Security at Stake

Me-Myself-I

Search

Projects-

Email Contacts.

Linkedin Network..

Previous Posts

IS Research Author

Conferences.

EuSecWest
Troopers
XFocus Xcon
Xfocus XKungfoo
Owasp
Clubhack
CERT-IN

Archives

Links

Game Servers Information Leakage - Vulnerable Server Files.

The game environment is on of the pre-dominant working stature of various games running on web servers. The configuration plays a crucial role in management of these game files on the server. Basically it has been noticed that structure of game file is well defined in a relative files. After pen testing and auditing number of web servers serving online games, it has been found that number of game servers are prone to information leakage through configuration files.

More: http://cera.secniche.org/game_ser.html

Regards
0kn0ck

Posted on 3/29/2008 10:23:00 AM by 0kn0ck | 0 Comments

Exposure of Vulnerable Backup Files on Web Servers

The backup procedure is considered to be as one of the best practise of administrative working. This has been seen several times that administrators make backup and placed them on the server with same access as of other files. This is matter of great concern because these backup files can be crawled easily there by leveraging enormous amount of information of web server and configuration of the applications. This is a basic problem of poor web administration.

For more:

CERA || Exposure of Backup Files.

Regards
0kn0ck

Posted on 3/27/2008 12:47:00 AM by 0kn0ck | 0 Comments

Information Leakage - Vulnerable and Open Checks on Awstats and Webalizer Executable Scripts

The traffic analyzers are used to keep a track on the incoming packets and the type of resource requested. It not only encompass the working procedure but also the bandwidth and resource utilization. The raw stats provide the way request is made by the client or user. This helps in understanding the flow of traffic and the place from where it originates. The vulnerable and open awstats provide plethora of information. You can see the analysis on:

CERA | Awstats/ Webalizer Open Check

Regards
0kn0ck

Posted on 3/16/2008 12:39:00 AM by 0kn0ck | 0 Comments

Mlabs : Vulnerability Risk Randomization - Wireless Networks - Paper Released

This paper provides a reflection on the vulnerability scenario with reference to wireless system errors and various security vectors. The vulnerability risk randomization entirely depends on handling and control of security vectors. Despite of number of vulnerability assessment methodologies and deployment techniques, the bugs still continue to flourish. The inferences from various cases do still not suffice enough to thwart the bugs originating from the system. The vulnerability is always disseminated by post influential measures. The risk of vulnerability randomization is high from security perspective.. The security realm is based on bug existence and vulnerability patching. The induction of randomization factor in vulnerability finding has made the task onerous.

For detail lookup visit : MLABS

Regards
0kn0ck

Posted on 3/11/2008 08:44:00 AM by 0kn0ck | 0 Comments

New Hakin9 Paper : Reverse Engineering Binaries : Level 2 Checks

This paper describes a Level 2 practical analysis of a window binary. It covers the methodical approach to reverse engineer an executable. The binary can be a console program or GUI based. The point of this talk is to understand a hierarchical layout to reverse an application within specific time limits.

http://www.hakin9.org/prt/view/about-the-mag/issue/691.html

Richard' Bejtlich View: Tao Security Blog

0kn0ck

Posted on 3/04/2008 06:39:00 PM by 0kn0ck | 0 Comments