My GCIH Practical

Posted by on December 29, 2004

For the past six months I’ve been working on this GCIH Practical. GCIH = GIAC Certified Incident Handler, this is basically how to deal with a computer hack in such a way that a Court of Law recognizes your findings as evidence in a prosecution.

I had sent it to some people for their review and received some comments back today. Will take alook at them tomorrow, make changes where necessary and then it’s on to the graders!

My topic is a vulnerability in the ICMP protocol. When you run PING in Linux or Windows there is data that is sent to the destination. That data is different on Linux and Windows machines and other tools that ping things, such as nmap and hping, can provide data of the users choosing. What if you used ICMP as an instant messenger? File transfer agent? Storage medium? 😉 The idea has been around for a while but no one has done much with it…at least not publically…

It’s now posted under the “hacker” logo. It’s about 90 pages of technical sweetness.

Last modified on December 30, 2004

Categories: InfoSec
Comments Off on My GCIH Practical

« | Home | »

Comments are closed.

%d bloggers like this: