Clik here to view.
Am Zahn der Zeit…
20 Minuten ist mit dem Artikel “Mit dem Motorrad auf WLAN-Jagd” ganz aktuell…Wardriving war vor etwa 8-10 Jahre ein Thema. Ok, früher sassen die Leute in einem Auto, da es keine Netbooks gab
View ArticleLooking for SSH servers
Banner grabbing for SSH server is like banner grabbing for web server. Let’s say banner grabbing is banner grabbing and a part of the reconnaissance while performing a security test. nc$ nc -v...
View ArticleClik here to view.
Daten aus dem Netzverkehr extraieren
Es gibt diverse Möglichkeiten, um Daten aus dem Netzwerkverkehr zu extraieren. Dies funktioniert beispielsweise für SIP mit Wireshark ganz einfach. Aber es lassen sich auch andere Informationen...
View ArticleFedora Security Lab now with Xfce
We are proud to announce that the Fedora Security Lab now uses Xfce as desktop environment. This means that the Fedora Security Lab for Fedora 20 will be the first official release after the transition...
View ArticleFedora Security Test bench with Containers
The Fedora Security Lab Test Bench provides three low-interaction honeypots which are using honeyd. This is nice but real machine are much more fun. It took me a while to include this feature because...
View ArticleSearching weak keys with nmap
Unfortunately there was a bug in the OpenSSL package in Debian which results in weak keys for services with SSL functionality. Download the tarball, unpack it, move the lists (blacklist.RSA-2048 and...
View Articlenmap and Heartbleed
It didn’t take long for most tools to pick-up the possibility to detect the Heartbleed OpenSSL bug. For nmap the needed elements are in the VCS.cd /usr/share/nmap/nselib/ sudo wget...
View ArticleClik here to view.
nmap GUI
There is the well-known zenmap GUI for nmap. But there is another one, Umit. This GUI has a little bit more icons… To give umit a try: sudo dnf -y install umit
View ArticleHappy Birthday Fedora Security Lab
Five years ago a bunch of guys started the Fedora Security Lab which was named Security Spin back then. Adam Miller initiated everything with the first commit. commit...
View ArticleFedora Security Spin
The next release of Fedora and the Fedora Security Lab (aka Security Spin) is just around the corner. Time for some testing…we would appreciate if you give the Security Lab a spin, perform the test...
View ArticleWieso Appliances kein Segen für die Welt sind…
Grosse Hosting-Anbieter haben halt wichtiges zu tun, als ihr Zeug auf einem aktuellen Stand zu halten.$ ssh 46.2.2.2 Unable to negotiate with 46.2.2.2: no matching key exchange method found. Their...
View Articlenmap 7
Open source-Projekte haben unterschiedliche Philosophien…bei nmap wird nicht nach “Release early, release often” gestrebt und so dauert es schon mal über drei Jahre bis zum nächsten Release. Aber nun...
View ArticleINTEL-SA-00086
Of course is my Lenovo T460 affected by INTEL-SA-00086. Just to be sure, I ran Intel’s Detection Tool. Lalalala…$ sudo ./intel_sa00086.py [....] *** Host Computer Information *** Name:...
View ArticleClik here to view.
Titan Security Key
During Nullcon I got a Titan Security Key. This device by Google is very similar to the popular Yubikeys. Unlike the first generation of Yubikeys is the Titan Security Key not generating an OTP...
View ArticleHardware Random Number Generator PRG320
/dev/urandom/ is a pseudo random number generator used by for Fedora and other linux-based operating systems. This little Python snippet will get you some data: import binascii import os data =...
View Article