Hakin9 :: Download

In Part I of this article we introduced the scenario described in the Third Forensic Challenge organised by the UNAM-CERT (Mexico) back in 2006.

The System Administrator knew something was wrong when he saw
there was an additional user account on the Web-based Enterprise
Resource Planning (ERP) system that he administered. He kept the
system updated and patched, but he now suspects that the system
has been hacked and compromised. Now, as a computer forensic
investigator, you will have to find out if there was any unauthorized
access, how it happened and what was the extent of the damage.

OpenSSL is an excellent open source software that implements protocols such as SSL v2/v3 and TLS v1 as well as a full-strength general purpose cryptography library.

It seems like not a day passes without seeing a website that is vulnerable to user enumeration. No matter if the website is small or large, so many developers don’t seem to know the difference between good user feedback and providing too much information.

The increased prevalence of malicious Portable Document Format (PDF) files has generated interest in techniques to perform malware analysis of such documents.

Nicholas J. Percoco has more than 12 years of information security experience. He leads the SpiderLabs team at Trustwave with a focus on Penetration Testing, Application Security and Forensics.

The Metasploit Framework is a program and subproject
developed by Metasploit LLC. It was initially created in 2003 in the
Perl programming language, but was later completely re-written
in the Ruby Programming Language.

Raffael Marty is a Chief Security Strategist and Director of Product Management at Splunk. As customer advocate and guardian – he focuses on using his skills in data visualisation, log management, intrusion detection, and compliance. He has built numerous log analysis systems and implemented use-cases for hundreds of customers that deal with log management challenges on a daily basis.

Engarde Secure Linux, out of the box Linux distribution built for what the name says, Secure (security). Engarde Secure Linux does just that for your server with easy to setup user restrictions, trusted hosts, Firewall protection etc via the GDWT (Guardian Digital WebTool).

This article is an introduction to analyzing malware. I will take you through the basic steps you need to perform in order to understand what malware is doing to your systems.

On this particular Pentest I connected to the client’s wireless connection. After I connected I immediately checked for open shares. Previously I have been lucky and on this particular Pentest luck happened to be on my side.

Security issues arise from the fact that a limited user has full
control over his own processes on the Windows platform.
Security mechanisms implemented in the user’s own processes
can be bypassed.

Penetration testers are frequently called upon to upload netcat to compromised computers to gain a command line.Security professionals work with many tools that AV vendors have labeled “hacker tools.” In the interest of enforcing common corporate policy, AV vendors rigorously quarantine and delete these tools.

Most of all companies only provide a very restrictive environment. While Network and Security Adminstrators do their job, securing the enterprise network from intruders, users are trying to compromise perimeter security to get more than is allowed. Surfing the www and googling provides a huge knowledge on how to greak firewalls, proxies, anti-virus appliances and so on.

Learning something new is a wonderful thing. However,
with all the security training on offer right now, how do you know what’s right for you?

Client-side exploit are some of the most commonly seen exploits and this is mainly due to the fact that traditional perimeter security (firewalls, router access lists) offer little or no protection against these kinds of exploits. This is due to the fact that clientside exploits target vulnerabilities on the client applications.