hakin9_02_2008(1).pdf

(13455 KB) Pobierz
388682966 UNPDF
~ t q w ~
388682966.031.png
~ t q w ~
388682966.032.png
~ t q w ~
388682966.033.png
The springtime
The days are getting longer (at least on the north hemi-
sphere), the birds will be coming back from the south and
all the lowering plants will bloom... OK, OK – I know it is a
magazine for IT Security professionals and not for the kitsch
engineers. When the spring comes, though, I feel I should be
a street cleaning lady or a farmer instead of an editor, sitting
in the publishing house and trying to stop myself from staring
through the window and observing the world coming back
to life. Don't you wish to run away from the ofice, singing,
bouncing and tweaking the passers-by's cheeks? Anyway, if
I am the only one like this, let me tell you what you can ind
in this issue of hakin9 .
First, I am sure you have noticed the new logo, when
looking for hakin9 in stores next time keep this in mind.
We changed the website's looks some time ago too. I
hope you like it.
Talking about the new stuff: We will be placing all the
long code listings from the articles onto the hakin9 cd rom. I
imagine it was dificult typing all those long commands and
functions – now it should be easier.
I know you all like video tutorials – Lou Lombardy is doing
his best to prepare one for each hakin9 edition. Should you
have any suggestions regarding the topic – do not hesitate
to contact us.
What articles will you ind in here-by edition?
Surely, the one on Storming SIP security – it is a very up-
to-date topic and I believe you will ind Sandro's paper very
useful. Then, we have an article on Alternate Data Streams
(ADS) – interesting paper by Laic Aurelian and articles on a
One Time Password idea, programming with Libpcap and
using Postgres.
In hakin9's regular sections you will read on Firewalls
(consumer's choices), writing IPS rules (4th part of Matt's
short articles) and on CounterSpy v.2 from Sunbelt – a tool
reviewed by one of our top technicians.
I hope you like the spring issue of h9 – enjoy reading and
remember that I am here to meet all your expectations.
Smile! Spring is coming.
In brief
06
Section hosted by Zinho & www.hackerscenter.com
team . Selection of news from the IT security world.
CD Contents
08
Hakin9 team
What's new on the latest hakin9.live CD – Vba32
Personal, Titan Backup, FlashPaste Professional,
RSHUT Pro, SecureDNA, RTF to XML Converter
and a great toutorial by Mr Lou Lombardy.
Tools
CounterSpy v.2 from Sunbelt 12
Shyaam Sundhar
Award-winning Enterprise Anti-Spyware and Anti-Mal-
ware. The application delivers hybrid antispyware tech-
nology that gives a robust protection against blended
malware threats to protect the corporate environment.
Basics
One Time Password – New
Dimensions in Security 14
Rajesh Mago
After reading this article, you will come to know about
the OTP technology applications. The working of OTP
systems, software processes and mathematics involved
as well as types of OTP technologies are explained.
Attack
Storming SIP Security
22
Sandro Gauci
The article presents attacks which can be used to
compromise Voice over IP systems that make use
of the SIP protocol and protocols that rely on it.
Methods that are explained in Sandro's paper can be
very effective offensive tools for malicious users thus
reading it might help to protect against the intrusion.
Magdalena Błaszczyk
magdalena.blaszczyk@hakin9.org
Alternate Data Streams
or “Doctor Jekyll and Mr. Hyde”
Move to NTFS
30
Laic Aurelian
This article shows everything you should know about
ADS, focusing on its practical use. You will learn how
to create, use or delete ADS.
Programming with
Libpcap – Snifing the Network
From Our Own Application 38
Luis Martin Garcia
The article presents what the principles of packet capture
are as well as how to capture packets using libpcap.
4
hakin9 2/2008
www.hakin9.org/en
~ t q w ~
388682966.034.png 388682966.001.png 388682966.002.png
 
 
 
388682966.003.png 388682966.004.png 388682966.005.png 388682966.006.png 388682966.007.png
 
