White paper
  • Scanning :: Encored

    04.01.2005

    This chapter covers all facets of Scanning, the second phase of a hacking process where hackers will be using aggressive network probing techniques and tools to uncover further information about the target organization. In order to obtain and uncover all potential information related to a particular network, the hackers are required to employ many different scanning types, such as war-dialing, port scanning, OS fingerprinting, vulnerability scanning, and so forth. This paper will discuss these crucial aspects of scanning in details to help you have a better understanding about the techniques taken by the hackers prior to the Penetrating phase.

    Continue reading
  • Footprinting :: Encored

    04.01.2005

    This paper introduces you to one of the most important aspects of a premeditated hacking process, footprinting. Footprinting is so essential and important that not so many hackers can possibly complete their journey without first going through this stage. Having a good understanding of footprinting allows you to dig further into the art of information gathering. Later in the paper, you will be introduced to a wide range of methodology and tools that can be used to obtain general information about your target.

    Continue reading
  • Computer Crimes & Legal Implications

    04.01.2005

    Crimes are now no longer restricted by physical security mechanisms when assisted by high-tech devices or computers with Internet connection. The complication and unstoppable growth of computer crimes are the reasons that lead Congress to constitute several computer crime laws to address computer-related criminal activity. One of which is 18 U.S.C . 1029 (Section 1029 of Title 18 of the United States Code), addressing fraud and related activity in connection with access devices. The primary federal statute that can be used to address fraud and related criminal activity in connection with computers is 18 U.S.C . 1030 (Section 1030 of Title 18 of the United States Code). The main goal of this paper is to help you understand these law systems better and how it may help the law enforcement officials punish the wrong doers.

    Continue reading
  • Instant Messaging technology. Do the advantages outweigh the risks?

    12.01.2003

    Enterprises start to see Instant Messaging (IM) technology as the next revolution, and some even deploy the technology for business use but not many of them knowing that IM applications are facing a lot of security and privacy issues. This paper takes us inside two of the most common security vulnerabilities to date: Buffer Overflow and Cross-Site Scripting (XSS). We'll then start to examine three most popular IM applications: Yahoo! Instant Messenger (YIM), AOL Instant Messenger (AIM) and Microsoft Instant Messenger (MSN Messenger) to see how they are left vulnerable to those security issues.

    Continue reading