O Fingerprint Scrambling

The best way to defend against fingerprinting attempts is to modify the defining characteristics of network listening hosts and services to further masquerade the identity of the system. Change configurable values of services to emulate those of different but similar services on a completely separate architecture. The more ways you can mask the identity of the operating system and services, the less likely their true identity will be easily discovered. When making these modifications, however,...

Exploiting Radio Frequency

Radio frequency is the transmission medium over which 802.11 rides. If the medium is hacked, whatever it carries is disrupted, much like how torpedoing an ocean liner would probably kill many people onboard. So, if 802.11 is a train, then radio frequency (RF) is the rail tracks on which the train rides. RF is electromagnetic radiation that is either induced or radiated when an electrical current passes through an antenna, which is a device designed to emit or receive electromagnetic waves. All...

Armand Puccetti

Armand Puccetti is a research engineer and project manager at CEA-LIST (a department of the French Nuclear Energy Agency, http www-list.cea.fr) where he is working in the Software Safety Laboratory. He is involved in several European research projects belonging to the MEDEA+, EUCLID, ESSI, and FP6 programs. His research interests include formal methods for software and hardware description languages, semantics of programming languages, theorem provers, compilers, and event-based simulation...

Van Eck Phreaking

In 1985, Wim Van Eck, a Dutch researcher, published a paper in Computers & Security entitled Electromagnetic Radiation from Video Display Units An Eavesdropping Risk In this paper, he details how the electromagnetic emanations from a display device can be intercepted to give a representation of what is being displayed on the screen. Although the security issues of intentional radio frequency (RF) emissions are common knowledge, such as those from a wireless network, the unintended ones can...

Platter Locks and Circumvention

In the last couple of years, some computer manufacturers have introduced password-protected hard drives (or platter locks), particularly for use in laptops. The password is stored in the chipset on the drive and is accessed or modified by the drive CMOS. This technology requires users to enter a password before the hard drive can be activated. During a cold or warm boot, this occurs just after the POST (at the time the hard drive is accessed), and it arrests the machine at that state until the...

O Preventing TPM Reset Attacks

The TPM reset attack is technically very difficult to prevent using some of the oldest TPM technology, namely TPMs provided on daughterboards. The attack is more complicated to perform if the TPM is integrated to the motherboard, rendering access to the chip pins more difficult. On the other hand, the risk associated with this attack is very low due to the very high cost for the attacker She has to not only be present in front of the computer, but also open it, find the TPM and the correct pin,...

Computer Viruses and Other Malware

All the previously mentioned attack categories can also include some form of malware in the body of the email message. Malware generically refers to software that performs some form of action without the user's consent, meaning the software is hidden in some way or advertises a rather different purpose from its real one. This category includes computer viruses (which we'll describe in detail next), worms, Trojans, spyware and so on. Malware is commonly attached to SPAM and e-mail fraud...

O The Complex Art of Mail Filtering SPAM and Virus Traffic

Much effort has recently focused on new and better ways of filtering email traffic. Of course, static rules can always be applied with every MTA, but SPAM and virus traffic have increased the need for dynamic filtering. Email filtering is a complex topic with lots of different methods of filtering. First of all you must understand that processing all your email traffic is going to take a substantial amount of resources, especially on busy servers. Before even discussing the technology you're...

Introduction To Trusted Computing

Trusted Computing was defined by the Trusted Computing Group (TCG, formerly known as Trusted Computing Platform Alliance or TCPA) as a set of industry standards revolving around the specification of a Trusted Platform (TP). The TCG was founded in 2003 and is, in its own words (see a not-for-profit organization formed to develop, define, and promote open standards for hardware-enabled trusted computing and security technologies, including hardware building blocks and software interfaces, across...

About the Project Managers Barcelo

Marta Barcelo is Director of Operations, co-founder of ISECOM, and is responsible for ISECOM business operations. In early 2003, she designed the process for the Hacker Highschool project, developing and designing teaching methods for the website and individual and multilingual lessons. Later that same year, she developed the financial and IT operations behind the ISESTORM conferences. In 2006, Marta was invited to join the EU-sponsored Open Trusted Computing consortium to manage ISECOM's...

Web Services Enumeration and Manipulation

In earlier implementations of web services, an organization would register their web service with a Universal Business Registry (UBR) so that third parties could search a master Universal Description, Discovery and Integration (UDDI) database of publicly available e-commerce web services. Attackers could also search these public databases to discover web services, and all of the information required to access them, via a Web Services Definition File (WSDL) file. The modern architecture of web...