physically connect computers together) into what is known as promiscuous mode. Once the network card is set to this mode, it will give the sniffer program the ability to capture packets being transmitted over the network.
So you want to be a UNIX wizard?
Still MORE info on TRW
TCP/UDP Logfile Analysis: Overview of the Scripts
TRW Code Information
TRW Definiftions
TRW Info
Tactical Radio Frequency Communication Requirments
Take your laptop on the road - portable hacking
Technical Hacking
Technical Hacking Manual
Technical Hacking: Part One
Techniques Adopted by 'System Crackers' by FIST
Usually corporate networks are not designed and implemented with security in mind, merely functionality and efficiency, although this is good from a business standpoint in the short-term, security problems usually arise later, which can cost millions to solve in larger environments.
The #HACK FAQ
The Art of Rootkits by Cra58cker
This T-file will teach you about Application and Kernel based rootkits. Highly recommended for the beginners are advance *nix users. Have Phun!
The Basics of Hacking 3: Data
The Best beginners guide VMS
The Escapades of Captain Midnight
It started out as just another Saturday. April 26, 1986. John R. MacDougall, 25, spent the day alone at his satellite TV dealership in Ocala, Florida, waiting for customers who never came. "It was," he says, "a normal day in the doldrums of the satellite TV industry." But that night, MacDougall, 5 feet 11, 225 pounds, and prone to nervously running his fingers through his reddish blond hair and adjusting his glasses, would transform into Captain Midnight and set the world of satellite television spinning.
The Ethics of Hacking
The Ethics of Information Warfare and Statecraft by Dan Kuehl
What constitutes an "act of war" in the "information age. This is a question that most members of the "IW community" have wrestled with, and it's a question that places one squarely on the horns of a dilemma: if you cannot easily answer whether an act belongs to the legal codes of war or peace, how can you make a determination of the act's ethical status?
The Hacker's League
The NCSA Draft Security Policy for Organizations
The Navy's Fleet Network Operating System (NOS)
The Social Organization of the Computer Undergroun
The Strange Tale of the Attacks Against GRC.COM by Steve Gibson
Nothing more than the whim of a 13-year old hacker is required to knock any user, site, or server right off the Internet. I believe you will be as fascinated and concerned as I am by the findings of my post-attack forensic analysis, and the results of my subsequent infiltration into the networks and technologies being used by some of the Internet's most active hackers.
The Wonderful World of Pagers by Erik Bloodaxe
Screaming through the electromagnet swamp we live in are hundreds of thousands of messages of varying degrees of importance. Doctors, police, corporate executives, housewives and drug dealers all find themselves constantly trapped at the mercy of a teeny little box: the pager.
The basics of CBI
UNIX IP Stack Tuning Guide v2.7 by Rob Thomas
The purpose of this document is to strengthen the UNIX IP stack against a variety of attack types prevalent on the Internet today. This document details the settings recommended for UNIX servers designed to provide network intensive services such as HTTP or routing (firewall services).
UNIX Security by David A. Curry, SRI International
UNIX System Administrator Responsibilities (Navy R
UNIX Trojan Horses
US Military to Target APC in "Netwar"? by Chris Bailey
A study prepared for the US military on what they call "Netwar" concludes that they must center attention on countering the activities of NGOs using Internet communication.
Unix Myths
Unix Security Holes
Unix System Security Issues
ZZZ
ZZZZZ
This page Copyright © 1997-2008 totse.com.
totse.com certificate signatures
Minggu, 13 Juli 2008
Langganan:
Posting Komentar (Atom)
Tidak ada komentar:
Posting Komentar