The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My work

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,798 other followers

Archive for the ‘Security’ Category

Posted by jpluimers on 2017/06/30

It’s such an all time classic from 2006 that people even kept scans of the original 2006 Computer World publication by [WayBack] John Klossner.

Over the last few years, it has done its round over the internet a few times, so I did some digging for the scans, colour and mono originals.

Data security versus Human Error.

In this corner, we have firewalls, encryption, antivirus software, etc. And in this corner, we have Dave!!

[WayBackJohn Klossner Cartoons: Computer World has the original black and white version: it’s even a gif!

Way better than the scan from paper: [WayBackShackF00 » Weekend Round-up: Google Issues and a Sad-but-True Comic

In 2014, Spiceworks re-ran the black and white one: [WayBackAnd in THIS corner we have Dave! (Funny cartoon) – IT Security – Spiceworks

In 2015, Wombat Security published a coloured version on social media, and even bigger too: not just large, huge as well (:

–jeroen

via: [WayBack] Dave – CodeProject – Google+

Read the rest of this entry »

Posted in Encryption, Firewall, Fun, Power User, Security | Leave a Comment »

The Cryptowars, twenty years ago – The Isoblog.

Posted by jpluimers on 2017/06/27

Interesting read with lots of references: [WayBackThe Cryptowars, twenty years ago – The Isoblog.

My TL;DR:

  • the current cryptowar is very similar to 20 years ago
  • back then it was won by the people
  • current outcome is unclear (but the rules of math cannot be changed)
  • Laws/Rules/Postulates:
    • John Gilmore
      • »The Net interprets censorship as damage and routes around it.«
    • Shoshana Zuboff
      • »Everything that can be automated will be automated.«
      • »Everything that can be informated will be informated.«
      • »Every digital application that can be used for surveillance and control will be used for surveillance and control.«
  • Kristian:
    • »20 years later, the Cryptowar is still a thing. It will never be over.«

–jeroen

via: [WayBack] So as a society, we are having the same conversation for 20 years now, and we won’t really make progress here because of Zuboff’s law.  – Kristian Köhntopp – Google+

Posted in Encryption, History, Opinions, Power User, Security | Leave a Comment »

With so many vulnerabilities out there, here is how to find out of if a fixed…

Posted by jpluimers on 2017/06/23

For my blog archive as I already shared it on G+

[WayBack] With so many vulnerabilities out there, here is how to find out of if a fixed is applied to vulnerabilities on Debian/Ubuntu Linux using CVE. – Jeroen Wiert Pluimers – Google+

[WayBackDebian/Ubuntu Linux: Find If Installed APT Package Includes a Fix/Patch Via CVE Number – nixCraft

Explains how to view the changelog of an installed package on a Debian or Ubuntu Linux server to find out if a fix/patch applied via CVE number.

Hans Wolters:
And find all packages that belong to one cve :-)

zgrep -i cve /usr/share/doc/*/changelog.Debian.gz|grep 1000364

–jeroen

 

Posted in OpenVPN, Power User, Security | Leave a Comment »

The Bogon Reference – Team Cymru

Posted by jpluimers on 2017/06/23

WHAT IS A BOGON, AND WHY SHOULD I FILTER IT?

A bogon prefix is a route that should never appear in the Internet routing table. A packet routed over the public Internet (not including over VPNs or other tunnels) should never have a source address in a bogon range. These are commonly found as the source addresses of DDoS attacks.

Source: The Bogon Reference – Team Cymru

The regular Bogon list is pretty static (last change in 2012), so I’ve listed the text version below. But the full Bogon list (including unused IPv4 space) is dynamic.

0.0.0.0/8
10.0.0.0/8
100.64.0.0/10
127.0.0.0/8
169.254.0.0/16
172.16.0.0/12
192.0.0.0/24
192.0.2.0/24
192.168.0.0/16
198.18.0.0/15
198.51.100.0/24
203.0.113.0/24
224.0.0.0/4
240.0.0.0/4

–jeroen

Posted in Internet, Power User, Routers, Security | Leave a Comment »

OpenSSH Escape Sequences (aka Kill Dead SSH Sessions) – The Lone Sysadmin

Posted by jpluimers on 2017/06/16

You can get the below help when pressing these keys in an OpensSSH session:

  1. Enter
  2. ~
  3. ?

So thats Enter, followed by tilde, then question mark.

Then you get this help:

Supported escape sequences:
 ~.   - terminate connection (and any multiplexed sessions)
 ~B   - send a BREAK to the remote system
 ~C   - open a command line
 ~R   - request rekey
 ~V/v - decrease/increase verbosity (LogLevel)
 ~^Z  - suspend ssh
 ~#   - list forwarded connections
 ~&   - background ssh (when waiting for connections to terminate)
 ~?   - this message
 ~~   - send the escape character by typing it twice
(Note that escapes are only recognized immediately after newline.)

The one I use most is below; it leaves my tmux session alone.

  1. Enter
  2. ~
  3. .

–jeroen

via: SSH Escape Sequences (aka Kill Dead SSH Sessions) – The Lone Sysadmin

Posted in Power User, Security | Leave a Comment »

 
%d bloggers like this: