Tuesday, October 9, 2007

Hacking Boot Camp - Gary Neubauer II - vSpaceLab

Security Incidents on the Rise -
The Internet has made networked computers accessible and vulnerable to anyone in the world. This is a Hacking Boot Camp setup to train security professionals in the art of network defense.

Recent examples of Web Attacks, Worms and Viruses:

•MIME Headers - a vulnerability exists in how Internet Explorer (IE), Outlook, and Outlook Express handles certain MIME headers in web pages and HTML email messages. An attacker could exploit this vulnerability to execute arbitrary code on the victim's system when the victim visits a web page or views an HTML email message. (CERT® Advisory CA-2001-36)

•Nimda - propagates through email as a MIME message, enables the sharing of the c:\drive as C$, creates a "Guest" account on Windows NT/2000 systems, adds the Guest account to the "Administrator" group, causes bandwidth denial-of-service conditions due to scans for additional IIS hosts. (CERT® Advisory CA-2001-26)

•Code Red – self-propagating code that exploits IIS web servers susceptible to the buffer overflow in the Indexing Service DLL. (CERT® Advisory CA-2001-19 and CA-2001-23)
•SirCam – file deletion or space filling payload, propagates via email. (CERT® Advisory CA-2001-22)

•sadmind/IIS Worm - Exploits an RPC service (sadmind) on Solaris systems and installs malicious code to attack IIS web servers. It propagates itself to other vulnerable Solaris systems by adding "+ +" to the .rhosts file in the root user's home directory. (CERT® Advisory CA-2001-11)

Recent examples of Buffer Overflows:


•CDE Subprocess Control Service (dtspcd) - a remotely exploitable buffer overflow vulnerability in a library function used by the CDE Subprocess Control Service, could allow an attacker to crash the service or execute arbitrary code with root privileges. (CERT® Advisory CA-2001-31 and CA-2002-01)

•UPnP - a remotely exploitable buffer overflow vulnerability exists in the Universal Plug and Play (UPnP) service installed by default on Windows XP (and optionally on Windows Me and Windows 98) could allow an attacker to execute arbitrary code with administrative privileges on a vulnerable system. (CERT® Advisory CA-2001-37)

•SSH v1 - a remotely exploitable buffer overflow vulnerability exists in several implementations of the Secure Shell (SSH) protocol. The CRC32 attack detection code or compensation attack detector could be exploited to execute arbitrary code with the privileges of the SSH daemon, which is typically root. (CERT® Advisory CA-2001-35)

•Login - a remotely exploitable buffer overflow vulnerability exists in several implementations (AIX, HP-UX, SCO, IRIX, and Solaris) of login derived from System V. An attacker could exploit this vulnerability to gain root access to the server. (CERT® Advisory CA-2001-34)

•Line Printer Daemon (lpd) - a remotely exploitable buffer overflow vulnerability on various OS platforms (BSD, FreeBSD, NetBSD, OpenBSD, Debian, AIX, SCO, IRIX, Solaris, SuSE, RedHat, and Mandrake) could allow an attacker to gain root access to the lpd server. (CERT® Advisory CA-2001-30)

Network Vulnerabilities

Types of Vulnerabilities
IP Protocol weaknesses


• IP spoofing

• TCP “Session” Hijacking

• IP Fragmentation

Software application holes

• Improper input handling (Buffer Overflow)

Weak passwords

• no (null) password

• joe password

• default username/password

•IP Spoofing – an attacker sends a message to a target host with an IP address indicating that the message is coming from a trusted host. The attacker must know the IP address of a trusted host in order to modify the packet headers so that it appears that the packets are coming from that host.

•TCP Session Hijacking – an attacker sniffs for packets being sent from a client to a server in order to identify the two hosts' IP addresses and relative port numbers. Using this information an attacker modifies his packet headers to spoof TCP/IP packets from the client. The attacker then waits to receive an ACK packet from the client communicating with the server (which contains the sequence number of the next packet the client is expecting). The attacker replies to the client using a modified packet with the source address of the server and the destination address of the client. This results in a RST which disconnects the legitimate client. The attacker takes over communications with the server spoofing the expected sequence number from the ACK that was previously sent from the legitimate client to the server.

•IP Fragmentation – Firewalls that support stateful inspection of established connections analyze packets to see if they are being received in the proper sequence. In the case of IP fragments, the firewall attempts to reassemble all fragments prior to forwarding them on to the final destination. If an attacker sends repeated incomplete or out-of-order fragmented packets to the firewall it will log and wait for all remaining fragments to be received before handling the connection. As a result, system resources are exhausted due to logging and the firewall is subject to a denial of service. Also, some Intrusion Detection Systems (IDS) do not handle IP fragmentation, Out-of-Order fragmentation, TCP segment overlap, and Out-of-Order TCP segments properly; which results in packets slipping through because the IDS failed to alarm!!!

•Buffer Overflows, Why, How and Prevention: http://www.sans.org/infosecFAQ/threats/buffer_overflow.htm

•Good and Bad Passwords How-To: http://geodsoft.com/howto/password/

Default network services configurations

• Anonymous ftp (port bounce, world-writable)

• Default services enabled (e.g., chargen, echo, finger)

• DNS (buffer overflows, zone transfers - recon)

• SMTP (e-mail relaying, username enumeration)

• SNMP community names (public & private)

Trust relationships between hosts

• Windows NT/2000 Domains and Forests

• UNIX NIS or NIS+ domains

• “R” services (.rhosts and hosts.equiv)

Network device configurations

•Network device configurations – no authentication (e.g., telnet, ftp, http)

Top Ten Vulnerabilities by Cisco Secure Consulting Services

• Password Issues

• HTTP Issues

• Trojans, Viruses, and Worms

• File Sharing Issues

• Remote Procedure Call (RPC)

• SNMP

• DNS Issues

• FTP Issues

• Remote Access

• Other Services

•Passwords – Default accounts, Easily guessable passwords, Joe accounts, Null passwords

•HTTP – Frontpage Extensions (config files), IIS (buffer overflows), Netscape (cgi scripts), Apache (cgi scripts) , Remote management (no auth), Common languages (PHP, ASP, Javascript, and ActiveX)

•Trojans/Viruses/Worms – Backdoors (Code Red, SubSeven), Email and Network Shares (Nimda, SirCam, LoveLetter), Macros (Melissa)

•File Sharing – NFS export controls, No Auth, SMB/CIFS cleartext passwords, NFS trust relationships

•RPC – NetBIOS null session connections, MS RPC endpoint mapper service, UNIX daemons (admind, cmsd, mountd, sadmind, snmpXdmid, statd, and tooltalk)

•SNMP – default or easily guessable community strings, manipulate system or device configurations, enumerate users on Windows NT/2000

•DNS – Denial of Service (transfer of compressed zone files, SRV records, SO_LINGER timeout, FD_SETSIZE descriptors, SIG record contents), Buffer Overflows (TSIG queries, nslookupComplain(), NXT records), Reconnaissance (unauthorized zone transfers, inverse query information leak)

•Other Services – Finger (enumerate valid users), TFTP (configuration downloads, unauthorized file transfers), X-Windows (keystroke and screen capturing)

•FTP – anonymous access, buffer overflows (wuftpd, proftpd), unauthorized file transfers (/etc/passwd), world writable directories

•Remote Access – applications (pcAnywhere, Remotely Possible, VNC), “R” services (weak authentication - rlogin, rexec, rsh), Telnet (local and remote buffer overflows), No Authentication, hardware platforms (dial-in access)

Types of Exploits Local exploits

• Requires user level access

• Used to escalate user privileges

• NT winlogon exploit (GetadmforSops.exe)

• IIS system privilege exploit (hk.exe)

• Solaris libc exploit (ex_lobc-2.c)

• Solaris dtprintinfo exploit (ex_dtprintinfo.c)

•GetadmforSops.exe – exploits a vulnerability in “HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon” registry key on NT 4.0 that allows elevation of user privileges to both the local and global Administrator level. (http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00266.html)

•hk.exe – exploits IIS web servers to launch “cmd.exe” with system privileges. Use “IIS-ZANK.exe” to initiate a command-line session with a vulnerable IIS web server (e.g., Decode, MSADC.dll, Unicode). Upload “hk.exe” and “nc.exe” (NetCat) into an executable directory on the web server (e.g., /scripts, /images) and run the following command: hk.exe+cmd+/c+nc.exe+"-n"+"-l"+"-v"+"-p"+6000+"-e"+cmd.exe (http://razor.bindview.com/publish/advisories/LPCAdvisory.html)

• ex_lobc – allows a non-privileged user to exploit a buffer overflow in the SUID program libc for Solaris 2.5, 2.6, and 2.7 that would allow users to gain root privileges. (http://www.atstake.com/research/advisories/1997/getopt.txt)

•ex_dtprintinfo – allows a non-privileged user to exploit a buffer overflow in the CDE Print Viewer utility for Solaris 2.6 and 2.7 to gain root privileges. (http://www.securiteam.com/exploits/2KUQ9QAQRM.html)

Remote exploits

Does not require user level access.
–Used to gain access without user access.

•IIS Web Server Traversal exploit (iis-zank.exe)

•Windows 9x NetBIOS exploit (client.c)

•Solaris RPC Buffer Overflow (sadmindex.c)

•WUFTPd Buffer Overflow (wuftpd2600.c)

•HTTP Tunnel via HTTP Proxy (httptunnel)

•SSH CRC32 Buffer Overflow (in the wild)

•iis-zank.exe
– allows an attacker to send a malformed URL (containing Decode or Unicode) to a vulnerable IIS web server to access files and folders anywhere on the logical drive that contains the web folders. The attacker could gain additional privileges on the machine (using hk.exe) that would enable them to add, change or delete data, execute code already on the server, or upload new code to the server and execute it. (http://www.securiteam.com/windowsntfocus/Web_Server_Folder_Traversal_vulnerability__Patch_available__exploit_.html)
•client.c – allows any user to access the Windows 9x file-sharing service with or without password protection. Potential attackers do not have to know the share password. (http://www.securiteam.com/exploits/5WP010K4UA.html)

•sadmindex.c – vulnerable versions of sadmind (on Solaris 2.5, 2.6, 2.7, and 2.8) are susceptible to a buffer overflow if a long buffer is passed to a NETMGT_PROC_SERVICE request (called via clnt_call()). Because sadmind runs as root any code that is executed as a result of the buffer overflow will run with root privileges. (http://www.securiteam.com/exploits/3P5Q1Q0QAO.html)

•wuftpd2600.c – Using anonymous access this exploit attempts to create special directories using the MKD (make directory) command, and then change its current FTP path into those directories using the CWD (change current directory) command, followed by executing a SITE EXEC command on those directories. In some versions of WuFTP this triggers a buffer overflow that can be leveraged to gain root privileges. (http://www.securiteam.com/exploits/5TQ060A1YG.html)

•httptunnel - creates a bidirectional virtual data connection tunnelled in HTTP requests. The HTTP requests can be sent via an HTTP proxy to reach hosts behind restrictive firewalls. If web access (port 80/tcp) is allowed through a HTTP proxy, it is possible to use httptunnel and telnet to connect to an internal host from outside the firewall. (http://www.nocrew.org/software/httptunnel/httptunnel-3.0.5.tar.gz)

•SSH v1 - CRC32 buffer overflow exploit still in the wild (Reference: http://staff.washington.edu/dittrich/misc/ssh-analysis.txt)

Most exploits depend on SUID or privileged use programs

• Buffer overflow exploits are most preferred

• Due to improper input checks

• Allows execution of malicious code

• “Smashing the Stack for Fun and Profit” (Aleph One)

• Trusted environment variables

• Variable values are used by most applications

• Software that does not perform proper checking on environment values can be exploited

• Internal Field Separator (IFS) and TMP

•Internal Field Separator (IFS) - specifies which characters separate commands in a shell environment. It is normally set to a space, tab, or new line. By changing the IFS, an attacker can change what programs our script executes. (http://www.samag.com/documents/s=1149/sam0106a/0106a.htm)

•TMP – many legacy UNIX platforms allow applications to create and store SUID files in /tmp in an insecure manner, allowing local users to overwrite files to which they would ordinarily not have access. An attacker can exploit this vulnerability using symlink attacks to execute privileged commands or view sensitive data files (http://www.kb.cert.org/vuls/id/670568)

•Sharefuzz - a local setuid program fuzzer which automatically detects environment variable overflows in Unix systems. (http://www.atstake.com/research/tools/)

Reconnaissance

Unauthorized discovery and mapping of systems, services, or vulnerabilities
18 - Discovering the Targets

Know thy target…

• Domain name lookup

• whois.networksolutions.com

• IP Address space verification

• whois.arin.net

• DNS zone transfer

• dig, nslookup, host command

Ping Sweeps

• Network mapping with ICMP queries

• Identify potential targets
WHOIS Servers:

•www.internic.net/whois.html (US web sites)

•whois.isi.edu (US educational web sites)

•whois.nic.mil (US Military)

•whois.apnic.net/ (Asia Pacific Network Information Centre)

•whois.ripe.net/ (Réseaux IP Européens Network Coordination Centre)
•whois.aunic.net (Australia)

•whois.cdnnet.ca (Canada)

•www.cnnic.cn/ (China)

•whois.nic.fr (France)

•whois.nic.ad.jp (Japan)

•www.nic.mx/cgi/whois (Mexico)

•whois.nic.net.sg (Singapore)

•whois.nic-se.se (Sweden)

•whois.nic.ch (Switzerland)

•whois.nic.uk (United Kingdom)

•Typical “whois” commands:

•whois –h whois.arin.net
or whois –h whois.arin.net

•whois –h whois.networksolutions.com
Typical “host” commands:

•host –l

•host –l –i

Penetration Testing Methodology - Gary Neubauer II - vSpaceLab.com


Penetration Testing Methodology - Infosec Engineers can mitigate security risks and assure continued business continuity by demonstrating to thier organizations that thier digital assets are safe. Organizations can often implement internal or external penetration tests to simulate real-world attacks on their systems. The goal is to expose security gaps and demonstrate the effectiveness (or ineffectiveness) of their current network security methods. Because of its clandestine approach, penetration testing is also used to improve executive management's security awareness and can demonstrate the need to financially support security-related projects. An Infosec Manager, knows how hard it can be to sell the value of an abstract security program or project. When concepts like PKI, SSO or ESM, are discussed, it isn't long before the CEO's eyes start to glaze over in disinterest. A structured penetration test, however, can quickly demonstrate just how easily host systems can be compromised, and illustrate in black and white what the potential consequences of such a breach might be.

