DecaffenatID : a little ARP IDS for Windows

DecaffeinatID is a tool for Windows that can be very useful against ARP attacks.

Introduction to network attacks : Physical Layer

That will be a short article, mainly because of two things. First, some methods are beyond my knowledge, involving electronics or hardware manipulation. Second, such methods are not efficient compare to higher level ones, and so rarely used. The mere concept of a physical attack implies that you have a direct physical access to your…
Continue Reading

Practicing Cisco networking with GNS3 and Dynamips

GNS3 and Dynamips put together give a nice open-source and free alternative to emulate a network with IOS routers. Dynampis is an emulator of Cisco 7200 router, while GNS3 provides a nice graphical environment to design your network and use the virtual routers. I sometimes use Boson Netsim, which is not only non-free but not…
Continue Reading

Ryan Farmer is a spammer

For those who still don’t know, Ryan Farmer would be a spammer and a liar. Quite embarassing to be caught like that. Maybe all this is a lot of noise, but such people deserve a good lesson of living in society. Really.

Windows Vista memory protection : defeated ?

It seems, at least according to some researchers showed it at the Black Hat conference. Mark Dowd (IBM) and Alexander Sotirov (VMWare) found a way to bypass the memory protection implemented in Vista to inject malicious instructions within Internet Explorer. They were able to copy any content wherever they wished on the disk. Especially, this…
Continue Reading

How-to : Mod-security 2 set-up for Apache 2

Mod-security is a security proxy for Apache. It adds a frontal layer filtering unwanted clients, malformed packets and malicious requests. It is especially usefull if your website is dynamic, involving php, sql, javascript, etc. With such a complex environment, as you can never be sure that your website is not vulnerable or up-to-date enough, something…
Continue Reading

Phocean.net

Computer Security Blog