Archive | Security

05 January 2010 ~ 0 Comments

Classification of Information System Hacking Tools

Classification of Information System Hacking Tools

In a process of hacking information system the attacker will be using one or more hacking tools to accomplish his objective. The hacking tools can be divided into two main categories: procedural classification and functional classification. Procedural classification describes which tools are use during seven steps of hacking attacker is going through. Functional classification is describing the main four categories based on the tools functionalities.

Continue Reading

12 December 2009 ~ 1 Comment

Hacking Information Systems: Tools of the trade

Hacking Information Systems: Tools of the trade

For every step of the hacking process one or more tools could be required for the attacker to complete his objective. Although there are thousand of hacking tools variations all of them can be categorized to 14 basic categories.

Although, when talking about “tools” many will think about software solutions. But in a broader sense, hackers toolkit is much more than just software and it can be anything from piece of paper and a pen to human activities for collection of sensitive information and the penetration into the target system.

Continue Reading

05 December 2009 ~ 2 Comments

Hacking Information Systems: The Seven Steps

Hacking Information Systems: The Seven Steps

Hacking an information system which can be a computer network, server or a web site collection can be, and it is, very complex procedure and different procedure for every information system. But in it’s essence follows the basic seven steps of hacking into some kind of information system. From basic scouting to full takeover these seven steps […]

Continue Reading

12 September 2009 ~ 0 Comments

Security Audit and Mechanism of Protecting e-Learning System at the Faculty of Traffic and Transport Sciences

LMS (Learning Management System) of the Faculty of Transport and Traffic Sciences, called e-Student, was experimentally introduced at the end of 2004 for one subject at the Faculty and was used to carry out a part of the teaching and practical work for about a hundred students. Today the system is used by more than 4800 students. In the period from 2004 to the beginning of March 2007, the system was used more than 145, 000 times. With the fact that e-Student system is a publicly accessible web application has given rise to questions regarding the security of the users interface and the database safety. Although, from the very beginning the system was planned and designed so as to provide security against then known methods of attacks, there are almost daily new failures in the operating systems and database management systems and the methods of attacks and usage of the web application drawbacks. Consequently, the system has to be regularly tested and adequately protected.

Continue Reading