«
Expand/Collapse
207 items tagged "access"
Related tags:
microsoft data access [+],
denial of service [+],
data [+],
cross site scripting [+],
cross [+],
access control system [+],
access control [+],
microsoft data access components [+],
manager [+],
security notice [+],
attacker [+],
manager server [+],
iguard [+],
gateway [+],
command execution [+],
safer use [+],
point [+],
management [+],
juniper secure [+],
hacks [+],
dovecot [+],
code execution [+],
bugzilla [+],
vulnerability [+],
wireless access point [+],
unauthenticated [+],
service [+],
security authors [+],
rsa [+],
remote access [+],
phplist [+],
outlook web access [+],
outlook [+],
net [+],
memory corruption [+],
internet [+],
information leakage [+],
heap memory [+],
gnome [+],
device [+],
bugtraq [+],
access to data [+],
zywall [+],
zipcart [+],
xss [+],
web interface [+],
web authentication [+],
wap [+],
vulnerabilities [+],
usn [+],
usg [+],
unidesk [+],
unauthorized [+],
u ftp [+],
tool [+],
tobias matt fiddler [+],
tobias bluzmanis [+],
system [+],
soho [+],
socket port [+],
slidebox [+],
shell metacharacters [+],
serv u ftp [+],
security access control system [+],
security access control [+],
search version [+],
search [+],
router [+],
root privileges [+],
role based access control [+],
proximity access [+],
proximity [+],
phpcollab [+],
password [+],
organic [+],
onefilecms [+],
novatel [+],
mifi [+],
microsoft forefront [+],
marc weber tobias [+],
marc weber [+],
mailboxes [+],
local security [+],
linux kernel [+],
linux [+],
linksys [+],
link dir [+],
liferay [+],
kernel [+],
juniper ive [+],
ip blocks [+],
input validation vulnerabilities [+],
information store [+],
forefront [+],
fingerprint [+],
electronic access control [+],
dph [+],
dlink [+],
directory traversal [+],
destination search [+],
destination [+],
denial [+],
d link [+],
cool aid [+],
citrix [+],
blogengine [+],
biometric access control [+],
biometric [+],
backup file [+],
authentication methods [+],
authentication [+],
aspgwy [+],
aid [+],
administrative resources [+],
activex data objects [+],
acl [+],
account [+],
access point [+],
BackTrack [+],
zdi [+],
wifi [+],
whitepaper [+],
web [+],
vulnerable version [+],
video [+],
van bruggen [+],
usa [+],
ubuntu [+],
ubercart [+],
talk [+],
streamlined application [+],
sql injection [+],
spaces [+],
service vulnerability [+],
security technologies [+],
security restrictions [+],
sandbox [+],
reporting security [+],
remote [+],
project security [+],
professional labs [+],
os 6 [+],
office [+],
novell [+],
marc juul [+],
mac [+],
local [+],
linux security [+],
linkit [+],
jayachandran [+],
internet access [+],
information disclosure vulnerability [+],
identity [+],
hp procurve [+],
host access [+],
hackers [+],
guide [+],
gateway user [+],
flag [+],
file upload [+],
features of internet explorer [+],
exploits [+],
esa [+],
dsa [+],
diybio [+],
directory [+],
debian linux [+],
csrf [+],
core [+],
code breakers [+],
code [+],
citrix access [+],
citizen scientists [+],
cisco security advisory [+],
cisco security [+],
cidr notation [+],
chaos communication camp [+],
c. michael pilat [+],
buffer overflow vulnerability [+],
biology [+],
ast [+],
apple sandbox [+],
advisory [+],
access violation [+],
access points [+],
access control list [+],
Wireless [+],
Newbie [+],
General [+],
Area [+],
zac franken [+],
xataface [+],
wireless mice [+],
wireless keyboards [+],
web access [+],
wants [+],
user [+],
usb device [+],
usb [+],
universal serial bus [+],
u.n. report [+],
trojan [+],
top priority [+],
third way [+],
taxonomia [+],
system memory [+],
switches [+],
student records [+],
student [+],
strengths [+],
sql [+],
springsource [+],
spradlin [+],
spindel [+],
sophos [+],
solder [+],
snapshot [+],
site [+],
simulator [+],
shared folders [+],
server [+],
series [+],
security bulletin [+],
securing [+],
sat [+],
saludos [+],
safari [+],
routers [+],
root [+],
rim [+],
riley porter [+],
rfid [+],
reporte [+],
regulators [+],
redirection [+],
procurve [+],
privileged information [+],
point web [+],
poc [+],
playstation 3 [+],
playstation [+],
physical security [+],
personal area network [+],
pentesters [+],
payroll files [+],
overflow code [+],
nova lite [+],
new [+],
network managers [+],
network access control [+],
n81 [+],
mysql [+],
ms access [+],
mind control devices [+],
mike spindel [+],
microsoft office [+],
messenger services [+],
maps [+],
manager administration [+],
management functionality [+],
mac address [+],
lucent [+],
logs [+],
login [+],
laser cutter [+],
laser [+],
lan [+],
juniper [+],
invisible [+],
internal antennas [+],
insight manager [+],
insight [+],
injection [+],
indian authorities [+],
india [+],
improper [+],
img [+],
hp systems [+],
hp system [+],
hp service center [+],
hp laserjet printers [+],
hierarchical access control [+],
hey guys [+],
hello everyone [+],
hard drive [+],
hacker [+],
gview [+],
gnu linux [+],
fundamental right [+],
fundamental [+],
format [+],
flaw [+],
firefox [+],
filesystem [+],
file [+],
external antennas [+],
exploitation activities [+],
escalation [+],
error [+],
eric schmiedl [+],
entire system [+],
elliot [+],
edward farrell tags [+],
edward farrell [+],
dual band [+],
domino web [+],
direct [+],
digital senders [+],
declares [+],
deauthentication [+],
day [+],
database access control [+],
database [+],
data source name [+],
dale brocklehurst [+],
cve [+],
cti [+],
coupons [+],
could allow remote code execution [+],
controllers [+],
computer [+],
com [+],
coldfusion server [+],
coldfusion [+],
cisco secure [+],
cisco network [+],
card reader [+],
cant [+],
c drive [+],
brocklehurst [+],
boston [+],
bookmark management [+],
bluetooth [+],
blackberry [+],
black hat [+],
bank [+],
backdoor [+],
authorized [+],
authorities [+],
auditing [+],
audio [+],
attempt [+],
attackers [+],
asp [+],
arbitrary code [+],
apache error [+],
apache [+],
amp [+],
alcatel [+],
airbase [+],
administrative interface [+],
admin [+],
adapter [+],
activex [+],
access systems [+],
access road [+],
access controls [+],
access control systems [+],
access control lists [+],
access cards [+],
access c [+],
access bank plc [+],
Tutoriales [+],
Support [+],
Howto [+],
Guias [+],
Discussion [+],
1200dpi [+],
direct access [+],
control [+],
txt [+],
microsoft [+],
unauthorized access [+],
drupal [+],
security [+],
proof of concept [+],
bypass [+]
-
-
![Permalink for '[Video] Hacking DNA'](/themes/lilina/web//media/mark_off.gif)
21:34
»
SecDocs
Authors:
Marc Juul Tags:
science Event:
Chaos Communication Camp 2011 Abstract: Genetic modification is getting cheaper and biohackers are making it more accessible. This talk outlines the state of DIYbio and institutional synthetic biology; current challenges in biological programming and why you should be hacking biology. The technology to program biological self-replicating machines is here now. Synthetic biologists are reverse-engineering living cells and building bio-compilers that will facilitate abstract design of complex genetic programs. This talk will show how such a genetic program can be written using freely available parts and design tools. How the DNA can be synthesized, assembled, inserted into a cell culture and the result debugged. The tools to accomplish this exist in two spaces: The wetlab (biological) and the drylab (software). Wetlab access continues to be a limiting factor in participation by the wider community of citizen scientists, hackers and makers. Access restrictions both technological and legal are not foreign to hackers, and biohackers are currently facing obstacles such as GMO laws, expensive lab equipment and restricted access to materials, yet DIYbio groups around the world are building labs, acquiring expertise and making this technology available to everyone. This talk gives an overview of the gap in capabilities between professional labs and DIYbio labs, how it can be overcome, and the unique challenges of biosafety, ethics and intellectual property in biology.
