Expert analysis

This paper describes remote timing techniques based on TCP/IP intrinsic operation and options. The techniques are used for careful observation of the TCP/IP data stream to …

This paper presents a somewhat compute expensive way to detect or deny the activity of Trojan or otherwise modified executable files that may have been tampered with in any …

This paper details how to passively learn about the enemy, without them knowing about it. Specifically, how to determine the operating system of a remote host using passive …

See how worms probe for and compromise vulnerable Microsoft Windows systems. Based on the first Microsoft honeypot compromised in the Honeynet Project. Read the paper in HTML …

This paper studies the motives and psychology of the black-hat community, in their own words. Read the paper in HTML format here.

This paper studies step by step a successful attack of a system. However, instead of focusing on the tools and tactics used, we focus on our analysis techniques and how we …

What happens after the script kiddie gains root. Specifically, how they cover their tracks while they monitor your system. The paper goes through step by step on a system that …

How to determine what the enemy is doing by analyzing your system log files. Includes examples based on two commonly used scanning tools, sscan and nmap. Read the paper in …

The tools and methodology of the most common black-hat threat on the Internet, the Script Kiddie. By understanding how they attack and what they are looking for, you can …

So here we go again. After you have exorcised all of the daemons that were haunting your system, you might be interested in all of the boring processes that occur when booting …

There are always some little touches left to make your linux even a bit more secure, involving suid, nouser, sudo and etc. Now, this article is newbie friendly, but it also …

Everybody and their mom uses cgi-bin’s in some way or another on their web pages, or on their web server, aware or not of that fact. Today’s not so hot topic is …