A Zero-Knowledge Attack - performed by testers who have no real information about the target environment, is designed to provide the most realistic penetration test possible. It usually includes gathering a significant amount of information about the target system before launching an attack. Typically, an independent third party performs this type of exercise because internal security personnel are too knowledgeable of their own environment to have anything close to "zero knowledge." A full-knowledge attack, on the other hand, is performed with the tester having as much information about the target environment as possible. It's designed to simulate an attacker who has intimate knowledge of the target organization's systems-such as a real employee. Simply put, all the security information related to an environment-network diagrams, technology inventory, etc.-is considered when formulating the attack target and methodology. It's a "take your best shot" approach to breaking the security barriers. While this approach has certain advantages, there are also inherent risks involved with full-knowledge attacks, partic- ularly when they're performed by (or under the supervision of) an inside employee (see "Hacker School," below).

Hacker School? - Penetration testing can be a valuable tool in any organization's information security program. However, be aware of the risks that could undermine the benefits yielded by an intrusion exercise. By purposely exposing a system to penetration testing-particularly those by third-party consultants-you run the risk of temporarily or permanently damaging your systems, exposing your security weaknesses to the outside world, training your own staff in penetration techniques and building overconfidence through incomplete or incorrect test results. Only skilled, experienced professionals who use clearly defined parameters and objectives should perform penetration testing. Unfortunately, penetration testing is fertile territory for "hackers in training." The hiring of ill-equipped or inexperienced testers could have disastrous results for your organization. There are numerous examples of amateur or malicious hackers crashing networks, disclosing confidential information and destroying valuable digital assets.

While third-party testing can provide objective results, organizations could fall prey to unscrupulous testers who will use a simulation to find vulnerabilities for their own purposes. Before an organization knows it, it could fall victim to a well-targeted intrusion that results in the loss of proprietary information or assets. Some organizations may try to insulate themselves against unscrupulous penetration testers by having their IT staff supervise the exercise, but this could also backfire. The contracted testers could very well train their in-house supervisors in the skills and techniques needed for malicious attacks. Lastly, a single test provides only a snapshot of your organization's security profile, not a top-to-bottom review of your system's defenses. The risk is that management will take the results of a single test at greater than face value, believing their system is secure if no serious holes are found in the initial review. This overconfidence could leave holes unaddressed and vulnerable to future attacks.

What Do You Want to Accomplish? - The penetration test should have clearly defined methodologies and goals. The target can be specific, such as payroll information stored in a SQL Server database, or more general, like a Web server. Lucrative or high-profile targets are often referred to as a "trophy selection." If the goal of the penetration test is to raise awareness of security risks, the tester will usually target high-impact trophies, such as the corporate Web site or databases housing corporate intellectual property. While target selection is important, the methodology or techniques to be used during testing is often overlooked. Consider that the goal of penetration testing is to mimic real-world attacks. Whom are you worried about? A bored 15-year-old or a temporary employee? A competitor's spy or a nation-state? Pinpointing the nature of the threat behind an attack allows the penetration team to emulate that threat.

For the most useful results, a penetration team should use the same methodology or techniques that a specific adversary would. While it's nearly impossible to have a thorough understanding of all of the threats, they can be broken down into four broad categories: Script kiddie, Malicious insider, Temporary employee, and "Über hacker." For example, a security manager at a pharmaceutical company might be concerned about the security threat posed by animal rights activists acting as temporary employees. A simulated attack on her network would give the penetration team the same accesses and credentials as a temporary employee. Likewise, if the threat were an über hacker-someone with extensive hacking skills and experience-the simulation would measure the response to unknown attack vectors.

Penetration Testing Methodology - Whether you outsource the pentration exercise or perform the tests yourself, it's important to follow a structured methodology. To ensure a thorough and safe execution of a penetration test, the tester should execute the following steps: discovery, enumeration, vulnerability mapping and exploitation.

Discovery - No matter what environment is being tested, it's import to obtain as much information as possible about the target organization within a reasonable period of time. Typically, this is referred to as "footprinting," and it's often the most im- portant (yet overlooked) component of zero-knowledge attacks. The Internet is a good source for all sorts of footprint information, including mirroring the target's Web site with tools such as wget or Teleport Pro, which create mirror twins (or close copies) of the target Web site (for links to tools mentioned in this article, see p. 94). In addition, the tester can perform thorough searches of the various whois databases, which often reveal many more Internet connections than the organizations expect. It is important to leverage Usenet postings using search sites, such as www.dog pile.com. Many organizations are amazed by how willing their employees are to divulge information that is useful to an attacker. For network-based attacks, you can use mass ping sweep utilities such as fping or icmpenum to determine potential targets that are responding to network traffic. These utilities fire off ICMP packets against specific ranges of addresses to determine what systems are hidden away. Of course, a healthy dose of nmap, the king of port scanning utilities, will help identify all those pesky open TCP and UDP ports.

Enumeration - Once specific domain names, networks and systems have been identified through discovery, the penetration tester should gain as much information as possible about each one. The key difference between discovery and enumeration is the level of intrusiveness. Enumeration involves actively trying to obtain user names, network share information and application version information of running services (e.g., IIS 4.0, Apache 1.3.X, BIND 8.2.1). This information is obtainable by connecting to the various platforms and extracting data through mechanisms such as anonymous connections and banner grabbing. For example, an inordinate amount of information can be gleaned from an unsecured Windows NT/2000 system just by using a null session (also called an "anonymous" connection-Microsoft Q143474). This can be performed manually or with tools like gnit. Other enumeration techniques include using netcat, which can be used to perform simple banner grabbing. In addition, user names can be gleaned from many systems and used during the exploitation phase to circumvent security barriers.

Vulnerability Mapping - Vulnerability mapping, one of the most important phases of penetration testing, occurs when security practitioners map the profile of the environment to publicly known-or, in some cases, unknown-vulnerabilities. The tester's most mundane but critical work is performed during the discovery and enumeration phase. If executed haphazardly, the vulnerability-mapping phase will be less effective. One method that can be used to accomplish this task is mapping specific system attributes against publicly available sources of vulnerability information, such as Bugtraq, Computer Emergency Response Team (CERT) advisories and vendor security alerts. For example, if you find a target Linux system running BIND 8.2.1, a popular DNS server, you need to determine if there are associated vulnerabilities with this version. A quick check of CERT's BIND advisories (www.cert.org/advisories/ CA-99-14-bind.html) will reveal any known buffer overflows that could make it vulnerable to attack. Although this is a tedious process, it can provide a thorough analysis of potential weaknesses without actually exploiting the target system. Remember, only script kiddies will skip the vulnerability-mapping stage by throwing everything including the kitchen sink at a system-without knowing how or why an exploit works or doesn't work. For instance, many real-life attackers use Unix exploits against a Windows NT system. Needless to say, these sophomoric assaults are unsuccessful.

