Comments for exploring software and hardware security http://securityblog.astida.com articles about secure systems, secure protocols, tamperproofing, obfuscation, authentication, attack vectors... Thu, 12 Nov 2009 16:07:15 -0600 http://wordpress.org/?v=2.8.4 hourly 1 Comment on How the crackers crack code? by Spyware Blockers http://securityblog.astida.com/2009/10/11/how-the-crackers-crack-code/#comment-27 Spyware Blockers Thu, 12 Nov 2009 16:07:15 +0000 http://securityblog.astida.com/?p=119#comment-27 I have been reading your posts lately, just want to say thanks for all informative stuff i have found here, helped me learn alot lately. Much Regards, Mark I have been reading your posts lately, just want to say thanks for all informative stuff i have found here, helped me learn alot lately.

Much Regards, Mark

]]> Comment on How to design secure systems? Key Concepts in Information Security by Amaris http://securityblog.astida.com/2009/10/28/key-concepts-in-information-security/#comment-24 Amaris Mon, 09 Nov 2009 18:52:07 +0000 http://securityblog.astida.com/?p=258#comment-24 Great blog. Can't wait to start my own blog. Great blog. Can’t wait to start my own blog.

]]> Comment on How to design secure systems? Security Analysis by business security systems http://securityblog.astida.com/2009/10/19/how-to-design-security-systems-security-analysis/#comment-14 business security systems Wed, 04 Nov 2009 08:22:25 +0000 http://securityblog.astida.com/?p=152#comment-14 <strong>business security systems...</strong> I like this!... business security systems…

I like this!…

]]> Comment on Conventional website authentication model, its weaknesses and alternatives by davitb http://securityblog.astida.com/2009/09/27/conventional-website-authentication-model-and-its-weaknesses/#comment-12 davitb Mon, 02 Nov 2009 19:29:28 +0000 http://securebox.wordpress.com/?p=77#comment-12 Lemnainomek, what you mean by saying other variant? Lemnainomek, what you mean by saying other variant?

]]> Comment on Conventional website authentication model, its weaknesses and alternatives by Lemnainomek http://securityblog.astida.com/2009/09/27/conventional-website-authentication-model-and-its-weaknesses/#comment-11 Lemnainomek Mon, 02 Nov 2009 00:51:55 +0000 http://securebox.wordpress.com/?p=77#comment-11 Other variant is possible also Other variant is possible also

]]> Comment on Conventional website authentication model, its weaknesses and alternatives by JimmyBean http://securityblog.astida.com/2009/09/27/conventional-website-authentication-model-and-its-weaknesses/#comment-5 JimmyBean Thu, 01 Oct 2009 12:44:28 +0000 http://securebox.wordpress.com/?p=77#comment-5 I don't know If I said it already but ...Hey good stuff...keep up the good work! :) I read a lot of blogs on a daily basis and for the most part, people lack substance but, I just wanted to make a quick comment to say I'm glad I found your blog. Thanks,) A definite great read..Jim Bean I don’t know If I said it already but …Hey good stuff…keep up the good work! :) I read a lot of blogs on a daily basis and for the most part, people lack substance but, I just wanted to make a quick comment to say I’m glad I found your blog. Thanks,)

A definite great read..Jim Bean

]]> Comment on About by Narek http://securityblog.astida.com/about/#comment-2 Narek Mon, 28 Sep 2009 14:08:57 +0000 http://securebox.wordpress.com/about/#comment-2 Bonne continuation ! Bonne continuation !

]]> Comment on Conventional website authentication model, its weaknesses and alternatives by davitb http://securityblog.astida.com/2009/09/27/conventional-website-authentication-model-and-its-weaknesses/#comment-4 davitb Sun, 27 Sep 2009 20:16:48 +0000 http://securebox.wordpress.com/?p=77#comment-4 Hi Ruben, good question. Actually the attack vector you described has a similar concept as phishing but falls into another category - called pharming. You can find lot of interesting information about pharming and anti-pharming in the following resources: <a href="http://en.wikipedia.org/wiki/Pharming" title="" rel="nofollow">Wikipedia: Pharming <a href="http://en.wikipedia.org/wiki/Anti-pharming" title="" rel="nofollow">Wikipedia: Anti-Pharming Hi Ruben, good question.
Actually the attack vector you described has a similar concept as phishing but falls into another category – called pharming.
You can find lot of interesting information about pharming and anti-pharming in the following resources:
Wikipedia: Pharming
Wikipedia: Anti-Pharming

]]> Comment on Conventional website authentication model, its weaknesses and alternatives by Ruben http://securityblog.astida.com/2009/09/27/conventional-website-authentication-model-and-its-weaknesses/#comment-3 Ruben Sun, 27 Sep 2009 18:34:24 +0000 http://securebox.wordpress.com/?p=77#comment-3 Hi, I was interested in phishing. Can it be the case that somebody in your stays in your private network and tweaks the local gateway/dns server so when you browser requests to open the http://www.paypal.com instead of navigating to the real ip of paypal service it navigates to some phony IP, which has a web site with very similar interface as the real one(just like in your example). Do you know any ways to identify such kid of attacks? Hi, I was interested in phishing. Can it be the case that somebody in your stays in your private network and tweaks the local gateway/dns server so when you browser requests to open the http://www.paypal.com instead of navigating to the real ip of paypal service it navigates to some phony IP, which has a web site with very similar interface as the real one(just like in your example).
Do you know any ways to identify such kid of attacks?

]]>