I know it is April’s 1st but I am Spanish, don’t worry! 🙂 (we have the 28th of December for those things) Thanks to Tadek, John and Brian for contributing to this weekly security news bulletin! For the technically inclined I also put together the following this week: – iptables: white-listing TCP connections to reduce …
Category Index Hacking Incidents / Cybercrime Software Updates Business Case for Security Network Security Web Technologies Privacy General Funny Hacking Incidents / Cybercrime Comodo: two more resellers were compromised [www.h-online.com] Comodo has confirmed that two other resellers have been compromised since the ‘Comodogate’ attacks which saw an attacker generate forged certificates for login.live.com, mail.google.com, www.google.com, …
NOTE: This will work in backtrack, ubuntu and pretty much any Linux distro as far as I know There are times where you would like to open a service to the internet and it is ok to only allow one host/IP address to connect to you, for example: – Host-to-host transactions – During a pentest …
I recently got an interesting question via email: Hi Abraham, I was just wondering if you’ve ever used a tool called Angry IP scanner? Is it safe to use? Is there any risk of it crashing a host you are scanning? Regards, Short answer: Q: I was just wondering if you’ve ever used a tool …
Introduction When you setup the VNC server you can connect remotely with GUI access to Backtrack, for this reason, it is best to start the VNC server BEFORE you enter the GUI, that will save a little bit on resources such as RAM. The VNC server service will provide no encryption, so make sure you …
Thanks to Tadek for contributing to this security weekly news bulletin Feedback and/or contributions to make this better are appreciated and welcome Highlighted quotes of the week: “If Iran got some forged certificates, it’s only because they don’t have a CA of their own. It’s considerably less hassle for most countries.” – Moxie Marlinspike (Abraham’s …
Category Index Hacking Incidents / Cybercrime Unpatched vulnerabilities Software Updates Business Case for Security Web Technologies Network Security Mobile Security Privacy General Funny Hacking Incidents / Cybercrime The Recent RA Compromise [blogs.comodo.com] On March 15th 2011, a Comodo affiliate RA was compromised resulting in the fraudulent issue of 9 SSL certificates to sites in …
First Check recognised HW: # dmesg|grep eth jme: JMicron JMC2XX ethernet driver version 1.0.4 eth0: registered as PCnet/PCI II 79C970A eth1: registered as PCnet/PCI II 79C970A eth2: registered as PCnet/PCI II 79C970A Option 1 – The manual way: Static IP assignment and nework configuration: a) Sets your IP address # ifconfig eth0 192.168.0.123 b) Set …
NOTE: For this to work you obviously need network connectivity first! this is explained here Ok guys, finally this is the definitive guide from the Backtrack guys themselves (source): Update Back|Track Linux: apt-get update && apt-get upgrade && apt-get dist-upgrade Update Metasploit: cd /pentest/exploits/framework3 && svn update Update the Social-Engineer Toolkit (SET): cd /pentest/exploits/SET && …
Thanks to Tadek for contributing to this weekly security news bulletin Feedback and/or contributions to make this better are appreciated and welcome Highlighted quotes of the week: “The media (and general community) responses on the nuke meltdown highlight human inability to contextualize risk.” – Rich Mogull “Getting a lot of enquiries lately to help orgs …