View Full Version : HITB E-Zine Issue 005 finally made public

j00ru vx tech blog
February 14th, 2011, 16:19

Today, I would like to present the fifth issue of the well-known Hack In The Box e-magazine ("http://magazine.hackinthebox.org/"), originally brought back to life by Zarul Shahrin, in January last year (see the complete release history here ("http://magazine.hackinthebox.org/hitb-magazine.html")). As usual, every Windows Internals maniac can find something for himself: this time, I described some of the most interesting parts of the Windows Subsystem (commonly known as CSRSS) internals, or more precisely, the potential advantages one can take from the undocumented mechanisms found in the subsystem (e.g. obfuscating a local thread creation). Besides this one article, you can also find another five write ups, related to Linux and Network Security, as well as professional development. Most of all, however, I would like to recommend the Interview section, where a well known RE community figure – Rolf Rolles – talks about his current occupation and shares his thoughts about the current state of the reverse engineering world.

Additionally, I happened to be one of the issue’s Technical Advisor, meaning that I was reviewing the incoming submissions and rejecting some http://j00ru.vexillium.org/wp-includes/images/smilies/icon_wink.gif Here, I would like to thank the HITB crew (especially Zarul) for their patience and persistence – keep the fire burning!

Now, to the point:

The current edition is available to be downloaded from here ("http://magazine.hackinthebox.org/issues/HITB-Ezine-Issue-005.pdf") (HITB-Ezine-Issue-005.pdf, 3,99 MB)

Contents Table:

Linux Security

Investigating Kernel Return Codes with the Linux Audit System (4)
by Steve Grubb, Principal Engineer/Security Technologies Lead, Red Hat

Network Security

Secure Shell Attack Measurement and Mitigation (14)
by Christopher P. Lee, Kevin Fairbanks

ARP Spoofing Attacks & Methods for Detection and Prevention (25)
by Supriya Gupta, Dr lalitsen Sharma

Exploiting Web Virtual Hosting – Malware Infections (32)
by Aditya K Sood, Rohit Bansal, Richard J Enbody

Windows Security (Cover Story)

Windows CSRSS Tips & Tricks (38)
by Matthew “j00ru” Jurczyk

Professional Development

CISSP Corner – Tips and Trick on becoming a Certified Information System Security Professional (50)
by Clement Dupuis


Rolf Rolles (52)
by the Editorial Crew

Enjoy the issue!