How hacking got easy
To protect your systems, you must familiarize yourself with the tools that will be used against them. For example, the attack against AWStats is blocked on Fedora Core 9 when SELinux is in enforcing mode (the default). Metasploit isn't the first, nor is it the most powerful, exploit framework available. Tools such as Core Impact and Immunity Canvas, which include up-to-date exploits, are available as well as commercial support. Other sites, such as Packet Storm and Milw0rm, also make large amounts of exploit code available. Part of a strong defense is a good offense.
- "DNS Attacks" by Kurt Seifried, Linux Magazine, October 2008: http://www.linux-magazine.com/issues/2008/95/dns_attacks
- Metasploit: http://www.metasploit.com/
- Immunity Canvas: http://www.immunitysec.com/products-canvas.shtml
- Core Impact: http://www.coresecurity.com/
- Packetstorm: http://packetstormsecurity.org/
- Milw0rm: http://www.milw0rm.com/
Buy this article as PDF
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.
Klaus Knopper announces the latest version of his iconic Live Linux system.
DARPA and NICTA release the code for the ultra-secure microkernel system used in aerial drones.
Should you trust an online service to store your online passwords?
New B+ board lets you build cool things without the complication of a powered USB hub.