• An error has occurred, which probably means the feed is down. Try again later.

Digging tunnels with SSH

SSH tunnels are an old trick, which is recently getting increasingly popular with all this content filtering happening at the corporate or even at the national level. This article demonstrates how to use SSH tunnels, bypass content filters and avoid port restrictions, even through HTTP proxy servers. . . . → Read More: Digging tunnels with SSH

ARP spoofing attack and defense

As described in Wikipedia, ARP spoofing (otherwise known as ARP poisoning or Arp Poison Routing – APR) is a Layer 2 attack that can be carried out in most internal networks and therefore is extremely dangerous. It’s main purpose is to sniff the communication of a client talking to a server, by intercepting or even modifying the traffic in order to decrypt the already encrypted traffic. This article will guide you through the process of understanding, demonstrating and protecting your network against this attack. . . . → Read More: ARP spoofing attack and defense

DHCP starvation - quick and dirty

The DHCP starvation attack is quite simple to implement and therefore quite dangerous, especially if it grows to a DHCP spoofing attack. It can be used to implement a Denial of Service (DoS) attack against the DHCP server on the local network, thus preventing legitimate clients from accessing network resources. In this article we will demonstrate how this attack can be deployed and later we will go through the steps necessary to mitigate it on Cisco equipment with the help of DHCP snooping. . . . → Read More: DHCP starvation – quick and dirty

IP over DNS

Sometimes while you are performing a penetration test, you need to break out from a supposedly isolated network like an internal VLAN in a bank, or a process network full of SCADA equipment. Such networks should be completely isolated from the Internet, so there is no chance that someone who has network access can implant a backdoor and either sneak out information or allow access from the outside. This article demonstrates how the often overlooked DNS service can be used to build a covert channel and why when you configure an isolated network, you shouldn’t allow even name resolution of external hosts. To demonstrate this we will use the NSTX tunnel software to build a dns tunnel and bypass firewall. . . . → Read More: IP over DNS