Posted by jpluimers on 2017/11/09
Need to do some more research on this to ensure I didn’t goof up:
–jeroen
Posted in *nix, *nix-tools, Communications Development, Development, Internet protocol suite, postfix, Power User, Security, sendmail, SMTP | Leave a Comment »
Posted by jpluimers on 2017/10/16
All of our house is wired by ethernet for a reason…
WPA2 Flawed. Once again, it turns out that designing something properly secure is really, really, REALLY hard.
[WayBack] Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping https://arstechnica.com/… – Lars Fosdal – Google+
[Archive.is] If fixes exist, third party firmware will have it in days. Most OEMs, never. I do worry a lot about unfixable flaws in the wifi standards… – Kristian Köhntopp – Google+:
Dave reminds us that there is a reason why people mod the firmware of their Wifi routers, and that reason is actually now more critical than ever.
Via [WayBack] https://www.krackattacks.com/ has a FAQ. Some interesting questions from there:… – Kristian Köhntopp – Google+:
[WayBack] KRACK Attacks: Breaking WPA2 : This website presents the Key Reinstallation Attack (KRACK). It breaks the WPA2 protocol by forcing nonce reuse in encryption algorithms used by Wi-Fi.
Since we’re talking security, watch your RSA as it is way worse than the WPA2 one: [Archive.is]
[WayBack] Dan Goodin @dangoodin001: 2nd major crypto vulnerability being disclosed Monday involves millions of 1024- and 2048-bit RSA keys that are practically factorizable.
[WayBack] ROCA: Vulnerable RSA generation (CVE-2017-15361) [CRoCS wiki]
The time complexity and cost for the selected key lengths (Intel E5-2650 v3@3GHz Q2/2014):
[WayBack] New vulnerabilities found in RSA 1024 and 2048 bit keys. Estimated cost of cracking based on access to the Public key only: 1024 bit: $40 2048 bit: $20k… – Lars Fosdal – Google+
Jan Wildeboer did a nice explanation in laymen terms of both security issues published today:
–jeroen
Posted in LifeHacker, Power User, Security, WiFi | Leave a Comment »
Posted by jpluimers on 2017/10/12
Oh boy: [WayBack] Alles kaputt: In der Cloud gibt es keine Wände. – Kristian Köhntopp – Google+:
Two Amazon EC2 instances communicating over the CPU cache without the need of a network in-between them.
Open sourced foundations: IAIK/CJAG: CJAG is an open-source implementation of our cache-based jamming agreement.
In our BlackHat Asia 2017 Talk we show that the cache covert channel we built is so fast and reliable that we can do much more than tunneling SSH over it: We show that we can even stream a music video in decent quality through the cache – on the Amazon EC2 cloud.
See the BlackHat Asia Briefings Information here: https://www.blackhat.com/asia-17/brie…
See a video of the Live Demo here: https://www.youtube.com/watch?v=yPZmi…
Find our NDSS 2017 paper here: https://gruss.cc/files/hello.pdf
–jeroen
Posted in Development, Hardware Development, Security, Software Development | Leave a Comment »
Posted by jpluimers on 2017/09/04
Interesting: [WayBack/Archive.is] Positive Technologies – learn and secure : Disabling Intel ME 11 via undocumented mode
Repository: ptresearch/unME11: Intel ME 11.x Firmware Images Unpacker
More archived links:
Via: [WayBack] The NSA is running Intel machines with ME off, and so can you: http://blog.koehntopp.info/index.php/2508-turning-off-the-intel-management-engine-me/ – Kristian Köhntopp – Google+
–jeroen
Posted in Power User, Security | Leave a Comment »
Posted by jpluimers on 2017/08/07
sslh accepts connections on specified ports, and forwards them further based on tests performed on the first data packet sent by the remote client.
Probes for HTTP, SSL, SSH, OpenVPN, tinc, XMPP are implemented, and any other protocol that can be tested using a regular expression, can be recognised. A typical use case is to allow serving several services on port 443 (e.g. to connect to ssh from inside a corporate firewall, which almost never block port 443) while still serving HTTPS on that port.
Hence sslh acts as a protocol demultiplexer, or a switchboard. Its name comes from its original function to serve SSH and HTTPS on the same port.
sslh supports IPv6, privilege dropping, transparent proxying, and more.
Interesting…
–jeroen
Posted in *nix, https, Linux, OpenSSL, OpenVPN, Power User, Security | Leave a Comment »
Posted by jpluimers on 2017/07/31
testssl.sh has supported IPv6 for a long while if the OpenSSL binary supports it
See the below thread, specifically the mentioned comments.
-6 parameter or have HAVE_IPv6=true set in HAS_IPv6=true testssl.sh <mycmdline>:
--ip parameter now supports IPv6 addresses:
–jeroen
Posted in OpenSSL, Power User, Security, testssl.sh | Leave a Comment »
Posted by jpluimers on 2017/07/25
I’ve been using cURL but always had a feeling not to its potential basically because the cURL man page [WayBack] is both massive and lacks concrete useful practical examples.
For instance, I knew about the --header and --verbose options (I always use verbose names even though shorter -H and -v exist) to pass a specific header and get verbose output, but the man page basic examples like this by Tader:
curl --header --verbose "X-MyHeader: 123" www.google.comsource: How to send a header using a HTTP request through a curl call? – Stack Overflow [WayBack]
There are some more examples at bropages.org/curl but they’re hardly organised or documented.
So I was really glad I found the below answer [WayBack] by Amith Koujalgi to web services – HTTP POST and GET using cURL in Linux – Stack Overflow.
But first note that recent versions (around 7.22 or higher) of cURL now need to combine the --silent and --show-error (or in short -sS) parameters to suppress progress but show errors: linux – How do I get cURL to not show the progress bar? – Stack Overflow [WayBack]
Posted in *nix, Communications Development, cURL, Delphi, Development, HTTP, https, Internet protocol suite, JavaScript/ECMAScript, JSON, Power User, REST, Scripting, Security, Software Development, TCP, TLS, XML, XML/XSD | 1 Comment »
Posted by jpluimers on 2017/06/30
It’s such an all time classic from 2006 that people even kept scans of the original 2006 Computer World publication by [WayBack] John Klossner.
Over the last few years, it has done its round over the internet a few times, so I did some digging for the scans, colour and mono originals.
Data security versus Human Error.
In this corner, we have firewalls, encryption, antivirus software, etc. And in this corner, we have Dave!!
[WayBack] John Klossner Cartoons: Computer World has the original black and white version: it’s even a gif!
Way better than the scan from paper: [WayBack] ShackF00 » Weekend Round-up: Google Issues and a Sad-but-True Comic
In 2014, Spiceworks re-ran the black and white one: [WayBack] And in THIS corner we have Dave! (Funny cartoon) – IT Security – Spiceworks
In 2015, Wombat Security published a coloured version on social media, and even bigger too: not just large, huge as well (:
–jeroen
via: [WayBack] Dave – CodeProject – Google+
Posted in Encryption, Firewall, Fun, Power User, Security | Leave a Comment »
Posted by jpluimers on 2017/06/27
Interesting read with lots of references: [WayBack] The Cryptowars, twenty years ago – The Isoblog.
My TL;DR:
–jeroen
via: [WayBack] So as a society, we are having the same conversation for 20 years now, and we won’t really make progress here because of Zuboff’s law. – Kristian Köhntopp – Google+
Posted in Encryption, History, Opinions, Power User, Security | Leave a Comment »
Posted by jpluimers on 2017/06/23
For my blog archive as I already shared it on G+
[WayBack] With so many vulnerabilities out there, here is how to find out of if a fixed is applied to vulnerabilities on Debian/Ubuntu Linux using CVE. – Jeroen Wiert Pluimers – Google+
[WayBack] Debian/Ubuntu Linux: Find If Installed APT Package Includes a Fix/Patch Via CVE Number – nixCraft
Explains how to view the changelog of an installed package on a Debian or Ubuntu Linux server to find out if a fix/patch applied via CVE number.
Hans Wolters:
And find all packages that belong to one cve :-)
zgrep -i cve /usr/share/doc/*/changelog.Debian.gz|grep 1000364
–jeroen
Posted in OpenVPN, Power User, Security | Leave a Comment »
The Wiert Corner - irregular stream of stuff 
