Archive for the 'Hacking' Category

The History of Hacking

January 31st, 2008 * Comments(0)

Discovery Channel played a very interesting documentary titled “The History of Hacking”. This goes into the whole history of hacking starting with phone phreaking and Blue boxes and to the present state of hacking.

However, a significant portion of this documentary tackles Social Engineering especially the most famous or rather infamous social engineer of all, Kevin Mitnick. Folks in Computer Security should definitely read up on Kevin Mitnick’s books , The Art of Deception and The Art of Intrusion, both very interesting reads.

http://video.google.com/videoplay?docid=5464925144369700635

If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!

Yahoo! CAPTCHA Cracked

January 31st, 2008 * Comments(0)

A CAPTCHA is a type of challenge-response test used in computing to determine whether the user is human. The process involves one computer (a server) asking a user to complete a simple test which the computer is able to generate and grade. Because computers are unable to solve the CAPTCHA, any user entering a correct solution is presumed to be human. A common type of CAPTCHA requires that the user type the letters of a distorted image, sometimes with the addition of an obscured sequence of letters or digits that appears on the screen.

One of the strongest and most difficult CAPTCHAs to crack is used by Yahoo which ulilizes a mix of blended alpha numeric characters as show below.

Yahoo CAPTCHA

Read more »

Network Security Risk Assessment

January 19th, 2008 * Comments(0)

In this article, I will introduce you to some well known tools which security analysts use for Network Security Risk assessment, to know more about the layout of the network they are trying to test and also gather intelligence about that company, which the security analyst can use later on to conduct further tests and poke it for its weak points. The more information we can obtain, the more we can advice our client company of any potential problem areas and provide a better Network Security Risk Assessment. This whole process is called footprinting.

Footprinting:(Definition from Wikipedia)

Footprinting is the technique of gathering information about computer systems and the entities they belong to. This is done by employing various computer security techniques, as Ping Sweeps, TCP Scans, UDP Scans, OS Identification, Network Enumeration, Registrar Queries, Organizational Queries, Domain Queries, Network Queries, POC Queries and DNS Interrogation

Read more »