-
21:34
»
SecDocs
Authors:
Marc Juul Tags:
science Event:
Chaos Communication Camp 2011 Abstract: Genetic modification is getting cheaper and biohackers are making it more accessible. This talk outlines the state of DIYbio and institutional synthetic biology; current challenges in biological programming and why you should be hacking biology. The technology to program biological self-replicating machines is here now. Synthetic biologists are reverse-engineering living cells and building bio-compilers that will facilitate abstract design of complex genetic programs. This talk will show how such a genetic program can be written using freely available parts and design tools. How the DNA can be synthesized, assembled, inserted into a cell culture and the result debugged. The tools to accomplish this exist in two spaces: The wetlab (biological) and the drylab (software). Wetlab access continues to be a limiting factor in participation by the wider community of citizen scientists, hackers and makers. Access restrictions both technological and legal are not foreign to hackers, and biohackers are currently facing obstacles such as GMO laws, expensive lab equipment and restricted access to materials, yet DIYbio groups around the world are building labs, acquiring expertise and making this technology available to everyone. This talk gives an overview of the gap in capabilities between professional labs and DIYbio labs, how it can be overcome, and the unique challenges of biosafety, ethics and intellectual property in biology.
-
-
6:22
»
Packet Storm Security Advisories
Bugzilla Security Advisory - Bugzilla versions 3.5.3 to 3.6.8, 3.7.1 to 4.0.5, and 4.1.1 to 4.2 suffer from an authorized access vulnerability. Bugzilla versions 2.17.4 to 3.6.8, 3.7.1 to 4.0.5, and 4.1.1 to 4.2 suffer from a cross site scripting vulnerability.
-
6:22
»
Packet Storm Security Recent Files
Bugzilla Security Advisory - Bugzilla versions 3.5.3 to 3.6.8, 3.7.1 to 4.0.5, and 4.1.1 to 4.2 suffer from an authorized access vulnerability. Bugzilla versions 2.17.4 to 3.6.8, 3.7.1 to 4.0.5, and 4.1.1 to 4.2 suffer from a cross site scripting vulnerability.
-
6:22
»
Packet Storm Security Misc. Files
Bugzilla Security Advisory - Bugzilla versions 3.5.3 to 3.6.8, 3.7.1 to 4.0.5, and 4.1.1 to 4.2 suffer from an authorized access vulnerability. Bugzilla versions 2.17.4 to 3.6.8, 3.7.1 to 4.0.5, and 4.1.1 to 4.2 suffer from a cross site scripting vulnerability.
-
-
11:10
»
Carnal0wnage
I'll be giving my ColdFusion for Pentesters talk at
SOURCE Boston next week.
Here is the info from the abstract:
"ColdFusion is one of those technologies where organizations are either ColdFusion shops or they won't touch it on a bet. Similarly, I find that pentesters have either been exposed to it and have a few tricks to attack it or not. Aside from common web application issues, ColdFusion can also be attacked on the network level and many times used to obtain remote access on the host. This talk will cover what is ColdFusion, common ColdFusion issues, finding useful ColdFusion URLs, identifying specific ColdFusion version and components, and verifying if common vulnerabilities are present in the ColdFusion server you are targeting. If access to the ColdFusion administrative interface can be obtained, you can perform post exploitation activities that will typically yield you remote access to the operating system supporting the ColdFusion install."
Like the other talks, i'll do the what it is, why you care (?), and some ways to go after it. Hopefully useful/interesting.
Hope to see people there.
-CG
-
-
3:11
»
Packet Storm Security Tools
Access Road is an access control simulator written in Java. Out of the box simulations currently support GNU/Linux and MySQL server.
-
-
15:00
»
Sophos security news
New dual-band/dual-radio wireless access point optimizes WLAN performance and provides superior user experience
-
-
8:14
»
Packet Storm Security Recent Files
DACS is a light-weight single sign-on and role-based access control system providing flexible, modular authentication methods and powerful, transparent rule-based authorization checking for Web services, CGI programs, or virtually any program.
-
8:14
»
Packet Storm Security Tools
DACS is a light-weight single sign-on and role-based access control system providing flexible, modular authentication methods and powerful, transparent rule-based authorization checking for Web services, CGI programs, or virtually any program.