Exploitation - The exploitation phase begins once the target system's vulnerabilities are mapped. The penetration tester will attempt to gain privileged access to a target system by exploiting the identified vulnerabilities. This may take the form of launching a password guessing attack using user names collected during the enumeration phase. (A fantastic resource of known/default accounts and associated passwords is located at www.securityparadigm.com/de faultpw.htm. For example, published exploit code (http://packetstorm.securify.com/ 9911-exploits/adm-nxt.c) can be used to exploit the buffer overflow vulnerability noted above in the BIND example.) Whatever the method used, the goals of the test are user-level and privileged access.

Advantages of Penetration Testing - Penetration testing is a useful tool for vividly illustrating the potential impact of exploited security vulnerabilities. Show any CEO a printout of their company's payroll or an audit, and chances are they'll recognize the need for improvements in security. For the test results to have maximum impact, the tester needs to put them in terms easily understood by the target organization's management. Many non-technical managers either don't care or won't understand the need for systems security until the consequences of an attack are spelled out in plain language. A tester needs to detail the potentially costly and damaging ramifications-ranging from loss of records to loss of business-should someone gain access to an organization's systems in the same manner as the testing team. Penetration tests are ideal for testing detection and response capabilities. Given that most computer emergency response teams are woefully unprepared and inexperienced, the penetration test provides a great opportunity to gain experience in a consequence-free exercise. Penetration tests are a great tool for determining the current security posture of an organization. A new CIO will often order a penetration test to get a quick understanding, or "snapshot," of problem areas. The results will provide direction on allocating limited resources.

Test Limitations - Despite its advantages, penetration testing has several limitations. A typical penetration exercise is not a comprehensive evaluation of security, since many security issues and configuration problems may not be identified. If the limited nature of penetration tests is not understood, the exercise can give an organization a false sense of security. For instance, if a host is not compromised during network attacks, the penetration testers will not be able to check its configuration for privilege-escalation vulnerabilities. Moreover, the results of a test only reflect the security status for the testing period. Even minor administrative and architectural changes to the environment performed only moments after a penetration test could alter the system's security profile. It may be obvious, but it's still worth stating: A penetration test is only as good as the people conducting it. The difference between identifying potential vulnerabilities and gaining interactive remote access to hosts requires a quantum leap in skill level.

Commercial vulnerability scanners and free information-gathering tools provide the average systems administrator with the ability to identify potential vulnerabilities. Exploiting those vulnerabilities, escalating privileges and leveraging vulnerabilities in a complex, heterogeneous network environment requires highly skilled, experienced individuals. Teams with diverse, complementary skill sets usually perform the best penetration tests. Future of Penetration Testing While the media focuses a lot on network and operating system vulnerabilities, the future of penetration testing is at the application level. Most organizations have or plan to deploy e-commerce-related applications. These plans include transactional Web servers with back-end databases and connections to various systems within an organization. The old-school mentality of "put a firewall up to keep people out" doesn't work in today's environment. While most sites have some sort of firewall, attackers can breach security barriers by exploiting vulnerabilities in the various Web-facing applications. Testing these apps is a difficult and time-consuming task because each environment has a slightly different implementation.

The requisite skills necessary to perform these specialized reviews include extensive knowledge of Web technologies, such as HTML, ASP, Java, Java- Script, cookies, PERL, VB scripting, SQL and CGI programming, to name a few. There is a prodigious gap in the skill level needed to perform traditional network and operating system testing vs. a structured e-commerce application penetration review. Systems managers should choose wisely when selecting a vendor to test an e-commerce application environment. Remember: The browser is the new millennium's security weapon. GARY NEUBAUER, Founder of vSpaceLab, has over 12 years as an Infosec Engineer and Network Security Consultant.

TESTER'S toolkit

Bugtraq - www.bugtraq.com
Computer Emergency Response Team (CERT) - www.cert.org
fping - http://packetstorm.security.com
gnit - http://security.ellicit.org/programs/
icmpenum - www.nmrc.org/files/sunix/icmpenum-1.1.1.tgz

Nessus The Nessus Project - www.nessus.org
netcat - http://nmrc.org/files/sunix/icmpenum-1.1.1.tgz
nmap - www.insecure.org/nmap
Penetration Testers List - www.securityfocus.com
SAINT - www.wwdsi.com/saint
Teleport Pro Tenmax - www.tenmax.com/teleport/pro/home.htm
wget - http://sunsite.auc.dk/wget

whois sites
- www.crsnic.net/whois/
ARIN - www.arin.net
SamSpade - www.samspade.org

Home - Services - Works - Tools - Contact - Virtual Space Lab - Web Space Lab - Gary Neubauer II - SEO Assault - Page Rank Lab - Web Design Quote - Contact vSpaceLab Web Design - Web Site Design Support Best Domain Names - Affordable Web Design - Best Web Hosting - Build Custom Ecommerce - Streaming Audio and Video

Wednesday, October 3, 2007

Security Tools - vSpaceLab.com

Computer Security White Papers - Gary Neubauer II, vSpaceLab, San Antonio TX

Here is a list of computer security white papers and lab projects that have been completed by Gary Neubauer II throughout his 12 year history in the security field. They include developing security Perception Management vs Pychological Warfare, Password Cracking Labs, Penetration Tests, Vunerability Assessments, Network Packet Sniffing, Security Logs Files, Hacking NT Passwords, and Intrusion Detection Lab setups. There are papers on MD5 Hash Analysis, Encryption Cracking, Log FIle Analysis, Network Analysis, Snort and ACID Labs, and a paper commenting on the Cuckoo's Egg Book by Cliff Stoll.


Perception Management vs. Psychological Warfare - Gary Neubauer II, vSpaceLab, San Antonio TX - September 27, 2005

That which we call a rose, by any other name would smell as sweet.” - William Shakespeare

The definition of truth (according to dictionary.com) is: Conformity to fact, actuality or a statement proven to be or accepted as true. Truth by its very definition is exclusive, not inclusive. There is only one way that something actually occurred although it may be perceived, remembered, or told as happening in several different ways. The various views are often colored by prejudice, bias, or even misinterpretation of the facts. In the age of information, managing that information and choosing when and how to release vital pieces of that information becomes paramount to controlling how people perceive an idea, concept or a given situation.

Perception Management is a controlled strategy that aims to regulate and influence a group’s interpretations, conclusions, or decision process. Directing the perception and awareness of an event is key to manipulating the real or perceived outcome of that situation. Planned psychological operations against a target using specific information designed to shape and influence a targets emotional behavior or objective reasoning is a useful strategy in warfare.


Read more



Password Cracking Lab - Gary Neubauer II
- vSpaceLab, San Antonio TX - October 27, 2005

Computer systems usually have some method of restricting access to applications, services, or network resources. The first line of defense often comes in the form of a user account and a password for that account. If the password supplied is valid for the User ID specified, the operator is allowed to access any resource authorized for use under that User ID.

Read more


Top Security Tools - Gary Neubauer II
- vSpaceLab, San Antonio TX

Interconnected computer systems rely on communicating in a secure, dynamic and un-interrupted manner. This is a list of the top security tools that are use to discover and deploy security topologies that accomplish that goal. "Breaking Into" your own systems and securing your own hacks continues to be a sound security policy.

Read more


Ghost in the Machine - Authenticating a Trace - Gary Neubauer II
- vSpaceLab, San Antonio TX - February 27, 2006

In his book the Cuckoo’s Egg, Cliff Stoll discovers a 75 cent computer use accounting error which begins a journey that ultimately reveals a hidden network of multinational hackers linked to the KGB. This accounting error tips Stoll off to an uninvited visitor to the Lawrence Berkeley Lab computers. The trail goes through Hanover, Germany and the Project Equalizer plot. Project Equalizer was an initiative by the KGB to pay the West German Chaos Computer Club members to hack into United States military computers. [2] These groups were exploiting security vulnerabilities in government funded research labs, and military weapons research facilities.

Read more


Network Packet Sniffing using Ethereal - Gary Neubauer II
- vSpaceLab, San Antonio TX - November 27, 2005

Computers attached to networks communicate with each other using network protocols. Network data is packetized and transmitted to each other using strict protocol relationships. Most of these “conversations” are transparent to the user of the networked system and often only show up as a rotating hour glass, while the user waits for information to be transferred to his internet browser or other application. Using a network packet analyzer can reveal the protocols used in the communications streams by capturing network data packets and allowing an administrator to examine what is actually going on across the wire. Ethereal is an open source (freeware) data packet analyzer. It can be used to troubleshoot network connections, examine security vulnerabilities, and debug protocol implementations.

Read more


Contact vSpaceLab Web Design - Web Site Design Support Best Domain Names - Affordable Web Design - Best Web Hosting - Build Custom Ecommerce - Streaming Audio and Video - Home - Services - Works - Tools - Contact - Templates - Website Hosting - SEO - About vSpaceLab Virtual Space Lab - Web Space Lab - Gary Neubauer II - SEO Assault - Page Rank Lab




    Password Cracking Lab - Gary Neubauer II - vSpaceLab.com

    Introduction

    Computer systems usually have some method of restricting access to applications, services, or network resources. The first line of defense often comes in the form of a user account and a password for that account. If the password supplied is valid for the User ID specified, the operator is allowed to access any resource authorized for use under that User ID. 1

    For this password cracking lab, a SAM file was made available by using a bootable linux cd to capture the file.:

    Searching for Password Cracking Software – (B)

    A search for password cracking software was initiated with the Google.com search engine. Various security related web sites were interrogated including:

    1. http://www.passwordportal.net/ (passwordportal.net)

    2. http://astalavista.box.sk/ (Astalavista)

    3. http://members.aol.com/jpeschel/index.htm (D.O.E. SysWorks)

    4. http://www.nirsoft.net/ (NirSoft Freeware Utilities)

    5. http://www.packetstormsecurity.org/ (Packetstorm)

    Password Cracking Applications – (B)

    Several applications were downloaded for testing including:

    1. LCP v 5.04 from: http://www.lcpsoft.com/english/download.htm

    2. John The Ripper from: http://www.openwall.com/john/

    3. PWDUMP2 from: http://www.bindview.com/Resources/RAZOR/Files/

    LCP v 5.04 was selected as the password cracker of choice due to it being freeware, having a GUI interface, ability to import a SAM file to crack, as well as providing the LM hash and NT hashes in one software application. LCP v 5.04 uses a dictionary attack, a brute force attack, and a hybrid of both attacks, when it attempts to crack a SAM file and expose the passwords within.

    This dialog box illustrates the application with User IDs and cracked passwords revealed.


    password cracking lab

    John The Ripper provided a command line interface and was able to access the local workstation’s password database, but it was not determined how to import a SAM file from an alternate source. The application was not chosen to do any further testing. This dialog box illustrates the application and its’ parameter options.

    password cracking lab

    PWDUMP2
    provided a command line interface and only computed the one way hashes of the local workstation’s SAM database. This data could then be piped to a text file and used as input for another application like L0phtcrack. 3 PWDUMP2 was not chosen for additional testing due to L0phtcrack being no longer available. This dialog illustrates the hashes from the local machine’s SAM database.

    password cracking lab

    Initial SAM file Inspection – (A)

    The SAM file was inspected using LCP v 5.04. The User IDs were reviewed and password guesses were attempted. The initial password (guesses) are as follows:

    1. Administrator (password)

    2. Guest (no password)

    3. gmwhite (gmwhite)

    4. ccwhite (ccwhite)

    5. user1 (user1)

    6. user2 (user2)

    7. user3 (user3)

    8. user4 (user4)

    Cracking the SAM password database – (C)

    After running LCP v 5.04 on the SAM file for approximately 2 hours all the passwords were recovered except the one for user3. The User IDs and the passwords (found) are as follows:

    1. Administrator (gbwhite)

    This password is not at least 8 characters in length, has no numeric or capital characters. This password also is one letter different than one of the user accounts making it easier to guess.

    2. Guest (NO PASSWORD)

    This account has no password and allows anyone to logon to the workstation.

    3. gmwhite (gmwhite)

    This password is the same as the User ID making it very easy to guess. It also is one letter different than the Administrator password, giving the user full admin rights if guessed correctly and used on the Administrator account.

    4. ccwhite (etihwcc)

    This password doesn’t contain at least 8 character and has no capital or numeric characters.

    5. user1 (secret)

    This password is a common word in a dictionary, making it easier to guess.

    6. user2 (redfox)

    This password is a common word in a dictionary, making it easier to guess.

    7. user3 (??? UNKNOWN ???)

    This password was unable to be retrieved and is probably a good password.

    8. user4 (tqbfjotsld)

    This password is longer than 8 letters, but has no numeric or capital characters.

    Local Workstation Password File – (D)

    My Windows XP operating system password is located in a file called SAM, which represents a “hive” in the Window registry. The SAM file holds the user names and password hashes for every account on my workstation. This security database is located in this directory path: file://windows/SYSTEM32/CONFIG/SAM. A backup of this file is also stored in file://windows/REPAIR/SAM.

    The SAM file is locked by the operating system and cannot be copied. It is locked to all accounts including the Administrator while the machine is running. The SYSTEM account is the only one that has access to the SAM file during workstation operation. 4

    I have no passwords that can be cracked in my password file because I have passwords with Alpha and Numeric characters which also have capital letters in them. I also use a pass-phrase which makes a password that isn’t found in an English or Foreign dictionary. This password schema is used for my Administrator password as well as my main User account.

