CISCO IOS Rookits are da bomb

Filed under:Blogs — posted by Consultant on June 6, 2008 @ 9:20 am

Sebastian Muñiz also known as “topo” who worked hard on creating the first public IOS Rookit, which among several things is platform independent, has now created a blog named “Ret2Libc - REVERSE ENGINEERING AND RELATED”

He mentions a document disclosed by CISCO in response to his presentation on IOS rootkits (the one he also gave at EuSecWest 2008) which includes several security measures administrators can take to protect their routers.

Take a look at the blog right here: http://ret2libc.blogspot.com/

Later,

Testing a personal firewall solution, a couple of resources

Filed under:Methodology — posted by Consultant on June 4, 2008 @ 10:09 am

I was looking for resources on how to test personal firewall solutions which are so frequent these days. Here are some of the things I found which may come in handy to someone looking 4 the same thing.

History and Advances in Windows Shellcode (The part for: Uploading file with debug.exe and VBS)
http://www.phrack.org/issues.html?id=7&issue=62

Bypassing Windows Personal FW’s
http://www.phrack.org/issues.html?issue=62&id=13 

Firewall leak tester (a collection of scripts for testing personal firewalls)
http://www.firewallleaktester.com/

Defeating Windows Personal Firewalls
http://www.thehackademy.net/madchat/windoz/win32inc/defeating_windows_personal_firewalls.pdf

Hope those help! I need to add those to the directory.

-AV



image: detail of installation by Bronwyn Lace