https://addons.mozilla.org/en-US/firefox/addon/firessh/
Handy little add-on for Firefox. Can’t really speak well to its stability and functionality, as I almost always have PuTTY available on my system and configured for very convenient access, but it seems to be well-received, and it fits in well if you follow the “everything in a browser” mentality. Definitely noteworthy that it supports tunneling.
http://www.keepassx.org/news/2012/07/361
This is an interesting tidbit to run across, and something I’ve been looking forward to for a while. I never found running classic KeePass under WINE to be a particularly enjoyable experience, but since I only use KeePass 2.x files (I often forget why, but there’s some reason that I remember every time I read through the differences) I was stuck with that as my only option. Will have to see if I can get this to compile and run, and then see what I can come up with for options on my Android.
http://www.computerworld.com/s/article/9228127/Experts_show_how_Flame_malware_fakes_Windows
This malware is indeed a clever devil, and the Kaspersky article here dives into further detail, describing the setup and use of the man-in-the-middle vector employed to further the infection. I did note in the Kaspersky article that the fake Windows Update server looks for a PHP extension, which struck me just a bit funny and a little bit shoddy on behalf of the developers. Granted it’s background and not highly visible (as evidenced by the fact that this information hadn’t been discovered until now), but if I were to notice PHP in use with a Microsoft service, I think I’d be inclined to say “That’s interesting… why not ASP?”
That’s the reason this strikes me as a shoddy oversight in what has otherwise (at least from the small amount I’ve had the time to read on the topic) been a very polished and well-built platform. Unless something has changed significantly in the past couple of years since I’ve really played with these things, a couple of minor modifications to the config files for the web server would have allowed the files to easily have been served with an ASP extension, yet still have been processed server side by PHP. Just strikes me as a little bit out of character.
http://raffy.ch/blog/2012/03/24/advanced-network-graph-visualization-with-afterglow/
Slick use of AfterGlow for log analysis.
https://learningnetwork.cisco.com/thread/4654
Memory string preceding per-session IPSec keys in an IOS core dump: 00 00 00 00 63 C0 60 0C 63 C0 60 1C 07 D0 00 19 00 00 00 00 63 C0 60 0C 63 C0 60 1C 07 D0 00 19
Exactly 16 bytes after B8 begins the inbound encryption key, which is 24 bytes long. Immediately after the encryption key is the 16 byte authentication key. Once these are sussed out, they can be used to decode a wireshark capture for troubleshooting purposes. These keys are not the pre-shared key; they are the derived session key that changes periodically based on time or bytes sent.
I still don’t believe this agency should exist. I have nothing against the employees themselves, and I understand the need for jobs. But jobs without a purpose are no good. I do find these articles and approaches interesting, because it will make it just that much harder to find people willing to take these jobs. And eventually, if nobody’s willing to do the job, it’s going to resolve itself (… or they’ll start stealing even more of our money to pay higher wages; wouldn’t put that past a government that determined the TSA should exist in the first place). I’d rather take my chances with terrorists than take my chances losing more freedoms to an already-too-large government.
https://calomel.org/network_performance.html
Good article on throughput under BSD pf.
You are currently browsing the archives for the Security category.
