Whitepaper called DNS Service Oriented Denial of Service / Distributed Denial of Service Attacks. Written in Turkish.
65e8a925c1f765f5b5d447b24ea5fde3This whitepaper analyzes the MIDI remote code execution vulnerability found in the Windows Multimedia Library. Written in Turkish.
86b73a0bd44eecf2f0ae4fc449aeb170This is a brief whitepaper discussing how to set up QT Mobile Hotspot and YAMAS applications to man in the middle connections using your phone.
6756a8aa5d75c60ab30be7b7312b4fc3This document specifies an algorithm for the generation of TCP Initial Sequence Numbers (ISNs), such that the chances of an off-path attacker guessing the sequence numbers in use by a target connection are reduced. This document revises (and formally obsoletes) RFC 1948, and takes the ISN generation algorithm originally proposed in that document to Standards Track, formally updating RFC 793.
4bd9d141dba29f999534d68fbcf120f5BSides Detroit 12 has announced its Call For Presenters. It will take place June 1st through the 2nd in Detroit, Michigan.
29b6fbd2de729bd2ac17fede3c0a54d2The 2012 ASE/IEEE International Conference on Privacy, Security, Risk, and Trust and the 2012 ASE/IEEE International Conference on Cyber Security have both announced their call for papers.
675a999bdcaef5fd5cdd17d59020b93fThis is a short whitepaper written in French that is called Votre Premiere Exploitation de BOF.
978fb90d0bb2ace7992457cf683b21fdCall For Papers for MobiPST 2012 - The Second International Workshop on Privacy, Security and Trust in Mobile and Wireless Systems (MobiPST 2012) will be held in Munchen, Germany, July 30th through August 2nd, 2012.
f62eebe0acd97637ff892ef69a8fb38bThis is a brief whitepaper called A Backdoor in the Next Generation Active Directory.
4322964f07c8caf1a4bd6cd89912fef5The Nuit Du Hack Call For Papers has been announced. It will be held June 23rd, 2012 at the Disneyland Paris Conference Centre.
69f9dfa8aa9023b57716d506351a8a02This is a brief whitepaper discussing how to perform forensics on iOS 5 on the iPhone.
782903866dd7d55143c6835188eda2feThis is a short whitepaper that discusses common vulnerabilities in online payment systems.
f4267b132dd0f54dcdfcfb54738eda4eThis malware report is part 1 of 2. This report is an effort to track, categorize, contain, understand root cause and infection vector of said user account/s, networked equipment or computer/s. This report pertains to all incidents reported by TIER II help desk, TIER III engineers, customer complaints or random IT Security audit/finding/pen test.
69bc5bbf5b19339b58ee550bfdd3e451The paper demonstrates how traffic load of a shared packet queue can be exploited as a side channel through which protected information leaks to an off-path attacker. The attacker sends to a victim a sequence of identical spoofed segments. The victim responds to each segment in the sequence (the sequence is reflected by the victim) if the segments satisfy a certain condition tested by the attacker. The responses do not reach the attacker directly, but induce extra load on a routing queue shared between the victim and the attacker. Increased processing time of packets traversing the queue reveal that the tested condition was true. The paper concentrates on the TCP, but the approach is generic and can be effective against other protocols that allow to construct requests which are conditionally answered by the victim.
3f661f7510db6f7555090f64d98e634eThis is a brief whitepaper that discusses an overview of cloud computing and some high level security issues associated with it.
80f9e90e49daa507276c25a5cc3e0c1eSecurity Enhanced (SE) Android is a project to identify and address critical gaps in the security of Android. Initially, the SE Android project is enabling the use of SELinux in Android in order to limit the damage that can be done by flawed or malicious apps and in order to enforce separation guarantees between apps. However, the scope of the SE Android project is not limited to SELinux.
d0e9d57728138ba5cfb9040d0be8b788LACSEC 2012 Call For Presentations - The 7th Network Security Event for Latin America and the Caribbean will be held in Quito, Ecuador May 6th through the 11th, 2012.
8bb99ec92d235dd4ea484ce38c782494IPv6 Extension Headers with Neighbor Discovery messages can be leveraged to circumvent simple local network protections, such as "Router Advertisement Guard". Since there is no legitimate use for IPv6 Extension Headers in Neighbor Discovery messages, and such use greatly complicates network monitoring and simple security mitigations such as RA-Guard, this document proposes that hosts silently ignore Neighbor Discovery messages that use IPv6 Extension Headers. Revision 2 of this document. This revision includes, among other things, a discussion of possible issues with SEND as a result of IPv6 fragmentation.
bddd807b8490984a05656623cd777ccdThe AthCon 2012 Call For Papers has been announced. It will take place in Athens, Greece on May 3rd through the 4th, 2012.
f67b68982774a5f382e2c5ccb6ec220bWhitepaper called SafeSEH+SEHOP all-at-once bypass exploitation method principles.
83ce42a2ebc0a0cb5a110a97fb019c23Whitepaper called Buffer Overflows: Anatomy of an Exploit. A look at how systems are exploited and why these exploits exist.
5ed1c91a3ec36484f952cddff2c5778aThis Internet Draft focuses on providing advice to RA-Guard implementations, rather than on the evasion techniques that have been found effective against most popular implementations of RA-Guard.
1b5c636801345cb01aca19632ee04573Whitepaper called Linux Kernel Hooking, Data Manipulations and Making Root Exploits. Written in Turkish.
28fae139bde9a4dc5de620503482207dThis paper discusses a vulnerability in WPS that allows attackers to recover WPA/WPA2 keys in a matter of hours.
795e111de4ff159c05752bfb679f8945Whitepaper called Denial of Service attacks and mitigation techniques: Real time implementation with detailed analysis. Unlike other theoretical studies, this paper lays down the steps involved in implementing these attacks in real time networks. These real time attacks are measured and analyzed using network traffic monitors. In addition to that, this project also details various defense strategies that could be enabled on Cisco routers in order to mitigate these attacks. The detection and mitigation mechanisms designed here are effective for small network topologies and can also be extended to analogous large domains.
a7d283e69e99422e2fe86041f1af3f16
© 2011 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed