Just some loose notes on Computer/Database/Network Security.

No big deal here. No high tech stuff.

Important remarks:



1: General information:

1.1 My own simple notes:

Some simple (and incomplete) notes to investigate a Windows system (v. 3.1)
A quick (and incomplete) answer to what "SQL Injection" is (v. 0.1)


1.2 General Repositories Security bugs/exploits:

lists from: www.cvedetails.com
lists from: cve.mitre.org


1.3 Some Security Certifications:

CISSP (wikipedia)
CISSP (isc2.org)
CompTia Security+ (comptia.org)
CISM -ISACA (isaca.org)
CISA -ISACA (isaca.org)
ISO 27000 Series (wikipedia)


1.4 Microsoft bugs/exploits:

Quick link to all recent Microsoft KB's


1.5 Table of some general Documents and links, geared towards Windows exploits:

Could be of interest for study of general techniques.

General docs The Art of Computer Virus Research and Defense (html)
Adware / Malware Techniques of Adware and Spyware (very easy reading)
AppInit / DLL injection General doc from wikipedia

Short blog arcticle

Microsoft KB arcticle
Windows heap exploits Windows heap exploits (1)

Windows heap exploits (2)

Windows heap exploits (3)

Windows heap exploits (4)

Heap exploits in OSX and compared to Vista (5)
Windows heap sprays heap sprays (1) (microsoft research)

heap sprays (2)

heap sprays (3) (general info, but focused on javascript)

heap sprays (4)
Blended Attacks Blended Attacks (1)

Blended Attacks (2)

Blended Attacks (3)
Weakness DCOM General doc on DCOM security

Windows RPC DCOM exploits
Windows Netbios null sessions Windows Netbios Null sessions (1)

Windows Netbios Null sessions (2)

Windows Netbios Null sessions (3)

Windows Netbios Null sessions (4)
LSP & Winsock LSP wikipedia
Obfuscation viruses Entry point and Obfuscation viruses (1)

Entry point and Obfuscation viruses (2)
Microsoft Sites Malware Protection Center

MS Safety & Security Center (us english)

MS Safety & Security Center (international)

Remote Access attack vector www.ncp-e.com
Keyloggers wikipedia

To get an impression: Some popular keyloggers


1.6 File signatures:

Signatures (1)
Signatures (2)
Signatures (3)


1.7 Some usefull and interesting sites related to win internals:

skypher.com
undocumented.ntinternals.net


1.8 Some Tools:

Download Microsoft Technet "Sysinternals suite"
Win2K3 Resource Kit tools
Cygwin linux for Windows
Download the limited but free Moonsols memory toolkit
xvi32 hexeditor
hexdump32 hexviewer


1.9 PLC exploits & Industrial Computing Attacks:

⇒ Stuxnet:
Stuxnet (and comparable) (ppt)
Stuxnet (and comparable)
Stuxnet (and comparable) (ppt)

⇒ Duqu:
Duqu (1)

⇒ Some presentations:
Presentation 1


1.10 Bots and Botnets:

What are botnets (1)
Botnets ppt (1)
Botnets ppt (2)
Botnets ppt (3)


1.11 Listings of fixes / KB numbers / MS Bulletins:

Listing of fixes / KB no's / MS Bulletins


1.12 Posts of threats:

threatpost.com (kaspersky)
blogs.technet.com


1.13 Shellcode examples to get an impression:

Example 1
Example 2

1.14 Other interesting docs

Using Sysinternals to clean your System
An example Windows investigation
Win7 UAC comments
A rather "strange" report on smart codes
Windows forensics (1)
Windows Access Control (1)


2: Databases:

Some public links from which I think DBA's might obtain additional information to secure their systems.

2.1 Some notes on SQL Server Forensics:

SQL Server forensics (1)
SQL Server forensics (2)
SQL Server (anti) forensics (3)


2.2 Some notes on Oracle Forensics:

www.databasesecurity.com + links
petefinnigan.com
dba-oracle.com
Dissecting the Redo logs
Using BBED (orafaq.com)


2.3 Tutorials/Papers preventing SQL Injection:

Oracle: st-curriculum.oracle.com
Oracle: sort of whitepaper




Last update: 18 Februari, 2012

by:
antapex.org