«
Expand/Collapse
716 items tagged "network"
Related tags:
service vulnerability [+],
red hat security [+],
performance [+],
linux kernel [+],
communication [+],
authors [+],
vnc [+],
socks [+],
pcnfs [+],
network monitor [+],
network logon [+],
logon [+],
hydra [+],
cisco aaa [+],
tor event [+],
red hat network [+],
observer [+],
hat [+],
buffer overflow vulnerability [+],
xplico [+],
usage profile [+],
source network [+],
source code release [+],
sniffer [+],
sensitive applications [+],
roger dingledine [+],
protocol analysis [+],
packet inspection [+],
nova [+],
network sniffer [+],
network instruments observer [+],
network driver ioctl [+],
needle in a haystack [+],
machine learning algorithms [+],
linux [+],
layer [+],
kernel [+],
i2p [+],
hostile network [+],
haystack [+],
forensic analysis [+],
forensic [+],
encryption [+],
chaos communication camp [+],
analysis tool [+],
analysis [+],
slides [+],
network interface [+],
ndp [+],
logging [+],
interface events [+],
interface [+],
congress [+],
audio [+],
Software [+],
chaos communication congress [+],
web [+],
video [+],
smarts [+],
securicam [+],
privacy event [+],
php code [+],
network shutdown [+],
network configuration manager [+],
network address translation [+],
lan [+],
ipv6 networks [+],
ipv [+],
instruments [+],
infrastructure [+],
graph explorer [+],
general purpose computer [+],
explorer component [+],
exchange [+],
emc smarts [+],
emc [+],
defcon 13 [+],
d link [+],
code execution [+],
backbone network [+],
amsterdam internet exchange [+],
amsterdam [+],
wordpress [+],
wlan access points [+],
wireshark [+],
version [+],
user [+],
ups [+],
transport layer security [+],
system [+],
storage directory [+],
security [+],
sebastian werner stefan wahl [+],
scanning [+],
satellite ground station [+],
satellite [+],
ruben bloemgarten [+],
router [+],
review [+],
rendezvous point [+],
real time network [+],
rdpscan [+],
publisher [+],
program [+],
private investigations [+],
predefined commands [+],
port scanner [+],
penetration testers [+],
onion routers [+],
node [+],
nmap [+],
nick farr [+],
network ups tools [+],
network traffic [+],
network surveillance [+],
network storage [+],
network publisher [+],
network node manager [+],
network instrument [+],
network content [+],
module [+],
little cats [+],
list of algorithms [+],
instrument [+],
information [+],
ian clarke oskar sandberg [+],
hp network [+],
ground station [+],
grab [+],
government level [+],
global internetwork [+],
german counterpart [+],
g investigations [+],
function buffer overflow [+],
filter implementations [+],
felix [+],
fabian yamaguchi [+],
europe [+],
directory traversal vulnerability [+],
dingledine [+],
database connection [+],
daniel kirstenpfad [+],
configuration management capabilities [+],
conceptronic [+],
cisco ios [+],
chokepointproject [+],
china [+],
checker [+],
cart [+],
camp [+],
browsing [+],
based buffer overflow [+],
base64 [+],
attack [+],
andreas krennmair [+],
andreas hornig [+],
active x control [+],
Tools [+],
21c3 [+],
zurich research laboratory [+],
time [+],
symantec [+],
stefan katzenbeisser [+],
sql [+],
security tags [+],
security problems [+],
secunia [+],
rich internet [+],
ria [+],
research [+],
privilege escalation vulnerability [+],
private ip range [+],
noc [+],
nicolas fischbach [+],
netflow [+],
maxim salomon niels bakker [+],
manager i [+],
malware [+],
local privilege escalation [+],
kay hamacher [+],
jonathan voris [+],
jens kubieziel [+],
infrastructure devices [+],
ibm [+],
hp printers [+],
hp firmware [+],
home [+],
harald welte [+],
flash [+],
fischbach [+],
firmware [+],
elisa jasinska [+],
currency questions [+],
cryptography [+],
craig [+],
communication endpoints [+],
cisco security advisory [+],
cisco security [+],
cisco ios software [+],
christian carstensen [+],
carstensen [+],
capabilities of the computer [+],
camp network [+],
bitcoin [+],
back channels [+],
aware [+],
applications flash [+],
advisory [+],
address space [+],
access [+],
Hardware [+],
tor [+],
network access control [+],
xbee [+],
winn schwartau [+],
wii [+],
web connection [+],
web applications [+],
way [+],
vulnerabilities [+],
vpn [+],
vivotek [+],
video camp [+],
vector [+],
unauthorized access [+],
translation [+],
traffic light [+],
traffic [+],
tor based anonymous [+],
tin box [+],
timer based [+],
time clock [+],
time based security [+],
television programs [+],
television [+],
tags [+],
syria [+],
summer weather [+],
summer [+],
stephen lewis tags [+],
status [+],
social [+],
smile thanks [+],
simple wish [+],
shutdown [+],
seris [+],
security vulnerabilities [+],
security model [+],
security authors [+],
sebastian lacoste [+],
sammy [+],
remote buffer overflow vulnerability [+],
remote buffer overflow [+],
reality [+],
read [+],
raspberry [+],
radio network [+],
radio modules [+],
radio [+],
protecting [+],
potential security vulnerability [+],
phone [+],
philippe biondi [+],
parts bin [+],
onioncat [+],
nnmi [+],
nintendo wii [+],
nintendo [+],
networks network [+],
networked devices [+],
network time [+],
network switch [+],
network storage devices [+],
network security [+],
network layers [+],
network flows [+],
network configuration [+],
network cameras [+],
network attached storage [+],
network application [+],
network address translators [+],
necessity is the mother of invention [+],
nat [+],
multiple [+],
ms chapv [+],
mother of invention [+],
mobitex [+],
misc [+],
military strategies [+],
mike geide [+],
mesh network [+],
manifold [+],
manager [+],
leblond [+],
layers [+],
launch [+],
kilonode [+],
ip network infrastructure [+],
iomega [+],
internet war [+],
information disclosure vulnerability [+],
handshakes [+],
hacking [+],
hacked [+],
gsm [+],
google [+],
global [+],
generation [+],
geide [+],
free software project [+],
framework [+],
flows [+],
firewalls [+],
file permissions [+],
errata [+],
eric leblond [+],
eric filiol [+],
entertainment [+],
eaton [+],
dieter spaar [+],
derek [+],
defcon [+],
decrypting [+],
day [+],
david [+],
daniel haslinger [+],
cryptographic mechanisms [+],
craig h. rowland tags [+],
craig balding [+],
computer [+],
compiler source code [+],
clock [+],
cisco [+],
chinese [+],
checking [+],
chapcrack [+],
cameras [+],
bypass [+],
buffer overflows [+],
brad woodberg [+],
box [+],
biondi [+],
bernhard fischer [+],
ben kurtz [+],
behaviour [+],
availability of broadband [+],
audio router [+],
aprs [+],
application [+],
address [+],
Rasberry [+],
21th [+],
packet [+],
internet [+],
packetfence [+],
nac system [+],
large heterogeneous networks [+],
hacks [+],
virtual tunnels [+],
tor virtual [+],
privacy [+],
local internet service providers [+],
instant messaging services [+],
vulnerability [+],
talk [+],
nagios [+],
denial of service [+],
red [+],
reconnaissance [+],
monitor [+],
zero latency,
yes driver,
xss,
x scan,
wpa supplicant,
wpa key,
wpa,
wormtrack,
working,
word list,
wlan,
wireless networks,
wireless network security,
wireless network card,
windows,
window air conditioner,
window,
wifi card,
wifi,
wi fi,
wep wpa,
wep key,
wep,
weird reason,
walled gardens,
vulnerability research,
voice demo,
voice,
vmware workstation,
vmware,
vista,
virtualbox,
viper,
vanessa brunet,
using open source tools,
using a dictionary,
using,
usa,
unwanted guests,
untrusted network,
untrusted,
unspecified,
unsniff,
ubuntu,
txt,
twitter,
tshark,
traffic prioritization,
tracker,
tp link,
tor anonymity,
tool,
tips,
ti calculators,
three quarters,
thing,
thanks in advance,
than,
teredo,
tenable network security,
tenable,
telecom,
technology,
technological focus,
tech,
tcp level,
tcp,
target network,
target machine,
tar,
taking a leak,
sylvia schlaphof,
svp,
storageworks,
storage mechanisms,
storage mechanism,
storage,
steve dispensa,
stephen patton tags,
stephen dugan,
static address,
staging areas,
stack buffer,
stacey higginbotham,
sslv3,
ssid,
ss7 sigtran,
sql injection,
spying,
spy,
sports network,
sports,
spending,
south africa,
source,
sony playstation,
sony hack,
sony,
something,
sniffers,
smb shares,
smb,
small network topologies,
slaac,
sky tv,
sky,
site,
simulator,
sim cards,
sim card,
sim,
shark,
sharepoint,
share experiences,
service provider network,
service,
server,
sensor,
seek,
security weakness,
security protocols,
security network,
security implications,
security guide,
security flaws,
security event,
security domains,
security advisory,
securing your network,
securing,
second,
search network,
search,
sean m. bodmer,
sean boyce tags,
scripting,
script sql,
script,
screws,
scott tags,
scanner x,
scanner system,
scanner,
sambascan,
safer use,
ryan kim,
russia,
routeur,
router password,
rj itop,
rey tags,
reverse engineering,
reserches,
research security,
request headers,
remote network management,
remote,
recent technological advances,
realtek semiconductor,
real time communications,
quot,
question,
quarters,
pxe,
pumping station,
public shares,
psn,
prtg,
proventia,
protocols,
protocol stacks,
protocol,
program settings,
product,
problem,
private beta,
prefix length,
precautionary measure,
powerchute,
power cross,
power,
pouvoir,
portuguese,
port scanners,
poor passwords,
policy,
poison,
pointter,
playstation,
physical id,
phone base,
philippe langlois,
personal freedom,
persistent,
performance linux,
performance clusters,
per,
peotocol,
penetration,
peer,
pdf,
pcs,
pcap,
pbnj,
paul syverson,
patton,
password,
passive network,
passive control,
partition,
parked,
parallel network,
paper,
panel,
paloalto,
palo alto,
packet generator,
packet filters,
packet data,
packard,
oz parliamentary,
oracle,
ops,
operations network,
operations,
openview,
opendns,
open source utility,
open source tools,
open source technologies,
open source initiative,
open ports,
old laptop,
null pointer,
night dragon,
nids,
nick owen tags,
nick owen,
nic works,
nic,
next five years,
news,
new article,
neutrality,
neural,
networkminer,
networkmanager,
networked clusters,
network wirelessly,
network vulnerability scanner,
network vulnerability,
network traffic monitors,
network tool,
network technology,
network storage systems,
network status updates,
network spy,
network solutions,
network sniffers,
network security policy,
network security breaches,
network search engine,
network scripts,
network question,
network protocols,
network protocol analyzer,
network protocol,
network professionals,
network penetration,
network packet,
network outage,
network operating systems,
network names,
network monitoring,
network mask,
network mapping,
network management protocols,
network mail,
network intrusion detection system,
network intrusion detection,
network interfaces,
network ids,
network hack,
network forensics,
network firewalls,
network firewall,
network exploration,
network component,
network cards,
network automation,
network authentication,
network attacks,
network architecture,
network analyzers,
network analyzer,
network admin,
netwerk,
netgear router,
net neutrality,
net,
neighborhood,
ndiswrapper,
ncrack,
name,
nac,
my handshake,
mp martijn van dam,
mountd,
monitoring,
modem,
mobitex network,
mobile phone users,
mobile network,
mobile,
mitigation techniques,
mitigation,
mining,
mike beekey,
message encryption,
medusa,
mc fly,
max network,
max,
master keys,
mass hack,
mass,
martin stanford,
martijn van dam,
marshall,
marsh ray,
marcus ranum,
marco bonetti,
mapping,
map,
manager toolbar,
manager ovutil,
manager nnmrptconfig,
manager execution,
manager cve ,
management authors,
management,
malaysia,
making a sandbox,
mail security,
machine,
mac os x,
mac os,
mac,
lucerne,
london,
login,
logiciel,
location data,
local network,
local area network,
lm hash,
linux wireless,
linux tools,
linux network,
linksys wusb54g,
libnids,
legitimate network,
legal,
leak,
lcd,
latin america,
lashes,
laptops,
lan device,
lacsec,
knowledge network,
knowledge,
kismet wireless,
kismet,
kernel system,
kerberos,
kenneth geers,
junos,
junk heap,
juniper junos,
joomla,
joint,
johannesburg south africa,
johannesburg,
joey bernard,
jim hoagland,
jeremy rauch,
jdenet,
jd edwards enterpriseone,
jd edwards,
jboss,
java denial,
isp industry,
iranian elections,
iran sports,
iran,
iphone,
ipadress,
ip adress,
ip address range,
ip address,
investments,
intrusion detection system,
intrusion detection,
intrusion,
intruders,
internet menu,
internet censorship law,
interface product,
interface card,
interceptor,
insider,
independent network,
incident response teams,
incident,
implications,
imac,
ids,
identity,
i ca,
hyenae,
hub,
httpurlconnection,
hp ux,
hp storageworks,
hp openview network node manager,
how to connect to a wireless network,
hotspot,
holland,
hmi software,
hitachi,
hijacking,
high speed network,
high availability,
higginbotham,
hide,
hat europe,
hardware drivers,
handshake problem,
half,
hackers,
hacker,
hack in the box,
hack attack,
hack,
guy,
gustav rydstedt,
graphing calculators,
graphical network,
gps,
gonc,
gns,
gigaom,
gigabit network,
gigabit ethernet controller,
germany,
geers,
gateway,
gaming network,
gaming,
gamer,
freebsd security,
freebsd,
fortigate firewall,
forensics,
foreign,
firewalling,
firewall,
file,
fights,
federal networks,
fear,
fat cats,
fakeap,
facebook,
external switch,
extension lead,
exploits,
existing networks,
existence thanks,
ettercap,
ethernet bridge,
ethernet,
ethereal network,
ethereal,
etc network,
erik birkholz,
erik,
eric schultze,
eric,
enterprise,
engineering network,
engineering,
engine,
end,
encapsulation,
emerson network power,
emerson,
edwards,
early warning system,
dutch isp,
dummies,
dugan,
drivers windows,
downtime,
dos vulnerability,
domains,
domain thanks,
dns,
dissection,
directory,
diode,
digit temperatures,
dictionary file,
dhcpcd,
device server,
device,
detection,
desktop lcd,
denial of service dos,
demo,
default network configuration,
default gateway,
ddos attacks,
daybiz,
david bryan luiz eduardo tags,
david bryan,
data mining,
darknet,
daqfactory,
daniel mende,
dan kaminsky,
dan boneh,
cyber threats,
cyber criminals,
cyber attack,
cyber,
cross site scripting,
cross,
critical flaws,
criminal investigators,
crenshaw,
cracking,
corporate,
content,
connected computer,
configured,
conference,
computer network defense,
complementary tool,
community script,
communication middleware,
command line syntax,
command execution,
collin jackson,
code,
cms,
cloud,
class,
cisco wireless,
cisco event,
cisco enterprise,
cisco aironet,
circumvention,
christopher mitchell,
christopher,
christiane ruetten,
cheatsheet,
chaosmap,
cfp,
ceo lashes,
ceo,
centreon,
central us,
cellular network,
cellular,
cellphones,
cellphone network,
cat 5 cable,
casing,
cartoon network,
cartoon,
caribbean,
card,
cannot,
call for papers,
cache devices,
cable tv service,
bypassing,
bus,
burglars,
building,
bugtraq,
buffer overflow,
bssid,
bruter,
brute forcer,
brute force method,
broadcom,
broadcast messages,
broadband internet service,
bringing,
bridge,
breaches,
breached,
bot,
bonsoir,
bof,
bodmer,
board,
block,
black ops,
black hat,
black,
birkholz,
berlin germany,
berlin,
bash script,
bartholl,
bard,
baptiste gourdin,
b pci,
azeotech,
awus,
automation,
authentication,
aurora,
attacker,
atheros wireless,
atheros communications inc,
atheros,
asia,
artificial neural network,
artificial intelligence,
artificial,
arp,
arkin tags,
arduino,
architecture,
arbitrary code execution,
aram,
arab network,
arab,
applied network,
apple,
apc powerchute,
apc,
anonymity,
anon,
ann,
android,
andrew whitaker,
and,
analyzer,
analyzation,
amazon ec2,
amazon,
alpha version,
alpha,
algorithms,
alfa,
alexa,
alec waters,
airodump,
air interface,
air,
agora,
agency,
adrian crenshaw,
active directory services,
abu dhabi,
Wireless,
Uncategorized,
Support,
Related,
Newbie,
NON,
Issues,
Idiots,
IPv6,
General,
Fixes,
ExploitsVulnerabilities,
Countermeasures,
Corner,
Community,
Bugs,
BackTrack,
Area
-
-
4:01
»
Hack a Day
When the Raspberry Pi 3 Model B+ was announced in March of 2018, one of its new features was the ability to be (more easily) powered via Power-over-Ethernet (PoE), with an official PoE HAT for the low price of just twenty-one USA bucks. The thing also almost worked as intended the first time around. But to some people this just isn’t good enough, resulting in [Albert David] putting out a solution he calls “poor man’s PoE” together for about two bucks.
