Commonly overlooked audit trails on intrusions. This is my attempt of compiling a 'top list' of audit trails that are being left after intrusions where the intruders try to cover their tracks but don't do a good job. To put it short, there are actually a lot of audit trails on a normal UNIX system, which can almost all be overcome, but with some effort, that most intruders evade.
b16d1ecc218691d9dced63d62e760712A tutorial on how to write shellcode and exploits, and how buffer overflows work in general. It aims to be detailed and suitable for novice exploit coders with some C understanding.
20dde7bcc0210e65d823750810cfebd9A tutorial for a Unix newbie or semi-newbie who is interested in computer security and/or networking. Basic Local/Remote Unix Security: Change default configurations, basic packet filtering, how to secure your system's networking services (or completely remove them or some of them, in case you don't need them, in order to increate your computer's security), how to use, how to avoid trojans, what are sniffers, how to maintain local security between different users in your system (if you're not the only one using this system, whether it's locally or remotely), some stuff about SSH, how to protect yourself against computer viruses under the Unix system, what are security scanners and how to use them, why you should encrypt your important data and how etc'.
f3fcbdf2d5fdf2c69aa18c3ba2497651Power PC shellcode. LinuxPPC and BSD (darwin?) versions are included.
544ea5c5049203fa4db8159ed39bee81This paper will attempt to explain how to exploit a buffer overflow under alpha linux.
94b882751512d04ec72662890094c208Well written paper on securing linux for newbies. Lots of good and updated info. Version 1.1.
570672dea62d5322dd8a3af61496921fTutorial on a new way of exploiting buffer overflows (ret-into-libc).
567d84e713346700e3c79f318f95c78aPaper on writing advanced buffer overflow exploits. The early buffer overflow exploit codes only spawn a shell ( execute /bin/sh ). However, nowadays some of the buffer overflow exploit codes have very nice features. For example, passing through filtering, opening a socket, breaking chroot, and so on. This paper will attempt to explain the advanced buffer overflow exploit skill under intel x86 linux.
766c0b7ea7f39e69f2ab7dce3503415dImproving the Security of Your Site by Breaking Into It: Discussion of a number of commonly used attacks on UNIX systems, and how to check your systems for vulnerability to them
9263076a86ea1ed6433672a16ff4e69eLife Without Root: A method for authorizing users to perform certain system administration tasks without giving them the super-user password
db036d542aa53454f5503454ec32d190UNIX Password Security: A discussion of the importance of well-chosen passwords, and how passwords are cracked
3c8d71c2787c83c6a5383dc49ec62d85On the Security of UNIX: The original UNIX security paper
0aee70366340d619e2262b9f1401340aThe 'Session Tty' Manager: A method for controlling access to terminals by background processes after the user has logged out
789d924b9b1e382ba5c95ff4c901b921Improving the Security of Your UNIX System: A description of many of the security features of the average UNIX system, and how to use them
c52a4a9fa7497e501cb8f84d80fcd5b5UNIX Security Tools: An excellent summary of most of the public domain UNIX security tools, and where to obtain them
2f8e5396603ba8eb713b4974da1427dfThe Design and Implementation of Tripwire: A File System Integrity Checker: Tripwire computes checksums of files on the system, and then scans later for any changes to those files
66e85a10586dc2a38398ebf44ba36224Experiences With Tripwire: Using Integrity Checkers for Intrusion Detection: A description of how the Tripwire integrity checker has performed in the field
c9f69cefd7ca2199e43a1f88a71b60e4UNIX & Security: Describes many of the security features of the UNIX operating system, as well as features that could be added to result in an evaluatable system at Class C2
d1e921d3d8bab9f12e8226d64b883971UTnet Guide to UNIX System Security: A guide to UNIX security resources
c35b8874d1f348f9551e6e4782eb8cee
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed