Section: .. / papers / protocols /
| /// File Name: |
Insecurities_in_AoE.pdf |
Description:
|
ATA over Ethernet (AoE) is an open standards based protocol that allows direct network access to disk drives by client hosts. This paper investigates the insecurities present in the ATA over Ethernet (AoE) protocol and presents some attacks that exploit various vulnerabilities in the protocol.
| | Author: | Morgan Marquis-Boire | | Homepage: | http://www.security-assessment.com/technical/whitepapers/ | | File Size: | 2154981 | | Last Modified: | Oct 3 19:48:10 2006 |
| MD5 Checksum: | 88b59f8845764d6106e7c2427f76b9c8 |
|
| /// File Name: |
ICMP_Scanning_v3.0.zip |
Description:
|
ICMP Usage in Scanning v3.0 - This paper outlines what can be done with the ICMP protocol regarding scanning. Although it may seem harmless at first glance, this paper includes details on plain Host Detection techniques, Advanced Host Detection techniques, Inverse Mapping, Trace routing, OS fingerprinting methods with ICMP, and which ICMP traffic should be filtered on a Filtering Device.
| | Author: | Ofir Arkin | | Homepage: | http://www.sys-security.com/ | | Changes: | Version 3.0 introduces significant changes made to the text. Includes some host based security measures available with Linux based on Kernel 2.4.x and with Sun Solaris 8 and a snort rule base for dealing with the ICMP tricks illustrated within the text. | | File Size: | 1845541 | | Last Modified: | Jun 5 15:17:34 2001 |
| MD5 Checksum: | f60a05e7802e4364c022896d78730665 |
|
| /// File Name: |
ICMP_Scanning_v2.5.pdf |
Description:
|
ICMP Usage in Scanning v2.5 - This paper outlines what can be done with the ICMP protocol regarding scanning. Although it may seem harmless at first glance, this paper includes details on plain Host Detection techniques, Advanced Host Detection techniques, Inverse Mapping, Trace routing, OS fingerprinting methods with ICMP, and which ICMP traffic should be filtered on a Filtering Device.
| | Author: | Ofir Arkin | | Homepage: | http://www.sys-security.com/ | | Changes: | This version introduces a few new OS fingerprinting methods, some of which use ICMP error messages, allowing a remote OS fingerprint even if all the ports are closed. Also a lot of information on ICMP error messages has been added. Also added some snort rules. | | File Size: | 967146 | | Last Modified: | Dec 23 17:51:15 2000 |
| MD5 Checksum: | eacfa193ec4f30313fbc8c46ca890eed |
|
| /// File Name: |
routing.pdf |
Description:
|
Slides for FX's talk at Defcon 2001 on attacking routing protocols.
| | Author: | FX | | Homepage: | http://www.phenoelit.de | | File Size: | 879369 | | Last Modified: | Jul 21 00:32:20 2001 |
| MD5 Checksum: | 19dd51ca67fffec971b4c19caeb2e365 |
|
| /// File Name: |
oak93.ps |
Description:
|
Protocol Design for Integrity Protection: A design method for message integrity protection
| | File Size: | 632040 | | Last Modified: | Oct 1 17:22:48 1999 |
| MD5 Checksum: | 274ad8850a86357757873e840315d5df |
|
| /// File Name: |
ICMP_Scanning_v2.01.pdf |
Description:
|
ICMP Usage in Scanning v2.01 - This paper outlines what can be done with the ICMP protocol regarding scanning. The paper deals with plain Host Detection techniques, Advanced Host Detection techniques, Inverse Mapping, Trace routing, OS fingerprinting methods with ICMP, and which ICMP traffic should be filtered on a Filtering Device.
