«
Expand/Collapse
285 items tagged "packet"
Related tags:
zero [+],
packet trace [+],
november [+],
smb [+],
samba [+],
memory corruption [+],
mandriva [+],
december [+],
packet storm [+],
exploits [+],
storm [+],
new [+],
linux security [+],
denial of service [+],
chaos communication congress [+],
zero day [+],
server authentication [+],
september [+],
security vulnerabilities [+],
random port [+],
pkd [+],
packet generator [+],
may [+],
kernel module [+],
june [+],
july [+],
january [+],
ipt [+],
independent network [+],
hyenae [+],
february [+],
f22 raptor [+],
august [+],
attack [+],
tool [+],
tgz [+],
tar bz2 [+],
tar [+],
t50 [+],
sukhoi [+],
stress testing [+],
service vulnerability [+],
pak [+],
october [+],
archive [+],
service [+],
april [+],
network [+],
packetfence [+],
network access control [+],
nac system [+],
large heterogeneous networks [+],
utf 8 [+],
tcp ip stack [+],
tcp [+],
stack buffer [+],
simple [+],
server [+],
security advisory [+],
scapy [+],
random bytes [+],
python interpreter [+],
port tcp [+],
packet type [+],
packet storm security [+],
packet size [+],
packet sender [+],
oriented programming language [+],
op code [+],
network discovery tool [+],
message packet [+],
march [+],
manipulation tool [+],
manager. authentication [+],
mac os x [+],
mac os [+],
mac [+],
lowpan [+],
license server [+],
jdenet [+],
jd edwards [+],
ipv [+],
indefinite periods [+],
hannes mehnert [+],
file [+],
emc documentum [+],
dylan [+],
dsl [+],
documentum eroom [+],
day [+],
concept application [+],
code [+],
buffer [+],
based buffer overflow [+],
authorization mechanism [+],
ascii keyboard [+],
application [+],
andreas bogk [+],
academic proof [+],
x widget [+],
vulnerable version [+],
travis goodspeed [+],
traffic [+],
tiger [+],
tcp traffic [+],
slides [+],
rlc [+],
remote computer [+],
radio interference [+],
radio [+],
qos [+],
protocol stacks [+],
protocol [+],
pip [+],
packetstormsecurity [+],
packet data services [+],
news [+],
malformed [+],
magic packet [+],
injection [+],
icmp [+],
harald welte [+],
dns [+],
defect [+],
covert channel [+],
checksum [+],
buffer overflow vulnerability [+],
bind [+],
authoritative servers [+],
Software [+],
transparent proxying [+],
network address translation [+],
iptables [+],
linux [+],
iptables firewall [+],
winlog [+],
wep [+],
usa [+],
united states [+],
spa [+],
sniffing [+],
sip [+],
single [+],
security models [+],
security [+],
sans [+],
read [+],
protest [+],
problme [+],
privilege escalation vulnerability [+],
philippe biondi [+],
networking [+],
network traffic [+],
network stress [+],
network packet [+],
local privilege escalation [+],
linux wireless [+],
linux tools [+],
kismet [+],
joey bernard [+],
isp internet service [+],
internet telephony service providers [+],
internet telephony service [+],
internet control message protocol [+],
injector [+],
hacks [+],
hacking [+],
hack [+],
generation [+],
gation [+],
free software updates [+],
filter rules [+],
filter [+],
fil [+],
experimental [+],
eapol [+],
dos vulnerability [+],
datagram [+],
crack [+],
codecs [+],
cisco telepresence [+],
cisco security advisory [+],
cisco security [+],
cisco ios [+],
cisco aironet [+],
cisco [+],
bugtraq [+],
bpf [+],
black hat [+],
biondi [+],
audio [+],
apple ios [+],
aircrack ng [+],
aircrack [+],
advisory [+],
act two [+],
Tools [+],
Technologies [+],
Release [+],
Metrics [+],
wireshark [+],
vulnerability [+],
mandriva linux [+],
xxx,
wireless lan cards,
wireless lan card,
wi fi,
whay,
wep wpa,
wep key cracking,
vmware,
version,
time,
texas instruments pci 1410,
texas,
test,
tar gz,
table,
t shirts,
stealth scan,
sony vaio vgn,
sending,
request function,
programming microcontrollers,
program,
problem,
open source tool,
open,
nbsp,
name,
microseconds,
marvell yukon 88e8036,
laws murky,
lan,
ibm t61,
goodfet,
dns resolution,
dissector,
debugger,
datapacket,
data packet,
controller. my,
cant remeber,
buffer overflow attack,
authentication request,
authentication,
and,
Wireless,
Newbie,
Fixes,
Bugs,
BackTrack,
Area
-
-
![Permalink for '[Audio] Packet Sniffing'](/themes/lilina/web//media/mark_off.gif.pagespeed.ce.FiDKaoEBZK.gif)
7:05
»
SecDocs
Tags:
sniffer Event:
DEFCON 5 Abstract: He will define the idea, explain everything from 802.2 frames down to the TCP datagram, and explain the mechanisms (NIT, bpf) that different platforms provide to allow the hack
-
-
18:00
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
18:00
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
18:00
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
-
16:11
»
Packet Storm Security Recent Files
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
16:11
»
Packet Storm Security Tools
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
16:11
»
Packet Storm Security Misc. Files
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
-
20:35
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
20:35
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
20:35
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
-
23:40
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2012-125 - It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. This advisory provides the latest version of Wireshark (1.4.14, 1.6.8) which is not vulnerable to these issues.
