White Hackers

by: Dennis Nazarenko Just select some text, press the corresponding key combination and the search results are in front of your eyes. This is what the new free program Hotkey Search Tool can do for you. An advanced Internet user searches from 8 to 30 times a day. In the case of specialized search systems, such as on-line translators, dictionaries, and references, this value increases and totals from 10 to 60 requests a day. Often, you had to start the browser and enter the search phrase to get the search results. But if the text is already typed, why should you have to type it again? Suppose you want to search an encyclopedia for some unknown word or find the site of some product by its name. All you need to do is just select the text and send a command to Hotkey Search Tool. The program will copy the selected text to the clipboard and open the browser with the search results. If you do not select any text, the program will select the string typed before you pressed the ...

by: Chris Bryant, CCIE #12933 Policy routing is a major topic on your BSCI exam, and you'll find quite a bit of policy routing going on in today's production networks. But what exactly is policy routing? Policy-based routing, generally referred to as "policy routing", is the use of route maps to determine the path a packet will take to get to its final destination. As you progress through your CCNP studies and go on to the CCIE (or to a Cisco Quality Of Service certification), you'll find that traffic can be "marked" by policy routing in order to give different levels of service to various classes of traffic. (This is done by marking the traffic and placing the different classes of traffic in different queues in the router, allowing the administrator to give some traffic higher priority for transmission.) There are some basic policy routing rules you should know: Policy routing doesn't affect the destination of the packet, but does affect the path...

SMTP stands for simple mail transfer protocol. It is a simple protocol based on exchange of commands. There are lots of commands supported, you can view a list here . The first command used in SMTP is the HELO or EHLO (extended hello). This a way of greeting the server. The server will reply back with some form of greeting. You can use SMTP to send fake mails read on at... http://www.windowsecurity.com/whitepaper/How_to_Send_Fake_Mail_Using_SMTP_Servers.html

Here is the list of default unix accounts... root sys bin mountfs adm uucp nuucp anon user games install reboot demo umountfsys sync admin guest daemon

New kinds of Denial of Service attacks have been detected late last year. They consist of using the DNS servers to flood the victim computer. More information here...

By Lance Spitzner Definitions and Value of Honeypots Lance Spitzner With extensive help from Marty Roesch and David Dittrich http://www.spitzner.net Over the past several years there has been a growing interest in honeypots and honeypot related technologies. Honeypots are not a new technology, they were first explained by a couple of very good papers by several icons in computer security, Cliff Stoll's book the Cuckoo's Egg", and Bill Cheswick's paper "An Evening with Berferd." This paper attempts to take their work further and discuss what honeypots are, how they can add value to an organization, and several honeypot solutions. There are a variety of misconceptions on what a honeypot is, how it works, and how it adds value. It is hoped this paper helps clear up those issues. Also, few people realize the risk and issues...

Privacy. It's a pretty simple concept, at least, for an individual. When you get a group of friends together, expecting your comments and actions to remain private is a little tougher to do. But what if one or two of your friends in the group told you that you could count on them to keep your comments secret? You could reasonably believe them, right? Well, if those friends were named Yahoo or Google, then no, you couldn't. A little background before I get started with the technical data. I run a website called www.gravito.com, I still intend to do something with it; most likely online IP tools for forum administrators, but for now the main page is blank. It's been that way since early 2004. At one point in my life, I had no job and thought I could run a little hosting/web design business right out of college. I think we all thought we could do that at some point in our lives, and some of you might do so now. You can see the Wayback Machine Archive of my hosting business her...

Phishing is becoming an increasingly big problem on the net. When the end user receives an email that for all purposes appears genuine and appears to originate from a trusted source, the psychological effect is to lower the levels of suspicion the user would normally have, when asked to provide sensitive information. There really is very little we can do to stop Phishers from making carbon copies of websites, spoofing email addresses and even buying ssl certificates to make their site appear more genuine. However, we can beat Phishing through implementing a process of two-way authentication. Under two-way authentiation, the customer is required to prove their identity to the bank's web site and the web site must prove its authenticity to the user. This ensures both parties can be confident that they are dealing with a legitimate source. If all financial institutions adopted this login procedure, phishing could be eliminated within the banking sector. The method is described in full...