Contribution: Authors
Pub Date: March 2015
ISBN: 978-1849285995
Publisher: IT Governance Publishing
Contribution: Authors
Pub Date: June 2004
ISBN: 0321202171
Publisher: Addison Wesley/Pearson
Contribution: Authors
Pub Date: March 2010
ISBN: 9781849280358
Publisher: IT Governance Publishing
Contribution: Authors
Pub Date: September 2005
ISBN: 0072259175
Publisher: McGraw-Hill Osborne Media
Contribution: Chapter 13 - Wireless Network Security
Pub Date: November 2003
ISBN: 0072226978
Publisher: McGraw-Hill Osborne Media
Contribution: Authors
Pub Date: November 2004
ISBN: 8441517894
Publisher: ANAYA multimedia
Contribution: Authors
Pub Date: June 2005
ISBN: 2744019488
Publisher: CampusPress
Contribution: Authors
Pub Date: July 2005
ISBN: 5477000678
Publisher: NT Press
Contribution: Authors
Pub Date: July 2005
ISBN: 8373619216
Publisher: Helion
Conference: Modern Information Technologies and IT education
Dates: 18-22 December 2006
ISBN: 5371018315
Topic: Effective attack vectors of 801.11a/b/g networks.
Articles, interviews and other press releases written or contributed to by our experts.
RSA, Oct 2008 - RSA Wireless Security Survey 2008
Sunday Times, 25 Nov 2007 - More bad news in the post
Sunday Times, 03 Sep 2006 - Trojans: worse than a virus
Sunday Times, 19 Dec 2004 - Airwave hackers spark computer alert
Linux World, November 2004 - Building Secure Wireless Networks
Linux Journal, October 2003 - Why should you go to Defcon
The Age, March 2003 - Broadband Insecurities
SMH, March 2003 - Broadband Insecurities
IT СПЕЦ, #11 Nov 2008 - Wireless castle defences (page 24)
IT СПЕЦ, #04 Apr 2008 - Experts survey(page 100)
IT СПЕЦ, #12 Dec 2007 - Experts survey (page 90)
IT СПЕЦ, #11 Nov 2007 - Experts survey (page 26)
IT СПЕЦ, #09 Sep 2007 - Interview (page 34)
IT СПЕЦ, #09 Sep 2007 - Methodology of internal audits (page 28)
IT СПЕЦ, #09 Sep 2007 - Certifications and security policy (page 22)
IT СПЕЦ, #09 Sep 2007 - Internal vs External audits (page 18)
Virtual Education, Sep 2007 - Universal Program for Teaching Hands-On Information Security (MSc level)
IT СПЕЦ, #06 Jun 2007 - Experts survey (page 92)
Xakep СПЕЦ, #075 Feb 2007 - One Key to many doors (page 50)
Xakep СПЕЦ, #074 Jan 2007 - Special survey (page 62)
Xakep СПЕЦ, #071 Oct 2006 - Special survey (page 80)
Xakep СПЕЦ, #070 Sep 2006 - Special survey (page 84)
Xakep СПЕЦ, #069 Aug 2006 - Special survey (page 66)
Xakep СПЕЦ, #068 Jul 2006 - Special survey (page 84)
Xakep СПЕЦ, #068 Jul 2006 - Secret Service (page 56)
Xakep СПЕЦ, #066 May 2006 - Ask the Expert (page 84)
Xakep СПЕЦ, #066 May 2006 - Interview (page 80)
Xakep СПЕЦ, #066 May 2006 - RIP and IGRP Attacks (page 18)
Security Lab, 18 April 2006 - Wireless Attacks (part 3)
Security Lab, 25 February 2006 - Wireless Attacks (part 2)
Security Lab, 15 February 2006 - Wireless Attacks (part 1)
Security Lab, 15 November 2005 - Wetware Hacking (part 2)
Security Lab, 01 November 2005 - Wetware Hacking (part 1)
The list of public advisories on new vulnerabilities that we are able to disclose without violating our NDA's with customers and affected products vendors.