-
23:40
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2012-125 - It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. This advisory provides the latest version of Wireshark (1.4.14, 1.6.8) which is not vulnerable to these issues.
-
23:40
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2012-125 - It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. This advisory provides the latest version of Wireshark (1.4.14, 1.6.8) which is not vulnerable to these issues.
-
23:40
»
Packet Storm Security Misc. Files
Mandriva Linux Security Advisory 2012-125 - It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. This advisory provides the latest version of Wireshark (1.4.14, 1.6.8) which is not vulnerable to these issues.
-
23:40
»
Packet Storm Security Misc. Files
Mandriva Linux Security Advisory 2012-125 - It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. This advisory provides the latest version of Wireshark (1.4.14, 1.6.8) which is not vulnerable to these issues.
-
-
20:40
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
20:40
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
20:40
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
17:19
»
Packet Storm Security Recent Files
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
17:19
»
Packet Storm Security Tools
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
17:19
»
Packet Storm Security Misc. Files
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
-
14:02
»
SecDocs
Authors:
Andreas Bogk Hannes Mehnert Tags:
TCP/IP Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: We present a domain-specific language (DSL) capable to describe ad-hoc defined protocols like TCP/IP. Additionally we developed other libraries, like a flow graph for packet processing and a layering mechanism for protocol stacking, to get a complete TCP/IP stack. The security industry is in a paradox situation: many security appliances and analysis tools, be it IDS systems, virus scanners, firewalls or others, suffer from the same weaknesses as the systems they try to protect. What makes them vulnerable is the vast amount of structured data they need to understand to do their job, and the bugs that invariably manifest in parsers for complex protocols if written in unsafe programming languages. We present the design and implementation of a domain-specific language (DSL) for description of structured byte-oriented protocols that addresses this problem. The DSL is applicable to a wide range of problems, such as network communication or file formats, and allows the programmer to write an abstract definition of some packet format, from which parsers and generators are then created automatically. That mechanism saves the programmer from tedious manual work for supporting new protocols, and at the same time prevents him from introducing vulnerabilities into the parsing process. Our DSL is implemented on top of Dylan, a dynamically typed, object-oriented programming language. It makes heavy use of the Dylan macro facility to extend the language for the domain of packet format description, without sacrificing performance in the process. Beyond the safety gained by automating the parser creation process, Dylan provides additional security by its strong typing, mandatory bounds checking and automated memory management. We also show the implementation of a userland TCP/IP stack, which uses the packetizer DSL for description of network packet formats, as well as a packet flow graph framework for packet processing and a layering mechanism for protocol handling.
-
14:01
»
SecDocs
Authors:
Andreas Bogk Hannes Mehnert Tags:
TCP/IP Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: We present a domain-specific language (DSL) capable to describe ad-hoc defined protocols like TCP/IP. Additionally we developed other libraries, like a flow graph for packet processing and a layering mechanism for protocol stacking, to get a complete TCP/IP stack. The security industry is in a paradox situation: many security appliances and analysis tools, be it IDS systems, virus scanners, firewalls or others, suffer from the same weaknesses as the systems they try to protect. What makes them vulnerable is the vast amount of structured data they need to understand to do their job, and the bugs that invariably manifest in parsers for complex protocols if written in unsafe programming languages. We present the design and implementation of a domain-specific language (DSL) for description of structured byte-oriented protocols that addresses this problem. The DSL is applicable to a wide range of problems, such as network communication or file formats, and allows the programmer to write an abstract definition of some packet format, from which parsers and generators are then created automatically. That mechanism saves the programmer from tedious manual work for supporting new protocols, and at the same time prevents him from introducing vulnerabilities into the parsing process. Our DSL is implemented on top of Dylan, a dynamically typed, object-oriented programming language. It makes heavy use of the Dylan macro facility to extend the language for the domain of packet format description, without sacrificing performance in the process. Beyond the safety gained by automating the parser creation process, Dylan provides additional security by its strong typing, mandatory bounds checking and automated memory management. We also show the implementation of a userland TCP/IP stack, which uses the packetizer DSL for description of network packet formats, as well as a packet flow graph framework for packet processing and a layering mechanism for protocol handling.
-
14:01
»
SecDocs
Authors:
Andreas Bogk Hannes Mehnert Tags:
TCP/IP Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: We present a domain-specific language (DSL) capable to describe ad-hoc defined protocols like TCP/IP. Additionally we developed other libraries, like a flow graph for packet processing and a layering mechanism for protocol stacking, to get a complete TCP/IP stack. The security industry is in a paradox situation: many security appliances and analysis tools, be it IDS systems, virus scanners, firewalls or others, suffer from the same weaknesses as the systems they try to protect. What makes them vulnerable is the vast amount of structured data they need to understand to do their job, and the bugs that invariably manifest in parsers for complex protocols if written in unsafe programming languages. We present the design and implementation of a domain-specific language (DSL) for description of structured byte-oriented protocols that addresses this problem. The DSL is applicable to a wide range of problems, such as network communication or file formats, and allows the programmer to write an abstract definition of some packet format, from which parsers and generators are then created automatically. That mechanism saves the programmer from tedious manual work for supporting new protocols, and at the same time prevents him from introducing vulnerabilities into the parsing process. Our DSL is implemented on top of Dylan, a dynamically typed, object-oriented programming language. It makes heavy use of the Dylan macro facility to extend the language for the domain of packet format description, without sacrificing performance in the process. Beyond the safety gained by automating the parser creation process, Dylan provides additional security by its strong typing, mandatory bounds checking and automated memory management. We also show the implementation of a userland TCP/IP stack, which uses the packetizer DSL for description of network packet formats, as well as a packet flow graph framework for packet processing and a layering mechanism for protocol handling.
