Know Your Enemy: Honeynets

This paper focuses on what a Honeynet is, its value to the security community, how it works, and the risks/issues involved. This paper has been updated to include GenI, GenII, …

Know Your Enemy: Passive Fingerprinting

This paper details how to passively learn about the enemy, without them knowing about it. Specifically, how to determine the operating system of a remote host using passive …

Know Your Enemy: Worms at War

See how worms probe for and compromise vulnerable Microsoft Windows systems. Based on the first Microsoft honeypot compromised in the Honeynet Project. Read the paper in HTML …

Know Your Enemy: Motives

This paper studies the motives and psychology of the black-hat community, in their own words. Read the paper in HTML format here.

Know Your Enemy: A Forensics Analysis

This paper studies step by step a successful attack of a system. However, instead of focusing on the tools and tactics used, we focus on our analysis techniques and how we …

Know Your Enemy: III

What happens after the script kiddie gains root. Specifically, how they cover their tracks while they monitor your system. The paper goes through step by step on a system that …

Know Your Enemy: II

How to determine what the enemy is doing by analyzing your system log files. Includes examples based on two commonly used scanning tools, sscan and nmap. Read the paper in …

Know Your Enemy

The tools and methodology of the most common black-hat threat on the Internet, the Script Kiddie. By understanding how they attack and what they are looking for, you can …

A guide to System V Init

So here we go again. After you have exorcised all of the daemons that were haunting your system, you might be interested in all of the boring processes that occur when booting …