-
8:14
»
Packet Storm Security Misc. Files
DACS is a light-weight single sign-on and role-based access control system providing flexible, modular authentication methods and powerful, transparent rule-based authorization checking for Web services, CGI programs, or virtually any program.
-
-
11:22
»
Packet Storm Security Exploits
Serv-U FTP versions 11.1.0.3 and below suffer from management console access and socket/port consumption vulnerabilities. Proof of concept exploits included.
-
11:22
»
Packet Storm Security Recent Files
Serv-U FTP versions 11.1.0.3 and below suffer from management console access and socket/port consumption vulnerabilities. Proof of concept exploits included.
-
11:22
»
Packet Storm Security Misc. Files
Serv-U FTP versions 11.1.0.3 and below suffer from management console access and socket/port consumption vulnerabilities. Proof of concept exploits included.
-
-
16:59
»
Packet Storm Security Exploits
HP Device Access Manager for Protect Tools Information Store versions prior to 6.1.0.1 suffer from a heap memory corruption vulnerability.
-
-
22:43
»
Packet Storm Security Advisories
Microsoft Forefront Unified Access Gateway Remote Access Agent version 4.0.0.1 suffers from a remote file upload and command execution vulnerability.
-
22:43
»
Packet Storm Security Recent Files
Microsoft Forefront Unified Access Gateway Remote Access Agent version 4.0.0.1 suffers from a remote file upload and command execution vulnerability.
-
22:43
»
Packet Storm Security Misc. Files
Microsoft Forefront Unified Access Gateway Remote Access Agent version 4.0.0.1 suffers from a remote file upload and command execution vulnerability.
-
-
15:01
»
Hack a Day
[Elliot] put together an intriguing proof-of-concept script that uses repeated deauthentication packet bursts to jam WiFi access points. From what we can tell it’s a new way to use an old tool. Aircrack-ng is a package often seen in WiFi hacking. It includes a deauthentication command which causes WiFi clients to stop using an access [...]
-
-
0:00
»
SecurityFocus Vulnerabilities
Microsoft Data Access Components ActiveX Data Objects Memory Corruption Vulnerability
-
-
12:00
»
SecurityFocus Vulnerabilities
[security bulletin] HPSBMA02674 SSRT100487 rev.1 - HP Service Manager and HP Service Center, Unauthorized Remote Access, Unsecured Local Access, Remote Disclosure of Privileged Information, HTTP Session Credential Re-use, Cross Site Scripting (XSS) and Re
-
-
0:00
»
SecurityFocus Vulnerabilities
RSA Access Manager Server CVE-2011-0322 Security Bypass Vulnerability
-
-
8:58
»
Packet Storm Security Exploits
ZyXEL ZyWALL USG appliances perform parts of the authorization for their management web interface on the client side using JavaScript. By setting the JavaScript variable "isAdmin" to "true", a user with limited access gets full access to the web interface.
-
8:58
»
Packet Storm Security Recent Files
ZyXEL ZyWALL USG appliances perform parts of the authorization for their management web interface on the client side using JavaScript. By setting the JavaScript variable "isAdmin" to "true", a user with limited access gets full access to the web interface.
-
8:58
»
Packet Storm Security Misc. Files
ZyXEL ZyWALL USG appliances perform parts of the authorization for their management web interface on the client side using JavaScript. By setting the JavaScript variable "isAdmin" to "true", a user with limited access gets full access to the web interface.
-
-
15:47
»
Packet Storm Security Exploits
The Unidesk Management Console versions 1.3 and below suffer from a direct access vulnerability that allows an attacker direct access to administrative resources.
-
15:47
»
Packet Storm Security Recent Files
The Unidesk Management Console versions 1.3 and below suffer from a direct access vulnerability that allows an attacker direct access to administrative resources.
-
15:47
»
Packet Storm Security Misc. Files
The Unidesk Management Console versions 1.3 and below suffer from a direct access vulnerability that allows an attacker direct access to administrative resources.
-
-
9:01
»
Hack a Day
The module works as a pass through, providing access to data and power lines for a USB device. [BadWolf] built it in order to sniff out communications between peripherals and the Universal Serial Bus. For now it just provides access to the different signals, but we think there’s quite a bit of usefulness in that. [...]