-
-
14:39
»
Packet Storm Security Recent Files
Simple Packet Sender (SPS) is a Linux packet crafting tool. It supports IPv4, IPv6 (but not extension headers yet), and tunneling IPv6 over IPv4. Written in C on Linux with GUI built using GTK+. Both source and binaries are included. Features include packet crafting and sending one, multiple, or flooding packets of type TCP, ICMP, or UDP. All values within ethernet frame can be modified arbitrarily. Supports TCP, ICMP and UDP data as well, with input from either keyboard as UTF-8/ASCII, keyboard as hexadecimal, or from file. Various other features exist as well.
-
14:39
»
Packet Storm Security Tools
Simple Packet Sender (SPS) is a Linux packet crafting tool. It supports IPv4, IPv6 (but not extension headers yet), and tunneling IPv6 over IPv4. Written in C on Linux with GUI built using GTK+. Both source and binaries are included. Features include packet crafting and sending one, multiple, or flooding packets of type TCP, ICMP, or UDP. All values within ethernet frame can be modified arbitrarily. Supports TCP, ICMP and UDP data as well, with input from either keyboard as UTF-8/ASCII, keyboard as hexadecimal, or from file. Various other features exist as well.
-
14:39
»
Packet Storm Security Misc. Files
Simple Packet Sender (SPS) is a Linux packet crafting tool. It supports IPv4, IPv6 (but not extension headers yet), and tunneling IPv6 over IPv4. Written in C on Linux with GUI built using GTK+. Both source and binaries are included. Features include packet crafting and sending one, multiple, or flooding packets of type TCP, ICMP, or UDP. All values within ethernet frame can be modified arbitrarily. Supports TCP, ICMP and UDP data as well, with input from either keyboard as UTF-8/ASCII, keyboard as hexadecimal, or from file. Various other features exist as well.
-
-
15:51
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
15:51
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
15:51
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
-
12:00
»
Packet Storm Security Recent Files
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
12:00
»
Packet Storm Security Tools
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
12:00
»
Packet Storm Security Misc. Files
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
-
19:53
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2012-080 - It may be possible to make Wireshark hang for long or indefinite periods by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. This advisory provides the latest version of Wireshark which is not vulnerable to these issues.
-
19:53
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2012-080 - It may be possible to make Wireshark hang for long or indefinite periods by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. This advisory provides the latest version of Wireshark which is not vulnerable to these issues.
-
19:53
»
Packet Storm Security Misc. Files
Mandriva Linux Security Advisory 2012-080 - It may be possible to make Wireshark hang for long or indefinite periods by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. This advisory provides the latest version of Wireshark which is not vulnerable to these issues.
-
-
19:25
»
Packet Storm Security Misc. Files
This archive contains all of the 310 exploits added to Packet Storm in April, 2012.
-
-
18:08
»
Packet Storm Security Recent Files
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
18:08
»
Packet Storm Security Tools
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
18:08
»
Packet Storm Security Misc. Files
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
-
11:13
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
11:13
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
11:13
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
-
21:32
»
SecDocs
Authors:
Harald Welte Tags:
GSM phone Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: Almost everyone uses the packet oriented transmission modes of cellular networks. However, unlike TCP/IP, Ethernet and Wifi, not many members of the hacker commnunity are familiar with the actual protocol stack for those services. This talk is aimed to give an in-depth explanation how the lower layer protocols on the air and wired interfaces for packet data services in cellular networks are structured. For 2.5/2.75G, this includes RLC/MAC, NS, BSSGP, LLC, SNDCP, GTP For 3G/3.5G, this includes RRC, RLC, PDCP, NBAP, RANAP
-
21:32
»
SecDocs
Authors:
Harald Welte Tags:
GSM phone Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: Almost everyone uses the packet oriented transmission modes of cellular networks. However, unlike TCP/IP, Ethernet and Wifi, not many members of the hacker commnunity are familiar with the actual protocol stack for those services. This talk is aimed to give an in-depth explanation how the lower layer protocols on the air and wired interfaces for packet data services in cellular networks are structured. For 2.5/2.75G, this includes RLC/MAC, NS, BSSGP, LLC, SNDCP, GTP For 3G/3.5G, this includes RRC, RLC, PDCP, NBAP, RANAP
-
-
20:59
»
Packet Storm Security Recent Files
This whitepaper discusses using ICMP as a covert tunnel for traffic. An example of this technique is tunneling complete TCP traffic over ping requests and replies. More technically it works by injecting arbitrary data into an echo packet sent to a remote computer. The remote computer replies in the same manner, injecting an answer into another ICMP packet and sending it back.
-
20:59
»
Packet Storm Security Misc. Files
This whitepaper discusses using ICMP as a covert tunnel for traffic. An example of this technique is tunneling complete TCP traffic over ping requests and replies. More technically it works by injecting arbitrary data into an echo packet sent to a remote computer. The remote computer replies in the same manner, injecting an answer into another ICMP packet and sending it back.