 
388682966.008.png 388682966.009.png 388682966.010.png 388682966.011.png 388682966.012.png 388682966.013.png 388682966.014.png
Hard Core IT Security Magazine
Reverse Engineering Binaries 48
Editor in Chief: Ewa Dudzic ewa.dudzic@software.com.pl
Executive Editor: Magdalena Błaszczyk magdalena.blaszczyk@hakin9.org
Editorial Advisory Board: Matt Jonkman, Clement Dupuis,
Jay Ranade, Terron Williams, Steve Lape
Assistants: Monika Drygulska monika.drygulska@hakin9.org,
Sylwia Stocka sylwia.stocka@hakin9.org
DTP Director: Sławomir Zadrożny slawomir.zadrozny@software.com.pl
DTP Manager: Robert Zadrożny robert.zadrozny@software.com.pl
DTP: Ireneusz Pogroszewski ireneusz.pogroszewski@software.com.pl
Art Director: Agnieszka Marchocka
agnieszka.marchocka@software.com.pl
CD: Rafał Kwaśny rafal.kwasny@gmail.com
Proofreaders: Jonathan Edwards, Steve Lape, Stephen Argent,
Michael Munt
Top Betatesters: Joshua Morin, Michele Orru, Clint Garrison, Shon
Robinson, Brandon Dixon, Justin Seitz, Donald Iverson, Matthew Sabin,
Will Dowling, Stephen Argent, Aidan Carty, Chris Gates, Rodrigo Rubira
Branco, Jason Carpenter, Ashish Kumar Martin Jenco, Sanjay Bhalerao,
Ashutosh Agarwal, Jim Halfpenny.
Aditya K. Sood aka 0kn0ck
This article provides you with the information on practi-
cal way of dissecting executables. You will also read on
active debugging and disassembling.
Defence
The Justiication for
Authentication and Encryption 58
Robert Bernier
In this article the author confronts the DBA with an
unauthorized person obtaining a valid user account
and password on his system.
Senior Consultant/Publisher: Paweł Marciniak pawel@software.com.pl
Production Director: Marta Kurpiewska
marta.kurpiewska@software.com.pl
Marketing Director: Ewa Dudzic ewa.dudzic@software.com.pl
Subscription: subscription@software.com.pl
The Bleeding Edge
Writing IPS Rules – Part Four 70
Publisher: Software Media LLC
(on Software Publishing House licence www.software.com.pl/en )
1461 A First Avenue, # 360
New York, NY 10021-2209, USA
Tel: 001917 338 3631
www.hakin9.org/en
Matthew Jonkman
It is a fourth part of Matt's column series on writing
IPS Rules.
Consumers Test
Software Media LLC is looking for partners from all over the World.
If you are interested in cooperating with us,
please contact us by e-mail: cooperation@software.com.pl
We Help You Choose the Most
Reliable Firewall
72
Print: 101 Studio, Firma Tęgi
Printed in Poland
Distributed in the USA by: Source Interlink Fulfillment Division, 27500
Riverview Centre Boulevard, Suite 400, Bonita Springs, FL 34134
Tel: 239-949-4450.
Pete Herzog, hakin9 team
Consumers test irewalls and share their opinions.
The goal is to help the readers make a right choice
when buying the software.
Distributed in Australia by: Europress Distributors Pty Ltd, 3/123
McEvoy St Alexandria NSW Australia 2015, Ph: +61 2 9698 4922,
Fax: +61 2 96987675
Interview
Whilst every effort has been made to ensure the high quality of the magazine, the
editors make no warranty, express or implied, concerning the results of content usage.
Kurt Seifried –
Linux Security Expert
76
All trade marks presented in the magazine were used only for informative purposes.
All rights to trade marks presented in the magazine are reserved by the companies
which own them.
hakin9 team
You will have a chance to get to know Kurt's point of view
on most recent and most important security issues.
To create graphs and diagrams we used program by
company.
Self Exposure
CDs included to the magazine were tested with AntiVirenKit by G DATA
Software Sp. z o.o
The editors use automatic DTP system
Mathematical formulas created by Design Science MathType™
Ben Lynn and Anton Grashion 78
Sylwia Stocka
This section is to introduce people who contribute to
IT Security development and reinforcement.
ATTENTION!
Selling current or past issues of this magazine for prices that are different than
printed on the cover is – without permission of the publisher – harmful activity
and will result in judicial liability.
Book Review
80
hakin9 is also available in: Spain, Argentina, Portugal, France, Morocco,
Belgium, Luxembourg, Canada, Germany, Austria, Switzerland, Poland,
Czech, Slovakia
Jim Halfpenny, Martin Jenco
The hakin9 magazine is published in 7 language versions:
EN PL ES CZ
IT FR DE
Upcoming
82
Monika Drygulska
Here we present topics that will be brought up in the
upcoming hakin9.
DISCLAIMER!
The techniques described in our articles may only be used in private,
local networks. The editors hold no responsibility for misuse of the
presented techniques or consequent data loss.
www.hakin9.org/en
hakin9 Nr 2/2006
~ t q w ~
5
 
 
388682966.015.png 388682966.016.png 388682966.017.png 388682966.018.png 388682966.019.png
 
388682966.020.png 388682966.021.png 388682966.022.png 388682966.023.png 388682966.024.png 388682966.025.png 388682966.026.png 388682966.027.png 388682966.028.png 388682966.029.png 388682966.030.png

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika:

Zgłoś jeśli naruszono regulamin