    Good Password Policy – (E)

    Internet Security System (ISS) makes a number of recommendations for good password policy at their website. 5 These guidelines are adopted from RFC1244 – Site Security Handbook. 6

    A number of DON’Ts apply when choosing a secure password:

    1. Don’t use your User ID as the password (i.e. as it is, reversed, capitalized, etc.)

    2. Don’t use your first, middle, or last name in a User ID.

    3. Don’t spouse’s or child’s name.

    4. Don’t use other information that is easily obtained about you. This includes license plate numbers, telephone numbers, social security numbers, etc.

    5. Don’t use a password with all numerical digits or the same letters.

    6. Don’t use a word contained in an English or foreign language dictionary.

    7. Don’t use a password shorter than six characters.

    A number of DOs apply when choosing a secure password:

    1. Do use a mixed-case alphabetic.

    2. Do use a password with numeric digits and / or punctuation.

    3. Do use an easy to remember password, so you don’t have to right it down.

    4. Do use a password that you can type quickly, without having to look at the keyboard.

    Conclusion

    Password security is very important in the digital age. As demonstrated, simple passwords can be easily cracked and therefore render the first line of defense useless against a determined hacker. Adopting strong password policies is one of the most effective ways to ensure system integrity and security. A policy that increases password length, insisting on character diversity, and promotes frequently changing the password, can make it much more difficult for a non-authorized user to gain access to valuable mission critical computer resources.

    e.

    d.

    Contact Us

    Home - Services - Works - Tools - Contact - Templates - Website Hosting - SEO - About vSpaceLab Virtual Space Lab - Web Space Lab - Gary Neubauer II - SEO Assault - Page Rank Lab - Web Site Design Prices - Hosting Prices - Logo Design Price - Seacrh Engine Optimization Prices - Web Site Design FAQ's - Search Engine Optimization FAQ's - E-Commerce FAQ's - Logo Design FAQ's - Web Design Quote

    Perception Management vs. Psychological Warfare


    That which we call a rose, by any other name would smell as sweet.” - William Shakespeare

    The definition of truth (according to dictionary.com) is: Conformity to fact, actuality or a statement proven to be or accepted as true. Truth by its very definition is exclusive, not inclusive. There is only one way that something actually occurred although it may be perceived, remembered, or told as happening in several different ways. The various views are often colored by prejudice, bias, or even misinterpretation of the facts. In the age of information, managing that information and choosing when and how to release vital pieces of that information becomes paramount to controlling how people perceive an idea, concept or a given situation.

    Perception Management is a controlled strategy that aims to regulate and influence a group’s interpretations, conclusions, or decision process. Directing the perception and awareness of an event is key to manipulating the real or perceived outcome of that situation. Planned psychological operations against a target using specific information designed to shape and influence a targets emotional behavior or objective reasoning is a useful strategy in warfare. Learning about a targets strengths and vulnerabilities can be used to guide and motivate a group towards a specific course of action or paralyze them through fear and indecision.

    Public diplomacy campaigns, although milder in process can still be used to persuade and influence popular opinion in an attempt to direct a specific agenda. Some efforts are called fair reporting of “the truth”, while others are deemed propaganda, disinformation, or outright psychological warfare. Perception management is often used in preparation to promote and engage a war effort, advertise a product of questionable safety, direct the outcome of political elections, or dissuade a governments efforts at nuclear armament.

    The Iraqi Incubator Story

    Saddam Hussein’s control over Iraq and it’s people was instilled through the use of barbaric and brutal death squads which were fueled by large oil reserve revenue. Although numerous reports from international human rights organizations exposed Hussein as a cruel and ruthless dictator in the middle east, the United States government still regarded the Iraqi regime as a valuable ally in it’s undeclared war against Iran. In August 1990, Iraqi troops led by Hussein invaded the oil rich nation of Kuwait.

    The idea of risking American lives in the middle east to remove an Iraqi dictator in an area so far from American shores was unthinkable. Billions of dollars would be spent and an unprecedented effort would be needed to remove the Iraqi ruler from Kuwait. A public relations and management campaign was developed to promote a perception of the Iraqi regime as being an “evil empire” and that liberating the Kuwaiti people was in the best interest of the United States and the world. Over 20 public relations, & lobbyist firms were commissioned to mobilize US concern against Hussein.

    Hill & Knowlton, one of the world’s largest public relations firms was contracted to mastermind this effort. It’s activities constituted the largest campaign ever initiated to direct American public opinion. H&K arranged briefings, direct mail campaigns, and orchestrated editorials in newspapers and other media formats to promote the Kuwaiti plight. It also backed and supported “Cititzens for a Free Kuwait” which arranged to distribute news releases, media kits, bumper stickers, and organize public rallies in support of this effort. In October 1990 congressional hearings started on the validity of going to war with Iraq.

    Emotionally charged testimony before congress was received from a 15 year-old Kuwaiti girl. She told of how Iraqi soldiers were stealing baby incubators and tossing out the babies to die on the cold hard floor and then shipping the incubators back to Iraq. During the next three months the story of babies being ripped from their incubators was repeated over and over on television and radio talk shows, and at the UN Security Council. On January 12, 1991 the US senate voted to support a declaration of war against the Iraqi regime.

    Once a military build-up began in the Persian Gulf, the Pentagon outlined a disciplined plan on controlling news agencies and journalist ability to report on the war effort. Visa denials and strict military escorts once they were approved, provided the sanitized censorship of news reporting the military sought after. 3 months after the war was initiated the United States won a decisive victory against Saddam Hussein and the Kuwaiti ruling class was restored to power.

    The Tobacco Industry

    U.S. tobacco companies have a long history of deception and deceit in a relentless pursuit of profit. Perception management has been used extensively by the Tobacco Industry or “Big Tobacco”, as they are affectionately called to advance a pro-tobacco agenda. Millions of dollars have been spent on media and print advertising which promotes tobacco products as anything but an addictive and deadly drug.

    The idea that cigarettes are “cool” has been promoted by R.J. Reynolds Tobacco Company in their development of the controversial cartoon character “Joe Cool Camel” for Camel cigarettes. Millions of dollars were used to portray Joe Camel as a confident, hip, slick, and cool character who always had a beautiful blonde adoring him from afar. He was usually shown riding a Harley Davidson motorcycle or dressed in pilot gear in front of two airplanes while he puffed on a Camel cigarette.

    Joe Camel was also portrayed as a beloved rock star that fans adored from their concert seats. These images helped in promoting the idea that smoking camel cigarettes could improve your image and possibly even make the smoker a little “cooler”. As these ads became more popular with teenage audience the Federal Trade Commission (FTC) sought an outright ban against the advertising campaign. RJ Reynolds finally lost their court case against the promotion of the Joe Camel character, but the publicity surrounding the case only fueled more interest in the cartoon character. This “free” advertising served to continue the advancement of the Joe Camel figure among younger smokers.

