Wednesday, July 23rd, 2008
SSH is the secure shell, a standard defined in RFC 4251. It is a network protocol that opens up a secure channel between two devices using TCP port 22. This channel can also be used for SFTP and SCP (secure FTP and secure copy, respectively). To make this work, you ...
Posted in Internet, Linux, Networking, Privacy, Security, Windows | No Comments
Monday, July 21st, 2008
Sysadmins have begun noticing a coordinated attack on servers with open SSH ports that tries to stay under the radar by only attempting to guess a password three times from any compromised machine. Instead of mounting an attack form a single compromised host, hackers have worked out a means to ...
Posted in Internet, Linux, Privacy, Security | No Comments
Wednesday, July 16th, 2008
For the last decade, as wireless networks have grown in popularity, so has the number of hot spots around the globe.
The leading online hot-spot directory, JiWire, lists 215,666 locations as of this writing. Those are just the ones people bother to report. Believe it or not, they're not all in ...
Posted in Internet, Linux, Networking, Privacy, Security, Windows | No Comments
Tuesday, July 1st, 2008
Our research team has identified a web-based attack technique that exploits the growing number of applications that require a web server being run on a local machine. Cross-Environment Hopping (CEH) is a result of this trend combined with the current limitations in browsers’ same-origin policy access restrictions.
The CEH technique enables ...
Posted in Coding, Internet, Networking, Privacy, Security | No Comments
Monday, June 30th, 2008
"By default, Radmin uses a known port, TCP port 4899 for remote access. In addition, if you are using password authentication only, a remote user only has to find an open TCP port 4899 and guess one word: your password.Suggestions:It is very easy to implement any or all of the ...
Posted in Internet, Security | No Comments
Sunday, June 29th, 2008
Usually, I don't have two calls for packets on a shift, but this one definately bears looking into and hopefully finding an answer. There is an increase on port 502, when you look at the targets, that started today. Till today, life has been pretty quiet on that ...
Posted in Internet, Security | No Comments
Tuesday, May 27th, 2008
Security assessment and deep testing don't require a big budget. Some of most effective security tools are free, and are commonly used by professional consultants, private industry and government security practitioners. Here are a few to start with.
For scanning in the first steps of a security assessment or pen test, ...
Posted in Linux, Networking, Privacy, Security, Software, Windows | No Comments
Tuesday, May 20th, 2008
Most of the time, Linux is run from either an installation on a hard drive or a live CD/DVD distribution. The first is fast, but not very portable; the second can be run anywhere you have a computer and a CD drive with boot access, but typically isn't very fast. ...
Posted in Hardware, Linux, Privacy | No Comments
Tuesday, May 20th, 2008
My favorite tech quote is from Giorgio Maone. It goes like this: If today’s malware mostly runs on Windows because it’s the commonest executable platform, tomorrow’s will likely run on the Web, for the very same reason. Because, like it or not, Web is already a huge executable platform, and ...
Posted in Coding, Internet, Privacy, Security | No Comments
Friday, May 16th, 2008
Sometimes I wonder to myself have I mentioned a certain tool on the site, usually one of my favourites…often I search the site to find I have never posted about it.
It just goes to show how we often overlook some of the more ‘obvious’ choices, and to many people they ...
Posted in Linux, Privacy, Security, Software, Windows | No Comments
