4 03/2011

03/2011 (03)
4
team
Editor in Chief: Grzegorz Tabaka
grzegorz.tabaka@hakin9.org
Managing Editor: Natalia Boniewicz
natalia.boniewicz@hakin9.org
Editorial Advisory Board: Rebecca Wynn, Matt Jonkman,
Donald Iverson, Michael Munt, Gary S. Milefsky, Julian Evans,
Aby Rao
DTP: Ireneusz Pogroszewski
Art Director: Ireneusz Pogroszewski
ireneusz.pogroszewski@hakin9.org
Proofreaders: Michael Munt, Rebecca Wynn, Elliott Bujan, Bob
Folden, Steve Hodge, Jonathan Edwards, Steven Atcheson
Top Betatesters: Nick Baronian, Rebecca Wynn, Rodrigo Rubira
Branco, Chris Brereton, Gerardo Iglesias Galvan, Jeff rey Smith, Aby
Rao, Jason Duke, Carlos Alaya, Joseph Werns, Shane Hartman,
Jose L. Herrera
Special Thanks to the Beta testers and Proofreaders who helped
us with this issue. Without their assistance there would not be a
Hakin9 Expoiting Software magazine.
Senior Consultant/Publisher: Pawe Marciniak
CEO: Ewa Dudzic
ewa.dudzic@hakin9.org
Production Director: Andrzej Kuca
andrzej.kuca@hakin9.org
Publisher: Software Press Sp. z o.o. SK
02-682 Warszawa, ul. Bokserska 1
Phone: 1 917 338 3631
www.hakin9.org/en
Whilst every effort has been made to ensure the high quality of
the magazine, the editors make no warranty, express or implied,
concerning the results of content usage.
All trade marks presented in the magazine were used only for
informative purposes.
All rights to trade marks presented in the magazine are
reserved by the companies which own them.
To create graphs and diagrams we used program
by

Mathematical formulas created by Design Science MathType
DISCLAIMER!
The techniques described in our articles may only
be used in private, local networks. The editors
hold no responsibility for misuse of the presented
techniques or consequent data loss.
Dear Readers,
A password is a secret word or string of characters that is used
for authentication, to prove identity or gain access to a resource.
It should be kept in secret from those not allowed access. In spite
of this your computer and files are at risk even if you have a user
account password. In this issue you will learn how to protect your
files.
I greatly encourage you to read A Quick Hands On Introduction to
Packing of Alain Schneider. In the fascinating article Direct Object
Reference, or How a Toddler Can Hack Your Web ApplicationIn Nick
Nikiforakis will investigate one type of Web application vulnerability,
namely Direct Object Reference, which occurs when an identifier,
used in the internal implementation of a Web application, is exposed
to users. From the article Malware Analysis for Windows Sostems
Administrators Using Sysinternal Tools you will learn about the two
types of malware analysis, static and dynamic as well as the tools
and processes to perform the analysis. If you want to know how
to deploy software and its payload into target computers running
supported operating systems and understand policies and settings
that already exist to block end users on a corporate, government or
educational network from being able to use this software, read the
article Password, what password? Of Christian Mergiliano. And do
not miss the article The Logic Behind Application. Logic Defects of
Rafal Los, especially if you are curious how the hackers have been
exploiting weaknesses in web applications at an alarmingly high
rate. You will see how a hacker maps out the application flow and
determine vulnerabilities before... he comes to exploit application
logic. You will also understand how logic defects in an application
can cause serious business challenges. And finally, to know why
traditional security projects show a high degree of falling back read
the interview with Jan van Bon.
We wish you nice reading!
Natalia Boniewicz
& Hakin9 Team
6 03/2011
CONTENTS
ATTACK PATTERN
8 Malware Analisys for Windows Systems
Administrators Using Sysinternal Tools
By Dennis Distler
Today administrators deal with malware infections
almost daily. Often malware is customized for specific
organizations, departments in an organization, and even
individuals in the organization.
This type of malware typically is not identified by anti-
virus products, and it is up to the administrator to identify
the malware. Locating malware purposely designed not
to be detected is difficult, but detection is not impossible.
To identify malware, systems administrators must be
able to perform malware analysis. To detect malware
administrators should understand the types of analysis,
the process and tools used to accomplish malware
analysis. In this article learn about the two types of
analysis, static and dynamic as well as the tools and
processes to perform the analysis.
14 Direct Object Reference or, How a
Toddler Can Hack Your Web Application
By Nick Nikiforakis
There is no point in denying that everyday software
is steadily moving from desktop applications to Web
applications. When you can check your mail, play games,
create documents and file your tax report without ever
leaving your browser, then you are indeed a citizen of the
Web. In this era, many miscreants have changed their
game. Its easier for them to impersonate you or steal
your private data from a vulnerable Web application than
to take control of the Extended Instruction Pointer (EIP)
register of your CPU.
In this article we will investigate one type of Web
application vulnerability, namely Direct Object Reference.
A Direct Object Reference occurs when an identifier,
used in the internal implementation of a Web application,
is exposed to users. When this is done insecurely, it can
lead to a lot of trouble...
20 The Logic Behind Application. Logic
Defects.
By Rafal Los
Its no secret that web applications are at the center of the
ongoing conflict between malicious hackers, and those
defending the applications. As more and more critical
business functions migrate to an Internet presence, web
applications play an extremely vital role in business.
Hackers know this well, and have been exploiting
weaknesses in web applications at an alarmingly high
rate. You will see how a hacker maps out the application
flow and determine vulnerabilities before... he comes
to exploit application logic. You will also understand
how logic defects in an application can cause serious
business challenges.
DEFENSE PATTERN
22 Password, What Password?
By Christian Mergiliano
If you have a computer with a non-encrypted hard drive
and have not disabled other media devices from booting
before your hard drive or have not password protected
your BIOS listen up! Your computer and files are at risk
even if you have a user account password.
Christian explains how to deploy this software and
its payload into target computers running supported
operating systems. You will understand policies and
settings that already exist to block end users on a
corporate, government or educational network from
being able to use this software. And you will see what
you, a home user, can do to keep your computer safe
from this attack.
www.hakin9.org/en 7
CONTENTS
REVERSE ENGINEERING
28 A Quick Hands On Introduction to Packing
By Alain Schneider
On Windows systems, programs are usually available in the PE file format
with the EXE extension. Although this file format is quite complex, it is now
well documented, so understanding how it is globally supposed to work is
pretty easy and you can find a lot of programs designed to open/analyze/
modify PE executables.
Those which are designed to modify PE files are often called packers. In
this article we will learn how to write one of them.
INTERVIEW
36 Interview with Jan van Bon
By Exploiting Software Team
Traditional security projects show a high degree of falling back specifically
because they are not embedded in a well-functioning management system
says Jan van Bon. Creating a solid and practical architecture under your
IT management approach can greatly reduce the cost of improving quality,
and it can speed up your projects. An integrated approach requires a
simple and straightforward method that is easy to understand, supported
by available tools in the market, and accepted by many providers. This
kind of approach requires thorough knowledge and sincere dedication.
As with many other initiatives in the field of IT Service Management,
the Netherlands have again produced a fascinating new approach, with
promising results for IT Security projects. Jan will share his thoughts on
risk managment and IT Security development.
8
ATTACK PATTERN
03/2011 www.hakin9.org/en 9
Malware Analysis for Widows Systems Administrators Using Sysinternal Tools
T
his type of malware typically is not identified by
anti-virus products, and its up to the administrator
to identify the malware. Locating malware
purposely designed not to be detected is difficult,
but detection is not impossible. To identify malware,
systems administrators must be able to perform malware
analysis.
Introduction to Behavioral Malware Analysis
for System Administrators
To detect malware administrators should understand
the types of analysis, the process and tools used to
accomplish malware analysis. In this article learn about
the two types of analysis, static and dynamic as well as
the tools and processes to perform the analysis.
