Security testing with hping
Firewalls and Session State
Suppose you want to determine how well your firewall is able to record requests for Microsoft protocols across the network. To use hping3 to generate the packets for this test, issue the following commands:
hping www.acme.net -S -c 1 -p 139 hping www.acme.net -S -A -c 1 -p 139 hping www.acme.net -S -A -c 1 -p 135
These commands generate packets that the firewall – if its capability for maintaining state is working – will record. To verify this, you'll need to check the firewall's logs and use a packet sniffer.
Christmas Tree Packet
A Christmas tree packet  is a TCP packet that has almost every flag set, which is useful for bypassing firewalls and for launching various other forms of attack.
To create a Christmas tree packet using hping3, issue the following command:
hping3 -F -P -U 10.44.45.15 -p 0
Firewalls and Time Stamps
In many cases, a firewall will automatically drop packets that don't have a time stamp. To add a time stamp to your packets, use the -timestamp option in your command:
hping3 -S 188.8.131.52 -p 80 --tcp-timestamp
The results will help you determine whether you need to enable timestamp filtering on the firewall.
Buy this article as PDF
Mozilla’s product think tank sinks silently into history.
TODO group will focus on open source tools in large-scale environments.
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.
Klaus Knopper announces the latest version of his iconic Live Linux system.
All websites that use these popular CMS tools could be vulnerable to denial of service attacks if users don't install the updates.
According to a report, many potential victims of the Heartbleed attack have patched their systems, but few have cleaned up the crime scene to protect themselves from the effects of a previous intrusion.
DARPA and NICTA release the code for the ultra-secure microkernel system used in aerial drones.