Bypassing network access control (NAC) systems - This whitepaper examines the different strategies used to provide network access controls. The flaws associated with the different network access control (NAC) solutions are also presented. These flaws allow the complete bypass of each and every NAC mechanism currently offered on the market.
7dc8e38caef9108f721a21493544a4ba21ddafddf32210c7962320556e319394Xprobe2 is a remote active OS fingerprinting tool which uses advanced techniques such as fuzzy logic.
12a9d0a2f38da8bb74c9e1cd96b2019802632cf55f8948384aafd417bb79a164Xprobe2 0.2.2 is a remote active OS fingerprinting tool which uses advanced techniques such as fuzzy logic.
bfe28acfadb1c41490347ff80010ed5272e944a5815887a49a8c7804009fd2f5Xprobe2 is a remote active operating system fingerprinting tool. Xprobe2 uses advanced techniques, such as the usage of fuzzy logic to match fingerprinting results with the tool's signature database and unique fingerprinting methods to provide accurate results.
a7c860e4e8a3594085cb1bdd36e217130c0b305b4b86ba63af7e86675be16fc9Xprobe2 is a fuzzy remote OS fingerprinting tool with functionality that is heavily based on Xprobe, but also uses other OS fingerprinting techniques.
39ae8f922b7ad534dc831806dfe878af00f52f8ad85783f7631269f2cfe573b5Multiple platforms ethernet Network Interface Card (NIC) device drivers incorrectly handle frame padding, allowing an attacker to view slices of previously transmitted packets or portions of kernel memory due to poor programming practices. Several implementation methods are discussed in this white paper.
daec269b3fe04ddf8ce145fdfc529beb7cb202da14e9fcd184457b800d6f711dAtstake Security Advisory A010603-1 - Multiple platform ethernet Network Interface Card (NIC) device drivers incorrectly handle frame padding, allowing an attacker to view slices of previously transmitted packets or portions of kernel memory. This vulnerability is the result of incorrect implementations of RFC requirements and poor programming practices, the combination of which results in several variations of this information leakage vulnerability. The simplest method to implement this attack is to send ICMP packets and watch for kernel memory in the replies. PDF report on this issue available here.
08e892f8893b2271d8dd4a438785fa2838ad83e1bafff8e9b8f1aa5864ceb555IP Telephony based networks, which might be a core part of our Telephony infrastructure in the near future, introduce caveats and security concerns which traditional telephony based networks do not have to deal with, have long forgotten about, or have learned to cope with. The security risk is usually overshadowed by the technological hype and the way IP Telephony equipment manufacturers push the technology to the masses. This paper highlights the different security risk factors with IP Telephony based networks.
10fdc19e837a48d2132e421740f1be97f5a4b7f2e8d40525080b86f72461e49fThe Cisco SIP-based IP Phone 7960 contains severe vulnerabilities which allow complete control of a user's credentials; total subversion of a user's settings for the IP Telephony network, and the ability to subvert the entire IP Telephony environment. Malicious access to a user's credentials enables "Call Hijacking", "Registration Hijacking", "Call Tracking", and other voice related attacks.
775d0f76b0e61116c24faadb64e4e6d7c65c070d2fdff3244d75ff800336571fICMP Usage in Scanning v3.0 - This paper outlines what can be done with the ICMP protocol regarding scanning. Although it may seem harmless at first glance, this paper includes details on plain Host Detection techniques, Advanced Host Detection techniques, Inverse Mapping, Trace routing, OS fingerprinting methods with ICMP, and which ICMP traffic should be filtered on a Filtering Device.
75cc3f1aca7052c3ce41ac23e57dd34c03d0762e2b433480c810bfd580de6b74ICMP Usage in Scanning v2.5 - This paper outlines what can be done with the ICMP protocol regarding scanning. Although it may seem harmless at first glance, this paper includes details on plain Host Detection techniques, Advanced Host Detection techniques, Inverse Mapping, Trace routing, OS fingerprinting methods with ICMP, and which ICMP traffic should be filtered on a Filtering Device.
f24d4c556d3ee9ffcb8171a788a947a60fbd2ff30a032eb88fe0fcf710c8c75fThe following problem (as discussed in this paper) has not yet been identified. Certain firewalls today, will not authenticate the validity of certain protocol fields within the packet they are processing. The risk is exposure of information, mainly unique patterns of behavior produced by the probed machines answering our crafted queries. Those patterns will help a malicious computer attacker to identify the operating systems in use. Postscript version available here.
01f95aa24a6313bdb216740349840e313f3e263f418774043ced01d6a4d91d56ICMP Usage in Scanning v2.01 - This paper outlines what can be done with the ICMP protocol regarding scanning. The paper deals with plain Host Detection techniques, Advanced Host Detection techniques, Inverse Mapping, Trace routing, OS fingerprinting methods with ICMP, and which ICMP traffic should be filtered on a Filtering Device.
1ff9c1a751e358458994c2d61f241f21e90f086d7913e3155237dfdc53b0edabThis is a list of the ports which trojans run on. Updated Aug 2000, lists 350 trojans and thier default port. Newest version of this list available here. Archive password is set to p4ssw0rd. Use at your own risk.
3e1809812271d23eb04ede26e54c8aa3db1ba2160ff2c809ca459101541ee74aWindows 2000 machines can reliably be identified remotely because they do not correctly respond to ICMP query messages with a nonstandard Type-of-Service value.
47afc4eb164d7d4d223a0ea4749e7ca0101efeb95f9269d96b699b461e1f7355ICMP Usage in Scanning - The Internet Control Message Protocol is one of the most complex protocols in the TCP/IP protocol suite regarding its security hazards. This paper gives very in depth information, including discussion of all the ICMP types, ICMP sweeps, host detection using ICMP error messages, ACL detection, Inverse mapping, OS fingerprinting, filtering ICMP, and much more.
cba2c555ea2ff70406bd3779943851977291fe2773d03df8d43d252019598a28
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed