Contents

1. Malware Detection
   David Maciejak
   The last part of a three-part series. The author ends on local operating system checks using cases examples and presents what kind of remote checks can be done.
   
2. Virtual Keyboard Protection
   Debasis Mohanty
   This article is to show how virtual keyboard protection can easily be broken. The author presents how the on-line protection of banking service can be defeated.
   
3. Fuzzing XML
   Andres Andreu
   This article is focused on fuzzing techniques on structured XML data. You will learn how fuzzed XML can be applied and how to facilitate the fuzzing process.
   
4. ICMP-Based Blind Connection
   Fernando Gont
   The article presents how to perform an ICMP-based blind connection reset attack and what impact this attack has on BGP and VoIP technologies.
   
5. VoIP Security
   Luca Leone,
   For companies, using VoIP is an easy way for communication between their several branches and for their teleworking employees; many users choose the VoIP to leave behind the traditional telephonic companies and to pay cheaper bills...
   
6. Demystifying the Power of SELinux
   Daniel Boland
   Your Internet connection has been disconnected, cutting your server and workstations off from the world. You can't access important Internet services and your clients can no longer access your website or send you emails. Angry and ready to tear into them you call your ISP only to have them tell you it is not a service outage.
   
7. Writing IPS Rules
   Matthew Jonkman
   Writing signatures for an IDS or IPS such as Snort is as much art as it is science. There are many things to consider when doing so; false positives, false negatives, preprocessing and stream reassembly, load and efficiency, etc. Many experienced snort and other IDS users can make it many years into a career without writing a single rule.
   
8. Data Recovery Software
   Clint P.
   The choices of data recovery software range from free to thousands of dollars. There are many differences between open source and commercial software, and data recovery is no exception. Cost will be the determining factor for many who are in need of software to recover lost data. A good rule of thumb is to consider what the data is worth to you before you spend money on it. If you lost a bunch of mp3’s or rar’s that can easily be re-downloaded, then open source may be the way to go.
   
9. Interview with Philip R. Zimmermann
   Terron Williams
   Philip R. Zimmermann is the creator of Pretty Good Privacy, an email encryption software package. Originally designed as a human rights tool, PGP was freely distributed on the Internet in 1991. Zfone, his latest cryptography project provides secure telephony for the Internet.
   
10. Self Exposure by Jared DeMott
    hakin9 team
    Jared DeMott is a vulnerability researcher, with a passion for hunting down and exploiting bugs in software. He runs a small company, VDA Labs, that helps clients search for bugs. VDA also resells exploits. Mr. DeMott will be speaking at Black Hat and DEFCON this year on cutting edge research with evolutionary fuzzing. This research comes from Jared's pursuit for a PhD at Michigan State University.
    
11. Books Review
    Matthew Sabin,
    Computer Forensics: Evidence Collection and Management Wicked Cool Shell Scripts 101 Scripts for Linux, MAC OS X, And Unix systems
    

CD / DVD