Fat-Loud-Bloke

CyberAttack

CyberCrime

CyberWarfare -

CyberComplacency

NEW BOOK

Cyber Attack,Cyber Crime, Cyber Warfare

- Cyber Complacency

Is Hollywood's blueprint for Chaos coming true?

ISBN-13: 978-1493581283

ISBN-10: 1493581287

ITS FOR CHARITY
Will hackers or hacktivists shut down the banks, the gas and the electricity supply? Can terrorist invade CyberSpace? Using malware and BotNets will they put an "out to lunch" sign on UK PLC? What are the techniques used to detect this type of attack and do those in power have a clue about the exposure.
Mark Osborne, also known as loud-fat-bloke, will answer all these questions and more. After a lifetime of running the cyber security functions at the largest Security Consulting, ISPs and Technology providers, he designed Europes largest cyber-monitoring system and has managed his way out of more than his fair share of Cyberattacks.

The Book covers:

The Economics of cyberspace and cyber-security
Who's monitoring cyberspace and Why
The monitoring techniques used and why they fail to protect the general population from Cyber-attack.
How to detect, mitigate and measure the cost of a DDOS attack.
The mechanics of a BotNet and the CandC servers.
How to exploit vulnerabilities in the PHYSICAL, HUMAN, BGP, DNS, SOFTWARE, IPV6 and SCADA layers of Internet/cyberspace.
Finally, it describes a "Fire-sale" where all these techniques are used to turn of the gas, electric and all the lights just like in the movies.

HPING
hping is a command-line oriented TCP/IP packet assembler/analyzer. The interface is inspired by the ping unix command, but hping isn't restricted to ICMP echo requests. It supports TCP, UDP, ICMP and RAW-IP protocols, has a traceroute mode, and many other features.
In the book we use it to demonstrate SYN attacks - It is commonly available on many system but we provide a version here in case it is not on yours.

bgpcrack
BGPCRACK
BGPCRACK is a linux application written in C. It reads in a session recorded by tcpdump or ethereal. It then attempts to crack the MD5SIG.
The bgp configs for Lab1 can be used to test it and record a session.

dns_spquery
Name: dns_spquery.c
Description:
dns_spquery.c is written in C and sends a DNS recursive name query to a name server of your choice with a spoofed source IP address selected at runtime. For educational purposes, as a reference in lectures I am giving and this book, I needed a tool to demonstrate a DNS reflection/amplification attack. There are a few good tools out there, but most require special libraries or perl/python modules that restrict their portability. dns_spquery.c is written entirely in C and requires no special libs or header files. It has been designed to run on most LINUXs

bgpspoof
bgpspoof Source of the bgpspoof suite of programs

bgpspoof
tcphijack

The first of these is bgpspoof which takes parameters to generate a BGP packet and outputs a record in a file with the format of a BGP PDU

The second program is tcphijack. This is a non blind spoof TCP spoof program that can send the payload generated above

BGPLAB1
BGPLAB1 - This contains BGP/zebra configs for the first part of the BGP section of chapter 11

BGPLAB2
BGPLAB2 - This contain BGP/zebra configs for the second part of the BGP section of chapter 11

Fastflux.sh
fastflux.sh

Example bind files
Example bind files

bind safe conf
safe conf

Badword20.exe
This contains the wordpad modified executable show in chapter 11

[Back 2 LFB]

		The Book covers: The Economics of cyberspace and cyber-security Who's monitoring cyberspace and Why The monitoring techniques used and why they fail to protect the general population from Cyber-attack. How to detect, mitigate and measure the cost of a DDOS attack. The mechanics of a BotNet and the CandC servers. How to exploit vulnerabilities in the PHYSICAL, HUMAN, BGP, DNS, SOFTWARE, IPV6 and SCADA layers of Internet/cyberspace. Finally, it describes a "Fire-sale" where all these techniques are used to turn of the gas, electric and all the lights just like in the movies.
	HPING	hping is a command-line oriented TCP/IP packet assembler/analyzer. The interface is inspired by the ping unix command, but hping isn't restricted to ICMP echo requests. It supports TCP, UDP, ICMP and RAW-IP protocols, has a traceroute mode, and many other features. In the book we use it to demonstrate SYN attacks - It is commonly available on many system but we provide a version here in case it is not on yours.
	bgpcrack	BGPCRACK BGPCRACK is a linux application written in C. It reads in a session recorded by tcpdump or ethereal. It then attempts to crack the MD5SIG. The bgp configs for Lab1 can be used to test it and record a session.
	dns_spquery	Name: dns_spquery.c Description: dns_spquery.c is written in C and sends a DNS recursive name query to a name server of your choice with a spoofed source IP address selected at runtime. For educational purposes, as a reference in lectures I am giving and this book, I needed a tool to demonstrate a DNS reflection/amplification attack. There are a few good tools out there, but most require special libraries or perl/python modules that restrict their portability. dns_spquery.c is written entirely in C and requires no special libs or header files. It has been designed to run on most LINUXs
	bgpspoof	bgpspoof Source of the bgpspoof suite of programs bgpspoof tcphijack The first of these is bgpspoof which takes parameters to generate a BGP packet and outputs a record in a file with the format of a BGP PDU The second program is tcphijack. This is a non blind spoof TCP spoof program that can send the payload generated above
	BGPLAB1	BGPLAB1 - This contains BGP/zebra configs for the first part of the BGP section of chapter 11
	BGPLAB2	BGPLAB2 - This contain BGP/zebra configs for the second part of the BGP section of chapter 11
	Fastflux.sh	fastflux.sh
	Example bind files	Example bind files
	bind safe conf	safe conf
	Badword20.exe	This contains the wordpad modified executable show in chapter 11
	[Back 2 LFB]