GSO

Legacy Security Articles

Database security: protecting sensitive and critical information

By Scott C. Nevins

Bankers would be considered negligent if they locked a bank's outer doors and left the vault's doors open at night. Likewise, it doesn't make sense for an enterprise to lock down the network and leave databases vulnerable. Selectively protecting the most sensitive data that is at rest in databases from unauthorized access is critical, since that is where 90 percent of sensitive information resides.

The Ingredients to ARP Poison

By Seth Fogie, Cyrus Peikari OCT 18, 2002 By Seth Fogie, Cyrus Peikari. Article is provided courtesy of Prentice Hall PTR.

If you think the only thing between you and the Internet is a bunch of networking equipment, think again! Using ARP spoofing attacks, a hacker can see everything you send and receive from your computer. Cyrus Peikari and Seth Fogie discuss the theory of ARP spoofing and demonstrate how this type of attack is accomplished.

How to become a master Hacker

By Christopher Klaus

A Guide to Internet Security: Becoming an Uebercracker and Becoming an UeberAdmin to stop Uebercrackers.

Author: Christopher Klaus < This e-mail address is being protected from spambots. You need JavaScript enabled to view it >

Date: December 5th, 1993 .

Version: 1.1

Hacking the Linksys WRT54G Router #2

https://kinqpinz.info/
by meathive

++| CVE-2008-1247
----------------------
The web interface on the Linksys WRT54g router with firmware 1.00.9 does not require credentials when invoking scripts, which allows remote attackers to perform arbitrary administrative actions viaa direct request to (1) Advanced.tri, (2) AdvRoute.tri, (3) Basic.tri, (4) ctlog.tri, (5) ddns.tri, (6) dmz.tri, (7) factdefa.tri, (8) filter.tri, (9) fw.tri, (10) manage.tri, (11) ping.tri, (12) PortRange.tri,(13) ptrigger.tri, (14) qos.tri, (15) rstatus.tri, (16) tracert.tri, (17) vpn.tri, (18) WanMac.tri, (19) WBasic.tri, or (20) WFilter.tri.NOTE: the Security.tri vector is already covered by CVE-2006-5202.

Steps To Deface A Webpage (About Defacers)

First of all, I do not deface, I never have (besides friends sites as jokes and all in good fun), and never will. So how do I know how to deface? I guess I just picked it up on the way, so I am no expert in this. If I get a thing or two wrong I apoligize. It is pretty simple when you think that defacing is just replacing a file on acomputer. Now, finding the exploit in the first place, that takes skill, that

takes knowledge, that is what real hackers are made of. I don't encourage that you deface any sites, as this can be used get credit cards, get passwords, get source code, billing info, email databases, etc.. (it is only right to put up some kind of warning. now go have fun ;)

Hacking Techniques Bouncing Attacks

Welcome to the 2nd issue of Hacking Techniques. If you read the first one I am glad to see you liked it enough to want to read this one. This issue will focus on how hackers bounce their attacks so that they do not get caught and so they use the power of a *nix shell. As with the first one this tutorial can both be used by hackers and admins. Hackers will learn how to mount an attack and use proxies to help stay anonymous. Admins will learn how to prevent themselves from being used in an attack as a proxy and prevent stress. If you don't know what a proxy is or how to use a wingate you need to read this tutorial. People who run wingates, proxies, or give shells out also should go over this tutorial as to scare them into securing it. I'll go over a few other random things such as using routers as wingates, and using wingates to bounce your irc sessions.

Windows NT Registry Tutorial

By mailto: This e-mail address is being protected from spambots. You need JavaScript enabled to view it Technorati Tag: Windows Registry
What is the Registry?

The Registry is the central core registrar for Windows NT. Each NT workstation for server has its own Registry, and each one contains info on the hardware and software of the computer it resides on. For example, com port definitions, Ethernet card settings, desktop setting and profiles, and what a particular user can and cannot do are stored in the Registry. Remember those ugly system INI files in Windows 3.1? Well, they are all included with even more fun stuff into one big database called the Registry in NT.

Step-by-Step Guide to Using the Security Configuration Tool Set

Introduction

This step-by-step guide describes how to view, configure, and analyze local security policy and local security settings using various components of the Security Configuration Tool Set included with the Windows® 2000 operating system.

Hacking Your Computer - Physical Access is Total Access

by LysergicBliss

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Page 12 of 14

«
Start
Prev
11
12
13
14
Next
End
»

Get email updates

Stay Connected

RSS Vimeo Twitter Facebook Moby Picture

GovernmentSecurity.org is a collective of user submitted and syndicated content that is provided for reference purposes. GovernmentSecurity is not responsible for the content or external links found within. The content items are the sole responsibility of the users who have chosen to make information publicly available on the web. The articles and the opinions or information contained within are the creation of the individual and do not necessarily reflect the opinions of GovernmentSecurity.

GSO