TCP Hijacking Understanding and preventing TCP attacksAug 31, 2005
It is quite easy to take a TCP connection down using a RST attack, and this risk increases with applications that need long-term connections, such as VPNs, DNS zone transfers, and BGP. We’ll describe how a TCP attack can happen, and we’ll show you some simple techniques for protecting your network.more »
GPRS in Linux Mobile Internet access with GPRSAug 31, 2005
Permanent mobile Internet access might sound like a nightmare for some, but for others it is a dream come true. All you need is Linux and a fairly recent mobile phone.more »
Charly's Column The Sysadmin’s Daily Grind: HTPDateJul 31, 2005
Despite the cyclical disruptions so typical of LUG meetings, our intrepid columnist, Charly, reveals how he set the system time in spite of a blocked NTP port.more »
Socks 5 Examining the generic Socks version 5 proxy protocolJun 30, 2005
Socks is a universal proxy protocol for TCP and UDP that allows internal hosts to securely pass the firewall and authenticates users. This article describes the latest version of the Socks proxy protocol and shows how to implement it.more »
ARP Spoofing ARP spoofing and poisoningJun 30, 2005
Any user on a LAN can sniff and manipulate local traffic. ARP spoofing and poisoning techniques give an attacker an easy way in.more »
Hotspotter Attacks on wireless clientsJun 30, 2005
Security experts are always concerned with WLAN access points, but they sometimes forget that the client is also open to attack. Public hotspots make it quite easy for attackers to hijack connections, as the Hotspotter tool demonstrates.more »
Security Intro Knowing the ways of the enemyJun 30, 2005
Admin Workshop Identd Insider Tips: Identd with Linux-based ServersMar 31, 2005
In last month’s issue of Admin Workshop, we introduced tools that help admins get services up and running. This month, we will show how you can use the Ident protocol to associate a user name with a TCP connection.more »
VMware bids for a stake in the container industry with a bold effort to integrate containers with its classic virtualization system.
3ROS attack tool lowers the technical bar so anyone can be an intruder.
Mozilla's latest browser offers powerful new privacy feature
If attackers are on your system, saving your passwords in a password vault is no protection.
Faulty hash algorithm persists, despite efforts by experts to raise awareness.
Powerful man-in-the-middle attack is now targeting online shopping.
Another high-profile coder says the kernel team needs a kinder, gentler culture.
Bug database has a bug of its own that could allow an intruder to create an unauthorized account.
Report focuses federal resources on achieving universal Internet access.
Leading browser makers say “no” to porous encryption algorithm