Malware analysis is typically performed in a
controlled and isolated lab. In the malware lab,
analysts perform both code and behavioral analysis.
The type of analysis performed first is completely up
to the analyst, and is typically based on the analyst
personal preference.
Code analysis typically starts with looking for
embedded strings in the malware. Next, the malware
is examined with a disassembler, which provides the
analyst with the malwares assembly instructions. The
final stage of code analysis is using a debugger to
analyze the malware as its running.
The behavioral analysis process begins by taking
baselines of a system. This baseline can include
services/processs running on the system, registry
settings (for Microsoft operating systems), users and
groups, file hashes, and network information. After
generating the baseline, the malware is executed on
the system. Once the malware has executed for a while,
the same information is collected again, then compared
to the baseline. After analyzing the differences, its
not uncommon to make changes to the lab to get the
malware to reveal more details about how the malware
functions. These changes can include providing files,
web servers, IRC servers, etc.
However, for administrators responding to a
production system infected with malware often dont
have the luxury of having baselines to compare against.
Even if the organization has baselines, typically the
baseline is not current, especially with workstations.
Working without current baselines makes it difficult
for the administrator to determine what the malware
installed or what some other software installed. To
assist administrators can use tools such as GMER
(http://www.gmer.net) to assist in help identify malware.
GMER is written to detect rootkits, but can be used
to locate artifacts of malware, but will not locate all
malware. Unfortunately, malware authors use the same
tools as malware analysts to improve the chance their
malware goes undetected. When automated tools fail
to detect, its up to the system administrator to detect
the malware.
When analyzing a system infected with malware,
its best not to trust the operating system. Its not
uncommon to have operating systems commands and
tools modified by malware to help evade detection.
Its best for administrators to bring their own tools
that cant be modified by malware. The tools used for
analysis can be used to replace most system tools for
live analysis. A word of caution of when performing
behavioral malware analysis, if system is going to have
any forensics performed on the system, the forensics
image acquisition should be performed first.
When forced to manually perform behavioral
analysis there are several helpful tools used to
identify the malware. All tools used in this article
are free of charge and can be downloaded from
Today administrators deal with malware infections almost daily.
Often malware is customized for specific organizations, departments
in an organization, and even individuals in the organization.
Malware Analysis
for Widows Systems Administrators Using Sysinternal
Tools
WHAT IS A GOOD FUZZING TOOL?
Fuzz testing is the most efficient method for discovering both known and unknown vulnerabilities in software. It is
based on sending anomalous (invalid or unexpected) data to the test target - the same method that is used by hack-
ers and security researchers when they look for weaknesses to exploit. There are no false positives, if the anomalous
data causes abnormal reaction such as a crash in the target software, then you have found a critical security flaw.
In this article, we will highlight the most important requirements in a fuzzing tool and also look at the most common
mistakes people make with fuzzing.







Documented test cases: When a bug is found, it needs to be
documented for your internal developers or for vulnerability
management towards third party developers. When there are
billions of test cases, automated documentation is the only possi-
ble solution.
Remediation: All found issues must be reproduced in order to fix
them. Network recording (PCAP) and automated reproduction
packages help you in delivering the exact test setup to the develop-
ers so that they can start developing a fix to the found issues.
MOST COMMON MISTAKES IN
FUZZING
Not maintaining proprietary test scripts: Proprietary tests
scripts are not rewritten even though the communication interfaces
change or the fuzzing platform becomes outdated and unsupported.
Ticking off the fuzzing check-box: If the requirement for testers
is to do fuzzing, they almost always choose the quick and dirty
solution. This is almost always random fuzzing. Test requirements
should focus on coverage metrics to ensure that testing aims to
find most flaws in software.
Using hardware test beds: Appliance based fuzzing tools
become outdated really fast, and the speed requirements for the
hardware increases each year. Software-based fuzzers are scalable
in performance, and can easily travel with you where testing is
needed, and are not locked to a physical test lab.