His solution makes it extra cheap by using so-called passive PoE, which injects a voltage onto the conductors of the network cable being used for PoE, without bothering with any kind of handshake. In general this is considered to be a very reliable (albeit non-standard) form of PoE that works great until something goes up in smoke. It’s also ridiculously cheap, with a PoE injector adapter (RJ-45 plug & 2.1×5.5 mm power jack to RJ-45 jack) going for about 80 cents, and a DC-DC buck converter that can handle the input of 12V for about 50 cents.
The rest of the $2 budget is mostly spent on wiring and heatshrink, resulting in a very compact PoE solution that plugs straight into the PoE header on the Raspberry Pi 3 board, with the buck converter outputs going into the ground and +5V pins on the Raspberry Pi’s GPIO header.
A fancier solution would implement any of the standard PoE protocols to do the work of negotiating a suitable voltage. Maybe this could be the high-tech, $5 solution featuring an MCU and a small PCB?
-
-
19:00
»
Hack a Day
Thanks to the wonders of the internet, collaborating with others across great distances has become pretty simple. It’s easy now to share computer desktops over a network connection, and even take control of another person’s computer if the need arises. But these graphical tools are often overkill, especially if all we really need is to share a terminal session with someone else over a network.
A new project from [Elis] allows just that: to share an active terminal session over a web browser for anyone else to view. The broswer accesses a “secret” URL which grants access to the terminal via a tunnel which is able to live stream the entire session. The server end takes care of all of the work of generating this URL, and it is encrypted with TLS and HTTPS. It also allows for remote control as well as viewing, so it is exceptionally well-featured for being simple and easy to run.
To run this software only a binary is needed, but [Elis] has also made the source code available. Currently he finds it a much more convenient way of administering his Rasberry Pi, but we can see a lot of use for this beyond the occasional headless server. Certainly this makes remote administration easy, but could be used collaboratively among a large group of people as well.
-
-
1:00
»
Hack a Day
For the vast majority of us, Gigabit Ethernet is more than enough for daily tasks. The occasional big network file transfer might drag a little, but it’s rare to fall short of bandwidth when you’re hooked up over Cat 6. [Brian] has a thirst for saturating network links, however, and decided only 10 Gigabit Ethernet would do.
Already being the owner of a Gigabit Ethernet network at home, [Brian] found that he was now regularly able to saturate the links with his existing hardware. With a desire to run intensive virtual machines on his existing NAS without causing bandwidth issues, it was time for an upgrade. Unfortunately, the cost of rewiring the existing home network to Cat 6 and procuring hardware that could run 10 Gigabit Ethernet over copper twisted pair was prohibitively expensive.
It’s a little ungainly, but it does the job.
Instead, [Brian] decided to reduce the scope to connecting just 3 machines. Switches were prohibitively expensive, so each computer was fitted with twin 10 Gigabit interfaces, such that it could talk to the two other computers. Rather than rely on twisted pair, the interfaces chosen use the SFP+ standard, in which the network cable accepts electrical signals from the interface, and contains a fiber optic transciever.
[Brian] was able to get the 3 computers networked for just $120, with parts sourced from eBay. It’s an approach that doesn’t scale well; larger setups would be much better served by using a switch and a less zany network topology. But for [Brian], it works just fine, and allows his NAS to outperform a 15,000 RPM server hard disk as far as read rates go.
If you’re curious about improving your own network performance, it might pay to look at your cables first –Â things are not always as they seem.
-
-
4:00
»
Hack a Day
Those who have children of their own might argue that the youth of today are getting far too much internet time. [Nick] decided to put an emergency stop to it and made this ingenious internet kill switch to threaten teenagers with. Rather unassuming on the outside, the big red button instantly kills all network traffic as soon as you push it down, doing its label justice. Reset the toggle button, and the connection is restored, simple as that.
In order to achieve this, [Nick] fit inside the enclosure a Raspberry Pi Zero W, along with a battery and a wireless charging circuit for portability and completely wireless operation. The button is wired into the Pi’s GPIO and triggers a command to the router via SSH over WiFi, where a script listening to the signal tells it to drop the network interfaces talking to the outside world. It’s simple, it’s clean, and you can carry it around with you as a warning for those who dare disobey you. We love it.
Another use for big red buttons we’ve seen in the past is an AC power timer, but you can do just about anything with them if you turn one into an USB device. Check this one in action after the break.
Thanks [Julian] for the tip!
-
-
22:00
»
Hack a Day
In an era where everything seems to be getting “smarter” every year, it will probably come as no surprise to find that even relatively middling networking hardware is now packing advanced features and considerable computational power. A case in point is the Dell N1108T-ON Ethernet switch. Despite only costing around $100 USD on the second hand market, [Ben Cox] discovered this particular switch was capable of a lot more than what was advertised by poking around its onboard operating system.
It all started by plugging into the serial port on the front of the switch, which [Ben] happily notes is an integrated FTDI USB serial adapter to make life easy. Booting into recovery mode gave him local shell access, and some poking around determines it’s the sort of BusyBox-powered Linux system that you’d expect on an embedded device. The biggest discoveries were that it was running a relatively recent kernel (3.8.1), and that it apparently had Python installed.
The reverse shell Python script
From there, [Ben] found out that these switches have a feature where the administrator can install and run Python “applications” by packaging them up as tarballs and copying them from a USB flash drive. So he wrote up a simple Python program that used the socket library to open up a reverse shell to his desktop computer, and to his surprise, it worked perfectly on the first try. Now with root access, the fun really started.
The next step was getting an SSH installed and running on the switch, so that he didn’t have to do the reverse shell trick every time. He then started installing the packages necessary to turn the switch into a secure VPN tunnel with Wireguard. This took a little fiddling as [Ben] didn’t have the option of installing the normal Wireguard kernel module, but he eventually got the necessary tools modified and cross-compiled to ARM. He believes this is just the start of what’s capable on devices like this, and we’re interested in seeing where the community goes from here.
We’ve seen hackers add management capability to a “dumb” unmanaged switch in the past, but software modifications like this promise to make the creation of custom, secure, networks far easier even on a hacker’s budget. A lot has certainly changed since the last time we saw somebody really dive into a professional Ethernet switch.
-
-
10:00
»
Hack a Day
The bing-bongs, screeches, and whiirings of a diai-up modem are long forgotten now. For good reason. Dial up was slow, and if you’re one of those unlucky people reading this and waiting for the animated gif above this paragraph to load, you have our condolences. But still, nostalgia. It bit [Doge Microsystems] hard, and now there’s a dial-up ISP on [Doge]’s desk. Why? For fun, probably, and if you’re going to retrocompute, you might as well go the whole way.
The setup for this astonishing feat of dial-up networking is an ISA modem inside a ‘lunchbox’ computer running what is …read more
-
-
13:00
»
Hack a Day
While most projects we see with the ESP32 make use of its considerable wireless capabilities, the chip can be connected to the wired network easily enough should you have the desire to do so. [Steve] liked the idea of putting his ESP32s on the wired network, but found the need for a secondary power connection burdensome. So he took it upon himself to modify some cheap Power Over Ethernet (PoE) hardware and create a single-cable solution (Google Translate).
[Steve] bought a PoE module intended for security cameras and ran a close eye over the board to figure out what kind …read more
-
-
13:00
»
Hack a Day
Let’s not pretend we aren’t all guilty of it: at some point we’ve all connected to a public WiFi network to check our email or log into some site or service. We know the risks, we know better. But in a weak moment we can let the convenience of that public network get the better of us. What if you had a small secure router that you could use as an encrypted VPN endpoint, allowing you to connect to those enticing public networks while keeping your traffic secure? That’s precisely what [David] had in mind when he built this pint-sized …read more
-
-
19:00
»
Hack a Day
America is a BIG country. There are pockets all across the land where broadband Internet is slow-to-nonexistent, and many individuals are left with wireless cell service as their only means of internet connection. This is the situation [Brandt Kuykendall] found himself in upon moving his family to Dillon Beach, CA. So he started up his own fiber ISP. (YouTube, embedded below.)
“Cell phone service was really our only option, but that proved to be extremely expensive. My wife came home with the bill (of) $707, and that was the last straw.”
Despite being a mere two hours from the technological …read more
-
-
8:31
»
Hack a Day
Implementing PoE is made interesting by the fact that not every Ethernet device wants power; if you start dumping power onto any device that’s connected, you’re going to break things. The IEEE 802.3af standard states that the device which can source power should detect the presence of the device receiving power, before negotiating the power level. Only once this process is complete can the power sourcing device give its full supply. Of course, this requires the burden of smarts, meaning that there are many cheap devices available which simply send power regardless of what’s plugged in (passive PoE).
[Jason Gin] …read more
-
-
22:00
»
Hack a Day
A big trend in web services right now is the so-called serverless computing, such as Amazon’s Lambda service. The idea is you don’t have a dedicated server waiting for requests for a specific purpose. Instead, you have one server (such as Amazon’s) listening for lots of requests and on demand, you spin up an environment to process that request. Conceptually, it lets you run a bit of Javascript or some other language “in the cloud” with no dedicated server. A new concept — https://itty.bitty.site — takes this one step farther. The site creates self-contained websites where the content is encoded …read more
-
-
15:43
»
Wirevolution
I got an email from the Heartland Institute today, purporting to give an expert opinion about today’s Net Neutrality ruling. The money quote reads: “The Internet is not broken, it is a vibrant, continually growing market that has thrived due to the lack of regulations that Title II will now infest upon it.”
This is wrong both on Internet history, and on the current state of broadband in the US.
It was the common carriage regulatory requirement on voice lines that first enabled the Internet to explode into the consumer world, by obliging the phone companies to allow consumers to hook up modems to their voice lines. It is the current unregulated environment in the US that has caused our Internet to become, if not broken, at least considerably worse than it is in many other countries:
America currently ranks thirty-first in the world in terms of average download speeds and forty-second in average uploads speeds, according to a recent study by Ookla Speedtest. Consumers pay much more for Internet access in the U.S. than in many other countries.
The post FCC Title II Ruling appeared first on wirevolution.com.
-
15:43
»
Wirevolution
I got an email from the Heartland Institute today, purporting to give an expert opinion about today’s Net Neutrality ruling. The money quote reads: “The Internet is not broken, it is a vibrant, continually growing market that has thrived due to the lack of regulations that Title II will now infest upon it.”
This is wrong both on Internet history, and on the current state of broadband in the US.
It was the common carriage regulatory requirement on voice lines that first enabled the Internet to explode into the consumer world, by obliging the phone companies to allow consumers to hook up modems to their voice lines. It is the current unregulated environment in the US that has caused our Internet to become, if not broken, at least considerably worse than it is in many other countries:
America currently ranks thirty-first in the world in terms of average download speeds and forty-second in average uploads speeds, according to a recent study by Ookla Speedtest. Consumers pay much more for Internet access in the U.S. than in many other countries.
The post FCC Title II Ruling appeared first on wirevolution.com.
-
-
18:26
»
Wirevolution
Videos burn up a lot more bandwidth than written words, per hour of entertainment. The Encyclopedia Britannica is 0.3 GB in size, uncompressed. The movie Despicable Me is 1.2 GB, compressed. Consequently we should not be surprised that most Internet traffic is video traffic:
The main source of the video traffic is Netflix, followed by YouTube:
Internet Service Providers would like to double-dip, charging you for your Internet connection, and also charging Netflix (which already pays a different ISP for its connection) for delivering its content to you. And they do.
To motivate content providers like Netflix to pay extra, ISPs that don’t care about their subscribers could hold them to ransom, using network congestion to make Neflix movies look choppy, blocky and freezy until Neflix coughs up. And they do:
This example illustrates the motivation structure of the industry. Bandwidth demand is continuously growing. The two basic strategies an ISP can use to cope with the growth are either to increase capacity or to ration the existing bandwidth. The Internet core is sufficiently competitive that its capacity grows by leaps and bounds. The last mile to the consumer is far less competitive, so the ISP has little motivation to upgrade its equipment. It can simply prioritize packets from Netflix and whoever else is prepared to pay the toll, and let the rest drop undelivered.
One might expect customers to complain if this was happening in a widespread way. And they do:
Free market competition might be a better answer to this particular issue than regulation, except that this problem isn’t really amenable to competition; you need a physical connection (fiber ideally) for the next generation of awesome immersive Internet. Running a network pipe to the home is expensive, like running a gas pipe, or a water pipe, or a sewer, or an electricity supply cable, or a road; so like all of those instances, it is a natural monopoly. Natural monopolies work best when strongly regulated, and the proposed FCC Title II action on Net Neutrality is a good start.
Digital Rights Management
Unrelated but easily confused with Net Neutrality is the issue of copyright protection. The Stop Online Piracy Act, or SOPA, was defeated by popular outcry for being too expansive. The remedies proposed by SOPA were to take down websites hosting illegal content, and to oblige ISPs to block illegal content from their networks.
You might have noticed in the first graphic above, about 3% of what consumers consume (“Downstream”) online is “filesharing,” a.k.a music and video piracy. It is pretty much incontrovertible that the Internet has devastated the music business. One might debate whether it was piracy or iTunes that did it in, but either way the fact of Internet piracy gave Steve Jobs a lot of leverage in his negotiations with the music industry. What’s to prevent a similar disembowelment of the movie industry, when a consumer in Dallas can watch a movie like “Annie” for free in his home theater before it has even been released?
