• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns

Infocus: Pen-Test (Page 1 of 4)   1 2 3 4  Next >

Two attacks against VoIP
This purpose of this article is to discuss two of the most well known attacks that can be carried out in current VoIP deployments. The first attack demonstrates the ability to hijack a user's VoIP Subscription and subsequent communications. The second attack looks at the ability to eavesdrop in to VoIP communications.
By: Peter Thermos 2006-04-04
http://www.securityfocus.com/infocus/1862

Malicious Malware: attacking the attackers, part 2
This article explores measures to attack those malicious attackers who seek to harm our legitimate systems. The proactive use of exploits and bot networks that fight other bot networks, along with social engineering and attacker techniques are all discussed in an ethical manner. Part two of two.
By: Thorsten Holz, Frederic Raynal 2006-02-02
http://www.securityfocus.com/infocus/1857

Malicious Malware: attacking the attackers, part 1
This article explores measures to attack those malicious attackers who seek to harm our legitimate systems. The proactive use of exploits and bot networks that fight other bot networks, along with social engineering and attacker techniques are all discussed in an ethical manner. Part one of two.
By: Thorsten Holz, Frederic Raynal 2006-01-31
http://www.securityfocus.com/infocus/1856

Evading NIDS, revisited
This article looks at some of the most popular IDS evasion attack techniques, based on fragmentation or using the TTL field. Snort's configuration and response to these attacks will also be discussed.
By: Sumit Siddharth 2005-12-06
http://www.securityfocus.com/infocus/1852

Cisco SNMP configuration attack with a GRE tunnel
By: Mati Aharoni, William M. Hidalgo 2005-09-16
http://www.securityfocus.com/infocus/1847

WEP: Dead Again, Part 2
Part two of the WEP cracking series shows how active attacks can dramatically increase the rate of packet collection and speed up statistical attacks.
By: Michael Ossmann 2005-03-08
http://www.securityfocus.com/infocus/1824

Penetration Testing IPsec VPNs
This article discusses a methodology to assess the security posture of an organization's IPsec based VPN architecture.
By: Rohyt Belani, K. K. Mookhey 2005-02-09
http://www.securityfocus.com/infocus/1821

Blind Buffer Overflows In ISAPI Extensions
This paper will outline the risks ISAPI Extensions pose and how they can be exploited by third parties without any binary exposure or knowledge using blind stack overflows. This method can enable remote code execution in proprietary and third party applications.
By: Isaac Dawson 2005-01-25
http://www.securityfocus.com/infocus/1819

WEP: Dead Again, Part 1
This article is the first of a two-part series that looks at the new generation of WEP cracking tools for WiFi networks, which offer dramatically faster speeds for penetration testers over the previous generation of tools. In many cases, a WEP key can be determined in seconds or minutes.
By: Michael Ossmann 2004-12-14
http://www.securityfocus.com/infocus/1814

Metasploit Framework, Part 3
This third and final article in the Metasploit series covers the msfcli scripting interface as well as the intuitive web interface to the Framework. The article also discusses what's new with version 2.2, and then introduces the exploit development process through an example.
By: Pukhraj Singh, K.K. Mookhey 2004-09-14
http://www.securityfocus.com/infocus/1800

Pen-Test (Page 1 of 4)   1 2 3 4  Next >