Unprepared for cloud: A fixed location for fuzz-testing makes it
hard for people to collaborate and scale the tests. Be prepared for
virtual setups, where you can easily copy the setup to your
colleagues, or upload it to cloud setups.
PROPERTIES OF A GOOD
FUZZING TOOL
There are abundance of fuzzing tools available. How to distin-
guish a good fuzzer, what are the qualities that a fuzzing tool
should have?
Model-based test suites: Random fuzzing will certainly give you
some results, but to really target the areas that are most at risk, the
test cases need to be based on actual protocol models. This results
in huge improvement in test coverage and reduction in test execu-
tion time.
Easy to use: Most fuzzers are built for security experts, but in QA
you cannot expect that all testers understand what buffer
overflows are. Fuzzing tool must come with all the security know-
how built-in, so that testers only need the domain expertise from
the target system to execute tests.
Automated: Creating fuzz test cases manually is a time-consuming
and difficult task. A good fuzzer will create test cases automatically.
Automation is also critical when integrating fuzzing into regression
testing and bug reporting frameworks.
Test coverage: Better test coverage means more discovered
vulnerabilities. Fuzzer coverage must be measurable in two
aspects: specification coverage and anomaly coverage.
Scalable: Time is almost always an issue when it comes to testing.
User must also have control on the fuzzing parameters such as test
coverage. In QA you rarely have much time for testing, and therefore
need to run tests fast. Sometimes you can use more time in testing,
and can select other test completion criteria.


14
ATTACK PATTERN
03/2011 www.hakin9.org/en 15
Direct Object Reference or, How a Toddler Can Hack Your Web Application
I
n this era, many miscreants have changed their
game. Its easier for them to impersonate you or steal
your private data from a vulnerable Web application
than to take control of the Extended Instruction Pointer
(EIP) register of your CPU. The reason is simple. As
a software industry, we have more experience writing
native applications in C and C++ than writing Web
applications in PHP and JavaScript. People still write
bugs in their code, but they are definitely harder to find
and exploit than it was 10 years ago.
In this article we will investigate one type of Web
application vulnerability, namely Direct Object
Reference. A Direct Object Reference occurs when
an identifier, used in the internal implementation of
a Web application, is exposed to users. When this is
done insecurely, it can lead to a lot of trouble. This
vulnerability is probably one of the easiest to exploit but
is so deadly and prevalent that it claims the 4th position
in OWASPs Top 10 Web Application security risks [2].
Many institutions have fallen victim to it, with the most
recent example of an Australian financial company
which was vulnerable in a way that made it possible
for anyone to access other peoples private financial
information [1].
Vulnerable Web Application
In order to make explaining easier, we will use as an
example a dummy Web application that allows logged-
in users to send personal messages to each other. All
the messages exchanged between members are stored
in a specific table in an SQL database as follows: see
Table 1.
The message_id column contains auto-incremented
values, unique for every message. The columns to
and from contain the user identifiers of the sender
and recipient of any given message. The title column
contains the title of each message and lastly the
message column contains the actual message
exchanged between two users. Now lets look at some
of the PHP functions used by the Web application to
display a users Inbox and allow him to read incoming
messages (Listing 1).
Viewing the INBOX
The function get_message_titles() is responsible for
providing logged-in users an overview of their Inboxes.
The first thing that the function does is to check whether
the user is logged-in. It does this by checking whether
the superglobal $_SESSION array contains a key titled
user_id. This key is set by the Web application when
the user successfully logs in, and is typically a unique
identifier in the Users table of the application much like
the unique identifier of each message in the Messages
table. We will not need that function in our discussion
thus for the sake of brevity, it is not shown in Listing 1.
If that key is not set, then the code redirects the user to
the login page of the Web application and returns.
If the user is indeed logged-in then the users
user_id is extracted from his session. Note that the
There is no point in denying that everyday software is steadily moving
from desktop applications to Web applications. When you can check your
mail, play games, create documents and file your tax report without ever
leaving your browser, then you are indeed a citizen of the Web.
Direct Object
Reference or,
How a Toddler Can Hack Your Web Application
Figure 1. Table messages containing personal messages that
users exchanged with each other
Message_id From To Title Message
... ... ... ... ...
776 23 11 Hey! Hey man!<br>
What news?</br>
777 11 25 Foo... U there?
778 25 42 No Title Kthnxbye!
779 23 11 Welcome Welcome to our
site!...
... ... ... ...
20
ATTACK PATTERN
02/2011 www.hakin9.org/en 21
The Logic Behind Application Logic Defects
A
s more and more critical business functions
migrate to an Internet presence, web applications
play an extremely vital role in business. Hackers
know this well, and have been exploiting weaknesses in
web applications at an alarmingly high rate.
While age-old issues like SQL Injection and
authentication weaknesses continue to plague developers
there is another class of security defects that has been
flying under the radar. Web application logic defects are
not new in fact, the topic has been covered at great
length by various academic and research organizations;
rather, this class of issues has not received enough
attention due to the prevalence of much simpler attack
vectors. While hackers may not be exploiting this class of
defects in high volume, they are nevertheless extremely
effective and stealthy.
Mapping and Hacking
To attack application logic, a hacker must first understand
the function of the application itself. Although a small
detail, it makes this type of hacking different. While it is an
advantage to know the application when looking for SQL
Injection and like defects, application flow knowledge is
absolutely critical when discovering and exploiting logic
defects. Application flow presents a complex and often
difficult attack surface, but to a hacker looking to remain
undetected, it is the perfect choice.
A hacker who wants to exploit application logic must first
take the time to map out the application flow and determine
vulnerabilities. An experienced hacker would use a visual
graphing tool to draw the application page-flow and workflow
to fully understand the application. As the application is
being mapped, the hacker keeps track of page-state, page
parameters and available actions. Finding logic defects in
applications is painstaking, requiring a hacker to look for
subtle hints inside these tracked components.
For example, hidden variables that only exist on certain
pages within an application, such as the login page or
during privilege elevation, may point to an exploitable
issue in the authentication or authorization service.
Finding such parameters can be tricky, but once they
are identified they can be studied for patterns, or simply
fed to a targeted fuzzer to discover lapses in logic.
There are a number of application logic defects
that are obvious to someone looking for them. For
example, an application that implements a login
lockout mechanism to prevent hackers from guessing
passwords, but stores that information in a cookie, is
easy to manipulate. The hacker simply deletes the
cookie (or never accepts it) and can keep grinding
away at the password mechanism. This is yet another
reason to perform all critical functions away from the
client in other words, at the back-end server where
the logic and environment is more likely to be under the
control of the developer. Allowing logic to be stored and
executed on the client is like a bank building miniature
cash dispensing machines that customers can take
home with them. It sounds great in theory because it
allows customers to not have to visit a banking center
but since the bank no longer has direct control over
the physical component given to the customer to take
home this will ultimately lead to fraud.
Online gaming systems are a particular target for
logic tampering and hacking. An application, such as
an online poker room, which allows re-submission of
an action, in the form of a bet or hand, is vulnerable to
being manipulated. For example, if a player feels he has
a winning hand and places a large bet, then discovers
a sign that their opponent also feels they have a good
hand, they would be able to re-submit a previous
request (typically in the form of an AJAX request) and
make a lower bet. An application that does not have
Its no secret that web applications are at the center of the ongoing
conflict between malicious hackers, and those defending the
applications.
The Logic Behind
Application
Logic Defects
22
DEFENSE PATTERN
03/2011 www.hakin9.org/en 23
Password, What Password?
I
n this article we will be covering high level
functionality of Kryptos Logics Kon Boot v1.1
software. I will explain how to deploy this software
and its payload into target computers running supported
operating systems; policies and settings that already
exist to block end users on a corporate, government
or educational network from being able to use this
software; and what you, a home user, can do to keep
your computer safe from this attack.
Lets start off by imagining that you just returned
home from a summer vacation in Maui you unpack
your belongings, check your social media sites, and
prepare for the following months work. A couple of
days later you start to notice that your social media
sites have pictures on them that you did not post
as well as other strange anomalies. After you check
your other online accounts, you realize that there is
suspicious activity on all of your web portals including
the loss of $10,000 from your checking account. You
wonder how anything like this could possibly happen.
You have an epiphany that during your flight home you
turned off your laptop and visited the lavatory, leaving
your computer out on your tray table. You returned
and found your computer just as you left it. You were
not suspicious and resumed using your computer for
the duration of your flight. What you did not know
until now is that your fellow passenger had Kon Boot,
broke into your computer, and stole the files off your
desktop. You start to panic because you remember
that you had an extensive password list file of every
password you have as well as your work passwords
in that file. Worst of all the attacker has begun locking
you out of your own website accounts by changing
the passwords and the security questions, because
for convenience you put the questions and answers
in the same file as well. Now you are in an extreme
panic. You have a myriad of questions the most
daunting how did he gain access to my computer
and password file? You turned off your laptop and
your user account was password protected, so you
believed you were safe. Now you have an enormous
mess of work trying to salvage your online accounts
and personal websites before the attacker finishes
locking you out.
Just for the sake of argument, and to avoid an
onslaught of email, the attack I just mentioned could
also be achieved many other ways including taking
a non-encrypted hard drive out of the computer
hooking it up to your own device using an external
encasement kit, but that takes some time. Imagine
what the passenger might say if they return from the
lavatory and you have their computer half apart, trying
to remove the hard drive and use it as an external
drive on your own computer. The beauty of Kon Boot
is that it is not obvious that you have used it on a
target PC. Kon Boot neither overwrites the SAM nor
makes any modification to the host operating system.
Kon Boot achieves its goal by hooking the kernel
during boot and allows the user to bypass the need
for a password. The added beauty of Kon Boot is the
next time you boot the computer without the Kon Boot
Media the users original password will still be on
the system. Unlike other reset tools that completely
remove the password, Kon Boot makes your average
user unaware that you have just broken into their
computer. I have used many other tools that will allow
you to log into another users account or computer but
they, for the most part, modify the operating system or
leave some other kind of obvious trace. If you would
like more information about other reset tools just use a
search engine and search bypass/ reset windows user
passwords.
If you have a computer with a non-encrypted hard drive and have not
disabled other media devices from booting before your hard drive or
have not password protected your BIOS listen up! Your computer and
files are at risk even if you have a user account password.
Password, What
Password?
28
REVERSE ENGINEERING
03/2011 www.hakin9.org/en 29
A quick hands on introduction to packing
T
hose which are designed to modify PE files (for
various purposes) are often called packers. Well
learn how to write one of those in this article.
Well start by taking a glance at PE file formats basis;
then well design the principle of a small packer able to
modify our pentest tools in such a way that they are less
detected by AVs; and finally well implement it in Python
using both the good old pefile module and the brand
new miasm reverse-engineering framework.
The tools
pele
The pefile module is a multi-platform Python module
used to read and work with Portable Executable
(aka PE) files. It can be downloaded here: http://
code.google.com/p/pefile/. Well use this specialized
module throughout the article; it is very efficient when
dealing with PE files. The drawback of being specialized
is that some steps of writing our packer cant be done
with pefile alone.
miasm
miasm is a free and open source (GPLv2) reverse
engineering framework for python that can be
downloaded here: http://code.google.com/p/smiasm/.
Being a reverse-engineering framework, it is much more
versatile than pefile, but it is also much younger and still a
bit unstable. Despite its youth well see that it is sufficient
to build a complete tiny packer.
