Monday, May 18, 2009
Wireshark & N-map
Today starts my internship at Firmus Security. The Hacking Exposed 6th Edition that on the table totally catch my eye. This spend me around 2 hours on it, since no assignment yet.
I briefly read through "Hacking the Code" and "Malware" part I able to recall back some common technique : buffer overflow, heap overflow, format string attack, off- one-error code. The rootkit part i gain quite a lot. Hacker Defender a.k.a hxdef has elaborated quite details in it. I wonder how famous this rootkit now?
Emm, today is my first time touch on Wireshark and since the NIC is in promicious mode, it able to get traffic in. I will work more on the analysis soon.
Nmap-gui, just now played with it. I stil stick to my favor TCP SYN
#nmap -sS -O 192.168.1.1-254
More to go.. Woot!
Posted by gento_ at 11:52 PM