-
7:31
»
Packet Storm Security Advisories
RSA Access Manager Server contains a potential vulnerability due to improper input handling that could be exploited by malicious people to gain unauthorized access to protected resources. Versions 5.5.x, 6.0.x, and 6.1.x are affected.
-
7:31
»
Packet Storm Security Recent Files
RSA Access Manager Server contains a potential vulnerability due to improper input handling that could be exploited by malicious people to gain unauthorized access to protected resources. Versions 5.5.x, 6.0.x, and 6.1.x are affected.
-
7:31
»
Packet Storm Security Misc. Files
RSA Access Manager Server contains a potential vulnerability due to improper input handling that could be exploited by malicious people to gain unauthorized access to protected resources. Versions 5.5.x, 6.0.x, and 6.1.x are affected.
-
-
7:59
»
Packet Storm Security Exploits
The Citrix Access Gateway provides support for multiple authentication types. When utilizing the external legacy NTLM authentication module known as ntlm_authenticator the Access Gateway spawns the Samba 'samedit' command line utility to verify a user's identity and password. By embedding shell metacharacters in the web authentication form it is possible to execute arbitrary commands on the Access Gateway.
-
7:59
»
Packet Storm Security Recent Files
The Citrix Access Gateway provides support for multiple authentication types. When utilizing the external legacy NTLM authentication module known as ntlm_authenticator the Access Gateway spawns the Samba 'samedit' command line utility to verify a user's identity and password. By embedding shell metacharacters in the web authentication form it is possible to execute arbitrary commands on the Access Gateway.
-
7:59
»
Packet Storm Security Misc. Files
The Citrix Access Gateway provides support for multiple authentication types. When utilizing the external legacy NTLM authentication module known as ntlm_authenticator the Access Gateway spawns the Samba 'samedit' command line utility to verify a user's identity and password. By embedding shell metacharacters in the web authentication form it is possible to execute arbitrary commands on the Access Gateway.
-
-
11:11
»
Hack a Day
iClass is a popular format of RFID enabled access cards. These are issued to company employees to grant them access to parts of a building via a card reader at each security door. We’ve known for a long time that these access systems are rather weak when it comes to security. But now you can [...]
-
-
8:55
»
Packet Storm Security Advisories
Ubuntu Security Notice 1059-1 - It was discovered that the ACL plugin in Dovecot would incorrectly propagate ACLs to new mailboxes. A remote authenticated user could possibly read new mailboxes that were created with the wrong ACL. It was discovered that the ACL plugin in Dovecot would incorrectly merge ACLs in certain circumstances. A remote authenticated user could possibly bypass intended access restrictions and gain access to mailboxes. It was discovered that the ACL plugin in Dovecot would incorrectly grant the admin permission to owners of certain mailboxes. A remote authenticated user could possibly bypass intended access restrictions and gain access to mailboxes. It was discovered that Dovecot incorrectly handled the simultaneous disconnect of a large number of sessions. A remote authenticated user could use this flaw to cause Dovecot to crash, resulting in a denial of service.
-
8:55
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1059-1 - It was discovered that the ACL plugin in Dovecot would incorrectly propagate ACLs to new mailboxes. A remote authenticated user could possibly read new mailboxes that were created with the wrong ACL. It was discovered that the ACL plugin in Dovecot would incorrectly merge ACLs in certain circumstances. A remote authenticated user could possibly bypass intended access restrictions and gain access to mailboxes. It was discovered that the ACL plugin in Dovecot would incorrectly grant the admin permission to owners of certain mailboxes. A remote authenticated user could possibly bypass intended access restrictions and gain access to mailboxes. It was discovered that Dovecot incorrectly handled the simultaneous disconnect of a large number of sessions. A remote authenticated user could use this flaw to cause Dovecot to crash, resulting in a denial of service.
-
8:55
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1059-1 - It was discovered that the ACL plugin in Dovecot would incorrectly propagate ACLs to new mailboxes. A remote authenticated user could possibly read new mailboxes that were created with the wrong ACL. It was discovered that the ACL plugin in Dovecot would incorrectly merge ACLs in certain circumstances. A remote authenticated user could possibly bypass intended access restrictions and gain access to mailboxes. It was discovered that the ACL plugin in Dovecot would incorrectly grant the admin permission to owners of certain mailboxes. A remote authenticated user could possibly bypass intended access restrictions and gain access to mailboxes. It was discovered that Dovecot incorrectly handled the simultaneous disconnect of a large number of sessions. A remote authenticated user could use this flaw to cause Dovecot to crash, resulting in a denial of service.
