DNR's Suggested Readings

Post by **DNR** » 29 Jun 2009, 14:16

Post by **DNR** » 30 Jun 2009, 19:48

Windows Forensics

Windows Thumb DB file
http://digitalnomad.suck-o.net/DNR/red/win_thumb_db.pdf
Windows Registry
http://digitalnomad.suck-o.net/DNR/red/win_registry.pdf

Hacking Secrets 77pgs
http://digitalnomad.suck-o.net/DNR/red/ ... ecrets.pdf

Cable modem hacking: Everything the cable company does not want you to know 330pgs 21mb PDF
http://digitalnomad.suck-o.net/DNR/red/cable_modem.zip

Black Hat Las Vegas 2006 "Hacking the Intranet from the outside" 5.4mb 36pgs
http://digitalnomad.suck-o.net/DNR/red/grossman.pdf

DNR

Post by **DNR** » 30 Jun 2009, 21:18

Post by **Stavros** » 30 Jun 2009, 21:41

Speaking on this subject would you happen to have any texts on Wifi Triangulation and defeating it?

Post by **DNR** » 30 Jun 2009, 21:58

http://www.blackalchemy.to/project/fakeap/

Black Alchemy's Fake AP generates thousands of counterfeit 802.11b access points. Hide in plain sight amongst Fake AP's cacophony of beacon frames. As part of a honeypot or as an instrument of your site security plan, Fake AP confuses Wardrivers, NetStumblers, Script Kiddies, and other undesirables.

Fake AP is a proof of concept released under the GPL.

Fake AP runs on Linux (tested on RedHat 7.3). For *BSD versions, see the links below.

Perl 5.6 or later

One or more Prism2/2.5/3 based 802.11b cards with the CVS version of the Host AP Driver for Intersil Prism2/2.5/3 working

Also check this
http://rfakeap.tuxfamily.org/

DNR

Post by **DNR** » 03 Jul 2009, 11:02

Al-Queda manual

http://digitalnomad.suck-o.net/DNR/red/ ... manual.zip

*note my posting this does not mean I support Al-queda - so don't solicit me for donations.
DNR

nightkid · Post by **nightkid** » 06 Jul 2009, 21:50

damn nice information DNR..i plan to print all of these off and binder them...print them off at the library of course

Post by **DNR** » 24 Jul 2009, 12:36

new uploads

MANET-Mobile Ad-Hoc NETwork-.mil

http://digitalnomad.suck-o.net/DNR/red/manet.pdf

"examine some basic principles of network theory and
discuss why they are important to NCW, define wired and wireless computer networks in general, and then define Mobile Ad-Hoc Networks and describe their specific components and functions."

Another Web Server Security Guide (.mil)

http://digitalnomad.suck-o.net/DNR/red/ ... G-V6R1.pdf

Implementing wifi devices for vital signs monitoring

http://digitalnomad.suck-o.net/DNR/red/ ... lsigns.pdf

---
junk

Interesting doc about SA banks
http://digitalnomad.suck-o.net/DNR/red/SAbank.pdf

DNR

Post by **DNR** » 24 Jul 2009, 12:56

IBM Redbook Maximo Cert Exam - 4.5mb
http://www.redbooks.ibm.com/redbooks/pdfs/sg247761.pdf

IBM Redbook FileNet P8 - 6.5mb
http://www.redbooks.ibm.com/redbooks/pdfs/sg247667.pdf

IBM Z/OS
http://www-03.ibm.com/systems/z/os/zos/

IBM Redbook OS/390 HTTP Server - 4.1mb
http://www.redbooks.ibm.com/redbooks/pdfs/sg245603.pdf
"This redbook will help you understand, configure and use the IBM HTTP Server 5.1 for OS/390 R7, which is part of the IBM WebSphere Application Server strategy -- a core part of the OS/390 e-business infrastructure.
This book is written for Webmasters and system programmers who install or customize the IBM HTTP Server on OS/390."

or go here

http://www.redbooks.ibm.com/

or here
CICS Transaction Server Help

http://publib.boulder.ibm.com/infocente ... fhtlj1.htm

Post by **DNR** » 24 Jul 2009, 13:48

Hacking Nuclear Command and Control
http://digitalnomad.suck-o.net/DNR/red/ ... ng_NC2.pdf
"This paper will analyse the threat of cyber terrorism in regard to nuclear weapons. Specifically, this research will use open source knowledge to identify the structure of nuclear command and control centres, how those structures might be compromised through computer network operations, and how doing so would fit within established cyber terrorists’ capabilities, strategies, and tactics."

"Efforts by militaries to place increasing reliance on computer networks, including
experimental technology such as autonomous systems, and their desire to have
multiple launch options, such as nuclear triad capability, enables multiple entry
points for terrorists. For example, if a terrestrial command centre is impenetrable,
perhaps isolating one nuclear armed submarine would prove an easier task. There
is evidence to suggest multiple attempts have been made by hackers to
compromise the extremely low radio frequency once used by the US Navy to send
nuclear launch approval to submerged submarines. Additionally, the alleged
Soviet system known as Perimetr was designed to automatically launch nuclear
weapons if it was unable to establish communications with Soviet leadership."

"By using proxies, multi-layered attacks
could be engineered. Terrorists could remotely commandeer computers in China
and use them to launch a US nuclear attack against Russia. Thus Russia would
believe it was under attack from the US and the US would believe China was
responsible. Further, emergency response communications could be disrupted,
transportation could be shut down, and disinformation, such as misdirection,
could be planted, thereby hindering the disaster relief effort and maximizing
destruction. Disruptions in communication and the use of disinformation could
also be used to provoke uninformed responses. For example, a nuclear strike
between India and Pakistan could be coordinated with Distributed Denial of
Service attacks against key networks, so they would have further difficulty in
identifying what happened and be forced to respond quickly. Terrorists could
also knock out communications between these states so they cannot discuss the
situation."

"Supervisory Control and Data Acquisition (SCADA) systems are computer systems
used for critical infrastructure such as energy grids, water management, waste
treatment, transportation systems, emergency services, and communications. These
systems “automatically monitor and adjust switching, manufacturing, and other
process control activities, based on feedback data gathered by sensors” (Wilson
2003). These systems were intended to remain separate from the internet; however as
organisations grew, and so did the internet, it became more cost effective to tie them
together. In particular, with deregulation it became more important for offsite
maintenance and information sharing"

"Similar to the US football, Russia employs a nuclear briefcase known as Cheget. It
accompanies the President at all times and provides secure communication and
authorization codes for the order to launch a nuclear strike. It is connected to Kavkaz,
a communications network for senior government officials, which is in turn connected
to the broader nuclear command and control communication network Kazbek. Some
reports state that the Minister of Defence and the Chief of the General Staff are also
issued nuclear briefcases."
--
Reports on USA, China, England, Russia and India.

In the event of a nuclear war follow these instructions:
1.Get under a desk
2.Put Head down between your legs
3.Kiss your ass good bye! (pray you are killed in the inital blast)

DNR

Post by **Gogeta70** » 24 Jul 2009, 21:41

Some good reads. Thank you!

Post by **DNR** » 25 Jul 2009, 19:42

more

"SCADA systems have traditionally used combinations of radio and direct serial or modem connections to meet communication requirements, although Ethernet and IP over SONET / SDH is also frequently used at large sites such as railways and power stations. The remote management or monitoring function of a SCADA system is often referred to as telemetry."

Securing the Smart Grid
http://digitalnomad.suck-o.net/DNR/red/ ... t_grid.pdf

Cyber Assessment of SCADA Security
http://digitalnomad.suck-o.net/DNR/red/ ... curity.pdf

Wardriving tutorial old, but nice
http://digitalnomad.suck-o.net/DNR/red/wardrive002.pdf

802.11 Attacks best article on wardriving
http://digitalnomad.suck-o.net/DNR/red/ ... ttacks.pdf

Post by **ayu** » 26 Jul 2009, 03:02

wow, will take some time to read all this ^^

Post by **DNR** » 26 Jul 2009, 21:32

so many protocols so little time

Ad-hoc Routing Protocol for Aeronautical Mobile Ad-Hoc Networks
http://digitalnomad.suck-o.net/DNR/red/arpam.pdf

and got to have the bad news with the good news:

ARPAM Routing Protocol Vulnerabilities in Aeronautical Mobile Ad Hoc Networks
http://digitalnomad.suck-o.net/DNR/red/arpam_vuln.pdf

Post by **DNR** » 27 Jul 2009, 20:06

Hacking the Malware– A reverse-engineer’s analysis-36pgs
http://digitalnomad.suck-o.net/DNR/red/ ... alware.pdf
RAHUL MOHANDAS
"1.1 Overview:
This paper attempts to document an approach on how the hackers make use of the vulnerabilities to install malicious software on the vulnerable machine. A comprehensive reverse code engineered analysis of the malicious software (Win32.Qucan.a) and the various protection schemes against the worm by various security products are also discussed.
I also describe an approach to setting up a flexible laboratory environment using virtual workstation software such as VMware, and demonstrate the process of reverse engineering a worm using a range of system monitoring tools in conjunction with a disassembler."