How to use Firewalk
Firewalk is an active reconnaissance network security tool that attempts to determine what layer 4 protocols a given IP forwarding device will pass. Firewalk works by sending out TCP or UDP packets with a TTL one greater than the targeted gateway. If the gateway allows the traffic, it will forward the packets to the next hop where they will expire and elicit an ICMP_TIME_EXCEEDED message. If the g (read article)
Added: 2008-09-27 10:55:37 by marc
Hits: 79
Installing the tools on Ubuntu
To install the tools on this site on Ubuntu or Kubuntu, you will need to add the following packages:
build-essentiallibgtk2.0-devlibncurses5-devflexbison
libreadline5-devrubylibopenssl-ruby
On my test system the following packages are installed:
acpi
acpi-support
acpid
adduser
alacarte
alsa-base
alsa-utils
anacron
apmd
app--data
app--data-commercial
apparmor
apparmor-utils
apport
(read article)
Added: 2008-01-08 19:02:25 by marc
Hits: 289
Citrix google dorks
We all know the Google Hacking Database from the Johnny ihackstuff website. He has a huge collection of security related search queries on Google. The most famous one being able to search for password files. Google indexes everything it comes across, so having password files available on your web server is probably not the best thing to do.
I came across a post from gnucitizen where the concept (read article)
Added: 2007-10-06 13:29:19 by marc
Hits: 259
FireCAT for Firefox
An amazing collection of Firefox tools has been composed into a document. The document contains plugins that can be installed into Firefox, which can be used for pentesting and also of course for web development. These extentions have replaced a lot of self written tools and scripts for me and I hope you find them as useful as I do. The FireCAT collection consists of the following categories:
P (read article)
Added: 2007-08-31 11:59:27 by marc
Hits: 367
SSH login worm
Have a look at your SSH logs and you will see a lot of login attempts from users and addresses that you are not familiar with. This intrigued me and I went looking for the culprit, but at the time could not find which worm was causing this. I wanted to know more and therefore created a new SSH daemon that would log the passwords in the log file. The box I installed it on has only one user, me, and (read article)
Added: 2006-05-03 15:30:23
Hits: 466
An overview of ports used by software
Nowadays networking is one of the most important parts of the IT business. Either way, if you have/want to block ports with a firewall/masquarading/tunneling, want to check for runnings daemons(/services) or something else, you may want a more comprehensive overview about these with some hints and remarks about the essential ports largely used, together with a statement, which protocol (TCP/IP or (read article)
Added: 2006-05-03 14:48:48
Hits: 855