Posts | Archive

dpkt Tutorial #1: ICMP Echo

In this dpkt tutorial, I will demonstrate how to construct and send a simple ICMP echo packet.

dpkt is a sweet framework for creating and parsing packets.  While dpkt doesn't have much documentation, once you get the hang of using one module, the rest fall into place fairly easily ...


Hardening DNS with IP TTLs

During Paul Vixie's talk at WOOT on some of the operational challenges of deploying source port randomization functonality in BIND, I started thinking of a few simple ways to harden DNS infrastructure against VU#800113 by leveraging the IP TTL value.

DNS Cache Poisoning

In order to increase the ...


HotSec 2008 and USENIX Security 2008

I'm back from San Jose finally and while I won't be breaking down a full review of HotSec and USENIX Security like I did for WOOT, I thought I would point out some of the more interesting presentations I was able to attend.

HotSec 2008

hotsec 2008

Panic Passwords: Authenticating ...


WOOT 2008: The Good, The Bad, and The Ugly

Day one of my trip out to San Jose to attend the WOOT, HotSec, and USENIX Security trifecta is over.  The 2nd Workshop on Offensive Technologies (WOOT) took place today and I'll be breaking it down with "The Good, The Bad, and The Ugly".

woot 2008

I'll be discussing a ...


UofM-Specific Phishing Campaign

While receiving phishing emails in my University inbox is a common occurrence, a recent email caught my eye due to its increased sophistication and University-specific information.

Email Contents

Dear Umich.edu WEBLOGIN Subscriber

To complete your Umich.edu  WEBLOGIN account, you must reply to this email
immediately and enter your ...

Copyright © 2015 - Jon Oberheide <jon at oberheide dot org>.