    Deliberate communication strategies have been developed to influence cigarette sales in a more subtle way. Subliminal messaging has often been used to activate and intrigue our core desires for sex, power, or rebellion from conformity. Ads with sexually suggestive images are covertly placed in exhaled cigarette smoke or often in streams flowing through the great outdoors.

    The Marlboro Man campaign was used extensively to portray a rugged “John Wayne” type of image which appealed to stereotypical beliefs of manhood. Political and economic pressure has often been used to circumvent public health laws, and stimulate pro-industry legislation under the guise of “free trade”. Overseas expansion into countries with more lenient or easily influenced governments is a common method of influence. Foreign governments have been pressured by international financial institutions to privatize state-owned industries and relax restrictive import duties and tariffs.

    In 1995 R.J. Reynolds significantly boosted it’s overseas ownership of facilities in Finland, Vietnam, and Poland. It is now a multinational giant with subsidiaries and licensing agreements in 57 countries. The tobacco industry continues to conduct sophisticated campaigns against conclusions that first and second-hand smoke causes lung cancer and others diseases.

    Industry-directed research has been used to subvert government health agencies, and contradict negative investigational findings. Managing the perception of this research by manipulating the information or boldly refuting the conclusions continues to encourage tobacco sales and increase market share of a highly addictive drug despite the risks to health and well being.

    The 2000 Presidential Election

    In the 2000 presidential election between George W. Bush and Al Gore, it is difficult to find an unbiased “just the facts” information source. All sources claim to be telling “the real truth” and then go on to bash one side while bolstering their own views. Discovering what motivates an information source or deciding who you can really trust when it comes to the major media can be challenging at best.

    Liberal news sources like the New York Times, ABC, CBS, CNN, National Public Radio (NPR), and Public Broadcasting System (PBS), all seem to work in concert to promote their agenda as being “the real truth” behind the others parties “lies”. Terms like “radical fundamentalist” or “the far right” are continually advertised to label and denigrate organizations like the Christian Coalition, or the Family Research Council. Points and counter points were discussed on radio and television talk shows.

    The Fox News channel has self labeled itself as the “fair & balanced” news source and jumps on the Conservative Christian Agenda band wagon. Bill Oreilly hosts a show on the same network called The Factor where he uses catch phrases like “the spin stops here” in the “No Spin Zone”. Billionaire George Sorros provided financial backing to groups like MoveOn.org (a 501c political action committee) claims to focus on education and advocacy of important national issues.

    It states on their website that they primarily help members elect candidates that reflect their “values” and are an advocate of important national issues. All of these groups played their part promote and shape the minds of the electorate in the presidential election of 2000. As in a real physical war, it doesn’t always matter who’s right, it only matters who wins.

    North Korean Nuclear Power Ambitions

    Perception management and information operations demonstrate a careful balancing act must occur when attempting to manage foreign perceptions. The Pentagon has attempted for decades to manage overseas propaganda efforts. Aggressive campaigns were developed to disseminate information though foreign media fronts and the internet. It also sought to engage covert information operations which distributed false news items to influence public opinion in friendly and neutral Near East and South Asian countries.

    The goal was to influence enemy decision makers and convince or deceive them into taking a particular position on an issue without military intervention. The communist country of North Korea has continually sought after light water nuclear reactors under the auspices of a peaceful nuclear power program. North Korea began to remove monitoring equipment implemented by the IAEA thus removing the ability keep tabs on North Korean nuclear program.

    As the United States continues to put international pressure on the Asian country to give up it nuclear ambitions, North Korea responds with rhetoric speaking of the imperialist hard-lined intent of the United States. North Korea indicates that they will answer a preemptive military strike with a tough counterstrike and shows no signs of backing down.

    Diplomatic efforts continue with the countries of China, South Korea, North Korea, Japan, and the United States. The United States continues to conform to the policy that this should be resolved peacefully through discussion and diplomacy but the threat of military action continues to be discussed.

    Conclusion

    In conclusion, Perception management continues to be a study of the fine art of winning friends and influencing people on a global scale. It combines the attempts to manage public relation campaigns using radio, television and print advertising, Internet media for global dissemination of information, or through mass fear and intimidation.

    Direct campaigns of psychological warfare against an enemy’s physical forces or an attempt at morally and mentally confusing an adversary all play a part in winning a series of battles which all play a larger part in winning a war. In the nuclear age where many government powers have the ability to completely annihilate each other, the prevention of serious conflicts becomes imperative to our global survival.

    As in all wars, to the victor go the spoils, but in a nuclear holocaust scenario, the spoils won’t be worth winning.

    Thursday, September 20, 2007

    Search Engine Optimization in San Antonio Austin Houston Texas


    Search Engine Optimization in San Antonio Austin Houston Texas
    You already have a great website that you spent alot of time developing and tweaking to get exactly the right message to your customers. Only problem nobody knows you are there. An internet user goes to a Google search engine and types in a product that you offer.Does your web site come up on the first page?vSpaceLab offers a professional, highly structured receipe to website seacrh engine optimization, marketing, positioning and ranking. By using a variety of industry standardized practices and various proprietary web marketing techniques, vSpaceLab can dramatically increase the traffic to your website.85% of all website traffic comes from search engine rankings. Millions of times every day internet use search engines to do there research homework to find the best deals on what they are looking for. If you don't show up on the first page in a search engine result, it's like your webpage doesn't even exist. By increasing the visibility of your web site in Search Engine Results (SERPs) like Google and Yahoo, you can insure that the greatest possible number of clients are exposed to the products and services that you are offering over the internet. vSpace Search engine optimization, marketing, positioning and ranking can include Organic Internal and External Website Optimization, Paid Placement, Paid Inclusion, and Paid Search Lisitngs.If you have a website with out a high ranking in the top search engines you will be missing critical searchs for your services. Let vSpaceLab.com's search engine marketing strategies drive traffic to your website like never before!
    Contact Us for more Information
    Search Engine Marketing in San Antonio, Austin, and Houston Texas
    The top search engines today are Google.com, Yahoo.com, Ask.com, AOL Search, MSN Search, AskJeeves.com, Open Directory DMOZ.com, AllTheWeb.com, HotBot.com, Teoma.com, Altavista.com, Gigablast.com, LookSmart.com, Lycos.com, and Netscape Search.Our search engine marketing and optimization services involve a dedicated and comprehensive strategy using keyword research, site structure analysis, content positioning and architecture, website copy editting, and extensive link building. Paid advertising campaigns can also be developed and deployed with Google AdWord, and Yahoo! Search Marketing.All of these techniques play a part in developing a winning promotional strategy for your website. Getting Started is easy. Come Get Some website traffic and online results with Search Engine Marketing and Optimization from vSpaceLab.com.
    Contact Us for more Information