| | Author: | Ofir Arkin | | Homepage: | http://www.sys-security.com/ | | Changes: | Quite a large number of new OS fingerprinting methods using ICMP, which I have discovered are introduced with this revision. Among those methods, some can be used in order to identify Microsoft Windows 2000 machines; One would allow us to distinguish between Microsoft Windows operating system machines and the rest of the world; Another would allow us to distinguish between SUN Solaris machines and the rest of the world. More methods are introduced in the paper. | | File Size: | 564826 | | Last Modified: | Sep 13 14:01:45 2000 |
| MD5 Checksum: | 9664f0faa4fbc75852ba09891fb6f8fe |
|
| /// File Name: |
transit.ps |
Description:
|
Secure Control of Transit Internetwork Traffic: Methods for controlling traffic traversing a local network on its way from one remote network to another
| | File Size: | 489243 | | Last Modified: | Oct 1 17:22:48 1999 |
| MD5 Checksum: | ffddd9cdf5b42b4067663ed0dd4b573c |
|
| /// File Name: |
part2.ps |
Description:
|
Access Control and Policy Enforcement in Internetworks. Methods of controlling access policy between different administrative domains of an internetwork. Part II
| | File Size: | 447242 | | Last Modified: | Oct 1 17:22:48 1999 |
| MD5 Checksum: | 53dfcbbc015347b2ebae33e54fe40582 |
|
| /// File Name: |
part3.ps |
Description:
|
Access Control and Policy Enforcement in Internetworks. Methods of controlling access policy between different administrative domains of an internetwork. Part III
| | File Size: | 406587 | | Last Modified: | Oct 1 17:22:48 1999 |
| MD5 Checksum: | 8675c6990f2bad1ea038ffba7a7dccf5 |
|
| /// File Name: |
part1.ps |
Description:
|
Access Control and Policy Enforcement in Internetworks. Methods of controlling access policy between different administrative domains of an internetwork. Part I
| | File Size: | 342273 | | Last Modified: | Oct 1 17:22:48 1999 |
| MD5 Checksum: | f683fe32d400b18a701983a1f23bc784 |
|
| /// File Name: |
ICMP_Scanning.pdf |
Description:
|
ICMP Usage in Scanning - The Internet Control Message Protocol is one of the most complex protocols in the TCP/IP protocol suite regarding its security hazards. This paper gives very in depth information, including discussion of all the ICMP types, ICMP sweeps, host detection using ICMP error messages, ACL detection, Inverse mapping, OS fingerprinting, filtering ICMP, and much more.
| | Author: | Ofir Arkin | | Homepage: | http://www.sys-security.com/ | | File Size: | 327163 | | Last Modified: | Jul 2 01:36:26 2000 |
| MD5 Checksum: | d51b747831adfbae8a290047e2e0f656 |
|
| /// File Name: |
passive.pdf |
Description:
|
Passive System Fingerprinting using Network Client Applications - Passive target fingerprinting involves the utilization of network traffic between two hosts by a third system to identify the types of systems being used. Because no data is sent to either system by the monitoring party, detection approaches the impossible. Methods which rely solely on the IP options present in normal traffic are limited in the accuracy about the targets. Further inspection is also needed to determine avenues of vulnerability, as well. We describe a method to rapidly identify target operating systems and version, as well as vectors of attack, based on data sent by client applications. While simplistic, it is robust. The accuracy of this method is also quite high in most cases. Four methods of fingerprinting a system are presented, with sample data provided.
| | Author: | Jose Nazario | | Homepage: | http://www.crimelabs.net | | File Size: | 223084 | | Last Modified: | Jan 17 20:42:19 2001 |
| MD5 Checksum: | b224cd7181e63bc377c194bc105fe9c7 |
|
| /// File Name: |
pem.ps |
Description:
|
Privacy-Enhanced Electronic Mail: A description of the Internet Privacy-Enhanced Mail protocols
| | File Size: | 219460 | | Last Modified: | Oct 1 17:22:48 1999 |
| MD5 Checksum: | 48aa992a086de731454bfdf7fb552477 |
|
| /// File Name: |
e2e.ps |
Description:
|
An End-to-End Argument for Network Layer, Inter-Domain Access Controls: A method by which different administrative domains of an internetwork can interconnect without exposing their internal resources to unrestricted access
| | File Size: | 200874 | | Last Modified: | Oct 1 17:22:48 1999 |
| MD5 Checksum: | 7a67e3df55375e47eadf4cb8617dd5ad |
|
| /// File Name: |
host-detection.doc |
Description:
|
Advanced Host Detection - Techniques To Validate Host-Connectivity. Security Engineers spend a tireless amount of effort to block and filter packet anomalies in an internetwork connected environment. Advanced host mapping bypasses many forms of intrusion detection systems, filters, and routers, essentially enabling an attacker to map and discover previously unknown firewalled hosts. Also available in PDF and TXT form.
| | Author: | Dethy | | Homepage: | http://www.synnergy.net | | File Size: | 145920 | | Last Modified: | Jan 15 16:21:59 2001 |
| MD5 Checksum: | 938010bc0d9b99eb9b35830b0f7a13e7 |
|
| /// File Name: |
time.ps |
Description:
|
Security Analyses of Network Time Services: An analysis of the security requirements for a network time service
| | File Size: | 134578 | | Last Modified: | Oct 1 17:22:48 1999 |
| MD5 Checksum: | 7c63072407558b828237270604d4f5d5 |
|
| /// File Name: |
ipext.ps |
Description:
|
Security Problems in the TCP/IP Protocol Suite: A description of several attacks on TCP/IP protocols including sequence number spoofing, routing attacks, source address spoofing, and authentication attacks
| | File Size: | 107383 | | Last Modified: | Oct 1 17:22:48 1999 |
| MD5 Checksum: | 7760088eaaf06bd48a87127499848369 |
|
| /// File Name: |
ntp.ps |
Description:
|
A Security Analysis of the NTP Protocol: A security analysis of the Network Time Protocol (NTP)
| | File Size: | 105949 | | Last Modified: | Oct 1 17:22:48 1999 |
| MD5 Checksum: | 47d35f6c0721a883c3ededccae05c117 |
|
| /// File Name: |
analisis-remoto-de-sistemas.txt |
Description:
|
Port Scanning and OS Fingerprinting - In Spanish.
| | Author: | Honoriak | | File Size: | 97811 | | Last Modified: | Jan 12 19:18:26 2001 |
| MD5 Checksum: | b4d894cbc192bce67cd91bc869bb0807 |
|
| /// File Name: |
WAFUTFF.pdf |
Description:
|
Whitepaper entitled "Writing a fuzzer using the Fuzzled framework". The paper includes some of the techniques used to dismantle protocols including documentation, observation and static analysis.
| | Author: | Tim Brown | | Homepage: | http://www.nth-dimension.org.uk/ | | File Size: | 83733 | | Last Modified: | Sep 5 00:45:10 2007 |
| MD5 Checksum: | add66aa7259bcf872fdab3c30ab0c06d |
|
| /// File Name: |
nis.ps |
Description:
|
A Unix Network Protocol Security Study: Network Information Service: A discussion of the security weaknesses in the Network Information Service (Yellow Pages) protocol from Sun Microsystems
| | File Size: | 75096 | | Last Modified: | Oct 1 17:22:48 1999 |
| MD5 Checksum: | d1c3a995192aef9029e88f0ce98e9198 |
|
| /// File Name: |
covert_paper.txt |
Description:
|
Exploitation of data streams authorized by a network access control system for arbitrary data transfers: tunneling and covert channels over the HTTP protocol.
| | Author: | Alex Dyatlov, Simon Castro | | Homepage: | http://www.gray-world.net | | File Size: | 68934 | | Last Modified: | Jun 21 18:40:30 2003 |
| MD5 Checksum: | 4536af34036f3ee2b3439ad7b5e85b8b |
|
| /// File Name: |
portscan.pdf |
Description:
|
Examining port scan methods - Analyzing Audible Techniques. This paper attempts to enumerate a variety of ways to discover and map internal/external networks using signature-based packet replies and known protocol responses when scanning. Specifically, this document presents all known techniques used to determine open/closed ports on a host and ways an attacker may identify the network services running on arbitrary servers. Text version available here.
| | Author: | Dethy | | Homepage: | http://www.synnergy.net | | File Size: | 67383 | | Last Modified: | Jan 5 03:26:29 2001 |
| MD5 Checksum: | aa639e684a8e7913186faa5b0f7081b9 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