-
-
21:55
»
SecDocs
Authors:
Travis Goodspeed Tags:
wireless WiFi Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: New to 2011, Packet-in-Packet exploits allow for injection of raw radio frames into remote wireless networks. In these exploits, an attacker crafts a string that when transmitted over the air creates the symbols of a complete and valid radio packet. When radio interference damages the beginning of the outer packet, the receiver is tricked into seeing only the inner packet, allowing a frame to be remotely injected. The attacker requires no radio, and injection occurs without a software or hardware bug. This lecture presents the first implementation of Packet-in-Packet injection for 802.11B, allowing malicious PHY-Layer frames to be remotely injected. The attack is standards-compliant and compatible with all vendors and drivers. Unlike the simpler implementations for 802.15.4 and 2FSK, 802.11B presents a number of unique challenges to the PIP implementer. A single packet can use up to three symbol sets and three data-rates, switching rates once within the header and a second time for the beginning of the body. Additionally, a 7-bit scrambler randomizes the encoding of each packet, so the same string of text can be represented 128 different ways at the exact same rate and encoding. This lecture presents the first implementation of Packet-in-Packet injection for 802.11B, allowing malicious PHY-Layer frames to be remotely injected. The attack is standards-compliant and compatible with all vendors and drivers. As a demo, we intend to present a malicious string which can be embedded in any file with lots of slack space, such as an ISO image. When this image is downloaded over HTTP on 802.11B, beacon frames will be injected. For the demo, we will be injecting the SSID stack buffer overflow frames from Uninformed Volume 6.
-
-
21:27
»
SecDocs
Authors:
Travis Goodspeed Tags:
wireless WiFi Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: New to 2011, Packet-in-Packet exploits allow for injection of raw radio frames into remote wireless networks. In these exploits, an attacker crafts a string that when transmitted over the air creates the symbols of a complete and valid radio packet. When radio interference damages the beginning of the outer packet, the receiver is tricked into seeing only the inner packet, allowing a frame to be remotely injected. The attacker requires no radio, and injection occurs without a software or hardware bug. This lecture presents the first implementation of Packet-in-Packet injection for 802.11B, allowing malicious PHY-Layer frames to be remotely injected. The attack is standards-compliant and compatible with all vendors and drivers. Unlike the simpler implementations for 802.15.4 and 2FSK, 802.11B presents a number of unique challenges to the PIP implementer. A single packet can use up to three symbol sets and three data-rates, switching rates once within the header and a second time for the beginning of the body. Additionally, a 7-bit scrambler randomizes the encoding of each packet, so the same string of text can be represented 128 different ways at the exact same rate and encoding. This lecture presents the first implementation of Packet-in-Packet injection for 802.11B, allowing malicious PHY-Layer frames to be remotely injected. The attack is standards-compliant and compatible with all vendors and drivers. As a demo, we intend to present a malicious string which can be embedded in any file with lots of slack space, such as an ISO image. When this image is downloaded over HTTP on 802.11B, beacon frames will be injected. For the demo, we will be injecting the SSID stack buffer overflow frames from Uninformed Volume 6.
-
-
22:04
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
22:04
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
22:04
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
20:06
»
Packet Storm Security Advisories
Onapsis Security Advisory - If a "Message packet" is sent to the JDENet port (6015 by default) containing a specially crafted "File Packet", the sent file is saved in the server where the JDENet service is running, in the arbitrary location specified by the "File Packet".
-
20:06
»
Packet Storm Security Recent Files
Onapsis Security Advisory - If a "Message packet" is sent to the JDENet port (6015 by default) containing a specially crafted "File Packet", the sent file is saved in the server where the JDENet service is running, in the arbitrary location specified by the "File Packet".
-
20:06
»
Packet Storm Security Misc. Files
Onapsis Security Advisory - If a "Message packet" is sent to the JDENet port (6015 by default) containing a specially crafted "File Packet", the sent file is saved in the server where the JDENet service is running, in the arbitrary location specified by the "File Packet".
-
-
19:35
»
Packet Storm Security Misc. Files
Cisco Security Advisory - Cisco NX-OS Software is affected by a denial of service (DoS) vulnerability that could cause Cisco Nexus 1000v, 5000, and 7000 Series Switches that are running affected versions of Cisco NX-OS Software to reload when the IP stack processes a malformed IP packet. Cisco has released free software updates that address this vulnerability.
-
-
16:43
»
Packet Storm Security Recent Files
ipt_pkd is an iptables extension implementing port knock detection with SPA (single packet authorization). This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.
-
16:43
»
Packet Storm Security Tools
ipt_pkd is an iptables extension implementing port knock detection with SPA (single packet authorization). This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.
-
16:43
»
Packet Storm Security Misc. Files
ipt_pkd is an iptables extension implementing port knock detection with SPA (single packet authorization). This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.
-
-
17:49
»
Packet Storm Security Headlines
Packet Storm Security will be going dark in the next few hours as we join the protest against the Stop Online Privacy Act () and the PROTECT IP Act (), two pieces of United States legislation. We strongly feel that bills of this nature infringe upon privacy, break many security models and would cause great harm to the Internet community. These bills appear to be created by people who do not understand how technology works and their power to influence fiscally through lobbies and other means may cause serious harm to the future. We ask our readers to help the greater good by sending an email to your representatives through the . We also ask that you read the EFF article . - Packet Storm Security Staff
-
-
16:23
»
Packet Storm Security Recent Files
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
16:23
»
Packet Storm Security Tools
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
16:23
»
Packet Storm Security Misc. Files
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
-
22:47
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
22:47
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
22:47
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
-
11:31
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-351 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wellintek KingView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the protocol parsing code inside nettransdll.dll. The parent service is called HistoryServer.exe and listens on port 777. When a packet with op-code 3 is received, the service allocates memory from the heap based on the 10th and 11th bytes of the packet (element count). Packet data is then copied into the allocated buffer based on the first two bytes of the packet (packet size). These values can be manipulated to create a heap overflow and and attacker can exploit this to remotely execute arbitrary code in the context of the service (Local System).
-
11:31
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-351 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wellintek KingView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the protocol parsing code inside nettransdll.dll. The parent service is called HistoryServer.exe and listens on port 777. When a packet with op-code 3 is received, the service allocates memory from the heap based on the 10th and 11th bytes of the packet (element count). Packet data is then copied into the allocated buffer based on the first two bytes of the packet (packet size). These values can be manipulated to create a heap overflow and and attacker can exploit this to remotely execute arbitrary code in the context of the service (Local System).
-
11:31
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-351 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wellintek KingView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the protocol parsing code inside nettransdll.dll. The parent service is called HistoryServer.exe and listens on port 777. When a packet with op-code 3 is received, the service allocates memory from the heap based on the 10th and 11th bytes of the packet (element count). Packet data is then copied into the allocated buffer based on the first two bytes of the packet (packet size). These values can be manipulated to create a heap overflow and and attacker can exploit this to remotely execute arbitrary code in the context of the service (Local System).
-
-
17:22
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
17:22
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
17:22
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
-
21:44
»
Packet Storm Security Recent Files
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
21:44
»
Packet Storm Security Tools
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
21:44
»
Packet Storm Security Misc. Files
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
17:36
»
Packet Storm Security Recent Files
This archive contains all of the 229 exploits added to Packet Storm in October, 2011.
-
-
16:04
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
16:04
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
16:04
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
-
12:35
»
Packet Storm Security Recent Files
Packet Storm Widget is a Mac OS X widget that allows users to see all latest news from packetstormsecurity.org. A user can choose between different kind of news to see: All of the Latest Content, Latest News, Latest Files, Latest 0 Days, Latest Vulnerabilities and Latest Exploits. This allows a user to always keep up to date on their favorite security topics. Please note that this was *not* created by Packet Storm Security and questions should be directed to the author. This should run on Leopard, Snow Leopard, Lion and Tiger.
-
12:35
»
Packet Storm Security Misc. Files
Packet Storm Widget is a Mac OS X widget that allows users to see all latest news from packetstormsecurity.org. A user can choose between different kind of news to see: All of the Latest Content, Latest News, Latest Files, Latest 0 Days, Latest Vulnerabilities and Latest Exploits. This allows a user to always keep up to date on their favorite security topics. Please note that this was *not* created by Packet Storm Security and questions should be directed to the author. This should run on Leopard, Snow Leopard, Lion and Tiger.
-
-
22:55
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
22:55
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
22:55
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
22:55
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
-
19:43
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-244 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Flexera Software Flexnet License Server Manager. Authentication is not required to exploit this vulnerability. The flaw exists within the lmadmin component which listens by default on TCP port 27000 (this can vary however if the port is in use). When handling a packet type having the opcode 0x2f the process trusts a user provided value when calculating the bytes remaining in the packet. Using this tainted remaining length value the process then copies packet data into a buffer on the heap. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the lmadmin user.
-
19:43
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-244 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Flexera Software Flexnet License Server Manager. Authentication is not required to exploit this vulnerability. The flaw exists within the lmadmin component which listens by default on TCP port 27000 (this can vary however if the port is in use). When handling a packet type having the opcode 0x2f the process trusts a user provided value when calculating the bytes remaining in the packet. Using this tainted remaining length value the process then copies packet data into a buffer on the heap. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the lmadmin user.
-
19:43
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-244 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Flexera Software Flexnet License Server Manager. Authentication is not required to exploit this vulnerability. The flaw exists within the lmadmin component which listens by default on TCP port 27000 (this can vary however if the port is in use). When handling a packet type having the opcode 0x2f the process trusts a user provided value when calculating the bytes remaining in the packet. Using this tainted remaining length value the process then copies packet data into a buffer on the heap. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the lmadmin user.
-
-
19:45
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-236 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Documentum eRoom Indexing Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the bundled implementation of OpenText's HummingBird Connector. When parsing a particular packet received from a TCP connection, the application will attempt to copy part of the packet's contents into a buffer located on the stack. Due to not completely accommodating for the size of the data in the packet, the application will overwrite variables positioned after the buffer. This can lead to code execution under the context of the server.
-
19:45
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-236 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Documentum eRoom Indexing Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the bundled implementation of OpenText's HummingBird Connector. When parsing a particular packet received from a TCP connection, the application will attempt to copy part of the packet's contents into a buffer located on the stack. Due to not completely accommodating for the size of the data in the packet, the application will overwrite variables positioned after the buffer. This can lead to code execution under the context of the server.
-
19:45
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-236 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Documentum eRoom Indexing Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the bundled implementation of OpenText's HummingBird Connector. When parsing a particular packet received from a TCP connection, the application will attempt to copy part of the packet's contents into a buffer located on the stack. Due to not completely accommodating for the size of the data in the packet, the application will overwrite variables positioned after the buffer. This can lead to code execution under the context of the server.
-
-
14:58
»
Packet Storm Security Recent Files
A defect in the affected BIND 9 versions allows an attacker to remotely cause the "named" process to exit using a specially crafted packet. This defect affects both recursive and authoritative servers. The code location of the defect makes it impossible to protect BIND using ACLs configured within named.conf or by disabling any features at compile-time or run-time. A remote attacker would need to be able to send a specially crafted packet directly to a server running a vulnerable version of BIND. There is also the potential for an indirect attack via malware that is inadvertently installed and run, where infected machines have direct access to an organization's nameservers. Versions affected are 9.6.3, 9.6-ESV-R4, 9.6-ESV-R4-P1, 9.6-ESV-R5b1 9.7.0, 9.7.0-P1, 9.7.0-P2, 9.7.1, 9.7.1-P1, 9.7.1-P2, 9.7.2, 9.7.2-P1, 9.7.2-P2, 9.7.2-P3, 9.7.3, 9.7.3-P1, 9.7.3-P2, 9.7.4b1 9.8.0, 9.8.0-P1, 9.8.0-P2, 9.8.0-P3, and 9.8.1b1.
-
14:58
»
Packet Storm Security Misc. Files
A defect in the affected BIND 9 versions allows an attacker to remotely cause the "named" process to exit using a specially crafted packet. This defect affects both recursive and authoritative servers. The code location of the defect makes it impossible to protect BIND using ACLs configured within named.conf or by disabling any features at compile-time or run-time. A remote attacker would need to be able to send a specially crafted packet directly to a server running a vulnerable version of BIND. There is also the potential for an indirect attack via malware that is inadvertently installed and run, where infected machines have direct access to an organization's nameservers. Versions affected are 9.6.3, 9.6-ESV-R4, 9.6-ESV-R4-P1, 9.6-ESV-R5b1 9.7.0, 9.7.0-P1, 9.7.0-P2, 9.7.1, 9.7.1-P1, 9.7.1-P2, 9.7.2, 9.7.2-P1, 9.7.2-P2, 9.7.2-P3, 9.7.3, 9.7.3-P1, 9.7.3-P2, 9.7.4b1 9.8.0, 9.8.0-P1, 9.8.0-P2, 9.8.0-P3, and 9.8.1b1.
-
-
6:08
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
6:08
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
6:08
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
-
7:08
»
Packet Storm Security Tools
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
7:08
»
Packet Storm Security Misc. Files
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
-
9:01
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
9:01
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
9:01
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
10:41
»
Packet Storm Security Recent Files
T50 Sukhoi PAK FA Mixed Packet Injector (f.k.a. F22 Raptor) is a tool designed to perform "Stress Testing". It is a powerful and an unique packet injection tool. The author has added in some anti-kiddo tricks.
-
10:41
»
Packet Storm Security Tools
T50 Sukhoi PAK FA Mixed Packet Injector (f.k.a. F22 Raptor) is a tool designed to perform "Stress Testing". It is a powerful and an unique packet injection tool. The author has added in some anti-kiddo tricks.
-
-
16:45
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-136 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Directory Server. Authentication is not required to exploit this vulnerability. The specific flaw exists in how ibmslapd.exe handles LDAP CRAM-MD5 packets. ibmslapd.exe listens by default on port TCP 389. When the process receives an LDAP CRAM-MD5 packet, it uses libibmldap.dll to handle the allocation of a buffer for the packet data. A specially crafted packet can cause the ber_get_int function to allocate a buffer that is too small to fit the packet data, causing a subsequent stack-based buffer overflow. This can be leveraged by a remote attacker to execute arbitrary code under the context of the SYSTEM user.
-
16:45
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-136 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Directory Server. Authentication is not required to exploit this vulnerability. The specific flaw exists in how ibmslapd.exe handles LDAP CRAM-MD5 packets. ibmslapd.exe listens by default on port TCP 389. When the process receives an LDAP CRAM-MD5 packet, it uses libibmldap.dll to handle the allocation of a buffer for the packet data. A specially crafted packet can cause the ber_get_int function to allocate a buffer that is too small to fit the packet data, causing a subsequent stack-based buffer overflow. This can be leveraged by a remote attacker to execute arbitrary code under the context of the SYSTEM user.
-
16:45
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-136 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Directory Server. Authentication is not required to exploit this vulnerability. The specific flaw exists in how ibmslapd.exe handles LDAP CRAM-MD5 packets. ibmslapd.exe listens by default on port TCP 389. When the process receives an LDAP CRAM-MD5 packet, it uses libibmldap.dll to handle the allocation of a buffer for the packet data. A specially crafted packet can cause the ber_get_int function to allocate a buffer that is too small to fit the packet data, causing a subsequent stack-based buffer overflow. This can be leveraged by a remote attacker to execute arbitrary code under the context of the SYSTEM user.
-
-
15:30
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
15:30
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
15:30
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
-
8:51
»
Packet Storm Security Recent Files
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
-
8:51
»
Packet Storm Security Tools
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
-
8:51
»
Packet Storm Security Misc. Files
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
-
-
7:25
»
Packet Storm Security Recent Files
SimpleSPA is an application that consists of a single packet authorization mechanism designed for the purpose of hiding semi-public services like a SSH server. There is a server side (Linux only) and a client side (Windows and Linux). This application is similar to FWKnop and more of an academic/proof of concept application as opposed to a full blown commercial quality application. involves a client that creates a packet with a payload encrypted with the public half of two different RSA keys. The idea is that one key would be shared by all users and it would encrypt the user name of the individual. A second key specific to each individual user would encrypt a pre-shared key (just any old string, nothing secret about it really) and a timestamp (to counter replay attacks). The server would receive this packet and decrypt this first half of the packet, which would give us the user name of the person sending the packet. The server would then know which user specific second key to use to decrypt the pre-shared key and time stamp to evaluate them for acceptability. If all is good, then the server would open up a port for the semi-public service we were trying to conceal for a brief amount of time to allow for a connection to be made. PDF included that explains everything. Written in Java.
-
7:25
»
Packet Storm Security Tools
SimpleSPA is an application that consists of a single packet authorization mechanism designed for the purpose of hiding semi-public services like a SSH server. There is a server side (Linux only) and a client side (Windows and Linux). This application is similar to FWKnop and more of an academic/proof of concept application as opposed to a full blown commercial quality application. involves a client that creates a packet with a payload encrypted with the public half of two different RSA keys. The idea is that one key would be shared by all users and it would encrypt the user name of the individual. A second key specific to each individual user would encrypt a pre-shared key (just any old string, nothing secret about it really) and a timestamp (to counter replay attacks). The server would receive this packet and decrypt this first half of the packet, which would give us the user name of the person sending the packet. The server would then know which user specific second key to use to decrypt the pre-shared key and time stamp to evaluate them for acceptability. If all is good, then the server would open up a port for the semi-public service we were trying to conceal for a brief amount of time to allow for a connection to be made. PDF included that explains everything. Written in Java.
-
7:25
»
Packet Storm Security Misc. Files
SimpleSPA is an application that consists of a single packet authorization mechanism designed for the purpose of hiding semi-public services like a SSH server. There is a server side (Linux only) and a client side (Windows and Linux). This application is similar to FWKnop and more of an academic/proof of concept application as opposed to a full blown commercial quality application. involves a client that creates a packet with a payload encrypted with the public half of two different RSA keys. The idea is that one key would be shared by all users and it would encrypt the user name of the individual. A second key specific to each individual user would encrypt a pre-shared key (just any old string, nothing secret about it really) and a timestamp (to counter replay attacks). The server would receive this packet and decrypt this first half of the packet, which would give us the user name of the person sending the packet. The server would then know which user specific second key to use to decrypt the pre-shared key and time stamp to evaluate them for acceptability. If all is good, then the server would open up a port for the semi-public service we were trying to conceal for a brief amount of time to allow for a connection to be made. PDF included that explains everything. Written in Java.
-
-
12:00
»
Hack a Day
Here’s a chance to learn a little bit about network security. This article walks us through some of the core concepts of network manipulation and packet sniffing using Linux tools. [Joey Bernard] discusses the uses for packages like tcpdump, p0f, and dsniff. They are capable of recording all network traffic coming through your computer’s connection, seeking out machines installed [...]
-
-
20:27
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
20:27
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
20:27
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
-
12:01
»
Packet Storm Security Recent Files
T50 Sukhoi PAK FA Mixed Packet Injector (f.k.a. F22 Raptor) is a tool designed to perform "Stress Testing". It is a powerful and an unique packet injection tool. The author has added in some anti-kiddo tricks.
-
12:01
»
Packet Storm Security Tools
T50 Sukhoi PAK FA Mixed Packet Injector (f.k.a. F22 Raptor) is a tool designed to perform "Stress Testing". It is a powerful and an unique packet injection tool. The author has added in some anti-kiddo tricks.
-
12:01
»
Packet Storm Security Misc. Files
T50 Sukhoi PAK FA Mixed Packet Injector (f.k.a. F22 Raptor) is a tool designed to perform "Stress Testing". It is a powerful and an unique packet injection tool. The author has added in some anti-kiddo tricks.
-
-
11:22
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
11:22
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
11:22
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
-
15:51
»
Packet Storm Security Recent Files
Hyenae is a highly flexible and platform independent network packet generator. It allows you to reproduce low level Ethernet attack scenarios (such as MITM, DoS, and DDoS) to reveal potential security vulnerabilities of your network. Besides smart wildcard-based address randomization, a highly customizable packet generation control, and an interactive attack assistant, Hyenae comes with a clusterable remote daemon for setting up distributed attack networks.
-
15:51
»
Packet Storm Security Tools
Hyenae is a highly flexible and platform independent network packet generator. It allows you to reproduce low level Ethernet attack scenarios (such as MITM, DoS, and DDoS) to reveal potential security vulnerabilities of your network. Besides smart wildcard-based address randomization, a highly customizable packet generation control, and an interactive attack assistant, Hyenae comes with a clusterable remote daemon for setting up distributed attack networks.
-
15:51
»
Packet Storm Security Misc. Files
Hyenae is a highly flexible and platform independent network packet generator. It allows you to reproduce low level Ethernet attack scenarios (such as MITM, DoS, and DDoS) to reveal potential security vulnerabilities of your network. Besides smart wildcard-based address randomization, a highly customizable packet generation control, and an interactive attack assistant, Hyenae comes with a clusterable remote daemon for setting up distributed attack networks.
-
-
16:19
»
Packet Storm Security Recent Files
Hyenae is a highly flexible and platform independent network packet generator. It allows you to reproduce low level Ethernet attack scenarios (such as MITM, DoS, and DDoS) to reveal potential security vulnerabilities of your network. Besides smart wildcard-based address randomization, a highly customizable packet generation control, and an interactive attack assistant, Hyenae comes with a clusterable remote daemon for setting up distributed attack networks.