The studio that distributes the movie would like to make sure you pay for seeing it, and don’t get a pirated copy. I think so too. This is a perfectly reasonable position to take, and if the studio was also your ISP, it might feel justified in blocking suspicious content. In the US it is not unusual for the studio to be your ISP (for example if your ISP is Comcast and the movie is Despicable Me). In a non-net-neutral world an ISP could block content unilaterally. But Net Neutrality says that an ISP can’t discriminate between packets based on content or origin. So in a net-neutral world, an ISP would be obliged to deliver pirated content, even when one of its own corporate divisions was getting ripped off.
This dilemma is analogous to free speech. The civilized world recognizes that in order to be free ourselves, we have to put up with some repulsive speech from other people. The alternative is censorship: empowering some bureaucrat to silence people who say unacceptable things. Enlightened states don’t like to go there, because they don’t trust anybody to define what’s acceptable. Similarly, it would be tough to empower ISPs to suppress content in a non-arbitrary but still timely way, especially when the content is encrypted and the source is obfuscated. Opposing Net Neutrality on the grounds of copyright protection is using the wrong tool for the job. It would be much better to find an alternative solution to piracy.
Actually, maybe we have. The retail world has “shrinkage” of about 1.5%. The credit card industry remains massively profitable even while factoring in a provision for fraud at about 3% of customers compromised.
“Filesharing” at 3% of download volume seems manageable in that context, especially since it has trended down from 10% in 2011.
The post Net Neutrality, Congestion, DRM appeared first on wirevolution.com.
-
18:26
»
Wirevolution
Videos burn up a lot more bandwidth than written words, per hour of entertainment. The Encyclopedia Britannica is 0.3 GB in size, uncompressed. The movie Despicable Me is 1.2 GB, compressed. Consequently we should not be surprised that most Internet traffic is video traffic:
The main source of the video traffic is Netflix, followed by YouTube:
Internet Service Providers would like to double-dip, charging you for your Internet connection, and also charging Netflix (which already pays a different ISP for its connection) for delivering its content to you. And they do.
To motivate content providers like Netflix to pay extra, ISPs that don’t care about their subscribers could hold them to ransom, using network congestion to make Neflix movies look choppy, blocky and freezy until Neflix coughs up. And they do:
This example illustrates the motivation structure of the industry. Bandwidth demand is continuously growing. The two basic strategies an ISP can use to cope with the growth are either to increase capacity or to ration the existing bandwidth. The Internet core is sufficiently competitive that its capacity grows by leaps and bounds. The last mile to the consumer is far less competitive, so the ISP has little motivation to upgrade its equipment. It can simply prioritize packets from Netflix and whoever else is prepared to pay the toll, and let the rest drop undelivered.
One might expect customers to complain if this was happening in a widespread way. And they do:
Free market competition might be a better answer to this particular issue than regulation, except that this problem isn’t really amenable to competition; you need a physical connection (fiber ideally) for the next generation of awesome immersive Internet. Running a network pipe to the home is expensive, like running a gas pipe, or a water pipe, or a sewer, or an electricity supply cable, or a road; so like all of those instances, it is a natural monopoly. Natural monopolies work best when strongly regulated, and the proposed FCC Title II action on Net Neutrality is a good start.
Digital Rights Management
Unrelated but easily confused with Net Neutrality is the issue of copyright protection. The Stop Online Piracy Act, or SOPA, was defeated by popular outcry for being too expansive. The remedies proposed by SOPA were to take down websites hosting illegal content, and to oblige ISPs to block illegal content from their networks.
You might have noticed in the first graphic above, about 3% of what consumers consume (“Downstream”) online is “filesharing,” a.k.a music and video piracy. It is pretty much incontrovertible that the Internet has devastated the music business. One might debate whether it was piracy or iTunes that did it in, but either way the fact of Internet piracy gave Steve Jobs a lot of leverage in his negotiations with the music industry. What’s to prevent a similar disembowelment of the movie industry, when a consumer in Dallas can watch a movie like “Annie” for free in his home theater before it has even been released?
The studio that distributes the movie would like to make sure you pay for seeing it, and don’t get a pirated copy. I think so too. This is a perfectly reasonable position to take, and if the studio was also your ISP, it might feel justified in blocking suspicious content. In the US it is not unusual for the studio to be your ISP (for example if your ISP is Comcast and the movie is Despicable Me). In a non-net-neutral world an ISP could block content unilaterally. But Net Neutrality says that an ISP can’t discriminate between packets based on content or origin. So in a net-neutral world, an ISP would be obliged to deliver pirated content, even when one of its own corporate divisions was getting ripped off.
This dilemma is analogous to free speech. The civilized world recognizes that in order to be free ourselves, we have to put up with some repulsive speech from other people. The alternative is censorship: empowering some bureaucrat to silence people who say unacceptable things. Enlightened states don’t like to go there, because they don’t trust anybody to define what’s acceptable. Similarly, it would be tough to empower ISPs to suppress content in a non-arbitrary but still timely way, especially when the content is encrypted and the source is obfuscated. Opposing Net Neutrality on the grounds of copyright protection is using the wrong tool for the job. It would be much better to find an alternative solution to piracy.
Actually, maybe we have. The retail world has “shrinkage” of about 1.5%. The credit card industry remains massively profitable even while factoring in a provision for fraud at about 3% of customers compromised.
“Filesharing” at 3% of download volume seems manageable in that context, especially since it has trended down from 10% in 2011.
The post Net Neutrality, Congestion, DRM appeared first on wirevolution.com.
-
-
15:21
»
Wirevolution
-
15:21
»
Wirevolution
-
-
9:11
»
Wirevolution
My thoughts on network neutrality can be found here and some predictions contingent on its loss here, so obviously I am disheartened by this latest ruling. The top Google hit on this news is currently a good story at GigaOm, and further down Google’s hit list is a thoughtful article in Forbes, predicting this result, but coming to the wrong conclusion.
I am habitually skeptical of “slippery slope” arguments, where we are supposed to fear something that might happen, but hasn’t yet. So I sympathize with pro-ISP sentiments like that Forbes article in this regard. On the other hand, I view businesses as tending to be rational actors, maximizing their profits under the rules of the game. If the rules of the game incent the ISPs to move in a particular direction, they will tend to move in that direction. Because competition is so limited among broadband ISPs (for any home in America there are rarely more than two options, regardless of the actual number of ISPs in the nation), they are currently incented to ration their bandwidth rather than to invest in increasing it. This decision is a push in that same direction.
Arguably the Internet was born of Federal action that forced a corporation to do something it didn’t want to do: without the Carterfone decision, there would have been no modems in the US. Without modems, the Internet would never have gotten off the ground.
Arguments that government regulation could stifle the Internet miss the point that all business activity in the US is done under government rules of various kinds: without those rules competitive market capitalism could not work. So the debate is not over whether the government should ‘interfere,’ but over what kinds of interference the government should do, and with what motivations. I take the liberal view that a primary role of government is to protect citizens from exploitation by predators. I am an enthusiastic advocate of competitive-market capitalism too, where it can exist. The structure of capitalism pushes corporations to charge as much as possible and provide as little as possible for the money (‘maximize profit’). In a competitive market, the counter-force to this is competition: customers can get better, cheaper service elsewhere, or forgo service without harm. But because of the local lack of competition, broadband in the US is not a competitive market, so there is no counter-force. And since few would argue that you can live effectively in today’s US without access to the Internet, you can’t forgo service without harm.
The current rules of the broadband game in the US have moved us to a pathetically lagging position internationally so it seems reasonable to change them. Unfortunately this latest court decision changes them in the wrong direction, freeing ISPs to ration and charge more for connectivity rather than encouraging them to invest in bandwidth. If you agree that this is a bad thing, you can do some token venting here: http://act.freepress.net/sign/internet_FCC_court_decision2/
Here is a press release from an organization that few people could find fault with.
The post ALA Troubled by Court’s Net Neutrality Decision appeared first on wirevolution.com.
-
9:11
»
Wirevolution
My thoughts on network neutrality can be found here and some predictions contingent on its loss here, so obviously I am disheartened by this latest ruling. The top Google hit on this news is currently a good story at GigaOm, and further down Google’s hit list is a thoughtful article in Forbes, predicting this result, but coming to the wrong conclusion.
I am habitually skeptical of “slippery slope” arguments, where we are supposed to fear something that might happen, but hasn’t yet. So I sympathize with pro-ISP sentiments like that Forbes article in this regard. On the other hand, I view businesses as tending to be rational actors, maximizing their profits under the rules of the game. If the rules of the game incent the ISPs to move in a particular direction, they will tend to move in that direction. Because competition is so limited among broadband ISPs (for any home in America there are rarely more than two options, regardless of the actual number of ISPs in the nation), they are currently incented to ration their bandwidth rather than to invest in increasing it. This decision is a push in that same direction.
Arguably the Internet was born of Federal action that forced a corporation to do something it didn’t want to do: without the Carterfone decision, there would have been no modems in the US. Without modems, the Internet would never have gotten off the ground.
Arguments that government regulation could stifle the Internet miss the point that all business activity in the US is done under government rules of various kinds: without those rules competitive market capitalism could not work. So the debate is not over whether the government should ‘interfere,’ but over what kinds of interference the government should do, and with what motivations. I take the liberal view that a primary role of government is to protect citizens from exploitation by predators. I am an enthusiastic advocate of competitive-market capitalism too, where it can exist. The structure of capitalism pushes corporations to charge as much as possible and provide as little as possible for the money (‘maximize profit’). In a competitive market, the counter-force to this is competition: customers can get better, cheaper service elsewhere, or forgo service without harm. But because of the local lack of competition, broadband in the US is not a competitive market, so there is no counter-force. And since few would argue that you can live effectively in today’s US without access to the Internet, you can’t forgo service without harm.
The current rules of the broadband game in the US have moved us to a pathetically lagging position internationally so it seems reasonable to change them. Unfortunately this latest court decision changes them in the wrong direction, freeing ISPs to ration and charge more for connectivity rather than encouraging them to invest in bandwidth. If you agree that this is a bad thing, you can do some token venting here: http://act.freepress.net/sign/internet_FCC_court_decision2/
Here is a press release from an organization that few people could find fault with.
The post ALA Troubled by Court’s Net Neutrality Decision appeared first on wirevolution.com.
-
-
13:11
»
Packet Storm Security Recent Files
Nova is a software application for preventing and detecting hostile network reconnaissance (such as nmap scans). It does this by first creating the Haystack: a large collection of low interaction honeypots using an updated version of Honeyd. Finding real machines on the network becomes like finding a needle in a haystack of fake machines. Second, Nova uses machine learning algorithms to automatically detect and classify attempts at hostile reconnaissance, so there's no need to go searching manually through your honeypot's log files. It provides an easy to use Web-based interface powered by Node.js to configure itself and Honeyd instances.
-
13:11
»
Packet Storm Security Tools
Nova is a software application for preventing and detecting hostile network reconnaissance (such as nmap scans). It does this by first creating the Haystack: a large collection of low interaction honeypots using an updated version of Honeyd. Finding real machines on the network becomes like finding a needle in a haystack of fake machines. Second, Nova uses machine learning algorithms to automatically detect and classify attempts at hostile reconnaissance, so there's no need to go searching manually through your honeypot's log files. It provides an easy to use Web-based interface powered by Node.js to configure itself and Honeyd instances.
-
13:11
»
Packet Storm Security Misc. Files
Nova is a software application for preventing and detecting hostile network reconnaissance (such as nmap scans). It does this by first creating the Haystack: a large collection of low interaction honeypots using an updated version of Honeyd. Finding real machines on the network becomes like finding a needle in a haystack of fake machines. Second, Nova uses machine learning algorithms to automatically detect and classify attempts at hostile reconnaissance, so there's no need to go searching manually through your honeypot's log files. It provides an easy to use Web-based interface powered by Node.js to configure itself and Honeyd instances.
-
-
18:03
»
Packet Storm Security Recent Files
Nova is a software application for preventing and detecting hostile network reconnaissance (such as nmap scans). It does this by first creating the Haystack: a large collection of low interaction honeypots using an updated version of Honeyd. Finding real machines on the network becomes like finding a needle in a haystack of fake machines. Second, Nova uses machine learning algorithms to automatically detect and classify attempts at hostile reconnaissance, so there's no need to go searching manually through your honeypot's log files. It provides an easy to use Web-based interface powered by Node.js to configure itself and Honeyd instances.
-
18:03
»
Packet Storm Security Tools
Nova is a software application for preventing and detecting hostile network reconnaissance (such as nmap scans). It does this by first creating the Haystack: a large collection of low interaction honeypots using an updated version of Honeyd. Finding real machines on the network becomes like finding a needle in a haystack of fake machines. Second, Nova uses machine learning algorithms to automatically detect and classify attempts at hostile reconnaissance, so there's no need to go searching manually through your honeypot's log files. It provides an easy to use Web-based interface powered by Node.js to configure itself and Honeyd instances.
-
18:03
»
Packet Storm Security Misc. Files
Nova is a software application for preventing and detecting hostile network reconnaissance (such as nmap scans). It does this by first creating the Haystack: a large collection of low interaction honeypots using an updated version of Honeyd. Finding real machines on the network becomes like finding a needle in a haystack of fake machines. Second, Nova uses machine learning algorithms to automatically detect and classify attempts at hostile reconnaissance, so there's no need to go searching manually through your honeypot's log files. It provides an easy to use Web-based interface powered by Node.js to configure itself and Honeyd instances.
-
-
6:17
»
Packet Storm Security Recent Files
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
-
6:17
»
Packet Storm Security Tools
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
-
6:17
»
Packet Storm Security Tools
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
-
6:17
»
Packet Storm Security Misc. Files
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
-
-
16:00
»
SecuriTeam
Symantec Network Access Control is prone to a local privilege-escalation vulnerability.
-
-
16:00
»
SecuriTeam
HP Network Node Manager i is prone to an unspecified unauthorized-access vulnerability.
-
-
14:01
»
Hack a Day
[David] is serving up files on his home network thanks to this Frankenstein’s monster of a Network Attached Storage device. It looks like he raided all the good bits from his parts bin to bring it all together. The case is a tin box which may have been for a card/board game or some holiday [...]
-
-
15:44
»
Packet Storm Security Recent Files
IPv6 offers a much larger address space than that of its IPv4 counterpart. The standard /64 IPv6 subnets can (in theory) accommodate approximately 1.844 * 10^19 hosts, thus resulting in a much lower host density (#hosts/#addresses) than their IPv4 counterparts. As a result, it is widely assumed that it would take a tremendous effort to perform address scanning attacks against IPv6 networks, and therefore IPv6 address scanning attacks have long been considered unfeasible. This document analyzes how traditional address scanning techniques apply to IPv6 networks, and also explores a number of other techniques that can be employed for IPv6 network reconnaissance. Additionally, this document formally obsoletes RFC 5157.
-
15:44
»
Packet Storm Security Misc. Files
IPv6 offers a much larger address space than that of its IPv4 counterpart. The standard /64 IPv6 subnets can (in theory) accommodate approximately 1.844 * 10^19 hosts, thus resulting in a much lower host density (#hosts/#addresses) than their IPv4 counterparts. As a result, it is widely assumed that it would take a tremendous effort to perform address scanning attacks against IPv6 networks, and therefore IPv6 address scanning attacks have long been considered unfeasible. This document analyzes how traditional address scanning techniques apply to IPv6 networks, and also explores a number of other techniques that can be employed for IPv6 network reconnaissance. Additionally, this document formally obsoletes RFC 5157.