    Google Web Search
    Google has become the defacto standard for research and "browing" on the internet today. It is the top choice for those searching the world wide web. Google is a crawler-based web service and pulls together interesting search trends and patterns based on 100's of millions of searches each day. Google also provides search results to many other search engines like AOL Search, Excite Network, Ask Jeeves, InfoSpace, HotBot, Lycos, Netscape and Teoma. It's a highly recommended first stop in your hunt for most anything in the world today.Google was originally developed at a Stanford University project by students Larry Page and Sergey Brin and was originally called BackRub. By 1998, the name was changed to Google, and the project went mainstream morphing into the private company known as Google.com. It remains privately held today.Google provides the option to easily seek out images from across the web, discussions that are evolving on Usenet newsgroups, locate news information or perform research for a specific product or service. Using the More link provides access to human-compiled information from the Open Directory, catalog searching and other services.
    Google is also known for a wide range of other features, such as cached web pages that let you "resurrect" dead websites or see previous versions of recently upfdated ones. It offers video on demand, email services, street maps, stock quotes, dictionary definitions, spell checking, telephone numbers and more. See Google's help page for list of it's more popular features. The Google Toolbar has also won a popular following for the easy access it provides to Google and its features directly from the Internet Explorer browser.Google offers unpaid editorial commentaries, and operates its own advertising programs. The cost-per-click AdWords program places ads on partner web sites which can dramatically increase your website exposure.
    Contact Us for more Information

    Yahoo Search
    Yahoo was launched in 1994 and is the internet's oldest directory. It developed the term "directory" which is a place where human editors organize web sites into categories. In October 2002, Yahoo made a huge shift towards crawler-based listings for its search results results. Yahoo's search came from Google until February 2004. At that time Yahoo developed and uses its own search engine technology.
    Yahoo provides exceptional search results, you can use Yahoo to search for images, Yellow Page listings or use Yahoo's shopping search engine to find a product or service. Yahoo Search also offers specialized and advanced custom search options as well.
    The Yahoo Directory has survived numerous attempts to usurp it. You'll notice "category" links below some of the sites lists in response to a keyword search. These links will take you to a list of web sites that have been reviewed and approved by a human editor.
    Yahoo also allows a pure search of just the human-editted Yahoo Directory, which is how the old Yahoo used to work. By using this search option you will get both "Related Directory Categories" and "Directory Results," which are the top web site matches pulled from all categories of the Yahoo Directory.
    Contact Us for more Information

    AOL Search
    AOL Search provides it's users with listings that come Google's crawler-based index. Searches on Google and AOL Search will produce very similar results. AOL Search is primarily used by AOL users. The "internal" version of AOL Search provides links to content available only within the AOL online service network. By using this service, you can search AOL and the entire web at the same time. The "external" version doesn't provide links to the AOL network content. Many of Google's features such as "cached" pages are not offered by AOL Search.
    Contact Us for more Information



    Home - Services - Works - Tools - Contact - Templates - Website Hosting - SEO - About vSpaceLabVirtual Space Lab - Web Space Lab - Gary Neubauer II - SEO Assault - Page Rank LabRelated Websites - Link Partners - ResourcesWeb Site Design San Antonio - San Antonio Texas Web Design Company - web design company - San Antonio Texas Web Design Case Studies - Web Design Portfolio - Logo Portfolio - Search Engine Optimization - Corporate Identity Design - Business Brochures, Business Cards Pricing - Web Site Design Prices - Hosting Prices - Logo Design Price - Seacrh Engine Optimization Prices - Web Site Design FAQ's - Search Engine Optimization FAQ's - E-Commerce FAQ's - Logo Design FAQ's - Web Design Quote - Contact vSpaceLab Web Design - Web Site Design SupportBest Domain Names - Affordable Web Design - Best Web Hosting - Build Custom Ecommerce - Streaming Audio and Video - Credit Card Merchant Account - E Commerce Shopping Cart - Build your own database driven website using php & mysql

    Website Design in San Antonio Texas

    Website Design Services
    Website Design is the creation, coding, and deployment of a website. Websites are essential and necessary business tools in today's market place. vSpaceLab designs each website to be highly effective in delivering your companies message to it's clients. It can also be a centralized service for your clients to read company brochures, view company pictures, or purchase products and services all online. Put our network of coders to work for you because Great Code is a Terrible Thing to Waste!
    Contact Us for more Information

    Graphic Design using Photoshop, Fireworks, and Flash
    vSpaceLab creates graphically compelling websites that get results for your business. When someone visits your website on the internet you want them to experience a design that is elegant, intuitively functional and allows them to capture what you are trying to communicate. vSpaceLab uses state of the art graphics design software like Adobe Photoshop, Fireworks, and Flash to create the logos, brochures, or graphics that will inspire your clients to partner with your for you products and services.
    Contact Us for more Information

    Content Management Systems using Joomla!
    Content Management Systems (CMS) like Joomla, allow websites to add and update website content with ease. Whether you are working with news stories, blog posts, or online group colaboration projects, vSpaceLab can provide the user interface and functionality that pulls it all together. Setting up Polls that users can give thier opinions, news flashes with up to the minute headlines, or Frequently Asked Questions (FAQs). Joomla also allows you to use templates to change the look and feel of your website on the fly, as often as you need.
    Contact Us for more Information

    e-Commerce Systems
    The Internet is one of the best way to market and sell your products and services beyond your brick and mortar business location. Everyday thousands of new customers are searching for ways to find and purchase the products that you have for sale. Let vSpaceLab partner with you to take your product photos and descriptions that you supply, upload them to our secure web servers, and setup payment processing for you.
    Promote your unique services
    Process customer credit cards Online
    Use webcasting and provide "live" conferencing
    Drive business like never before
    Contact Us for more Information

    Web Application Programming and Consulting
    vSpaceLab can develop globally available web applications to keep your business running smoothly and effieciently. We can help in the critical areas of project management, billing software, online inventory management, groupware systems and many other database driven website applications. This is another example of how partnering with vSpaceLab can automate your business, and get the internet to work for you.
    Contact Us for more Information

    Copywriting and Information Architechture
    vSpaceLab can communicate your message to the world. Words need to be chosen for their effectiveness and ability to inform potential customers. We can provide the research necessary to develop your mission statements, marketing and sales material, or corporate event planning.
    Contact Us for more Information

    Home - Services - Works - Tools - Contact - Templates - Website Hosting - SEO - About vSpaceLabVirtual Space Lab - Web Space Lab - Gary Neubauer II - SEO Assault - Page Rank LabRelated Websites - Link Partners - ResourcesWeb Site Design San Antonio - San Antonio Texas Web Design Company - web design company - San Antonio Texas Web Design Case Studies - Web Design Portfolio - Logo Portfolio - Search Engine Optimization - Corporate Identity Design - Business Brochures, Business Cards Pricing - Web Site Design Prices - Hosting Prices - Logo Design Price - Seacrh Engine Optimization Prices - Web Site Design FAQ's - Search Engine Optimization FAQ's - E-Commerce FAQ's - Logo Design FAQ's - Web Design Quote - Contact vSpaceLab Web Design - Web Site Design SupportBest Domain Names - Affordable Web Design - Best Web Hosting - Build Custom Ecommerce - Streaming Audio and Video - Credit Card Merchant Account - E Commerce Shopping Cart - Build your own database driven website using php & mysql