Kroll-O'Gara Information Security Group :: Packet Storm
Contact UsFAQBackend
Archives
News
Services
Forum
Careers
Top Files
Today's Files
20
50
100
500
1000
Are you secure?




 
 
Tue Jan 4 01:08:14 2000



 
 
Tue Jan 4 01:09:39 2000

 

Packet Storm Site Search
Match: Format: Sort by:
Search:
Want to release something on Packet Storm? Submit it here (FAQ).

 


Storm Chaser 2000
Ongoing
Packet Storm 2000: Storm Chaser 2000

COMPETITION RULES ARE ANNOUNCED!

The talk of distributed attack tools is causing quite a stir. Obviously we are seeing just the tip of the iceberg with what is to come; attacks which involve factors such as encryption, mobility, stealth, that are under anonymous control, that update themselves, that use communication to co-ordinate, that are controlled by hacktivists, cyberterrorists, cybermilitia and, of course, governments. The Internet is truly becoming the fourth battlefield, built on top of not just a civilian, but an academic infrastructure.

How do we defend our part of the Internet against information warfare?

Obviously there are more factors involved than just a technical solution; we need to consider issues of policy, international co-operation and co-ordination, and administration.

But can we really wait for governments and politicians to solve this problem when technology increasingly outstrips policy?

With this in mind, Packet Storm poses this question:

What pure or applied technical measures can be taken to protect the Internet against future forms of attack?

The Kroll-O'Gara Information Security Group and Packet Storm will offer USD $10,000 for the best technical white paper which defines the problem and answers the above question. Winners will be announced at RSA 2000 in January.

CLICK HERE FOR MORE INFORMATION

 

Packet Storm is Hiring!
December 22, 1999
Packet Storm has the following positions open

Business Development/Marketing

Various Technical Positions

Requirements: All positions require extensive knowledge and experience in computer security and good communication skills. All technical positions require PERL and UNIX experience.

All positions are located in Palo Alto, CA and candidates must be willing and able to relocate.

Please submit your resumes to gia@securify.com

 

PSS goes floodnet
December 22, 1999
Alas, there is much to fear! Y2k is near, and TFN2k is here!

New features include: Remote one-way command execution for distributed execution control, Mix attack aimed at weak routers, Targa3 attack aimed at systems with IP stack vulnerabilities, Compatibility to many UNIX systems and Windows NT, spoofed source addresses, strong CAST encryption of all client/server traffic, one-way communication protocol, messaging via random IP protocol, decoy packets, and extensive documentation. Currently no IDS software will recognise tfn2k. Courtesy of Mixter.

Is this the beginning of the end for classical Intrusion Detection? TFN2k includes the ability to jam Intrusion Detection Systems by ordering the attack constellation to hit servers pretending to exploit vulnerabilities, in addition to flooding the network while the attacker slips in below the (packet) storm [ack, gag]. Let's not forget the ability to send decoy packets, either. We all know how most of the IDSs out on the market are already having problems keeping up with ever increasing network speeds and effectively matching attack signatures without reporting false positives/negatives. How do we detect this now, considering TFN2k uses strong encryption and randomly selects the means in which messages will be sent.

With the ability to send spirious commands to these drones, I'd hate to see this in the hands of the spammer community. Of course, then we could easily prosecute... if we could figure out where the commands are coming from, that is. By using a custom one-way protocol and spoofing source addresses, this could be a bit tricky.

Know how we defend against this? Win $10,000. Storm Chaser 2000! :)

 

Confused?
Continuing
Confused by all the files on Packet Storm? Administrate a large corporate network, but don't have the time to keep with Packet Storm's daily additions? Don't know whether you're using the right tools, but want to know how vulnerable your network is? Wish you had the spare time all the hackers seem to have in keeping up with what's cutting edge? Get the experts to assess your network- Click here for more details or send us an e-mail.

 

RSA 2000/Giveaways
Upcoming
Packet Storm will be at RSA 2000 coming up January 16-20th. We're bringing the PSS Humvee too. So we've all seen the sorts of corporate rubbish that get handed out as giveaways at these affairs. Boring. What would be the ultimate giveaway? It has to be something affordable yet suave, functional yet sophisticated. Packet Storm Chop Sticks? Packet Storm Blowtorches? Packet Storm Slim Jims? Have your chance to participate in the PSS Marketing Machine! Send your suggestions here. If we use your suggestion, we'll send you one.

You wouldn't believe some of the suggestions we've had for our RSA2k giveaways. Of course, everyone wants the Humvee, but we've had some strange suggestions..!

 

Careers at Kroll-O'Gara ISG
Continuing
Looking for an interesting job? Want to work amongst world class experts? Want to be on the cutting edge of security? The Kroll-O'Gara Information Security Group has a number of exciting positions available ----> Click here!

 



You are visitor number 8230kljsd~~9k$~/ue.. [overflow]

Do NOT attempt to mirror this site, you will trigger ip filtering software.

Copyright © 1999 Kroll-O'Gara Information Security Group, All Rights Reserved. Legal Notice