Security
Overview:
Articles about cryptography and various security flaws in network secuirty.
Web Security:
Cross Site Scripting - can be used for "phishing" (stealing login information or cookies).
PHP Security - details on filtering metacharacters e.g. using
EsacpeShellCmd()
MD5 - Javascript
Challenge-Handshake Authentication
log in systems
Cryptography:
Vigenere Cipher
Network Security:
WLAN MAC Spoofing
DHCP Spoofing
ARP Poisoning
ARP Spoofing
MAC Duplication
Detection of Duplicate IP Addresses by Microsoft TCP/IP
Results of Duplicate MACS on a Switched Network
MAC Spoofing--An Introduction
The Ingredients to ARP Poison
Wireless LAN Security – What Hackers Know That You Don’t
What's Wrong with WEP? - Explanation to how WEP is cracked, basically due to weak keys.
SmartCards:
An Overview of Smart Card Security
Jason's Notes - Technical overview of how chip and pin works.
EMV (EuropayMastercardVisa) info (chip and pin) look at: "What happens during an EMV transaction?"
GSM:
An interceptor product!
GSM Security Functions - Overview
GSM Security and Encryption - Very Detailed (Ki) and (Kc) keys generated by SIM card! A5, A8, COMP128
Seems that security has been cracked, by analysing the sim card for eight hours or even over the air! See:
Real Time Cryptanalysis of A5/1 on a PC
Security of GSM System
Post about GSM A5 encryption, even on control channel.
DVD:
About Jon Lech Johansen
- DVD Jon - DeCSS
- Jon's Blog
DeCSS
Public Key Crypto:
Diffie-Hellman - (For Symetric Key Exchange, RSA could be used after for authentication).
RFC2631 - Diffie-Hellman Key Agreement Method
Public Key Cryptography Etc
|
