Articles |
| Brain Surgery Helps a Mute Man Speak | A surgical procedure performed by a team from Boston University, Massachusetts led by Professor Frank Guenther, has enabled a mute man to speak again. An electrode implanted in the patient’s brain made it possible for the patient to produce vowels by thinking them, using a speech synthesizer. In the future, this breakthrough may help patients with similar injuries produce entire sentences, using signals from their brains. |
| Buffer Overflow Attacks and Their Countermeasures | Buffer overflow problems always have been associated with security vulnerabilities. In the past, lots of security breaches have occurred due to buffer overflow. This article attempts to explain what buffer overflow is, how it can be exploited and what countermeasures can be taken to avoid it. |
| Bypass Windows heap protection | Windows heap overflows have become increasingly popular over the last couple of years. Papers like, "Third Generation Exploitation" or, "Windows Heap Overflows" introduced the internal structure and handling mechanisms of Windows heaps, and presented ways to exploit heap-based buffer overflows. Techniques to make highly reliable exploits were presented in the paper, "Reliable Windows Exploits". Heap exploitation is now mastered for systems such as Windows XP, Windows XP SP1 and Windows 2000. |
| Cisco Network Security with ACL | This chapter describes how to use access control lists (ACLs) to configure network security on the Catalyst 4000 family switches. Great article to read if you're configuring enterprise level network security. |
| Cisco SNMP configuration attack with a GRE tunnel | The fact that SNMP is based on UDP makes it that much more interesting. Being a connectionless protocol, UDP is vulnerable to IP spoofing attacks. With a couple of Cisco routers in your organization, you're ready to do some testing and see what can be done in Cisco land. Sniff remote networks by abusing GRE tunnels. |
| Coding around UAC | Windows Vista's newly-implemented security limitations are artificial at best, easy to code around, and only there to give the impression of security. Any program that UAC blocks from starting up "for good security reasons" can be coded to work around these limitations with (relative) ease. The "architectural redesign" of Vista's security framework isn't so much a rebuilt system as much as it is a makeover, intended to give the false impression of a more secure OS. |
| Cognitive Threat Classification | A report on the importance of network intrusion detection systems and why the current models for IDS have failed and are unsalvageable. Why being able to classify threat is important to maintaining security on the Internet. What the current approaches are, why they have failed and why they are doomed to continue failing. How cognitive systems offer the promise of being able to solve these problems. How these cognitive threat assessment algorithms would work, and how they would classify traffic intelligently into threat categories. |
| Configure Your Catalyst for a More Secure Layer 2 | An often overlooked arena is local network security. Enhance layer 2 security with these tips for hardening the cisco catalyst series switches. |
| Coping with Scoping | Every programming language has a philosophy, and these days most of these philosophies have to do with the way the names of variables are managed. Details of which variables are visible to which parts of the program, and what names mean what, and when, are of prime importance. The details vary from somewhat baroque, in languages like Lisp, to extremely baroque, in languages like C++. Perl unfortunately, falls somewhere towards the rococo end of this scale. The problem with Perl isn't that it has no clearly-defined system of name management, but rather that it two systems, both working at once. Here's the Big Secret about Perl variables that most people learn too late: Perl has two completely separate, independent sets of variables. One is left over from Perl 4, and the other is new. The two sets of variables are called `package variables' and `lexical variables', and they have nothing to do with each other. |
| Create a secure Linux-based wireless access point | Wi-Fi Protected Access version 2 (WPA2) is becoming the de facto standard for securing wireless networks, and a mandatory feature for all new Wi-Fi products certified by the Wi-Fi Alliance. We all know the security weaknesses of its predecessor, WEP; this time they got it right. Here's how to implement the WPA2 protocol on a Linux host and create a secure wireless access point (WAP) for your network. |
| Creating a rogue CA certificate | We have identified a vulnerability in the Internet Public Key Infrastructure (PKI) used to issue digital certificates for secure websites. As a proof of concept we executed a practical attack scenario and successfully created a rogue Certification Authority (CA) certificate trusted by all common web browsers. This certificate allows us to impersonate any website on the Internet, including banking and e-commerce sites secured using the HTTPS protocol. Our attack takes advantage of a weakness in the MD5 cryptographic hash function that allows the construction of different messages with the same MD5 hash. This is known as an MD5 "collision". Previous work on MD5 collisions between 2004 and 2007 showed that the use of this hash function in digital signatures can lead to theoretical attack scenarios. Our current work proves that at least one attack scenario can be exploited in practice, thus exposing the security infrastructure of the web to realistic threats. |
| Data Recovery on Linux and ext3 | This article discusses the process of recovering deleted data from an ext3 partition, on a system running Linux, using a process called data carving. This basic technique is useful in any number of situations, such as recovering data that has been accidentally deleted by a user, information removed in an attempt to erase signs of a system intrusion that could be used to track the source, or data erased by an end-user attempting to cover up an acceptable use policy infraction. |
| Debunking the Linux virus myth | Linux and UNIX-like operating systems in general are regarded as being more secure for the common user, in contrast with operating systems that have "Windows" as part of their name. Why is that? When entering a dispute on the subject with a Windows user, the most common argument he tries to feed me is that Windows is more widespread, and therefore, more vulnerable. Apart from amusing myths like "Linux is only for servers" or "does it have a word processor?", the issue of Linux desktop security is still seriously misunderstood. |
| Defeating Microsoft Windows XP SP2 Heap protection | Windows XP Service Pack 2 uses two general categories of protection measures to inhibit buffer-overrun attacks. On CPUs that support it, the operating system can turn on the execution protection bit for virtual memory pages that are supposed to hold only data. On all CPUs, the operating system is now more careful to reduce both stack and heap buffer overruns, using "sandboxing" techniques. This paper demostrates the weaknesses in the SP2 buffer overrun protection and how to bypass said protection. |
| diversity and multiculturalism: the new racism | Many people have a very superficial view of racism. They see it as merely the belief that one race is superior to another. It is much more than that. It is a fundamental (and fundamentally wrong) view of human nature. Racism is the notion that one's race determines one's identity. It is the belief that one's convictions, values and character are determined not by the judgment of one's mind but by one's anatomy or "blood." |
| Last Modified : May 29, 2009 |
