Internet Security Whitepapers

Anatomy of a Phishing Email

Internet Security Whitepapers Hacking Email Accounts

This paper discusses the tricks employed by email scammers in "phishing" emails, which are emails that spoof a reputable company in an attempt to defraud the recipient of personal information. These tricks are classified according to whether they are employed in the fraudulent emails or used in the fraudulent Web pages accessed by a link provided in the email. All of the examples used within the paper were taken from fraudulent emails forwarded to MailFrontier, Inc., from its customers.

Anti Spamming Techniques

Internet Security Whitepapers Spamming

In this article will we first look at some of the existing methods to identify an email as a spam? We look at the pros and cons of the existing methods and what are the current challenges in this domain. This article also needs a special mention to Paul Graham, for his wok in this field and putting up perhaps the most comprehensive tutorials in this domain on his homepage.

Anti-Spam Initiative

Internet Security Whitepapers Spamming

What is SPAM? No agreed universal spam definition. Confusion on what is spam and not! –end users subscribing to e-newsletters, etc. Definition adopted by the Anti-Spam Committee –inspired by the Australian and European Union definitions, "Unsolicited communications sent in bulk over an electronic media such as e-mail, mobile (SMS, MMS) and instant messaging services, usually with the objective of marketing products or services."

Application Layer Covert Channels

Internet Security Whitepapers Covert Hacking

Covert Channel is "Any communication channel that can be exploited… to transfer information in a manner that violates the systems' security policy" and "Anything that can be changed by one and seen by another can be used to send data". Classification are storage and timing, noisy and noiseless, aggregated and not-aggregated.

Attacking NTLM with Precomputed Hashtables

Internet Security Whitepapers System Hacking

Breaking encrypted passwords has been of interest to hackers for a long time, and protecting them has always been one of the biggest security problems operating systems have faced, with Microsoft’s Windows being no exception. Due to errors in the design of the password encryption scheme, especially in the Lan- Man(LM) scheme, Windows has a bad track in this field of information security. Especially in the last couple of years, where the outdated DES encryption algorithm that LanMan is based on faced more and more processing power in the average household, combined with ever increasing harddisk size, made it crystal clear that LanMan nowadays is not just outdated, but even antiquated.

Attitude Adjustment: Trojans and Malware on the Internet

Internet Security Whitepapers Trojans and Backdoors

This paper continues our examination of Trojan horses on the Internet; their prevalence, technical structure and impact. It explores the type and scope of threats encountered on the Internet - throughout history until today. It examines user attitudes and considers ways in which those attitudes can actively affect your organization’s vulnerability to Trojanizations of various types. It discusses the status of hostile active content on the Internet, including threats from Java and ActiveX, and re-examines the impact of these types of threats to Internet users in the real world. Observations related to the role of the antivirus industry in solving the problem are considered. Throughout the paper, technical and policy based strategies for minimizing the risk of damage from various types of Trojan horses on the Internet are presented.

Authentication and Session Management on the Web

Internet Security Whitepapers Web Based Password Cracking

This paper looks at the security concerns specific to websites that have a secure area where users can login. For much of the paper we use the example of Acme Enterprises, a fictitious company that sells generic goods by mail order. The company already has a basic website that provides a catalogue of its products. It is now looking to expand this to include an area where customers can manage their accounts. The security challenge is to keep the account information confidential, to prevent unauthorized modification and to ensure the account management system is always available for use. This is the fundamental triangle of information security – confidentiality, integrity and availability.

Automatic Detection of Web Application Security Flaws

Internet Security Whitepapers Web Application Vulnerabilities

Web applications are poorly programmed, highly vulnerable, and highly exposed. Black-box analysis of web apps is relatively easy but limited; white-box analysis of source code is promising but difficult. Input validation problems are the most common vulnerability in web apps. We have created a tool which implements a language-theoretic approach for static source code analysis, capable of assessing web applications security against a set of rules. Our tool is still under heavy development for refining many simplifications.

Beyond Stack Smashing: Recent Advances in Exploiting Buffer Overruns

Internet Security Whitepapers Exploit Writing Techniques

This article describes three powerful general-purpose families of exploits for buffer overruns: arc injection, pointer subterfuge, and heap smashing. These new techniques go beyond the traditional "stack smashing" attack and invalidate traditional assumptions about buffer overruns. Security vulnerabilities related to buffer overruns account for the largest share of CERT advisories, as well as high-profile worms—from the original Internet Worm in 1987 through Blaster’s appearance in 2003. When malicious crackers discover a vulnerability, they devise exploits that take advantage of the vulnerability to attack a system.

Biometric Authentication - Security and Usability

Internet Security Whitepapers Physical Security

This paper summarises our opinions and findings after several years of studying biometric authentication systems and their security. Our research on security and reliability issues related to biometric authentication started in 1999 at Ubilab, the Zurich research lab of bank UBS, and has been continuing at the Masaryk University Brno since mid-2000. This paper summarises our personal views and opinions on pros and cons of biometric authentication in computer systems and networks.