Buffer Overflow - Angriffe und Gegenmaßnahmen
Pufferüberläufe gehören zu den häufigsten Sicherheitslücken in aktuellen IT-Systemen. Es wird versucht zu beschreiben, wie sie entstehen, wie man die direkten Folgen unterdrücken kann und mit welchen Maßnahmen man das Gesamtsystem schützen kann. Dies ist die schriftliche Zusammenfassung dieses Vortrages.
Data Mining – Detection and isolation of events using transformations
There is a variety of tools to filter packets from a network. One of the most popular ones is the Berkeley Packet Filter (BPF). All such filters are based on static descriptions, e.g., fixed source ports or fixed subnets of IP addresses. These methods work well for most types of network traffic, but there are cases in which a wider variety of applications may be appropriate. In this paper we will introduce a new analysis tool which will allow us to do a time-dependent analysis.
Sicherheitsrisiko in der libpcap - Wann sind tcpdump, snort und wireshark blind?
The libpcap is the foundation of many different tools for monitoring, diagnosing and protecting networks. A bug in the implementation of the analysis of VLANs (802.1q) leads to these programs not receiving important network traffic. This is the written summary of this lecture lecture.