-
11:47
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability found in Nagios XI Network Monitor's component 'Graph Explorer'. An authenticated user can execute system commands by injecting it in several parameters, such as in visApi.php's 'host' parameter, which results in remote code execution.
-
11:47
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability found in Nagios XI Network Monitor's component 'Graph Explorer'. An authenticated user can execute system commands by injecting it in several parameters, such as in visApi.php's 'host' parameter, which results in remote code execution.
-
11:47
»
Packet Storm Security Misc. Files
This Metasploit module exploits a vulnerability found in Nagios XI Network Monitor's component 'Graph Explorer'. An authenticated user can execute system commands by injecting it in several parameters, such as in visApi.php's 'host' parameter, which results in remote code execution.
-
-
16:00
»
SecuriTeam
Red Hat Network Configuration Client is prone to an insecure file-permissions vulnerability.
-
-
22:43
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability in lib/dbtools.inc which uses unsanitized user input inside a eval() call. Additionally the base64 encoded user credentials are extracted from the database of the application. Please note that in order to be able to steal credentials, the vulnerable service must have at least one USV module (an entry in the "nodes" table in mgedb.db).
-
22:43
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability in lib/dbtools.inc which uses unsanitized user input inside a eval() call. Additionally the base64 encoded user credentials are extracted from the database of the application. Please note that in order to be able to steal credentials, the vulnerable service must have at least one USV module (an entry in the "nodes" table in mgedb.db).
-
22:43
»
Packet Storm Security Misc. Files
This Metasploit module exploits a vulnerability in lib/dbtools.inc which uses unsanitized user input inside a eval() call. Additionally the base64 encoded user credentials are extracted from the database of the application. Please note that in order to be able to steal credentials, the vulnerable service must have at least one USV module (an entry in the "nodes" table in mgedb.db).
-
8:14
»
Packet Storm Security Advisories
EMC Smarts Network Configuration Manager versions prior to 9.1 suffer from hard-coded encryption key and unauthenticated database connection vulnerabilities.
-
8:14
»
Packet Storm Security Recent Files
EMC Smarts Network Configuration Manager versions prior to 9.1 suffer from hard-coded encryption key and unauthenticated database connection vulnerabilities.
-
8:14
»
Packet Storm Security Misc. Files
EMC Smarts Network Configuration Manager versions prior to 9.1 suffer from hard-coded encryption key and unauthenticated database connection vulnerabilities.
-
-
11:22
»
Packet Storm Security Recent Files
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
-
11:22
»
Packet Storm Security Tools
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
-
11:22
»
Packet Storm Security Misc. Files
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
-
-
11:31
»
Hack a Day
Google TV is a network connected television. It does what you would think: plays television programs, streams media from the internet, and allows you to open URLs on your TV. But one nice feature is that it can also be controlled over the network rather than just via an IR remote. Google publishes apps which [...]
-
16:33
»
Packet Storm Security Recent Files
I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
-
16:33
»
Packet Storm Security Tools
I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
-
16:33
»
Packet Storm Security Misc. Files
I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
-
-
11:21
»
Packet Storm Security Recent Files
Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.
-
11:21
»
Packet Storm Security Tools
Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.
-
11:21
»
Packet Storm Security Misc. Files
Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.
-
-
18:00
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
18:00
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
18:00
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
-
17:00
»
SecuriTeam
A potential security vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows.
-
-
10:39
»
Hack a Day
The hardware seen above is used to bridge a local RF radio network to the APRS-IS network. The APRS-IS is an Internet Service that uses a web connection to communicate between APRS networks in different parts of the world. The Raspberry Pi is perfect for this application because of its ability to connect to a [...]
-
-
10:40
»
SecDocs
Authors:
Christian Carstensen Tags:
network Event:
Chaos Communication Congress 20th (20C3) 2003 Abstract: An introduction to the features and capabilities of the computer network at 20C3. We explain how to use IPsec, IPv6 and 802.11a and 802.11b wireless networks.
-
10:40
»
SecDocs
Authors:
Christian Carstensen Tags:
network Event:
Chaos Communication Congress 20th (20C3) 2003 Abstract: An introduction to the features and capabilities of the computer network at 20C3. We explain how to use IPsec, IPv6 and 802.11a and 802.11b wireless networks.
-
-
12:43
»
SecDocs
Authors:
Stephen Lewis Tags:
embedded Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: Although attacking embedded devices is not a new idea, little work has been done on using these devices for attack. Here I present work on the insertion of custom code into a network switch in order to carry out attacks on a network. The use of embedded devices present on a network as a vector for attacks against endstations is a threat that has not yet been realized, despite the knowledge of a number of vulnerabilities affecting such devices. This is probably due to the resistance of such devices to reverse engineering: they frequently run custom operating systems on obscure architectures.
-
-
21:55
»
SecDocs
Authors:
Harald Welte Tags:
network Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: NAT's are ubiquitous in todays Internet. Unfortunately the IETF missed to recognize this reality. Due to this lack of standardizaiton, NAT's pose an enormous threat to the paradigm shift from client-server to peer-to-peer. The presentation covers proposed solutions. NATs are ubiquitous in todays Internet, not only built into so-called DSL or WLAN Routers within customer premises, but also in the corporate environment. The dream of an end-to-end transparent network has died one NAT at at time. Unfortunately the IETF missed to recognize this reality for a long time. This means that there are no up-to-date informations (like best current practice RFC's) specifying how an implementor should implement Network Address Translation. This lack of standardization leads to different NAT behaviour from implementor to implementor. Tradiditonal IP based protocols are built around the client-server paradigm, and NAT's are designed for this. However, recently protocols and applications based on the peer-to-peer paradigm are becomming more and more common. And this is where NAT's become a major problem, especially since they don't expose any standardized deterministic behaviour. Many approaches have been designed, usually with H.323 or SIP as driving force behind them. FCP, Midcom, NSIS, STUN - just to name a few examples. None of them works in all, or even the majority of all cases. In fact the author of this presentation believes it is impossible to solve the problem without making assumptions on some common behaviour of all NAT implementations. The recently published draft-audet-nat-behave tries to be a first candidate of such a behavioral specification. It is scheduled to evolve into a BCP RFC on NAT behaviour in 2005. The presentation will present the fundamental problem, look at different classes of NAT's, their behaviour, and give an overview about the proposed solutions.
-
14:31
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-1369-01 - Red Hat Network Tools provide programs and libraries that allow your system to use provisioning, monitoring, and configuration management capabilities provided by Red Hat Network and Red Hat Network Satellite. It was discovered that the Red Hat Network Configuration Client tool set world-readable permissions on the "/var/log/rhncfg-actions" file, used to store the output of different rhncfg-client actions. This could possibly allow a local attacker to obtain sensitive information they would otherwise not have access to.
-
14:31
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2012-1369-01 - Red Hat Network Tools provide programs and libraries that allow your system to use provisioning, monitoring, and configuration management capabilities provided by Red Hat Network and Red Hat Network Satellite. It was discovered that the Red Hat Network Configuration Client tool set world-readable permissions on the "/var/log/rhncfg-actions" file, used to store the output of different rhncfg-client actions. This could possibly allow a local attacker to obtain sensitive information they would otherwise not have access to.
-
14:31
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-1369-01 - Red Hat Network Tools provide programs and libraries that allow your system to use provisioning, monitoring, and configuration management capabilities provided by Red Hat Network and Red Hat Network Satellite. It was discovered that the Red Hat Network Configuration Client tool set world-readable permissions on the "/var/log/rhncfg-actions" file, used to store the output of different rhncfg-client actions. This could possibly allow a local attacker to obtain sensitive information they would otherwise not have access to.
-
-
4:56
»
SecDocs
Authors:
Roger Dingledine Tags:
Tor Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: Tor is a free-software anonymizing network for web browsing, instant messaging, etc. Our deployed network has thousands of users. I'll talk about design decisions, some everyday uses for anonymity networks, and where we need to go from here. Tor (second-generation Onion Routing) is a distributed overlay network that anonymizes TCP-based applications like web browsing, secure shell, and instant messaging. We have a deployed network of 50 nodes in the US and Europe, and the code is released unencumbered as free software. Tor's rendezvous point design enables location-hidden services -- users can run a standard webserver or other service without revealing its IP. I'll give an overview of the Tor architecture, and talk about why you'd want to use it, what security it provides, and how user applications interface to it. I'll show a working Tor network, and invite the audience to connect to it and use it.
-
4:56
»
SecDocs
Authors:
Roger Dingledine Tags:
Tor Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: Tor is a free-software anonymizing network for web browsing, instant messaging, etc. Our deployed network has thousands of users. I'll talk about design decisions, some everyday uses for anonymity networks, and where we need to go from here. Tor (second-generation Onion Routing) is a distributed overlay network that anonymizes TCP-based applications like web browsing, secure shell, and instant messaging. We have a deployed network of 50 nodes in the US and Europe, and the code is released unencumbered as free software. Tor's rendezvous point design enables location-hidden services -- users can run a standard webserver or other service without revealing its IP. I'll give an overview of the Tor architecture, and talk about why you'd want to use it, what security it provides, and how user applications interface to it. I'll show a working Tor network, and invite the audience to connect to it and use it.
-
3:52
»
SecDocs
Authors:
Roger Dingledine Tags:
Tor Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: Tor is a free-software anonymizing network for web browsing, instant messaging, etc. Our deployed network has thousands of users. I'll talk about design decisions, some everyday uses for anonymity networks, and where we need to go from here. Tor (second-generation Onion Routing) is a distributed overlay network that anonymizes TCP-based applications like web browsing, secure shell, and instant messaging. We have a deployed network of 50 nodes in the US and Europe, and the code is released unencumbered as free software. Tor's rendezvous point design enables location-hidden services -- users can run a standard webserver or other service without revealing its IP. I'll give an overview of the Tor architecture, and talk about why you'd want to use it, what security it provides, and how user applications interface to it. I'll show a working Tor network, and invite the audience to connect to it and use it.
-
-
21:28
»
SecDocs
Authors:
Sebastian Werner Stefan Wahl Tags:
network Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: An Introduction into the structure and design of the congress network - featuring a description of hardware setup and focusing on the uplink to the internet. Building a high-demand network in less than 72hrs is a job that requires sufficient planning in advance. It starts with organizing hardware that is capable to serve the usage profile of about 2342 power-users and ends in asking providers to contribute in upstream connectivity. This talk will give you an outline of what the NOC people do - beginning month before congress doors open. 22c3 network concept is based on the experiences of the last two congresses and tries to solve some problems that arised on 21c3. So this talk will show you, why network is the way it is. Focus of this talk is wired network from access layer to the backbone and our upstream routers. It intends to give network administrators a brief overview of our approach to meet all requirements.
-
21:28
»
SecDocs
Authors:
Sebastian Werner Stefan Wahl Tags:
network Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: An Introduction into the structure and design of the congress network - featuring a description of hardware setup and focusing on the uplink to the internet. Building a high-demand network in less than 72hrs is a job that requires sufficient planning in advance. It starts with organizing hardware that is capable to serve the usage profile of about 2342 power-users and ends in asking providers to contribute in upstream connectivity. This talk will give you an outline of what the NOC people do - beginning month before congress doors open. 22c3 network concept is based on the experiences of the last two congresses and tries to solve some problems that arised on 21c3. So this talk will show you, why network is the way it is. Focus of this talk is wired network from access layer to the backbone and our upstream routers. It intends to give network administrators a brief overview of our approach to meet all requirements.
-
21:28
»
SecDocs
Authors:
Sebastian Werner Stefan Wahl Tags:
network Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: An Introduction into the structure and design of the congress network - featuring a description of hardware setup and focusing on the uplink to the internet. Building a high-demand network in less than 72hrs is a job that requires sufficient planning in advance. It starts with organizing hardware that is capable to serve the usage profile of about 2342 power-users and ends in asking providers to contribute in upstream connectivity. This talk will give you an outline of what the NOC people do - beginning month before congress doors open. 22c3 network concept is based on the experiences of the last two congresses and tries to solve some problems that arised on 21c3. So this talk will show you, why network is the way it is. Focus of this talk is wired network from access layer to the backbone and our upstream routers. It intends to give network administrators a brief overview of our approach to meet all requirements.
-
-
9:20
»
SecDocs
Authors:
Ian Clarke Oskar Sandberg Tags:
covert channel privacy Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: At Defcon 13, we presented our ideas for creating scalable networks where only trusted friends speak directly to each other. In this talk, we will elaborate on this, discussing further experiments and results, as well as our attempts to build such a network for real. We believe that such networks, because they are covert and difficult to detect, are the only viable future for peer-to-peer communication in a time when it is under attack from all sides. The problem with such "dark" networks, or Darknets, is that peers in general are connected only through sequences of friends knowing friends. In order to create a network that still allows global communication, one must find a way of searching efficiently for such paths between hosts. This is where we have focused our attention: if one can efficiently find such paths, then one can use the known techniques of distributed hashtables to make a working, searchable, network. We have now begun our plan towards actually deploying a version of Freenet based on these principles: a file sharing network where only once trusted friends will know that one is even participating. Since it is to be the next version of Freenet, we also intend for it to offer anonymity and replication to protect against censorship. In this talk, we will further elaborate on the ideas and the issues we are facing. We will discuss further experiments and results, as well as our initial experiences of attempting to create such a network for the real world. As before, we will present both the theoretical aspects of our research, which has its roots in deep mathematical results, and the practical aspects of what we are trying to achieve.
-
9:20
»
SecDocs
Authors:
Ian Clarke Oskar Sandberg Tags:
covert channel privacy Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: At Defcon 13, we presented our ideas for creating scalable networks where only trusted friends speak directly to each other. In this talk, we will elaborate on this, discussing further experiments and results, as well as our attempts to build such a network for real. We believe that such networks, because they are covert and difficult to detect, are the only viable future for peer-to-peer communication in a time when it is under attack from all sides. The problem with such "dark" networks, or Darknets, is that peers in general are connected only through sequences of friends knowing friends. In order to create a network that still allows global communication, one must find a way of searching efficiently for such paths between hosts. This is where we have focused our attention: if one can efficiently find such paths, then one can use the known techniques of distributed hashtables to make a working, searchable, network. We have now begun our plan towards actually deploying a version of Freenet based on these principles: a file sharing network where only once trusted friends will know that one is even participating. Since it is to be the next version of Freenet, we also intend for it to offer anonymity and replication to protect against censorship. In this talk, we will further elaborate on the ideas and the issues we are facing. We will discuss further experiments and results, as well as our initial experiences of attempting to create such a network for the real world. As before, we will present both the theoretical aspects of our research, which has its roots in deep mathematical results, and the practical aspects of what we are trying to achieve.
-
9:20
»
SecDocs
Authors:
Ian Clarke Oskar Sandberg Tags:
covert channel privacy Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: At Defcon 13, we presented our ideas for creating scalable networks where only trusted friends speak directly to each other. In this talk, we will elaborate on this, discussing further experiments and results, as well as our attempts to build such a network for real. We believe that such networks, because they are covert and difficult to detect, are the only viable future for peer-to-peer communication in a time when it is under attack from all sides. The problem with such "dark" networks, or Darknets, is that peers in general are connected only through sequences of friends knowing friends. In order to create a network that still allows global communication, one must find a way of searching efficiently for such paths between hosts. This is where we have focused our attention: if one can efficiently find such paths, then one can use the known techniques of distributed hashtables to make a working, searchable, network. We have now begun our plan towards actually deploying a version of Freenet based on these principles: a file sharing network where only once trusted friends will know that one is even participating. Since it is to be the next version of Freenet, we also intend for it to offer anonymity and replication to protect against censorship. In this talk, we will further elaborate on the ideas and the issues we are facing. We will discuss further experiments and results, as well as our initial experiences of attempting to create such a network for the real world. As before, we will present both the theoretical aspects of our research, which has its roots in deep mathematical results, and the practical aspects of what we are trying to achieve.
-
8:21
»
Packet Storm Security Recent Files
I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
-
8:21
»
Packet Storm Security Tools
I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
-
8:21
»
Packet Storm Security Misc. Files
I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
-
-
1:22
»
Packet Storm Security Recent Files
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
-
1:22
»
Packet Storm Security Tools
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
-
1:22
»
Packet Storm Security Misc. Files
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
-
-
21:37
»
SecDocs
Authors:
Achim Friedland Daniel Kirstenpfad Tags:
network GSM phone Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: We are giving an overview of ip networks used for >=2.5G technologies. Our main focus is on scanning the overlaying ip network, on different Voice-over-IP filter implementations and the possibilities to circumvent them. We want to explain the ip networks used in GPRS and UMTS cellular networks from the enduser point of view. How do they work today and what has to be done to get a normal webpage, voice-over-ip or even a video stream onto your PDA or SmartPhone. For your private investigations inside your providers ip network we want to demonstrate you a tcp/udp port and round-trip-time based traceroute program based on the .NET compact framework. With the help of this program we want to analyse the anti voice-over-ip filters implemented by different cellular providers and show you some possibilities how to circumvent them _efficently_. So we don't just tunnel all the traffic through a VPN. But even when these filters become more sophisticated in the future we want to present some ideas how to defeat your right to talk via voice-over-ip whereever and whenever you want to.
-
21:37
»
SecDocs
Authors:
Achim Friedland Daniel Kirstenpfad Tags:
network GSM phone Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: We are giving an overview of ip networks used for >=2.5G technologies. Our main focus is on scanning the overlaying ip network, on different Voice-over-IP filter implementations and the possibilities to circumvent them. We want to explain the ip networks used in GPRS and UMTS cellular networks from the enduser point of view. How do they work today and what has to be done to get a normal webpage, voice-over-ip or even a video stream onto your PDA or SmartPhone. For your private investigations inside your providers ip network we want to demonstrate you a tcp/udp port and round-trip-time based traceroute program based on the .NET compact framework. With the help of this program we want to analyse the anti voice-over-ip filters implemented by different cellular providers and show you some possibilities how to circumvent them _efficently_. So we don't just tunnel all the traffic through a VPN. But even when these filters become more sophisticated in the future we want to present some ideas how to defeat your right to talk via voice-over-ip whereever and whenever you want to.
-
13:52
»
SecDocs
Authors:
Achim Friedland Daniel Kirstenpfad Tags:
network GSM phone Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: We are giving an overview of ip networks used for >=2.5G technologies. Our main focus is on scanning the overlaying ip network, on different Voice-over-IP filter implementations and the possibilities to circumvent them. We want to explain the ip networks used in GPRS and UMTS cellular networks from the enduser point of view. How do they work today and what has to be done to get a normal webpage, voice-over-ip or even a video stream onto your PDA or SmartPhone. For your private investigations inside your providers ip network we want to demonstrate you a tcp/udp port and round-trip-time based traceroute program based on the .NET compact framework. With the help of this program we want to analyse the anti voice-over-ip filters implemented by different cellular providers and show you some possibilities how to circumvent them _efficently_. So we don't just tunnel all the traffic through a VPN. But even when these filters become more sophisticated in the future we want to present some ideas how to defeat your right to talk via voice-over-ip whereever and whenever you want to.
-
-
20:35
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
20:35
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
20:35
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
-
21:46
»
SecDocs
Authors:
Elisa Jasinska Maxim Salomon Niels Bakker Tags:
network Event:
Chaos Communication Camp 2007 Abstract: An introduction into the structure and design of the camp network - featuring a description of hardware setup and focusing on the Backbone Network infrastructure and Wireless LAN. Building a high-demand outdoor network in less than one week is a job that requires sufficient planning in advance. It starts with organizing hardware that is capable to serve the usage profile of about 2342 power-users and ends in asking providers to contribute in upstream connectivity. This talk will give you an outline of what the NOC people do - beginning month before Camp doors open. The Camp network concept is based on the experiences of the last Congresses. So this talk will show you why network is the way it is. Focus of this talk is network from access layer to the backbone and our Wireless LAN. It intends to give network administrators a brief overview of our approach to meet all requirements.
-
21:46
»
SecDocs
Authors:
Elisa Jasinska Maxim Salomon Niels Bakker Tags:
network Event:
Chaos Communication Camp 2007 Abstract: An introduction into the structure and design of the camp network - featuring a description of hardware setup and focusing on the Backbone Network infrastructure and Wireless LAN. Building a high-demand outdoor network in less than one week is a job that requires sufficient planning in advance. It starts with organizing hardware that is capable to serve the usage profile of about 2342 power-users and ends in asking providers to contribute in upstream connectivity. This talk will give you an outline of what the NOC people do - beginning month before Camp doors open. The Camp network concept is based on the experiences of the last Congresses. So this talk will show you why network is the way it is. Focus of this talk is network from access layer to the backbone and our Wireless LAN. It intends to give network administrators a brief overview of our approach to meet all requirements.
-
-
21:49
»
SecDocs
Tags:
Rich Internet Applications Flash Event:
Chaos Communication Camp 2007 Abstract: Flash is used for so-called RIA quite a long time now. Many of us know that Flash is evil and can be used for bad and ugly things, but it was not too easy to audit Flash apps in the past. The lecture will start with an overview over the history of Flash/ActionScript, its capabilities and flaws. A deeper look into the object and security model as well as the variable handling will follow, including an analyze of common developer mistakes and how it is possible to exploit those. But Flash is also a powerful tool for filing attacks over the network. So a couple of possible attack examples such as request forging, network scanning or Flash based attack back channels will be explained. The talk includes a section where free tools for auditing will be introduced.
-
21:49
»
SecDocs
Tags:
Rich Internet Applications Flash Event:
Chaos Communication Camp 2007 Abstract: Flash is used for so-called RIA quite a long time now. Many of us know that Flash is evil and can be used for bad and ugly things, but it was not too easy to audit Flash apps in the past. The lecture will start with an overview over the history of Flash/ActionScript, its capabilities and flaws. A deeper look into the object and security model as well as the variable handling will follow, including an analyze of common developer mistakes and how it is possible to exploit those. But Flash is also a powerful tool for filing attacks over the network. So a couple of possible attack examples such as request forging, network scanning or Flash based attack back channels will be explained. The talk includes a section where free tools for auditing will be introduced.
-
21:49
»
SecDocs
Tags:
network Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: An Introduction into the structure and design of the congress network - featuring a description of hardware setup and focusing on the Backbone Network infrastructure and Wireless LAN. Building a high-demand network in less than 72hrs is a job that requires sufficient planning in advance. It starts with organizing hardware that is capable to serve the usage profile of about 2342 power-users and ends in asking providers to contribute in upstream connectivity. This talk will give you an outline of what the NOC people do - beginning month before congress doors open. 23c3 network concept is based on the experiences of the last congresses So this talk will show you, why network is the way it is. Focus of this talk is wired network from access layer to the backbone and our Wireless LAN. It intends to give network administrators a brief overview of our approach to meet all requirements.
-
-
21:32
»
SecDocs
Tags:
network Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: An Introduction into the structure and design of the congress network - featuring a description of hardware setup and focusing on the Backbone Network infrastructure and Wireless LAN. Building a high-demand network in less than 72hrs is a job that requires sufficient planning in advance. It starts with organizing hardware that is capable to serve the usage profile of about 2342 power-users and ends in asking providers to contribute in upstream connectivity. This talk will give you an outline of what the NOC people do - beginning month before congress doors open. 23c3 network concept is based on the experiences of the last congresses So this talk will show you, why network is the way it is. Focus of this talk is wired network from access layer to the backbone and our Wireless LAN. It intends to give network administrators a brief overview of our approach to meet all requirements.
-
-
12:16
»
Hack a Day
[Derek] wanted a clock for his media center. A simple wish, but he had a few requirements: he didn’t need an alarm, wanted it to automatically set its time after a power outage, needed a big display, and also wanted it to look good. After shopping around [Derek] couldn’t find a clock that would fit [...]
-
-
21:33
»
SecDocs
Authors:
Arien Vijn Tags:
network sniffer Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: Capturing network packets is a valuable technique for troubleshooting network problems. Capturing at network speeds less, or up to one gigabit per second is feasible with a fast general purpose computer hardware. But that hardware is to slow for Ten gigabit per second ethernet (10GE). Hence, special hardware is required. This topic describes the modification of a commercially available 10GE networks security system, into a network analyser. Who can you trust? - Nobody, when it come to trouble-shooting network issues at an internet exchange point. An Internet Exchange (IX) operates by definition in-between different network providers. These providers are often competitors, each with their cultural and technical differences. Troubleshooting network issues at an IX involves at least three parties. Namely, the internet exchange operator and two or more ISPs. Each with its own systems, knowhow, procedures and culture. Such an environment is very different from networks were operators have control over the network components. Therefore an internet exchange operator must be able to identify and isolate network problems, without relying too much on the other parties involved, while the exchange stays in full operation. For this, the technique of passive monitoring - watching the traffic as it passes by - has proven to be extremely valuable. Passive monitoring for speeds less than 1 Gbps is possible with a fast general purpose computer and generic NICs. Numerous open source applications have been made for this. Ten gigabit per second ethernet (10GE) is another game. Special hardware is required to achieve that. The Amsterdam Internet Exchange (AMS-IX) modified Force10's P10 system to monitor 10GE connections. This system was originally designed for security applications at 10GE wire speeds. But since it is build around programmable logic, it is possible to adapt it to a useful trouble-shooting tool.
-
21:33
»
SecDocs
Authors:
Arien Vijn Tags:
network sniffer Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: Capturing network packets is a valuable technique for troubleshooting network problems. Capturing at network speeds less, or up to one gigabit per second is feasible with a fast general purpose computer hardware. But that hardware is to slow for Ten gigabit per second ethernet (10GE). Hence, special hardware is required. This topic describes the modification of a commercially available 10GE networks security system, into a network analyser. Who can you trust? - Nobody, when it come to trouble-shooting network issues at an internet exchange point. An Internet Exchange (IX) operates by definition in-between different network providers. These providers are often competitors, each with their cultural and technical differences. Troubleshooting network issues at an IX involves at least three parties. Namely, the internet exchange operator and two or more ISPs. Each with its own systems, knowhow, procedures and culture. Such an environment is very different from networks were operators have control over the network components. Therefore an internet exchange operator must be able to identify and isolate network problems, without relying too much on the other parties involved, while the exchange stays in full operation. For this, the technique of passive monitoring - watching the traffic as it passes by - has proven to be extremely valuable. Passive monitoring for speeds less than 1 Gbps is possible with a fast general purpose computer and generic NICs. Numerous open source applications have been made for this. Ten gigabit per second ethernet (10GE) is another game. Special hardware is required to achieve that. The Amsterdam Internet Exchange (AMS-IX) modified Force10's P10 system to monitor 10GE connections. This system was originally designed for security applications at 10GE wire speeds. But since it is build around programmable logic, it is possible to adapt it to a useful trouble-shooting tool.
-
17:39
»
Packet Storm Security Recent Files
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
-
17:39
»
Packet Storm Security Tools
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
-
17:39
»
Packet Storm Security Misc. Files
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
-
-
21:44
»
SecDocs
Authors:
Arien Vijn Tags:
network sniffer Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: Capturing network packets is a valuable technique for troubleshooting network problems. Capturing at network speeds less, or up to one gigabit per second is feasible with a fast general purpose computer hardware. But that hardware is to slow for Ten gigabit per second ethernet (10GE). Hence, special hardware is required. This topic describes the modification of a commercially available 10GE networks security system, into a network analyser. Who can you trust? - Nobody, when it come to trouble-shooting network issues at an internet exchange point. An Internet Exchange (IX) operates by definition in-between different network providers. These providers are often competitors, each with their cultural and technical differences. Troubleshooting network issues at an IX involves at least three parties. Namely, the internet exchange operator and two or more ISPs. Each with its own systems, knowhow, procedures and culture. Such an environment is very different from networks were operators have control over the network components. Therefore an internet exchange operator must be able to identify and isolate network problems, without relying too much on the other parties involved, while the exchange stays in full operation. For this, the technique of passive monitoring - watching the traffic as it passes by - has proven to be extremely valuable. Passive monitoring for speeds less than 1 Gbps is possible with a fast general purpose computer and generic NICs. Numerous open source applications have been made for this. Ten gigabit per second ethernet (10GE) is another game. Special hardware is required to achieve that. The Amsterdam Internet Exchange (AMS-IX) modified Force10's P10 system to monitor 10GE connections. This system was originally designed for security applications at 10GE wire speeds. But since it is build around programmable logic, it is possible to adapt it to a useful trouble-shooting tool.
-
21:44
»
SecDocs
Authors:
Arien Vijn Tags:
network sniffer Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: Capturing network packets is a valuable technique for troubleshooting network problems. Capturing at network speeds less, or up to one gigabit per second is feasible with a fast general purpose computer hardware. But that hardware is to slow for Ten gigabit per second ethernet (10GE). Hence, special hardware is required. This topic describes the modification of a commercially available 10GE networks security system, into a network analyser. Who can you trust? - Nobody, when it come to trouble-shooting network issues at an internet exchange point. An Internet Exchange (IX) operates by definition in-between different network providers. These providers are often competitors, each with their cultural and technical differences. Troubleshooting network issues at an IX involves at least three parties. Namely, the internet exchange operator and two or more ISPs. Each with its own systems, knowhow, procedures and culture. Such an environment is very different from networks were operators have control over the network components. Therefore an internet exchange operator must be able to identify and isolate network problems, without relying too much on the other parties involved, while the exchange stays in full operation. For this, the technique of passive monitoring - watching the traffic as it passes by - has proven to be extremely valuable. Passive monitoring for speeds less than 1 Gbps is possible with a fast general purpose computer and generic NICs. Numerous open source applications have been made for this. Ten gigabit per second ethernet (10GE) is another game. Special hardware is required to achieve that. The Amsterdam Internet Exchange (AMS-IX) modified Force10's P10 system to monitor 10GE connections. This system was originally designed for security applications at 10GE wire speeds. But since it is build around programmable logic, it is possible to adapt it to a useful trouble-shooting tool.
-
-
21:48
»
SecDocs
Authors:
Ben Kurtz Tags:
fuzzing Event:
Chaos Communication Camp 2007 Abstract: This talk will introduce a simple and incredibly powerful framework for the scripted generation of network traffic: Funk, a new tool for fuzzing arbitrary network protocols written using the Chicken Scheme-to-C compiler. Source code will be provided and explained, so you can start using this framework today for all your network traffic generation needs! Some familiarity with functional languages like Lisp or Scheme will be helpful, but not required. At my talk at DefCon 13, I described a framework and development environment for the generation of network traffic of arbitrary protocols. This framework was limited by it's reliance on a domain-specific language and the use of regular grammars. By re-visiting the same problem with a new perspective, the use of a functional language like Scheme, I've found a much simpler and more powerful approach. By using Chicken Scheme instead of a home-grown scripting language, even complicated protocols like ASN.1 can be fuzz-tested with ease. The use of a functional language makes it possible to provide a unified interface to all network protocols. This allows the abstraction of behavior for traffic generating programs, like fuzzers.
-
-
17:00
»
SecuriTeam
Multiple Iomega network storage devices are prone to a security-bypass vulnerability.
-
-
15:14
»
SecDocs
Authors:
Roger Dingledine Tags:
Tor Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: Websites like Wikipedia and Blogspot are increasingly being blocked by government-level firewalls around the world. Although many people use the Tor anonymity network to get around this censorship, the current Tor network is not designed to withstand a government-level censor. In this talk we describe a design for providing access to the Tor network that is harder to block.
-
15:02
»
SecDocs
Authors:
Roger Dingledine Tags:
Tor Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: Websites like Wikipedia and Blogspot are increasingly being blocked by government-level firewalls around the world. Although many people use the Tor anonymity network to get around this censorship, the current Tor network is not designed to withstand a government-level censor. In this talk we describe a design for providing access to the Tor network that is harder to block.
-
15:00
»
SecDocs
Authors:
Roger Dingledine Tags:
Tor Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: Websites like Wikipedia and Blogspot are increasingly being blocked by government-level firewalls around the world. Although many people use the Tor anonymity network to get around this censorship, the current Tor network is not designed to withstand a government-level censor. In this talk we describe a design for providing access to the Tor network that is harder to block.
-
14:55
»
SecDocs
Authors:
Andreas Krennmair Tags:
network secure development Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: This talk describes a software system to securely execute predefined commands over an untrusted network, analyzes the potential attack vectors against this system and defines countermeasures to make it impossible for an attacker to use these attack vectors. This talk describes a software system to securely execute predefined commands over an untrusted network, using an authentication method and a measure of transport layer security. This software system - called "trapdoor2" - is used as an example to describe a number of ''state of the art'' programming techniques as countermeasures against potential attacks. Techniques that will be described and shown in detail in the presentation will be privilege separation, strict enforcement of the ''principle of least privileges'', preventing attacks against the used SSL/TLS implementation and defeating Denial of Service attacks by employing a simple yet efficient connection limiting algorithm.
-
14:53
»
SecDocs
Authors:
Andreas Krennmair Tags:
network secure development Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: This talk describes a software system to securely execute predefined commands over an untrusted network, analyzes the potential attack vectors against this system and defines countermeasures to make it impossible for an attacker to use these attack vectors. This talk describes a software system to securely execute predefined commands over an untrusted network, using an authentication method and a measure of transport layer security. This software system - called "trapdoor2" - is used as an example to describe a number of ''state of the art'' programming techniques as countermeasures against potential attacks. Techniques that will be described and shown in detail in the presentation will be privilege separation, strict enforcement of the ''principle of least privileges'', preventing attacks against the used SSL/TLS implementation and defeating Denial of Service attacks by employing a simple yet efficient connection limiting algorithm.
-
14:52
»
SecDocs
Authors:
Andreas Krennmair Tags:
network secure development Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: This talk describes a software system to securely execute predefined commands over an untrusted network, analyzes the potential attack vectors against this system and defines countermeasures to make it impossible for an attacker to use these attack vectors. This talk describes a software system to securely execute predefined commands over an untrusted network, using an authentication method and a measure of transport layer security. This software system - called "trapdoor2" - is used as an example to describe a number of ''state of the art'' programming techniques as countermeasures against potential attacks. Techniques that will be described and shown in detail in the presentation will be privilege separation, strict enforcement of the ''principle of least privileges'', preventing attacks against the used SSL/TLS implementation and defeating Denial of Service attacks by employing a simple yet efficient connection limiting algorithm.
-
-
7:20
»
SecDocs
Tags:
router Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: The security of backbone devices has been under increasing focus for the past few years, but infrastructure hacking techniques remain in their infancy and are still not even used in most penetration tests. This talk will discuss how to find and exploit vulnerabilities in infrastructure devices and their service dependencies, including vulnerability development as necessary. While the overall flow of systematically attacking a network's infrastructure is similar to attacking any network -- recon, find vulnerable points, gather data, harvest authentication credentials, attack, recurse -- there are several useful vectors still not common among network engineers or penetration testers. This talk will outline some useful lateral techniques for backbone and infrastructure device hacking, as well as discussing how to assess a network and develop your own attacks if there are no known ones to be found.
-
7:15
»
SecDocs
Tags:
router Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: The security of backbone devices has been under increasing focus for the past few years, but infrastructure hacking techniques remain in their infancy and are still not even used in most penetration tests. This talk will discuss how to find and exploit vulnerabilities in infrastructure devices and their service dependencies, including vulnerability development as necessary. While the overall flow of systematically attacking a network's infrastructure is similar to attacking any network -- recon, find vulnerable points, gather data, harvest authentication credentials, attack, recurse -- there are several useful vectors still not common among network engineers or penetration testers. This talk will outline some useful lateral techniques for backbone and infrastructure device hacking, as well as discussing how to assess a network and develop your own attacks if there are no known ones to be found.
-
7:14
»
SecDocs
Tags:
router Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: The security of backbone devices has been under increasing focus for the past few years, but infrastructure hacking techniques remain in their infancy and are still not even used in most penetration tests. This talk will discuss how to find and exploit vulnerabilities in infrastructure devices and their service dependencies, including vulnerability development as necessary. While the overall flow of systematically attacking a network's infrastructure is similar to attacking any network -- recon, find vulnerable points, gather data, harvest authentication credentials, attack, recurse -- there are several useful vectors still not common among network engineers or penetration testers. This talk will outline some useful lateral techniques for backbone and infrastructure device hacking, as well as discussing how to assess a network and develop your own attacks if there are no known ones to be found.
-
-
20:40
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
20:40
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
20:40
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
-
12:01
»
Hack a Day
If you’ve ever dealt with a buggy Internet connection, you know how frustrating it can be. This project takes the guesswork out of mashing F5 over and over, or simply walking over to your router and ‘turning it on and off again.’ Necessity is the mother of invention, and when the folks at the Bitlair [...]
-
-
21:47
»
SecDocs
Authors:
Svenja Schröder Tags:
intelligence social social engineering Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: This talk introduces some techniques of social network analysis and graph theory. It aims at using simple approaches for getting interesting facts about networks. I will use the data of a popular community to demonstrate some of the techniques. 'I'm not stalking, I'm just investigating' - Who hasn't ever heard this sentence from one of their friends? Whether it concerns connecting people and interest groups or item recommendations - most of the possibilities of the WWW today are based on the idea of networking. MySpace, Facebook or its German counterpart StudiVZ, just to name a few, are very popular communities these days, which aim at connecting people. All of those communities can be modelled as social networks allowing an automatic analysis to reveal interesting facts. In this talk I would like to introduce some of the technologies one could use to analyze such a network. While the list of algorithms and approaches is long, I want to emphasize on the things one can find out even using simple techniques. In order to do so, I will work on some data collected from a popular community to show some possibilities of analyzing.
-
-
21:26
»
SecDocs
Authors:
Svenja Schröder Tags:
intelligence social social engineering Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: This talk introduces some techniques of social network analysis and graph theory. It aims at using simple approaches for getting interesting facts about networks. I will use the data of a popular community to demonstrate some of the techniques. 'I'm not stalking, I'm just investigating' - Who hasn't ever heard this sentence from one of their friends? Whether it concerns connecting people and interest groups or item recommendations - most of the possibilities of the WWW today are based on the idea of networking. MySpace, Facebook or its German counterpart StudiVZ, just to name a few, are very popular communities these days, which aim at connecting people. All of those communities can be modelled as social networks allowing an automatic analysis to reveal interesting facts. In this talk I would like to introduce some of the technologies one could use to analyze such a network. While the list of algorithms and approaches is long, I want to emphasize on the things one can find out even using simple techniques. In order to do so, I will work on some data collected from a popular community to show some possibilities of analyzing.
-
21:26
»
SecDocs
Authors:
Svenja Schröder Tags:
intelligence social social engineering Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: This talk introduces some techniques of social network analysis and graph theory. It aims at using simple approaches for getting interesting facts about networks. I will use the data of a popular community to demonstrate some of the techniques. 'I'm not stalking, I'm just investigating' - Who hasn't ever heard this sentence from one of their friends? Whether it concerns connecting people and interest groups or item recommendations - most of the possibilities of the WWW today are based on the idea of networking. MySpace, Facebook or its German counterpart StudiVZ, just to name a few, are very popular communities these days, which aim at connecting people. All of those communities can be modelled as social networks allowing an automatic analysis to reveal interesting facts. In this talk I would like to introduce some of the technologies one could use to analyze such a network. While the list of algorithms and approaches is long, I want to emphasize on the things one can find out even using simple techniques. In order to do so, I will work on some data collected from a popular community to show some possibilities of analyzing.
-
17:00
»
SecuriTeam
Vivotek Network Cameras are prone to an information-disclosure vulnerability.
-
-
12:46
»
Packet Storm Security Recent Files
HC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
-
12:46
»
Packet Storm Security Tools
HC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
-
12:46
»
Packet Storm Security Misc. Files
HC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
-
-
13:06
»
Hack a Day
Start your week off with a smile thanks to the video [Sammy] put together. It shows off the cooling rack he made for his network equipment. The project was developed out of necessity as the summer weather was causing his modem and router to heat up and at some point one of them would just shutdown and [...]
-
-
21:53
»
SecDocs
Authors:
Fabian Yamaguchi Felix 'FX' Lindner Tags:
scanning Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: Port-Scanning large networks can take ages. Asking yourself how much of this time is really necessary and how much you can blame on the port-scanner, you may find yourself integrating your own scanner into the linux-kernel. Or at least we did. How fast a port-scan can be is largely dependent on the performance of the network in question. Nonetheless, it is clear that choosing the most efficient scanning-speed is only possible based on sufficient information on the network's performance. We have thus designed and implemented a port-scanning method which provokes extra network-activity to increase the amount of information at our disposal in an attempt to gain speed on the long run. Further tweaking the actual implementation by integrating it into the linux-kernel left us with a port-scanner ready to tackle big networks at an impressive speed. The presentation will also include thoughts and motivations why we decided to work on topics that are largely considered "done" by the community and why such considerations may be interesting to other researchers.
-
21:53
»
SecDocs
Authors:
Fabian Yamaguchi Felix 'FX' Lindner Tags:
scanning Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: Port-Scanning large networks can take ages. Asking yourself how much of this time is really necessary and how much you can blame on the port-scanner, you may find yourself integrating your own scanner into the linux-kernel. Or at least we did. How fast a port-scan can be is largely dependent on the performance of the network in question. Nonetheless, it is clear that choosing the most efficient scanning-speed is only possible based on sufficient information on the network's performance. We have thus designed and implemented a port-scanning method which provokes extra network-activity to increase the amount of information at our disposal in an attempt to gain speed on the long run. Further tweaking the actual implementation by integrating it into the linux-kernel left us with a port-scanner ready to tackle big networks at an impressive speed. The presentation will also include thoughts and motivations why we decided to work on topics that are largely considered "done" by the community and why such considerations may be interesting to other researchers.
-
21:53
»
SecDocs
Authors:
Fabian Yamaguchi Felix 'FX' Lindner Tags:
scanning Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: Port-Scanning large networks can take ages. Asking yourself how much of this time is really necessary and how much you can blame on the port-scanner, you may find yourself integrating your own scanner into the linux-kernel. Or at least we did. How fast a port-scan can be is largely dependent on the performance of the network in question. Nonetheless, it is clear that choosing the most efficient scanning-speed is only possible based on sufficient information on the network's performance. We have thus designed and implemented a port-scanning method which provokes extra network-activity to increase the amount of information at our disposal in an attempt to gain speed on the long run. Further tweaking the actual implementation by integrating it into the linux-kernel left us with a port-scanner ready to tackle big networks at an impressive speed. The presentation will also include thoughts and motivations why we decided to work on topics that are largely considered "done" by the community and why such considerations may be interesting to other researchers.
-
-
17:53
»
Packet Storm Security Recent Files
netsniff-ng is is a free, performant Linux network sniffer for packet inspection. The gain of performance is reached by 'zero-copy' mechanisms, so that the kernel does not need to copy packets from kernelspace to userspace. For this purpose netsniff-ng is libpcap independent, but nevertheless supports the pcap file format for capturing, replaying and performing offline-analysis of pcap dumps. netsniff-ng can be used for protocol analysis, reverse engineering and network debugging.
-
17:53
»
Packet Storm Security Tools
netsniff-ng is is a free, performant Linux network sniffer for packet inspection. The gain of performance is reached by 'zero-copy' mechanisms, so that the kernel does not need to copy packets from kernelspace to userspace. For this purpose netsniff-ng is libpcap independent, but nevertheless supports the pcap file format for capturing, replaying and performing offline-analysis of pcap dumps. netsniff-ng can be used for protocol analysis, reverse engineering and network debugging.
-
17:53
»
Packet Storm Security Misc. Files
netsniff-ng is is a free, performant Linux network sniffer for packet inspection. The gain of performance is reached by 'zero-copy' mechanisms, so that the kernel does not need to copy packets from kernelspace to userspace. For this purpose netsniff-ng is libpcap independent, but nevertheless supports the pcap file format for capturing, replaying and performing offline-analysis of pcap dumps. netsniff-ng can be used for protocol analysis, reverse engineering and network debugging.
-
-
21:54
»
SecDocs
Authors:
Jens Kubieziel Tags:
privacy Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: I2P is a message-based anonymizing network. It builds a virtual network between the communication endpoints. This talk will introduce the technical details of I2P and show some exemplary applications. I2P has a different approach than most other known anonymous applications. Maybe you know about the anonymisation network Tor. Here you have central directory servers, onion routers (relaying traffic), onion proxies (send and receive data from the user) and other software roles within the network. I2P calls every software a router and it can send and receive data for the user as well as relay traffic for other users. Furthermore I2P uses no central server for distributing information about routers. You'll get the information from I2P's network database. This is a pair of algorithms which share the network metadata. The routers participate in the Kademlia algorithm. It is derived from distributed hash table. My talk will tell you in detail how I2P work, what roles routers, gateways, netDb etc. plays. Furthermore I'll show differences and similarities to other anonymizing networks e. g. Tor and introduce some exemplary applications.
-
21:54
»
SecDocs
Authors:
Jens Kubieziel Tags:
privacy Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: I2P is a message-based anonymizing network. It builds a virtual network between the communication endpoints. This talk will introduce the technical details of I2P and show some exemplary applications. I2P has a different approach than most other known anonymous applications. Maybe you know about the anonymisation network Tor. Here you have central directory servers, onion routers (relaying traffic), onion proxies (send and receive data from the user) and other software roles within the network. I2P calls every software a router and it can send and receive data for the user as well as relay traffic for other users. Furthermore I2P uses no central server for distributing information about routers. You'll get the information from I2P's network database. This is a pair of algorithms which share the network metadata. The routers participate in the Kademlia algorithm. It is derived from distributed hash table. My talk will tell you in detail how I2P work, what roles routers, gateways, netDb etc. plays. Furthermore I'll show differences and similarities to other anonymizing networks e. g. Tor and introduce some exemplary applications.
-
-
17:48
»
Packet Storm Security Recent Files
Network Interface Events Logging Daemon is a tool that receives notifications from the kernel through the rtnetlink socket, and generates logs related to link state, neighbor cache (ARP,NDP), IP address (IPv4,IPv6), route, FIB rules.
-
17:48
»
Packet Storm Security Misc. Files
Network Interface Events Logging Daemon is a tool that receives notifications from the kernel through the rtnetlink socket, and generates logs related to link state, neighbor cache (ARP,NDP), IP address (IPv4,IPv6), route, FIB rules.
-
-
17:00
»
SecuriTeam
Network Instruments Observer is prone to multiple security vulnerabilities.
-
-
15:51
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
15:51
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
15:51
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
-
18:28
»
Packet Storm Security Recent Files
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
-
18:28
»
Packet Storm Security Tools
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
-
18:28
»
Packet Storm Security Misc. Files
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
-
-
8:26
»
Packet Storm Security Advisories
Secunia Research has discovered a vulnerability in Network Instruments Observer, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the "CSnmp::ASN1_ReadObjIDValue()" method (NISNMP.DLL) when processing an Object Identifier (OID) within a variable binding list. This can be exploited to cause a limited stack-based buffer overflow and cause a crash only via e.g. a specially crafted SetRequest SNMP datagram. Observer version 15.1 Build 0007.0000 is affected.
-
8:26
»
Packet Storm Security Recent Files
Secunia Research has discovered a vulnerability in Network Instruments Observer, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the "CSnmp::ASN1_ReadObjIDValue()" method (NISNMP.DLL) when processing an Object Identifier (OID) within a variable binding list. This can be exploited to cause a limited stack-based buffer overflow and cause a crash only via e.g. a specially crafted SetRequest SNMP datagram. Observer version 15.1 Build 0007.0000 is affected.
-
8:26
»
Packet Storm Security Misc. Files
Secunia Research has discovered a vulnerability in Network Instruments Observer, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the "CSnmp::ASN1_ReadObjIDValue()" method (NISNMP.DLL) when processing an Object Identifier (OID) within a variable binding list. This can be exploited to cause a limited stack-based buffer overflow and cause a crash only via e.g. a specially crafted SetRequest SNMP datagram. Observer version 15.1 Build 0007.0000 is affected.
-
-
17:50
»
Packet Storm Security Recent Files
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
-
17:50
»
Packet Storm Security Tools
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
-
17:50
»
Packet Storm Security Misc. Files
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
-
-
21:37
»
SecDocs
Authors:
Dieter Spaar Harald Welte Tags:
network GSM phone Event:
Chaos Communication Congress 25th (25C3) 2008 Abstract: This presentation will mark the first public release of a new GPL licensed Free Software project implementing the GSM fixed network, including the various minimal necessary functionality of BSC, MSC, HLR. It will introduce the respective standards and protocols, as well as a short demonstration of an actual phone call between two mobile phones registered to the base station.
-
-
11:01
»
Hack a Day
So let’s say that you’re a developer on the Xbee team. You need to test the extremes of what the RF radio modules can do when in a large network. But in addition to numerous nodes, you also need to test the effects of distance on the radios. Since it’s not reasonable to distribute hundreds [...]
-
-
21:35
»
SecDocs
Tags:
security phone Event:
Chaos Communication Camp 2011 Abstract: Today, more and more real-world things and machines are equipped with some kind of connection back home to the vendor. Such machine-to-machine (M2M) communication is often poorly secured and some day, the shit will hit the fan! Due to the wide availability of broadband internet and mobile communication, the number of embedded systems that come with a network connection is constantly increasing. These devices are ubiquitous and used in a wide range of applications: smart grid, building management, surveillance, traffic control and individual vehicles. Those embedded devices are often poorly secured, if at all. But things get a lot worse: Vendors often don't take into account, that a device might get compromised, thus giving the attacker access to their network. This talk will give an overview over general machine-to-machine (M2M) communications and corresponding attack scenarios. In addition to wired systems, wireless systems will be considered. Of the latter, GSM based systems are the most interesting. Several ways to attack an embedded device, extract secret data and gain network access will be shown. Finally, some good and bad attempts to enhance the security of M2M systems will be presented.
-
-
12:08
»
SecDocs
Authors:
Jeroen Massar Tags:
network Netflow Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: On the Internet one tends to think that one is pretty much safe from poking eyes. Taps in most countries can only be established after a judge has issued a warrant, thus upto such a tap is succesfully deployed one might think one is pretty much in the clear. Most ISPs though actually employ a toolset comprising one of various NetFlow, IPFIX or sFlow protocols to do trend monitoring, billing and of course, the ability to try and establish which connections a certain IP address is making. During the CCC conference we will monitor the CCC network with NetFlow, collecting and directly anonimizing this information on IP basis. We will map a couple of well-known websites/trackers to a private IP range and preserving these mappings, while anonimizing the rest of the IP addresses, thus your anonimity is safe and please be yourself while using the network. Flow data will not be stored, thus we won't be able to go back and re-analyze the information. As a collector/analyzer we will be using the Anaphera tool by IBM Zurich Research Laboratory [1]. This tool is used in IBM datacenters and by customers of IBM worldwide for detecting malicious/unknown network traffic, traffic trending, anomaly detection, growth prognosis and billing. We'll be explaining the intriciate parts about NetFlow, IPFIX and sFlow, what the technologies are and how they work, hopping briefly in the big difference with taps and what they could see when they are deployed and also what we don't see now and what gets lost in the noise. We will be showing you what information and details can be taken from a flow based tool, so that you know what can be seen by ISPs around the world.
-
11:42
»
SecDocs
Authors:
Jeroen Massar Tags:
network Netflow Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: On the Internet one tends to think that one is pretty much safe from poking eyes. Taps in most countries can only be established after a judge has issued a warrant, thus upto such a tap is succesfully deployed one might think one is pretty much in the clear. Most ISPs though actually employ a toolset comprising one of various NetFlow, IPFIX or sFlow protocols to do trend monitoring, billing and of course, the ability to try and establish which connections a certain IP address is making. During the CCC conference we will monitor the CCC network with NetFlow, collecting and directly anonimizing this information on IP basis. We will map a couple of well-known websites/trackers to a private IP range and preserving these mappings, while anonimizing the rest of the IP addresses, thus your anonimity is safe and please be yourself while using the network. Flow data will not be stored, thus we won't be able to go back and re-analyze the information. As a collector/analyzer we will be using the Anaphera tool by IBM Zurich Research Laboratory [1]. This tool is used in IBM datacenters and by customers of IBM worldwide for detecting malicious/unknown network traffic, traffic trending, anomaly detection, growth prognosis and billing. We'll be explaining the intriciate parts about NetFlow, IPFIX and sFlow, what the technologies are and how they work, hopping briefly in the big difference with taps and what they could see when they are deployed and also what we don't see now and what gets lost in the noise. We will be showing you what information and details can be taken from a flow based tool, so that you know what can be seen by ISPs around the world.
-
-
13:55
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-0509-01 - Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file.
-
13:55
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2012-0509-01 - Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file.
-
13:55
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-0509-01 - Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file.
-
-
11:13
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
11:13
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
11:13
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
-
8:17
»
Packet Storm Security Recent Files
Network Interface Events Logging Daemon is a tool that receives notifications from the kernel through the rtnetlink socket, and generates logs related to link state, neighbor cache (ARP,NDP), IP address (IPv4,IPv6), route, FIB rules.
-
8:17
»
Packet Storm Security Tools
Network Interface Events Logging Daemon is a tool that receives notifications from the kernel through the rtnetlink socket, and generates logs related to link state, neighbor cache (ARP,NDP), IP address (IPv4,IPv6), route, FIB rules.
-
8:17
»
Packet Storm Security Misc. Files
Network Interface Events Logging Daemon is a tool that receives notifications from the kernel through the rtnetlink socket, and generates logs related to link state, neighbor cache (ARP,NDP), IP address (IPv4,IPv6), route, FIB rules.
-
-
21:49
»
SecDocs
Authors:
Will Hargrave Tags:
network Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: A review about the camp and the congress network. Network layout, planning, setup, operation and finally the teardown. This talk will review both the 28C3 and, due to popular demand, the Camp network. First we would like to give you a review about our network at the camp, where we built a mid-sized carrier network in a few weeks at a camp ground with no infrastructure: Starting at the 4km fibre uplink and the roll out of fibre over the whole campground, you will learn how to build proper datenklos, deploy access switches and WLAN access points in them and also how to convert a shipping container into a sophisticated outdoor data center, in order to build a network that can deliver pictures of cute little cats to over 3000 users. We had some issues and challenging tasks, which we wish to report; we also have some graphs, diagrams, photos and graphics which we want to share with you. The second part will be about the network of the 28C3, which is more or less the usual stuff like every year. You will see some graphs, infrastructure, and hopefully no reports about big issues. ;)
-
21:49
»
SecDocs
Authors:
Will Hargrave Tags:
network Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: A review about the camp and the congress network. Network layout, planning, setup, operation and finally the teardown. This talk will review both the 28C3 and, due to popular demand, the Camp network. First we would like to give you a review about our network at the camp, where we built a mid-sized carrier network in a few weeks at a camp ground with no infrastructure: Starting at the 4km fibre uplink and the roll out of fibre over the whole campground, you will learn how to build proper datenklos, deploy access switches and WLAN access points in them and also how to convert a shipping container into a sophisticated outdoor data center, in order to build a network that can deliver pictures of cute little cats to over 3000 users. We had some issues and challenging tasks, which we wish to report; we also have some graphs, diagrams, photos and graphics which we want to share with you. The second part will be about the network of the 28C3, which is more or less the usual stuff like every year. You will see some graphs, infrastructure, and hopefully no reports about big issues. ;)
-
21:49
»
SecDocs
Authors:
Ruben Bloemgarten Tags:
data mining Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: The object of the lecture is to present and discuss the chokepointproject. How it (will) attempt(s) to aggregate and visualize near-realtime global internetwork data and augment this visualisation with legislative, commercial(ownership) and circumvention information. The goals of the project are as follows: Provide a global early warning system against governmental or commercial abuse of internetworking systems in regards to civil and human rights. Enforce transparency by aggregating commercial ownership information. Enforce transparency by aggregating legislative information, including voting histories. Enable lobbyist to influence legislators by providing reliable, verifiable data. Provide a public database with near real-time network monitoring data for general use. Provide up to date circumvention methodologies, their relative legal status and their potential risks. The chokepointproject currently consists of two elements : A frontend and public database, An intended globally distributed network monitoring data collection system. The frontend intends to provide an easily understandable visualisation of aggregated and processed data-sources. The data-sources intend to provide the following information: A per country detailed description of: 1a. Network ownership (by IP block and route) 1b. Legislative information such as Which relevant laws are currently active. Who has voted for them (supposing voting was a part of the process). Which relevant laws are currently under review or being proposed. Who are proposing/drafting these laws. 1c. What circumvention methods are currently available for specific problems. Near real-time network status vitalisations such as, but not restricted to 2a. Connectivity of geographic clusters, 2b. Manipulation of connectivity such as: 2b.1. Traffic shaping, 2b.2. Content filtering, 2b.3. Blackouts. The intended globally distributed network monitoring data collection system would provide an independent and publicly available dataset. I do not intend to discuss this in depth. The focus of this lecture is supposed to be the front-end and the aggregation of already publicly available data sources, and the supposed benefit to improving civil rights everywhere and protecting them in those places where their functional effectiveness is under threat.
-
21:49
»
SecDocs
Authors:
Will Hargrave Tags:
network Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: A review about the camp and the congress network. Network layout, planning, setup, operation and finally the teardown. This talk will review both the 28C3 and, due to popular demand, the Camp network. First we would like to give you a review about our network at the camp, where we built a mid-sized carrier network in a few weeks at a camp ground with no infrastructure: Starting at the 4km fibre uplink and the roll out of fibre over the whole campground, you will learn how to build proper datenklos, deploy access switches and WLAN access points in them and also how to convert a shipping container into a sophisticated outdoor data center, in order to build a network that can deliver pictures of cute little cats to over 3000 users. We had some issues and challenging tasks, which we wish to report; we also have some graphs, diagrams, photos and graphics which we want to share with you. The second part will be about the network of the 28C3, which is more or less the usual stuff like every year. You will see some graphs, infrastructure, and hopefully no reports about big issues. ;)
-
-
21:33
»
SecDocs
Authors:
Ruben Bloemgarten Tags:
data mining Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: The object of the lecture is to present and discuss the chokepointproject. How it (will) attempt(s) to aggregate and visualize near-realtime global internetwork data and augment this visualisation with legislative, commercial(ownership) and circumvention information. The goals of the project are as follows: Provide a global early warning system against governmental or commercial abuse of internetworking systems in regards to civil and human rights. Enforce transparency by aggregating commercial ownership information. Enforce transparency by aggregating legislative information, including voting histories. Enable lobbyist to influence legislators by providing reliable, verifiable data. Provide a public database with near real-time network monitoring data for general use. Provide up to date circumvention methodologies, their relative legal status and their potential risks. The chokepointproject currently consists of two elements : A frontend and public database, An intended globally distributed network monitoring data collection system. The frontend intends to provide an easily understandable visualisation of aggregated and processed data-sources. The data-sources intend to provide the following information: A per country detailed description of: 1a. Network ownership (by IP block and route) 1b. Legislative information such as Which relevant laws are currently active. Who has voted for them (supposing voting was a part of the process). Which relevant laws are currently under review or being proposed. Who are proposing/drafting these laws. 1c. What circumvention methods are currently available for specific problems. Near real-time network status vitalisations such as, but not restricted to 2a. Connectivity of geographic clusters, 2b. Manipulation of connectivity such as: 2b.1. Traffic shaping, 2b.2. Content filtering, 2b.3. Blackouts. The intended globally distributed network monitoring data collection system would provide an independent and publicly available dataset. I do not intend to discuss this in depth. The focus of this lecture is supposed to be the front-end and the aggregation of already publicly available data sources, and the supposed benefit to improving civil rights everywhere and protecting them in those places where their functional effectiveness is under threat.
-
21:33
»
SecDocs
Authors:
Ruben Bloemgarten Tags:
data mining Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: The object of the lecture is to present and discuss the chokepointproject. How it (will) attempt(s) to aggregate and visualize near-realtime global internetwork data and augment this visualisation with legislative, commercial(ownership) and circumvention information. The goals of the project are as follows: Provide a global early warning system against governmental or commercial abuse of internetworking systems in regards to civil and human rights. Enforce transparency by aggregating commercial ownership information. Enforce transparency by aggregating legislative information, including voting histories. Enable lobbyist to influence legislators by providing reliable, verifiable data. Provide a public database with near real-time network monitoring data for general use. Provide up to date circumvention methodologies, their relative legal status and their potential risks. The chokepointproject currently consists of two elements : A frontend and public database, An intended globally distributed network monitoring data collection system. The frontend intends to provide an easily understandable visualisation of aggregated and processed data-sources. The data-sources intend to provide the following information: A per country detailed description of: 1a. Network ownership (by IP block and route) 1b. Legislative information such as Which relevant laws are currently active. Who has voted for them (supposing voting was a part of the process). Which relevant laws are currently under review or being proposed. Who are proposing/drafting these laws. 1c. What circumvention methods are currently available for specific problems. Near real-time network status vitalisations such as, but not restricted to 2a. Connectivity of geographic clusters, 2b. Manipulation of connectivity such as: 2b.1. Traffic shaping, 2b.2. Content filtering, 2b.3. Blackouts. The intended globally distributed network monitoring data collection system would provide an independent and publicly available dataset. I do not intend to discuss this in depth. The focus of this lecture is supposed to be the front-end and the aggregation of already publicly available data sources, and the supposed benefit to improving civil rights everywhere and protecting them in those places where their functional effectiveness is under threat.
-
-
15:22
»
SecDocs
Authors:
Ang Cui Jonathan Voris Tags:
hardware hacking Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: Network printers are ubiquitous fixtures within the modern IT infrastructure. Residing within sensitive networks and lacking in security, these devices represent high-value targets that can theoretically be used not only to manipulate and exfiltrate the sensitive information such as network credentials and sensitive documents, but also as fully functional general-purpose bot-nodes which give attackers a stealthy, persistent foothold inside the victim network for further recognizance, exploitation and exfiltration. We first present several generic firmware modification attacks against HP printers. Weaknesses within the firmware update process allows the attacker to make arbitrary modifications to the NVRAM contents of the device. The attacks we present exploit a functional vulnerability common to all HP printers, and do not depend on any specific code vulnerability. These attacks cannot be prevented by any authentication mechanism on the printer, and can be delivered over the network, either directly or through a print server (active attack) and as hidden payloads within documents (reflexive attack). In order to demonstrate these firmware modification attacks, we present a detailed description of several common HP firmware RFU (remote firmware update) formats, including the general file format, along with the compression and checksum algorithms used. Furthermore, we will release a tool (HPacker), which can unpack existing RFUs and create/pack arbitrary RFUs. This information was obtained by analysis of publicly available RFUs as well as reverse engineering the SPI BootRom contents of several printers. Next, we describe the design and operation a sophisticated piece of malware for HP (P2050) printers. Essentially a VxWorks rootkit, this malware is equipped with: port scanner, covert reverse-IP proxy, print-job snooper that can monitor, intercept, manipulate and exfiltrate incoming print-jobs, a live code update mechanism, and more (see presentation outline below). Lastly, we will demonstrate a self-propagation mechanism, turning this malware into a full-blown printer worm. Using HPacker, we demonstrate the injection of our malware into arbitrary P2050 RFUs, and show how similar malware can be created for other popular HP printer types. Next, we demonstrate the delivery of this modified firmware update over the network to a fully locked-down printer. Lastly, we present an accurate distribution of all HP printers vulnerable to our attack, as determined by our global embedded device vulnerability scanner (see [1]). Our scan is still incomplete, but extrapolating from available data, we estimate that there exist at least 100,000 HP printers that can be compromised through an active attack, and several million devices that can be compromised through reflexive attacks. We will present a detailed breakdown of the geographical and organizational distribution of observable vulnerable printers in the world. *We have also unpacked several engine-control processor firmwares (different from the main SoC) and are currently attempting to locate code related to tracking dots. Perhaps we will have some results by December. In any case, HPacker will help the community to do further research in this direction, possibly allowing us to spoof / disable these yellow dots of burden.
-
15:07
»
SecDocs
Authors:
Ang Cui Jonathan Voris Tags:
hardware hacking Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: Network printers are ubiquitous fixtures within the modern IT infrastructure. Residing within sensitive networks and lacking in security, these devices represent high-value targets that can theoretically be used not only to manipulate and exfiltrate the sensitive information such as network credentials and sensitive documents, but also as fully functional general-purpose bot-nodes which give attackers a stealthy, persistent foothold inside the victim network for further recognizance, exploitation and exfiltration. We first present several generic firmware modification attacks against HP printers. Weaknesses within the firmware update process allows the attacker to make arbitrary modifications to the NVRAM contents of the device. The attacks we present exploit a functional vulnerability common to all HP printers, and do not depend on any specific code vulnerability. These attacks cannot be prevented by any authentication mechanism on the printer, and can be delivered over the network, either directly or through a print server (active attack) and as hidden payloads within documents (reflexive attack). In order to demonstrate these firmware modification attacks, we present a detailed description of several common HP firmware RFU (remote firmware update) formats, including the general file format, along with the compression and checksum algorithms used. Furthermore, we will release a tool (HPacker), which can unpack existing RFUs and create/pack arbitrary RFUs. This information was obtained by analysis of publicly available RFUs as well as reverse engineering the SPI BootRom contents of several printers. Next, we describe the design and operation a sophisticated piece of malware for HP (P2050) printers. Essentially a VxWorks rootkit, this malware is equipped with: port scanner, covert reverse-IP proxy, print-job snooper that can monitor, intercept, manipulate and exfiltrate incoming print-jobs, a live code update mechanism, and more (see presentation outline below). Lastly, we will demonstrate a self-propagation mechanism, turning this malware into a full-blown printer worm. Using HPacker, we demonstrate the injection of our malware into arbitrary P2050 RFUs, and show how similar malware can be created for other popular HP printer types. Next, we demonstrate the delivery of this modified firmware update over the network to a fully locked-down printer. Lastly, we present an accurate distribution of all HP printers vulnerable to our attack, as determined by our global embedded device vulnerability scanner (see [1]). Our scan is still incomplete, but extrapolating from available data, we estimate that there exist at least 100,000 HP printers that can be compromised through an active attack, and several million devices that can be compromised through reflexive attacks. We will present a detailed breakdown of the geographical and organizational distribution of observable vulnerable printers in the world. *We have also unpacked several engine-control processor firmwares (different from the main SoC) and are currently attempting to locate code related to tracking dots. Perhaps we will have some results by December. In any case, HPacker will help the community to do further research in this direction, possibly allowing us to spoof / disable these yellow dots of burden.
-
-
21:33
»
Packet Storm Security Exploits
The D-Link SecuriCam DCS-5605 Network Surveillance DcsCliCtrl.dll active-x control suffers from a buffer overflow vulnerability. Proof of concept code included.
-
21:33
»
Packet Storm Security Recent Files
The D-Link SecuriCam DCS-5605 Network Surveillance DcsCliCtrl.dll active-x control suffers from a buffer overflow vulnerability. Proof of concept code included.
-
21:33
»
Packet Storm Security Misc. Files
The D-Link SecuriCam DCS-5605 Network Surveillance DcsCliCtrl.dll active-x control suffers from a buffer overflow vulnerability. Proof of concept code included.
-
20:44
»
Packet Storm Security Recent Files
netsniff-ng is is a free, performant Linux network sniffer for packet inspection. The gain of performance is reached by 'zero-copy' mechanisms, so that the kernel does not need to copy packets from kernelspace to userspace. For this purpose netsniff-ng is libpcap independent, but nevertheless supports the pcap file format for capturing, replaying and performing offline-analysis of pcap dumps. netsniff-ng can be used for protocol analysis, reverse engineering and network debugging.
-
20:44
»
Packet Storm Security Tools
netsniff-ng is is a free, performant Linux network sniffer for packet inspection. The gain of performance is reached by 'zero-copy' mechanisms, so that the kernel does not need to copy packets from kernelspace to userspace. For this purpose netsniff-ng is libpcap independent, but nevertheless supports the pcap file format for capturing, replaying and performing offline-analysis of pcap dumps. netsniff-ng can be used for protocol analysis, reverse engineering and network debugging.
-
20:44
»
Packet Storm Security Misc. Files
netsniff-ng is is a free, performant Linux network sniffer for packet inspection. The gain of performance is reached by 'zero-copy' mechanisms, so that the kernel does not need to copy packets from kernelspace to userspace. For this purpose netsniff-ng is libpcap independent, but nevertheless supports the pcap file format for capturing, replaying and performing offline-analysis of pcap dumps. netsniff-ng can be used for protocol analysis, reverse engineering and network debugging.
-
-
21:47
»
SecDocs
Authors:
Kay Hamacher Stefan Katzenbeisser Tags:
bank Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: Bitcoin is the first distributed, digital currency. It received a lot of attention recently as it questions the state monopoly to issue legal tender. It relies on distributed proof-of-work concepts to ensure money-like characteristics. The existence and potential widespread use of such a distributed, non-centralized, non-regulated currency questions the ability of governments to control money supply, issue debt, and tax its populace. Transactions in bitcoin form a publicly accessible network of economic relations, which can be extracted from the transaction history available to all users in the P2P-network of bitcoin. Using re-identification algorithms it is possible to attack the proposed anonymity of users. While this is already an interesting security issue, the insight into a real-world economic experiment allows for the first time the empirical test of community structures in such social networks, which is definitely more substantial than the "I-like"-network in facebook and the like. In this presentation, we show results on network analysis of the money flow, the behavior of individuals, and the overall scalability of P2P-currencies. At the same time we will discuss advanced "financial instruments" that one might find in the transactions.
-
21:47
»
SecDocs
Authors:
Kay Hamacher Stefan Katzenbeisser Tags:
bank Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: Bitcoin is the first distributed, digital currency. It received a lot of attention recently as it questions the state monopoly to issue legal tender. It relies on distributed proof-of-work concepts to ensure money-like characteristics. The existence and potential widespread use of such a distributed, non-centralized, non-regulated currency questions the ability of governments to control money supply, issue debt, and tax its populace. Transactions in bitcoin form a publicly accessible network of economic relations, which can be extracted from the transaction history available to all users in the P2P-network of bitcoin. Using re-identification algorithms it is possible to attack the proposed anonymity of users. While this is already an interesting security issue, the insight into a real-world economic experiment allows for the first time the empirical test of community structures in such social networks, which is definitely more substantial than the "I-like"-network in facebook and the like. In this presentation, we show results on network analysis of the money flow, the behavior of individuals, and the overall scalability of P2P-currencies. At the same time we will discuss advanced "financial instruments" that one might find in the transactions.
-
-
22:44
»
SecDocs
Authors:
Eric Filiol Seun Omosowon Tags:
Tor Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: This talk deals with weaknesses identified in the TOR network protocol and cryptography implementation. We manage to take control over users using this network and to access all your information and data exchanged despite cryptography. The TOR network is one of the most famous way to use Internet in a anonymous and secure way at least supposedly. Tor client software routes Internet traffic through a worldwide volunteer network of servers in order to conceal a user's location or usage from someone conducting network surveillance or traffic analysis. Aside protocol-oriented aspects, TOR security relies heavily on cryptography. The aim of this talk is to explain how it is possible to take over a significant part of the TOR network not to say over the whole network. We have identified two classes of weaknesses in the way Onion routers (Ors) are managed: a first class of weaknesses relates to the way the routes among Ors. It is possible to influence and to force users to use arbitrary Ors and hence control which route they take. A second class of weaknesses relates to the way cryptography is implemented. Bu using malware-based attacks and the concept of dynamic cryptographic backdoors we have succeeded to circumvent the cryptography in place without removing it. We present different possible attack scenarii which are malware-based or not (depending on the scenario considered) that have been experimented and validated on a TOR simulation network of 50 nodes and partially on the real TOR network (as far as it was possible regarding existing laws). We show that it is indeed possible to gain a lot of sensitive information thus bypassing and managing existing cryptographic mechanisms in a very efficient way and to take the effective control over a significant part of the TOR network. The attack is fully dynamic and can be replayed on request. We present an open source library that enable to automate the identification of hidden relay bridges. We propose some modification in the TOR source and protocol in order to prevent those attacks. Demos will be presented to expose the two class of vulnerabilities we exploit. An Internet access is required to make part of the demos on the real TOR network.
-
-
22:36
»
SecDocs
Authors:
Andreas Hornig Tags:
satellite Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: As proposed by Nick Farr et al at CCCamp11, we - the hacker community - are in desperate need for our own communication infrastructure. So here we are, answering the call for the Hacker Space Program with our proposal of a distributed satellite communications ground station network. An affordable way to bring satellite communications to a hackerspace near you. We're proposing a multi-step approach to work towards this goal by setting up a distributed network of ground stations which will ensure a 24/7 communication window - first tracking, then communicating with satellites. The current state of a proof of concept implementation will be presented. This is a project closely related to the academic femto-satellite movement, ham radio, Constellation@Home. The area of small satellites (femto-satellite
-
22:36
»
SecDocs
Authors:
Andreas Hornig Tags:
satellite Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: As proposed by Nick Farr et al at CCCamp11, we - the hacker community - are in desperate need for our own communication infrastructure. So here we are, answering the call for the Hacker Space Program with our proposal of a distributed satellite communications ground station network. An affordable way to bring satellite communications to a hackerspace near you. We're proposing a multi-step approach to work towards this goal by setting up a distributed network of ground stations which will ensure a 24/7 communication window - first tracking, then communicating with satellites. The current state of a proof of concept implementation will be presented. This is a project closely related to the academic femto-satellite movement, ham radio, Constellation@Home. The area of small satellites (femto-satellite
-
22:36
»
SecDocs
Authors:
Andreas Hornig Tags:
satellite Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: As proposed by Nick Farr et al at CCCamp11, we - the hacker community - are in desperate need for our own communication infrastructure. So here we are, answering the call for the Hacker Space Program with our proposal of a distributed satellite communications ground station network. An affordable way to bring satellite communications to a hackerspace near you. We're proposing a multi-step approach to work towards this goal by setting up a distributed network of ground stations which will ensure a 24/7 communication window - first tracking, then communicating with satellites. The current state of a proof of concept implementation will be presented. This is a project closely related to the academic femto-satellite movement, ham radio, Constellation@Home. The area of small satellites (femto-satellite
-
-
15:22
»
Packet Storm Security Recent Files
Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.
-
15:22
»
Packet Storm Security Tools
Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.
-
15:22
»
Packet Storm Security Misc. Files
Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.
-
-
22:04
»
Packet Storm Security Recent Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
22:04
»
Packet Storm Security Tools
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
22:04
»
Packet Storm Security Misc. Files
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
-
-
7:39
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-0153-03 - Sos is a set of tools that gather information about system hardware and configuration. The sosreport utility incorrectly included Certificate-based Red Hat Network private entitlement keys in the resulting archive of debugging information. An attacker able to access the archive could use the keys to access Red Hat Network content available to the host. This issue did not affect users of Red Hat Network Classic. This updated sos package also includes numerous bug fixes and enhancements.
-
7:39
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2012-0153-03 - Sos is a set of tools that gather information about system hardware and configuration. The sosreport utility incorrectly included Certificate-based Red Hat Network private entitlement keys in the resulting archive of debugging information. An attacker able to access the archive could use the keys to access Red Hat Network content available to the host. This issue did not affect users of Red Hat Network Classic. This updated sos package also includes numerous bug fixes and enhancements.
-
7:39
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-0153-03 - Sos is a set of tools that gather information about system hardware and configuration. The sosreport utility incorrectly included Certificate-based Red Hat Network private entitlement keys in the resulting archive of debugging information. An attacker able to access the archive could use the keys to access Red Hat Network content available to the host. This issue did not affect users of Red Hat Network Classic. This updated sos package also includes numerous bug fixes and enhancements.
-
-
19:50
»
Packet Storm Security Recent Files
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
The rest of the $2 budget is mostly spent on wiring and heatshrink, resulting in a very compact PoE solution that plugs straight into the PoE header on the Raspberry Pi 3 board, with the buck converter outputs going into the ground and +5V pins on the Raspberry Pi’s GPIO header.