PE format
Overview
In their simplest form PE files can be represented as a
collection of sections and a bunch of metadata. Sections
are blobs that are mapped in memory when the program
starts. These blobs can contain anything useful to the
program: such as the program code itself, constant
values, icons, etc. The metadata (mostly located in
the PE file headers) contains a lot of information; at
the very least the metadata defines where the sections
are located in the file, what their name is, where they
are supposed to be mapped to in memory, and where
the starting point of the program is in memory, once the
sections are mapped.
On Windows systems, programs are usually available in the PE file
format with the .EXE extension. Although this file format is quite
complex, it is now well documented, so understanding how it is
globally supposed to work is pretty easy and you can find a lot of
programs designed to open/analyze/modify PE executables.
A Quick Hands On
Introduction to Packing
Figure 1. Overview of a PE les structure
Listing 1. peles basis
>>> import pefle #loading the pefle module
>>> pe = pefle.PE("calc.exe") #we open the well-
known calc.exe program
>>> for s in pe.sections:
... print s.Name
...
.text
.data
.rsrc
03/2011 36
INTERVIEW
Exploiting Software: You are the Director at
BHVB Bureau Hoving & Van Bon. For the
people who are not familiar with your group,
could you tell us a little bit about it?
Jan van Bon: The Bureau Hoving & Van Bon (BHVB)
is a small but highly dedicated team that has focused
on developing a methodological approach to IT Service
Management. It is based in the Netherlands, where
many of the initiatives on IT Service Management have
started. After observing two decades of mostly failing
projects in this field, the team assimilated all available
knowledge in a straightforward aproach, incorporating
existing methods for organizational change and
improvement into one deeply structured new method.
This approach enabled them to create a method that
was both simple and effective, and easy to learn.
Exploiting Software: You are also the Director
at Inform-IT , Knowledge Center for Service
Management. What is its mission?
JvB: Inform-IT is the oldest knowledge center on IT
Service Management around. It started in 1996, and
has been responsible for many of the products of
itSMF Netherlands and itSMF International.
Inform-ITs mission is to develop and distribute
knowledge carriers in the field of IT Service Management.
It produced large numbers of conferences and books,
and is responsible for the first knowledge platform
in the field of IT Service Management created in
1996, and now still present: the ITSM PORTAL
(www.itsmportal.com).
Inform-IT doesnt do this on its own no single
person or team can have all the knowledge it takes.
Therefore Inform-IT works with a huge community of
experts, from all over the world, and from all relevant
disciplines.
Enabling these scattered sources to find eachother
and to co-produce the missing piece of knowledge that
Inform-IT is targeting, has been the core of Inform-ITs
work of the last 15 years.
Traditional security projects show a high degree of falling back
specifically because they are not embedded in a well-functioning
management system says Jan van Bon.
Interview with
Jan van Bon
Creating a solid and practical architecture under your IT management
approach can greatly reduce the cost of improving quality, and it can
speed up your projects. An integrated approach requires a simple
and straightforward method that is easy to understand, supported
by available tools in the market, and accepted by many providers.
This kind of approach requires thorough knowledge and sincere
dedication. As with many other initiatives in the field of IT Service
Management, the Netherlands have again produced a fascinating
new approach, with promising results for IT Security projects.
Jan van Bon has been a driving force in the field of IT Service Management for the last 20
years. After a decade of academic research he started his work in IT in the late 1980s, in the
Netherlands. He has been heavily involved in ITIL, ITSMF, and several innovative projects
ever since. He produced more than 80 books, in up to 14 languages, with thousands of
expert authors and reviewers from all over the world, on a broad range of IT Management
topics. He is the founder and Chief Editor of the ITSM Library, the ITSM Portal, and several
other knowledge portals. As a practitioner he is involved in supporting many organization
improvement projects.
Next Issue of
If you would like to contact Hakin9 team, just send an email to
en@hakin9.org. We will reply a.s.a.p.
will be available to
download on
November 22
nd
Shellcode: From a Simple Bug to OS
Control
DPA Exploitation and GOTs with Python
And more...