Introduction When you setup the VNC server you can connect remotely with GUI access to Backtrack, for this reason, it is best to start the VNC server BEFORE you enter the GUI, that will save a little bit on resources such as RAM. The VNC server service will provide no encryption, so make sure you …
Thanks to Tadek for contributing to this security weekly news bulletin Feedback and/or contributions to make this better are appreciated and welcome Highlighted quotes of the week: “If Iran got some forged certificates, it’s only because they don’t have a CA of their own. It’s considerably less hassle for most countries.” – Moxie Marlinspike (Abraham’s …
Category Index Hacking Incidents / Cybercrime Unpatched vulnerabilities Software Updates Business Case for Security Web Technologies Network Security Mobile Security Privacy General Funny Hacking Incidents / Cybercrime The Recent RA Compromise [blogs.comodo.com] On March 15th 2011, a Comodo affiliate RA was compromised resulting in the fraudulent issue of 9 SSL certificates to sites in …
First Check recognised HW: # dmesg|grep eth jme: JMicron JMC2XX ethernet driver version 1.0.4 eth0: registered as PCnet/PCI II 79C970A eth1: registered as PCnet/PCI II 79C970A eth2: registered as PCnet/PCI II 79C970A Option 1 – The manual way: Static IP assignment and nework configuration: a) Sets your IP address # ifconfig eth0 192.168.0.123 b) Set …
NOTE: For this to work you obviously need network connectivity first! this is explained here Ok guys, finally this is the definitive guide from the Backtrack guys themselves (source): Update Back|Track Linux: apt-get update && apt-get upgrade && apt-get dist-upgrade Update Metasploit: cd /pentest/exploits/framework3 && svn update Update the Social-Engineer Toolkit (SET): cd /pentest/exploits/SET && …
Thanks to Tadek for contributing to this weekly security news bulletin Feedback and/or contributions to make this better are appreciated and welcome Highlighted quotes of the week: “The media (and general community) responses on the nuke meltdown highlight human inability to contextualize risk.” – Rich Mogull “Getting a lot of enquiries lately to help orgs …
Category Index Hacking Incidents / Cybercrime Unpatched Vulnerabilities Software Updates Business Case for Security Web Technologies Network Security Mobile Security Privacy General Funny Hacking Incidents / Cybercrime Open Letter to RSA Customers [www.rsa.com] Like any large company, EMC experiences and successfully repels multiple cyber attacks on its IT infrastructure every day. Recently, our security systems …
This blog post will explain how to configure stunnel to allow non-SSL speaking tools (like for example netcat) to communicate with SSL protocols, in our example we will use HTTPS. Before stunnel, direct attempt of using a non-SSL tool: # nc www.example.com 443 HEAD / HTTP/1.0 .. 400 Bad Request Bad Request Your browser sent …
Feedback and/or contributions to make this better are appreciated and welcome Highlighted quotes of the week: “Pwn2own breaking news: browsers still have vulnerabilities, and there still are people who know how to exploit them.” – Michal Zalewski “Just reached a company CEO on his cell to tell him that his firm’s dbase & cust. CCs …
Category Index Hacking Incidents / Cybercrime Software Updates Business Case for Security Web Technologies Network Security Database Security Mobile Security Physical Security Tools Funny Hacking Incidents / Cybercrime Cord Blood Registry Notifies 300,000 Of Potential Data Loss [www.darkreading.com] Backup tapes stolen from employee's car contained unencrypted data The Cord Blood Registry earlier this week …