-
-
21:46
»
SecuriTeam
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Data Access Components.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
9:22
»
Packet Storm Security Exploits
BlogEngine.NET version 1.6.x suffers from path disclosure, unauthorized access, directory traversal, and file upload vulnerabilities.
-
-
17:49
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Juniper SA Series devices.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
21:25
»
SecDocs
Authors:
Edward Farrell Tags:
RFID Event:
Ruxcon 2010 Abstract: RFID technology is the new cool. It’s the access pass around our neck, the overpriced contactless train ticket that goes “ping” and the payment card that doesn’t bother with two factor authentication. Even with issues with the underlying architecture, the majority of implementations out there haven’t quite thought things through (like getting rid of manufacturers keys and locking down the read/write access). We’re going to melt back the noooiiiice looking plastic on RFIDs and see what’s inside before the government starts using them as mind control devices.
-
-
10:49
»
SecuriTeam
A vulnerability related to unauthorized access was discovered in HP ProCurve 2626 and 2650 Switches.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
19:01
»
Packet Storm Security Recent Files
Debian Linux Security Advisory 2118-1 - Kamesh Jayachandran and C. Michael Pilat discovered that the mod_dav_svn module of subversion, a version control system, is not properly enforcing access rules which are scope-limited to named repositories. If the SVNPathAuthz option is set to short_circuit set this may enable an unprivileged attacker to bypass intended access restrictions and disclose or modify repository content.
-
19:00
»
Packet Storm Security Advisories
Debian Linux Security Advisory 2118-1 - Kamesh Jayachandran and C. Michael Pilat discovered that the mod_dav_svn module of subversion, a version control system, is not properly enforcing access rules which are scope-limited to named repositories. If the SVNPathAuthz option is set to short_circuit set this may enable an unprivileged attacker to bypass intended access restrictions and disclose or modify repository content.
-
-
14:00
»
Hack a Day
Feeling bad that his access point was being made fun of by models with beefier external antennas, [Customer Service] decided to do something about it. After cracking open the Asus wl-330ge he found it would be quite easy to add a connector. This access point has two internal antennas that are quite small and use [...]
-
-
21:01
»
Packet Storm Security Recent Files
RSA Access Manager Server contains a potential vulnerability that could be exploited to bypass certain security restrictions, potentially enabling unauthorized access to protected resources.
-
21:01
»
Packet Storm Security Advisories
RSA Access Manager Server contains a potential vulnerability that could be exploited to bypass certain security restrictions, potentially enabling unauthorized access to protected resources.
-
12:07
»
SecuriTeam
A vulnerability related to unauthorized file access was discovered in certain HP devices.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
18:38
»
SecuriTeam
Vulnerabilities were discovered in Microsoft Office Access ActiveX Controls that could Allow Remote Code Execution
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
13:58
»
SecuriTeam
A vulnerability related to unauthorized data access was identified in HP System Insight Manager.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
18:24
»
Wirevolution
A while back the Wi-Fi Alliance announced a new certification program, Wi-Fi Direct, which enables a PC to connect directly with other Wi-Fi devices without having to go through an Access Point.
The Wi-Fi certification process for Wi-Fi Direct is scheduled to be launched by the end of 2010, but there are already two pre-standard implementations of this concept, My Wi-Fi, an Intel product which ships in Centrino 2 systems, and Wireless Hosted Network which ships in all versions of Windows 7.
The Wi-Fi Direct driver makes a single Wi-Fi adapter on the PC look like two to the operating system: one ordinary one that associates with a regular Access Point, and a second acting as a “Virtual Access Point.” The virtual access point (Microsoft calls it a “SoftAP”) actually runs inside the Wi-Fi driver on the PC (labeled WPAN I/F in the Intel diagram below).
To the outside world the Wi-Fi adapter also looks like two devices, each with its own MAC address: one the PC just like without Wi-Fi Direct, and the other an access point. Devices that associate with that access point join the PC’s PAN (Personal Area Network).
This yields several benefits in various use cases.
I wrote a couple of years ago about how a company called Ozmo planned to use a Wi-Fi PAN to connect peripherals to PCs, replacing Bluetooth and proprietary wireless technologies. That plan has now come to fruition. Earlier this month Ozmo announced that it had received $10.8 million in additional funding, and this week it announced two major customers: Primax, a leading ODM of wireless mice, and NMB Technologies, a leading ODM of wireless keyboards.
Here’s a slide from one of their promotional presentations giving a comparison with Bluetooth and proprietary technologies:
The essence of Ozmo’s approach is low cost, multi-device, low bandwidth and low power consumption. Wi-Fi Direct has another use case that is high bandwidth, with no requirement for low power.
If you want to stream video from your PC to a monitor using traditional Wi-Fi (“infrastructure mode”) each packet goes from the PC to the access point, then from the access point to the TV, so it occupies the spectrum twice for each packet. Wi-Fi Direct effectively doubles the available throughput, since each packet flies through the ether only once, directly from the PC to the TV. But it actually does better than that. Supposing the PC and the TV are in the same room, but the access point is in a different room, the PC can transmit at much lower power. Another similar Wi-Fi Direct session can then happen in another room in the house. Without Wi-Fi direct the two sessions would have to share the access point, taking turns to use the spectrum. So we get increased aggregate throughput both from halving the number of packet transmissions, and from allowing simultaneous use of the spectrum by multiple sessions (if they are far enough apart).
A Wi-Fi buff would point out that you can already do all this with ad-hoc mode, but Wi-Fi Direct purports to be usable by mortals, and to work interoperably, neither of which could be said for ad-hoc mode until recently. In January Infinitec announced a new point-to-point video streaming product that claims to be easy to use and universally interoperable, that Engadget implies uses ad-hoc mode, though Google can’t find the words “ad hoc” on the Infinitec website.
Between the bandwidth extremes of mice and TVs, lie numerous other potential uses, like headsets (which Ozmo also supports); syncing phones, cameras and media players; and wireless printers.
-
-
14:33
»
SecuriTeam
Juniper's bookmark management functionality does not filter user input properly and can allow cross site scripting attacks.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
0:00
»
Packet Storm Security Advisories
Ubuntu Security Notice 941-1 - It was discovered that MoinMoin incorrectly handled hierarchical access control lists. Users could bypass intended access controls under certain circumstances.
-
-
8:23
»
remote-exploit & backtrack
hey guys i need help in this any one have any idea about how does Access Point Web-Based login works and how to hack that ? i want to know how does exactly that work ?and as well as to hack it
-
-
14:18
»
remote-exploit & backtrack
I cant access bt4 final iam stuck in startx my lan n wireless works, i tried using bt3 i cant start a lan or wireless i tried using /etc/init.d/......, unless theres away around this please guide me thanks
-
-
15:05
»
remote-exploit & backtrack
so that my computer as for my mac address does not appear on the routers DHCP table or any other data logs.
Thanks in advance.
-
-
10:00
»
Hack a Day
Do you have access to a laser cutter? If so, you can use [Riley Porter's] method to cut your own solder stencils. He starts with the Eagle files and exports the Dimension and tCream layers to a PDF. That file is then processed using Ghostwriter, Gview, and finally, Corel draw. The result is a 1200dpi [...]
-
-
15:00
»
Packet Storm Security Recent Files
Ubuntu Security Notice 907-1 - It was discovered that gnome-screensaver did not correctly lock all screens when monitors get hotplugged. An attacker with physical access could use this flaw to gain access to a locked session. It was discovered that gnome-screensaver did not correctly handle keyboard grab when monitors get hotplugged. An attacker with physical access could use this flaw to gain access to a locked session. This issue only affected Ubuntu 9.10.
-
15:00
»
Packet Storm Security Advisories
Ubuntu Security Notice 907-1 - It was discovered that gnome-screensaver did not correctly lock all screens when monitors get hotplugged. An attacker with physical access could use this flaw to gain access to a locked session. It was discovered that gnome-screensaver did not correctly handle keyboard grab when monitors get hotplugged. An attacker with physical access could use this flaw to gain access to a locked session. This issue only affected Ubuntu 9.10.
-
1:51
»
remote-exploit & backtrack
Hello everyone ,
I have been trying to set up a Fake Access point with airbase-ng but i am having problems with it.
Most of time , i can't see the access point in window , and in my n81
Sometimes , after playing with mtu vales i was able to see , but was never able to connect to it.
I have a intel 5100AGN card. can anyone give me any pointers ?
-
12:00
»
Packet Storm Security Recent Files
Asterisk Project Security Advisory - Host access rules using permit= and deny= configurations behave unpredictably if the CIDR notation /0 is used. Depending on the system's behavior, this may act as desired, but in other cases it might not, thereby allowing access from hosts that should be denied.
-
12:00
»
Packet Storm Security Advisories
Asterisk Project Security Advisory - Host access rules using permit= and deny= configurations behave unpredictably if the CIDR notation /0 is used. Depending on the system's behavior, this may act as desired, but in other cases it might not, thereby allowing access from hosts that should be denied.
-
-
0:18
»
remote-exploit & backtrack
Taxonomia de un ataque con Backtrack 4
En este portal podran encontrar la documentacion sobre como es la estructura o la taxonomia de un ataque, aqui depositare todo el trabajo que se esta haciendo sobre dicha taxonomia.
[*] Documentos
- Reconocimiento de un sistema con << backtrack4 (Footprinting)
- Escaneo de un sistema con << backtrack4 (Scanning)
- Acceder a un sistema con << backtrack4 (Access)
- Mantener el acceso en un sistema con << backtrack4 (Maintain Access)
- Borrado de Huellas con << backtrack 4(Clear log's)
- Reporte << (Reporte algo under)
[*] Videos
- Acceso a un sistema con << Backtrack 4
- Intrusion/Ataque Automatizada con << Backtrack 4
- Borrado de Logs con << Backtrack 4
- Tunneling con << Backtrack 4
- Rootkits con << Backtrack 4
El breve resumen anteriormente dado, es una estructra basica que debemos tener para poder hacer un ataque dirijido hacia un sistema. Intento ser lo mas explicativo posible para que sea lo mas entendible posible.
Taxonomia de un ataque con backtrack 4
Bueno sin mas espero ver comentarios, sugerencias , etc. nos estaremos leyendo
Saludos
-
-
15:00
»
Packet Storm Security Recent Files
Ubuntu Security Notice 898-1 - It was discovered that gnome-screensaver did not correctly handle monitor hotplugging. An attacker with physical access could cause gnome-screensaver to crash and gain access to the locked session.
-
15:00
»
Packet Storm Security Advisories
Ubuntu Security Notice 898-1 - It was discovered that gnome-screensaver did not correctly handle monitor hotplugging. An attacker with physical access could cause gnome-screensaver to crash and gain access to the locked session.
-
-
0:00
»
Packet Storm Security Recent Files
Core Security Technologies Advisory - This advisory describes two vulnerabilities that provide access to any file stored in on a user's desktop system if it is running a vulnerable version of Internet Explorer. These vulnerabilities can be used in attacks combined with a number of insecure features of Internet Explorer to provide remote access to locally stored files without the need for any further action from the victim after visiting a website controlled by the attacker.
-
0:00
»
Packet Storm Security Exploits
Core Security Technologies Advisory - This advisory describes two vulnerabilities that provide access to any file stored in on a user's desktop system if it is running a vulnerable version of Internet Explorer. These vulnerabilities can be used in attacks combined with a number of insecure features of Internet Explorer to provide remote access to locally stored files without the need for any further action from the victim after visiting a website controlled by the attacker.
-
-
5:35
»
remote-exploit & backtrack
In my home's local network I can see my dad's PC folders but I can (unfortunately) access only his shared folders.However I can see his drives (C$ etc).When I try to access them password key is required :(:(:(:(:(
Any tool that let me access these folders without knowing the passskey?:D:D;)?
snapshot at:
h t t p : / /img199.imageshack.us/img199/513/snapshot1ax.png
-
-
0:52
»
remote-exploit & backtrack
hi,
Code:
I have read/write access to the entire system memory, and HV level access to the processor. In other words, I have hacked the PS3.
geohotps3. blogspot. com
twitter. com/Geohot
Do you think its a fake?
1337day (was: Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
Bugtraq
XSSed
Penetration Testing
BackTrack Linux Forums
Threatpost
carnal0wnage.attackresearch.com
Darknet
The Exploitant
23:01