SecurityRatty: tag: sniff

Using Cain to sniff RDP/Remote Desktop/Terminal Server traffic via "Man in the Middle"

2008-10-20 01:05:45 by Editor in Irongeek's Security Site

...sniff RDP/Remote Desktop/Terminal Server traffic via "Man in the Middle" In this video I'll be showing how Cain can pull off a "Man in the Middle" attack against the Remote Desktop Protocol. While RDP versions 6.0 and later are less susceptible to these attacks because of the verification schemes added, there is still a risk since so many...

Tags: middle, cain, remote desktop protocol, video, verification schemes, rdp versions, messages, attacks, attack

Using Cain to sniff RDP/Remote Desktop/Terminal Server traffic via "Man in the Middle"

2008-10-20 01:05:45 by Editor in Irongeek's Security Site

...sniff RDP/Remote Desktop/Terminal Server traffic via "Man in the Middle" In this video I'll be showing how Cain can pull off a "Man in the Middle" attack against the Remote Desktop Protocol. While RDP versions 6.0 and later are less susceptible to these attacks because of the verification schemes added, there is still a risk since so many...

Tags: middle, cain, remote desktop protocol, video, verification schemes, rdp versions, messages, attacks, attack

Using Cain to sniff RDP/Remote Desktop/Terminal Server traffic via "Man in the Middle"

2008-10-20 01:05:45 by Editor in Irongeek's Security Site

...sniff RDP/Remote Desktop/Terminal Server traffic via "Man in the Middle" In this video I'll be showing how Cain can pull off a "Man in the Middle" attack against the Remote Desktop Protocol. While RDP versions 6.0 and later are less susceptible to these attacks because of the verification schemes added, there is still a risk since so many...

Tags: middle, cain, remote desktop protocol, video, verification schemes, rdp versions, messages, attacks, attack

Why would anyone use standard WEP? Isn't it super easy to crack & sniff?

2007-01-19 16:01:12 by Editor in Endpoint Security: Translating Policy Into Reality

Using standard WEP is akin to using a pad-lock & chain for securing a bicycle. It keeps the honest people honest. The argument given that WEP is so weak that it's not worth using, isn't completely valid. Using the bike analogy, would you stop using a lock & chain simply because anyone with a set of bolt cutters can defeat them in a second?...

Tags: wep, standard wep, chain simply, chain, bike analogy, pad-lock, lock, completely valid, bolt cutters

Myth vs. reality: Wireless SSIDs

2007-10-16 07:08:58 by Steve Riley in Steve Riley on Security

...sniffer programs and simply capture the hundreds of association frames or probes that litter your air. No amount of "hiding" configured in your access points can prevent this kind of traffic interception So there you have it, simple SSID discovery. The old axiom remains true: security by obscurity is no security at all. Hiding an SSID will...

Tags: simple ssid discovery, network, ssid, wireless network, networks, enterprise networks, wireless networks, mac, secure networks

How to Do Database Logging/Monitoring "Right"?

2007-12-13 11:26:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...sniffing SQL traffic off the wire . Before proceeding, please look for more background on database log management , auditing and monitoring in my database log management papers ( longer, more detailed - shorter ) The table below summarizes the situation with database monitoring and auditing - now you can make your choice more intelligently...

Tags: database, analyze database logs, database logs, database log review, database performance impact, database configuration, performance impact, database log management, log management

Web Camouflage: Protecting Your Clients from Browser-Sniffing Attacks

2008-01-07 09:15:52 by Editor in IEEE Security and Privacy

Browser cache and history are intended to be private, yet it's not difficult for malicious Web sites to "sniff" cache entries on visitors' computers and then use that information to more accurately deceive them. The authors' approach neutralizes the threat of URLs being discovered on client computers

Tags: malicious web sites, computers, client computers, browser cache, cache entries, accurately deceive, authors, history, threat

Where's My iPhone? A Lesson in Incident Response

2008-01-30 00:12:21 by Editor in Help Net Security - Articles

Security incidents come in many forms, from attackers breaking into computers, unauthorized attempts to sniff wireless networks and collect information, and stolen laptops or phones. This example is t

Tags: sniff wireless networks, collect information, security incidents, laptops, attackers, attempts, phones, forms, computers

TOP 10 - Military goods for sale and miscreants aplenty

2008-04-18 00:00:00 by HASH0x8472d04 in Network World on Security

...sniff out sites that have vulnerable applications, University of Washington researchers found that a small portion of Internet traffic is messed with by ISPs, and a Chinese hacker group is calling for a denial-of-service attack as a protest of the protests related to the upcoming Beijing Olympics

Tags: sans institute researchers, government accountability office, night-vision goggles, software tool, f-14 components, internet traffic, military equipment, washington researchers, vulnerable applications

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo