Latest Research

TrackBack Spam: Abuse and Prevention Contemporary blogs receive comments and TrackBacks, which result in cross-references between blogs. We conducted a longitudinal study of TrackBack spam, collecting and analyzing almost 10 million samples...

Readmore

XCS: cross channel scripting and its impact on web... We study the security of embedded web servers used in consumer electronic devices, such as security cameras and photo frames, and for IT infrastructure, such as wireless access points and lights-out management...

Readmore

Embedded Management Interfaces: Emerging Massive Insecurity Over the last few years, the number of devices that embed user-friendly management interfaces accessible from the network has drastically increased. These interfaces can be found on almost every kind of...

Readmore

Decaptcha: Breaking 75% of eBay Audio CAPTCHAs. CAPTCHA tests aim at preventing attackers from performing automatic registration. In this paper we show that our prototype Decaptcha is able to successfully break 75% of eBay audio captchas. We compare...

Readmore

Extending Anticipation Games with Location, Penalty... Over the last few years, attack graphs have became a well recognized tool to analyze and model complex network attack. The most advanced evolution of attack graphs, called anticipation games, is based...

Readmore

  • Prev
  • Next

Scanner de ports

Posted on : 20-05-2007 | By : Elie Bursztein | In : Exercise, Teaching

0

Le but de ce TD est de vous permettre de voir en détail le fonctionnement d’un scanner de ports. L’autre objectif de ce TD est aussi de vous faire decouvrir le fonctionnement de la libpcap et la libnet qui sont des briques essentiels dans la programmation d’outils de sécurité système. Enfin c’est l’occasion de revoir la pile TCP. Les deux techniques demandées vanilla scan et half-open scan sont celle employer de base par NMAP. Elles furent decrites dans un article de Phrack 51 en 1997.

Le TD Scanner réseau (PDF)

L’article de phrack (en) : The Art of Port Scanning

la traduction francais (qualité moyenne)

Read Full Article

Network scouting techniques : utilisation and prevention

Posted on : 21-09-2002 | By : Elie Bursztein | In : Tutorial

0

This tutorial focus on the techniques used to scout a network, from host probing to advance fingerprint identification. It also present the methods that can be used to deceive scouting attempts.

Network scouting techniques : utilisation and prevention slides

Network scouting techniques : utilisation and prevention article french

Network scouting techniques : utilisation and prevention article english

Read Full Article

IDLE scan research

Posted on : 05-11-2001 | By : Elie Bursztein | In : Unpublished

0

This work focus on the use of the IDLE scan (-sI in nmap) to probe a network that use a nat. The code used was retired due to the lack of support and the robust implementation of idle scan in nmap.

Idle scan advisory

Idle scan article fr

Idle scan article En

Read Full Article