September 20: Warez of the trade for intrusion and protection

• Policy analysis: Byte editorial on the new amazon.com privacy policy. Bottom line: the new policy doesn't guarantee as much privacy as the old policy.
• The Cue Cat, a bar code scanner with important privacy considerations

• Background:
  1. Data transmitted on a network are subject to interception, monitoring or change.
  2. Physical access (e.g., to an Ethernet circuit) can make it nearly impossible to prevent mis-use.
  3. Available and active IP addresses are searchable either via the DNS or brute force searching.
  4. Determining the type of host and what vulnerabilities might exist with some precision is trivial.
• So, a network administrator needs to be concerned about possible mis-use of network protocols, interception of network data, and other potential problems.

• Remember: there is an active community of hackers who develop new software for intrusion or intrusion prevenvion & detection. You need to work hard to keep up with changes!
• Try rootshell.com for a collection of hacker's tools and administration software. The site is evidently no longer actively maintained, but still has an outsanding collection of software. As with most hacker's tools, be prepared to get into the source code to get things to work.
• At SecurityFocus, there is a collection of software with more of an emphasis on protection and administration than infiltration. But they have both, and quite a bit of analysis, news updates and mailing list archives as well.

• Mscan (link is to the code at SecurityFocus.com): General purpose tool for identifying IP addresses in subnets and probing for known vulnerabilities. Can very quickly investigate many computers and generate a list of potential vulnerabilities to expliot.
• Sniffit, a network packet sniffer. Includes an FAQ and some reasonable documentation.
• Rootkit, file lrk4.zip. Rootshell.com includes a search facility to retrieve this file. Various programs are included, not all of which will compile. Check out the README file, see whether it scares you (it should!).
• A few other tools are on blue, not all of which seem to work...