RSA Keyon Log verification bypass vulnerability
Quagga information disclosure vulnerability
Quagga route injection vulnerability
Cisco PIX embryonic state machine TTL(n-1) DoS
Cisco PIX embryonic state machine 1b data DoS
IEEE 802.1q Unauthorized VLAN Traversal Weakness
Cisco EIGRP Protocol Unauthenticated Goodbye Packet Remote DoS
Cisco EIGRP Protocol HELLO Packet Replay Vulnerability
Cisco PIX Invalid TCP Checksum Denial Of Service Vulnerability
Belkin Wireless routers Authentication bypass vulnerability
BT Voyager 2000 Wireless DSL Router Plaintext Password Weakness
NcFTP Local Information Disclosure Vulnerability
D-Link DSL Router Plaintext Password Weakness
D-Link DSL Router SNMP Default Community String Vulnerability
Buffalo AirStation Pro Access Point Denial Of Service Vulnerability
Surecom Router SNMP Default Community Strings Vulnerability
Cisco IOS 12.1 Large TCP Scan Denial of Service Vulnerability
Cisco Malformed HSRP Traffic Denial of Service Vulnerability
Cisco Spoofed HSRP Loopback Denial Of Service Vulnerability
This page provides links to some of our free testing tools shared with the security community.
CURRENT VERSION: 0.1a (Download)
AirJack is a device driver (or suit of device drivers) for 802.11(a/b/g) raw frame injection and reception. It is ment as a development tool for all manner of 802.11 applications that need to access the raw protocol.
This is a modified version of the original AirJack made to to work with 2.6.x version of linux kernels. The code is still raw and might have bugs. It has been tested to work with Fatajack, WepWedgie and File2Air. For installation please follow the instructions in README file.
CURRENT VERSION: 0.4b (Download)
Cisco Torch mass scanning, fingerprinting, and exploitation tool was written while working on the next edition of the "Hacking Exposed Cisco Networks", since the tools availalbe on the market could not meet our needs.
The main feature that makes Cisco-torch different from similar tools is the extensive use of forking to launch multiple scanning processes on the background for maximum scanning efficiency. Also, it uses several methods of application layer fingerprinting simultaneously, if needed. We wanted something fast to discover remote Cisco hosts running Telnet, SSH, Web, NTP and SNMP services and launch dictionary attacks against the services discovered.
CURRENT VERSION: 0.1.1 (Download)
SNMP fuzzer uses Protos test cases with an entirely new engine written in Perl. It provides efficient methods of determining which test case has caused a fault, offers more testing granularity and a friendlier user interface. Happy vulnerability searching.
CURRENT VERSION: 0.1a (Download)
ntp-fingerptint is an active fingerprinting utility specifically designed to identify the OS the NTP server is running on.
CURRENT VERSION: 0.1 (Download)
TFTP-bruteforcer is a fast multithreaded TFTP config filename bruteforcer.
CURRENT VERSION: 0.1 (Download)
This is a custom EIGRP packet generator and sniffer developed to test the security and overall operation quality of this brilliant Cisco routing protocol. Using this tool requires a decent level of knowledge of EIGRP operations, packets structure and types, as well as the Layer 3 topology of an audited network.
CURRENT VERSION: 0.1 (Download)
This is the IOS binary image packing and unpacking program capable of calculating a correct checksum for these images.
CURRENT VERSION: 0.1 (Download)
This is a proof of concept program that demonstrates the vulnerability of Cisco PIX devices to a Denial of Service attack using a spoofed bad checksum packet.
Senior I.T. executives often request that we publish no nonsense guides to provide an independent view on a information security topic. We have written these on a single A4 side and they contain all the information needed in a practical yet non technical way. We welcome any requests and suggestions for forthcoming Security Awareness subjects that you would be interested on getting. Click to download the pdf for any of the following:
"Security for Wireless LAN's"- The real issues and solutions.
"Social Engineering Attacks" - What they are and how to counter them.
"Information Security Audits" - Selecting the right people and targeting them correctly.
"Hackers and Crackers" - What you should know.
"Viruses, Worms and Trojans" - What they are and how to counter them.
Our respected security specialists author books on the latest information security topics. However we also, on request, provide original research and ideas through our Whitepapers. Some of these Whitepapers are listed below. We welcome any requests and suggestions for forthcoming whitepapers on subjects that you would be interested on getting our views on.
"Technical Security Demands for Cloud / SaaS Services"
"Outsourcing Penetration Testing? - Go Local!"