Transmission Control Protocol

Wireshark, Tools and forensic

  Intro   Making a forensic analysis means to be able to collect and analyze data in order to find out evidence that could led you to a specific break.   Although is usually considered a post-mortem activity in the IT realm this aspect is less marked than in other forensic environment. If we are running an investigation on a homicide, as an example, we will be present when everything is already done, and we just have to collect cold evidence. On the other end when we are running a forensic IT investigation we cannot be sure that the event…

TCP Split Handshake Issue

Image via WikipediaTCP Split Handshake Issue those days I’ve read on the news a lot of noise about an NSS test that were reporting a TCP handshake security hole (TCP Split Handshake Issue) in several commercial firewalls. The question is interesting from several points of view: are IPS and firewall really secure? is a vulnerability really a security issue? how does this vulnerability affect me? http://portadiferro.blogspot.com/2011/04/tcp-split-handshake-issue.html Related articles Other Considerations On TCP Split Handshake (paulsparrows.wordpress.com) TCP Split Handshake: Why Cisco ASA is not susceptible (paulsparrows.wordpress.com) TCP Split Handshake: The (Never)ending Story… (paulsparrows.wordpress.com) TCP Split Handshake Attack Explained (paulsparrows.wordpress.com) Hacker ‘handshake’…

Posts navigation