2008年2月19日星期二
OS Fingerprinting
OS Fingerprinting, also called TCPIP stack fingerprinting, is the process of determining the identity of a remote operating system by analyzing packets received from that host. There are two types of OS fingerprinting:active and passive. Passive OS fingerprinting identifies the remote operating system by sniffing (capturing) packets exchanged between the source and remote systems. Active OS fingerprinting is the process of sending packets to a host and interpreting the response or lack thereof from that host.
2008年2月11日星期一
Spy in the making
A former employee of Ericsson, who was made redundant in the recent wave of job cuts was sentenced yesterday to eight years in prison for espionage. Afshin Bavand (46) handed secret company documents to the Russian intelligence agency last year, a move that could have harmed Sweden's national security. Also convicted were two of Bavand's co-workers for complicity in industrial espionage for gathering some of the information and giving it to Bavand. In an unusual move, the Stockholm district court sealed the documents that were used in evidence, and also imposed a court order preventing witnesses from discussing the case for 20 years. Bavand was arrested last November, while meeting a Russian diplomant who has been accused of being an intelligence agent. Sweden later expelled two Russian diplomats for “activities not compatible with their diplomatic status.” The documents are alleged to have contained information on mobile and fixed telephony systems. While Ericsson is also a defense contractor, there doesn't appear to have been any documents regarding Ericsson's defense products. Ericsson makes radar systems for defence programmes, including for the JAS-39 Gripen fighter planes made by Sweden's Saab and Britain's BAE Systems.
Ericsson hired Afshin Bavand in 1995 as a Test and Verification Engineer for the Transmission Systems Unit based in Stockholm. Bavand, an Iranian, attended Baguel Universitiy in the Philippines to study mechanical engineering and then went on to attned a technical school in Sweden. the fact that he is Iranian is relevant only in that it created his social circle.
Upon being hired at Ericsson, he socialized with other Iranian workers. He also was a member of a tight-knit Iranian community with ties to Iranians in other countries.
Sometime during his employment, Bavand started taking home documents from work. At first, he primarily took paper copies of documents. However, as the capacity of floppy disks and CDs grew, he started taking home electronic copies of documents. According to him, this was a common practice to that people could work at home or just study up to be better at their job. Although physical security is actually very strong at Ericsson facilities, somebody carrying out a few documents or a CD containig thousands of documents in a coat pocket would easily go unnoticed.
Ericsson hired Afshin Bavand in 1995 as a Test and Verification Engineer for the Transmission Systems Unit based in Stockholm. Bavand, an Iranian, attended Baguel Universitiy in the Philippines to study mechanical engineering and then went on to attned a technical school in Sweden. the fact that he is Iranian is relevant only in that it created his social circle.
Upon being hired at Ericsson, he socialized with other Iranian workers. He also was a member of a tight-knit Iranian community with ties to Iranians in other countries.
Sometime during his employment, Bavand started taking home documents from work. At first, he primarily took paper copies of documents. However, as the capacity of floppy disks and CDs grew, he started taking home electronic copies of documents. According to him, this was a common practice to that people could work at home or just study up to be better at their job. Although physical security is actually very strong at Ericsson facilities, somebody carrying out a few documents or a CD containig thousands of documents in a coat pocket would easily go unnoticed.
security quotes
There is no common sense without common knowledge.
MICE.. motivation of hackers to engage in malicious activities
Money, Ideology, Coercion, Ego
This is related to the 'Charney Theorem' as Scott Charney likes to call it.
Scott is the Chief Security Strategist at Microsoft and was previously in charge of the Deportment of Justice Intellectual Property and Computer Crime Unit.
His theorm is that at any time, 3 percent of the population will commit a crime if offered the opportunity.
Risk equation includes 4 components: value, threat, vulnerability and the countermeasures.
Risk =( Thread x Vulnerability / Countermeasures ) x Value
MICE.. motivation of hackers to engage in malicious activities
Money, Ideology, Coercion, Ego
This is related to the 'Charney Theorem' as Scott Charney likes to call it.
Scott is the Chief Security Strategist at Microsoft and was previously in charge of the Deportment of Justice Intellectual Property and Computer Crime Unit.
His theorm is that at any time, 3 percent of the population will commit a crime if offered the opportunity.
Risk equation includes 4 components: value, threat, vulnerability and the countermeasures.
Risk =( Thread x Vulnerability / Countermeasures ) x Value
2008年2月8日星期五
BND and Project Rahab
Spies among us
Germany
Germany is widely known to be among the most active intelligence collectors in the world. German maintians a very large intelligence organization, called Bundesnachrichtendienst(BND). Although its primary focus was the Eastern Bloc, the BND has always engaged in a significant amout of industrial activity.
Project Rahab is a BND effort to hack into computer networks and compromise systems in the Global Information Infrastructure. It began in the early 1990s and continues to this point.
One of Project Rahab's major reported successes includes infiltration of the SWIFT system, which is one of the world's major financial networks. SWIFT facilitates the transfer of trillions of dollars a day among financial institutions around the world.
Germany
Germany is widely known to be among the most active intelligence collectors in the world. German maintians a very large intelligence organization, called Bundesnachrichtendienst(BND). Although its primary focus was the Eastern Bloc, the BND has always engaged in a significant amout of industrial activity.
Project Rahab is a BND effort to hack into computer networks and compromise systems in the Global Information Infrastructure. It began in the early 1990s and continues to this point.
One of Project Rahab's major reported successes includes infiltration of the SWIFT system, which is one of the world's major financial networks. SWIFT facilitates the transfer of trillions of dollars a day among financial institutions around the world.
订阅:
博文 (Atom)