-
16:19
»
Packet Storm Security Tools
Hyenae is a highly flexible and platform independent network packet generator. It allows you to reproduce low level Ethernet attack scenarios (such as MITM, DoS, and DDoS) to reveal potential security vulnerabilities of your network. Besides smart wildcard-based address randomization, a highly customizable packet generation control, and an interactive attack assistant, Hyenae comes with a clusterable remote daemon for setting up distributed attack networks.
-
16:19
»
Packet Storm Security Misc. Files
Hyenae is a highly flexible and platform independent network packet generator. It allows you to reproduce low level Ethernet attack scenarios (such as MITM, DoS, and DDoS) to reveal potential security vulnerabilities of your network. Besides smart wildcard-based address randomization, a highly customizable packet generation control, and an interactive attack assistant, Hyenae comes with a clusterable remote daemon for setting up distributed attack networks.
-
-
22:01
»
Packet Storm Security Tools
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
22:01
»
Packet Storm Security Recent Files
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
20:30
»
Packet Storm Security Tools
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
-
7:56
»
Wirevolution
The term “QoS” is used ambiguously. The two main categories of definition are first, QoS Provisioning: “the capability of a network to provide better service to selected network traffic,” which means packet prioritization of one kind or another, and second more literally: “Quality of Service,” which is the degree of perfection of a user’s audio experience in the face of potential impairments to network performance. These impairments fall into four categories: availability, packet loss, packet delay and tampering. Since this sense is normally used in the context of trying to measure it, we could call it QoS Metrics as opposed to QoS Provisioning. I would put issues like choice of codec and echo into the larger category of Quality of Experience, which includes all the possible impairments to audio experience, not just those imposed by the network.
By “tampering” I mean any intentional changes to the media payload of a packet, and I am OK with the negative connotations of the term since I favor the “dumb pipes” view of the Internet. On phone calls the vast bulk of such tampering is transcoding: changing the media format from one codec to another. Transcoding always reduces the fidelity of the sound, even when transcoding to a “better” codec.
Networks vary greatly in the QoS they deliver. One of the major benefits of going with VoIP service provided by your ISP (Internet Service Provider) is that your ISP has complete control over QoS. But there is a growing number of ITSPs (Internet Telephony Service Providers) that contend that the open Internet provides adequate QoS for business-grade telephone service. Skype, for example.
But it’s nice to be sure. So I have added a “QoS Metrics” category in the list to the right of this post. You can use the tools there to check your connection. I particularly like the one from Voxygen, which frames the test results in terms of the number of simultaneous voice sessions that your WAN connection can comfortably handle. Here’s an example of a test of ten channels:
-
-
22:01
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2010-204 - The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in Avahi 0.6.16 and 0.6.25 allows remote attackers to cause a denial of service via a DNS packet with an invalid checksum followed by a DNS packet with a valid checksum, a different vulnerability than CVE-2008-5081.
-
22:00
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-204 - The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in Avahi 0.6.16 and 0.6.25 allows remote attackers to cause a denial of service via a DNS packet with an invalid checksum followed by a DNS packet with a valid checksum, a different vulnerability than CVE-2008-5081.
-
-
19:01
»
Packet Storm Security Misc. Files
ipt_pkd is an iptables extension implementing port knock detection. This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.
-
-
10:01
»
Packet Storm Security Tools
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
10:01
»
Packet Storm Security Recent Files
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
-
10:03
»
Packet Storm Security Tools
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
-
-
22:51
»
Packet Storm Security Tools
Kismet is an 802.11 layer 2 wireless network sniffer. It can sniff 802.11b, 802.11a, and 802.11g traffic. It is capable of sniffing using almost any wireless card supported in Linux, which currently divide into cards handled by libpcap and the Linux-Wireless extensions (such as Cisco Aironet), and cards supported by the Wlan-NG project which use the Prism/2 chipset (such as Linksys, Dlink, and Zoom). Besides Linux, Kismet also supports FreeBSD, OpenBSD and Mac OS X systems. Features Multiple packet capture sources, Runtime network sorting by AP MAC address (bssid), IP block detection via ARP and DHCP packet dissection, Cisco product detection via CDP, Ethereal and tcpdump compatible file logging, Airsnort-compatible interesting (cryptographically weak) logging, Secure SUID behavior, GPS devices and wireless devices fingerprinting. Kismet also includes a tool called gpsmap that can be used to create maps from logged GPS data.
-
-
11:02
»
Packet Storm Security Misc. Files
ipt_pkd is an iptables extension implementing port knock detection. This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.
-
11:02
»
Packet Storm Security Recent Files
ipt_pkd is an iptables extension implementing port knock detection. This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.
-
-
9:44
»
remote-exploit & backtrack
Bonjour :)
Mon probléme est simple. Je veux cracké un wifi en WEP (numericable) et sa normalement sa me pose aucun probléme (surtout avec les numericable :p ) sauf certaines box qui s'obstine à ne jamais rien vouloir envoyé comme packet.
Je suis donc à la recherche d'une technique ou d'un logiciel ou quelque chose qui serai capable de forcer la box à se bouger le cul et à envoyer quelques petit mais précieux packet.
Merci d'avance pour votre aide
Bisous ;)
0day.today (was: 1337day, Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
SecuriTeam
BackTrack Linux Forums
Threatpost
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant