I have maked a Veracrypt Containment that use AES to encrypt eveything inside. But my question is: Can I securly put the containment file to the public (everybody can acces it) whitout anybody can access the files inside it?
PS. Some information below may help to answer the question:
Background: I'm writing a GPL Python OpenPGP to JSON parser which I'm testing on files generated with GPG 1.4.16.
If given a passphrase, the parser will generate keys using the string-to-key methods and ultimately decrypt messages.
I'm starting off with symmetric encryption messages:
echo "hello" | gpg --s2k-mode=0 --symmetric > symmetric.simples2k.gpg
... and using "foo" as the passphrase.
This generates a packet with a SymmetricKeyEncryptedSessionKeyPacket and a SymmetricEncryptedandIntegrityProtectedDataPacket packet, as expected.
The S2K paramters that GPG created are: Simple S2K (http://ift.tt/1ocZkzF) with SHA1 hash and AES256 symmetric cipher.
Problem: When I derive the key from the passphrase foo using SimpleS2K then attempt to decrypt with AES256, it doesn't decrypt correctly. So part 1 of my investigation is verifying that I'm doing the S2K correctly.
Here's my understanding of how to generate the key from the passphrase foo using SimpleS2K
hashers[1] with 0x00hashers[0] with UTF-8 encoded foo hashers[0] with UTF-8 encoded foo hashers[0].digest plus hashers[1].digest Here's a minimal implementation in Python 3:
import hashlib
hasher_0 = hashlib.sha1()
hasher_1 = hashlib.sha1()
hasher_1.update(bytes([0x0]))
hasher_0.update('foo'.encode('utf-8'))
hasher_1.update('foo'.encode('utf-8'))
key = (hasher_0.digest() + hasher_1.digest())[0:32]
print(' '.join(['{:02x}'.format(x) for x in key]))
Which outputs
0b ee c7 b5 ea 3f 0f db c9 5d 0d d4 7f 3c 5b c2 75 da 8a 33 5a 8c aa 40 39 fd bc 02 c0 1a 64 9c
The full JSON output is here: http://ift.tt/1IDM8Au
Hopefully we can rule out the S2K part and get onto the AES part :)
Thanks!
I'm part of a company that has at least 1000 PC's distributed in different buildings over a radius of 25 miles.
I've been asked to make a program to survey technical information on each PC.
Since not all of them share a LAN connection but all of them have internet access, my solution was to use a gmail account to share the encrypted data.
I've created client/server like services to send the data and retrieve it to the data base through emails, all of them using the same gmail account (to send and receive).
I know that this look a lot like a botnet...actually I think it is, since each client would be able to receive configuration mails from the server to request certain registry entries.
All external IP's are dynamic, the server is internal, the resolution to establish a trusted unattended connection would demand publishing the IP's somewhere, Dynamic DNS has been suggested but in terms of reliability it's just as safe as gmail.
Anyway my question is: will gmail detect all this traffic made on the same account as a botnet and close it? if so, should I use several accounts?
PCI-DSS 3 requirement 6.4.2 calls for
Separation of duties between development/test and production environments.
Based on the guidance text and this, answer to another question, it appears that the purpose of this requirement is to ensure that no one person holds all the access.
While this is easy enough in a large company, does this automatically mean that a 1 person company (or a company small enough to be unable to afford hiring separate DBAs and syadmins for each environment) cannot possibly be PCI-DSS compliant?
I have a website, let's call it www.good.com.
I've been getting a lot of requests to www.good.com under completely different URLs than www.good.com. I suspect this traffic is also causing some site performance issues. I'm running a .NET solution on IIS for reference.
I have a logger that is constantly picking up 404 errors for external hosts. Below are examples of some of the log data:
Original URL: http://ift.tt/1EaQ0tY
Request URL: http://ift.tt/1EaPYlN %911 h%8D%BAX '%C3x5%F0 %DF%E8&peer_id=-SD0100-%E6%B2 Ql%C0 ]=x %8C&ip=192.168.2.23&port=8956&uploaded=1019809319&downloaded=1019809319&left=192985&numwant=200&key=9135&compact=1
Request Path: /announce
Referrer URL: None
User host address: 222.210.108.246
Server: WWW-GOOD-COM-SERVER
User:
IsAuthenticated: False
Authentication Type:
Thread account name: NT AUTHORITY\NETWORK SERVICE
User Agent: Bittorrent
I also see other weird requests from all kinds of other domains, like
Almost always the IP involved is from outside the US.
What I don't understand, is why my server is trying to fulfill requests for any of these urls when it is obviously not the host.
I need to know:
I am using a vpn connection successfully for browsing but having trouble for torrents,I am sure that p2p is enabled by vpn company so i must be missing some configuration.I know the host ip address and username password nothing else.So plz let me know the settings
Why does the RFC prohibit the server from sending HSTS to the client over HTTP?
I can see that if a HTTP client responds to that unsecure HTTP response it might cause that site to be inaccessible to the client, but I don't see any reason for the server to have a MUST in the protocol.
Rather the client MUST NOT respond to HSTS in unsecure HTTP responses is the correct approach in my mind. What am I missing?
7.2. HTTP Request Type
If an HSTS Host receives an HTTP request message over a non-secure transport, it SHOULD send an HTTP response message containing a
status code indicating a permanent redirect, such as status code 301
(Section 10.3.2 of [RFC2616]), and a Location header field value
containing either the HTTP request's original Effective Request URI
(see Section 9 ("Constructing an Effective Request URI")) altered as
necessary to have a URI scheme of "https", or a URI generated
according to local policy with a URI scheme of "https".NOTE: The above behavior is a "SHOULD" rather than a "MUST" due to:
* Risks in server-side non-secure-to-secure redirects
[OWASP-TLSGuide].
* Site deployment characteristics. For example, a site that
incorporates third-party components may not behave correctly
when doing server-side non-secure-to-secure redirects in the
case of being accessed over non-secure transport but does
behave correctly when accessed uniformly over secure transport.
The latter is the case given an HSTS-capable UA that has
already noted the site as a Known HSTS Host (by whatever means,
e.g., prior interaction or UA configuration).An HSTS Host MUST NOT include the STS header field in HTTP responses conveyed over non-secure transport.
I apologise if i have posted the question in the wrong forum. i am currently an administrator and have about 150 windows systems running. the previous administrator turned out be be a real nightmare for me before he left. except the windows servers( static ips) the rest of the machines are assigned ip address through a dhcp server. when i look at the dhcp snapin in the active directory i can see system name and mac addresses assigned with ip addresses. if i do a nslookup for the same system it shows a different ip address and name. what i mean is, computer A on my dhcp list is assigned 10.10.10.100 . if i do a nslookup through command prompt for 10.10.10.100 it shows a completely different computer name Z and not A. and the funny thing is if i do a nslookup for computer name Z the ip address turns out to be completely different as well ( not 10.10.10.100)
running os : server 2003 standard sp2
its for most of the pc's in the network. has something been corrupted or have i been ippedd and macked
Samsung's decision to do away with a removable battery and microSD card expansion in the Galaxy S6 and S6 Edge is a deal breaker for some, but just how important is it?
(This is a preview - click here to read the entire entry.)
My Linux Jenkins server was compromised and a Rootkit was installed. I know this since a running process tells me the path Jenkins job is running and it includes a URL with path pointing to a Python script. On a different host I opened that script and found several scripts that attempt to install a Rootkit along with a destination URL to presumably tell them which Rootkit was successful.
I can see some questionable binaries under /tmp. I opened one of those binaries with a de compiler but I'm not sure what to look for.
So, what does one do in this situation to find out more about the attacker and possibly what the intent was?
Asking here since none of the books or articles I've read address those two questions. I do know I have to assume any data on that host was compromised. My goal is to learn more about the attacker and the attack.
Other info, I became aware when the network team noticed GBs of data outgoing from our Linux Jenkins host. They closed the port and we unplugged the host. The ip that the job is getting the Python script from appears to be coming from the US, but nothing more specific according to IP lookups. The destination IP is going to Jinan, China.
At work we suspect a GWT app (that is not in production yet) we own to be vulnerable to CSRF. We have to look at it from a black-box point of view before a third-party security audit will be performed.
Due to the fact that all calls in the app are made through AJAX (with method POST), simply replicating an Ajax call in a malicious way is not achievable thanks to the Same-Origin policy. In fact we know that there is no csrf protection, but since only requests with json bodies are accepted by the server, it feels at first glance that the vulnerability cannot be exploited.
Is there a way to forge a similar request through a browser with a classic form ? My problem is that I cannot replicate the json body of the Ajax call through a form : the app reads the json body of the requests - submitting a classing form requires inputs with key/value pairs which would not be taken into account by the server.
In other words, is it possible, with an html form, to submit a request that just contains json in the body, instead of key-value pairs ? Or is there another attack angle for such cases ?
Thanks !
My query is 'if client and AP both have the PMK available, why do we need a 4 way handshake again to derive some other key(PTK)? why cant we use PMK for further security process?
The Galaxy S6 and Galaxy S6 Edge pre-orders start today. Find out where you can pick one up, and in what flavor, right here.
(This is a preview - click here to read the entire entry.)
I have a hidden running process with name of scrncap.exe, my Security Task Manager discovered it and gave it danger rate of 100 to be a virus or malware. from the name it appears to be software to capture the screen activity. does any one have an idea about this file? I have it in the quarantine, image attached
There is a Wordpress blog running on Wordpress 4.0. Anyone having the company webmail can signup to the blog using their Google+ account and submit blog posts. Once posted they will be sent to some moderators and once it is reviewed moderator can post it on the blog. Whenever anew blog post is submitted for review all the moderators will receive a mail saying to review the post.
Now the problem: The moderators are receiving spam mails. Mail says that there is a new blog post to be reviewed. To review goto this link. The link is a normal link. Nothing seems fishy. But the author details are interesting. The authors are not members of the organization and hence they can't create blog posts. So that I cant think of this as a simple spamming trick. How such moderator mails are getting generated?
The authors had an email addresses like name@h.maybebest.com and name@nokiamail.com. What am I supposed to do? Am I hacked?
I have been getting issues with this Cryptowall Locker Virus, is there any permanent solutions to remove this virus from my pc. I have taken help from http://ift.tt/1H3QWhu to remove this virus. They have successful but i got again this virus. please let me know the permanent solution.
I understand that most Routers/Firewalls are able to block IP tables in the network level. IPtables for instance is quite effective.
However, I want an application layer IP block.I have an HAproxy load balancer that load balances traffic to 4 backend apache/nginx web servers. I sometimes encounter scraping and GET request DDoS on my website. I want to be able to quickly(manually) block IP address on the application layer. How do I block an IP address, Apache Allow/Deny, .httaccess? Is there a more effective/easier way to block the IPs? What if I have a huge list to block? I would also appreciate a way of blocking specific. User Agents.
If you, as user, download certain software such as an Anti-Virus program or Photoshop through the official, corresponding website, but use a product key which you did not legitimately purchase (e.g. websites that offer a list of product keys for free), does that harm anything other than the company who made the piece of software?
I don't quite know how those product keys are generated and how people can manage to 'fool' the software. I was wondering if the person who generated those product keys can see which user(s) have used that key and are able to harm them in any way.
Best regards, Ben
I analysed an live camero's net traffic and found that the client uses both TLS1.0 and TLS1.2 in the handshakings while the server only uses TLS1.0.
How can the handshaking uses both TLSV1.0 and TLSV1.2?Is there a reason for doing so?
1.Is TLS1.0 is sufficiently secure?
2.It uses spdy with TLS1.0, can spdy help to make the transferring more secure?
The Russian site sci-hub.org (review here) is capable of breaking the paywall instituted by many journal publishers on viewing their journals. To quote the review,
Now the nice thing: you can do that yourself to access articles from the main journals and publishers directly from their sites. For an example, suppose you want to access The Mathematical Intelligencer journal: http://ift.tt/1FOr4pE. You’ll see that each article costs $39.95 to access, which is way too expensive. So, using the amazing Sci-Hub, we can access it for free just appending “sci-hub.org” after the domain “springer.com”: http://ift.tt/1D4x9AN. Now you’ll notice that you can download every article. Keep in mind that in some cases it will redict you straight to the pdf file, instead of reloading the page with unblocked download links.
This attack on the paywall seems to work for multiple journals, which is good for researchers whose academic libraries don't have access to certain journals, but obviously terrible in the context of the publishers, as their paywalled content is now freely available.
Does anyone have an idea on how this attack on the paywall systems is carried out? Answers citing reputable sources instead of speculating are obviously strongly preferred.
As the title indicates, I'm looking for industry best practices for enabling Windows Remote Management on a mix of Windows Servers (from 2000, 2003, 2008/R2 and 2012) to allow PowerShell to execute commands on a remote server.
What are some security best practices to follow to limit the attack surface should an attacker compromise an internal system?
Is there anything that can be done to harden domain servers which have WinRM enabled?
Thinking in theory here, one idea that comes to mind is only allowing WinRM for a specific service account which has two-factor authentication. A normal domain account password and a rolling security token would lower the chances of this account being hijacked in the event of being compromised.
Can anyone suggest good tools for recovering deleted files from mobile devices?
android devices are pretty easy, but the problem i am having is iPhones... one of my devices is an old iPhone 3g. this one has been defeating me for the last year (most places i look at when i google just say about recovering old back ups) I do not have ANY backups ever of this device... this phone (now my Mp3 player) has been preserved as much as possible as to not overwrite any sectors...
any suggestions? I have linux ubuntu 10.10, kali linux, OSx maverick and windows 7/8 as operating systems.. recovering files on computers and androids are easy. iphones, not so.
once again I only have the iPhone nothing else, so the data has to be ripped from the phone only.
Thank you in advance.
Please provide some insight into the reasons as to why Information Security should have local admin privileges or either Domain Admin privileges. Appreciate your feedback on this.
Regards, Lilo
The test here worries me: http://ift.tt/z9pYtm and I'd like to know if there is a good way to manipulate the browser fingerprint?
Getting the best apps for Android tablets is a quick and easy job: just follow our guide to the best Android apps of 2015 for tablets to make your tablet even better.
(This is a preview - click here to read the entire entry.)
Here I found a new terminology first time.
Looks like a spam seed is a post, which "is designed to allow spammers to post questions so it looks legitimate".
What means this exactly? Maybe it is some type of a spamfilter poisoning?
Default Android text apps are boring, aren't they? That's why we've compiled a list of the best texting apps - offering better security, looks, and tons of features.
(This is a preview - click here to read the entire entry.)
Considering the recent spate of malware and Trojan reports on Android, we thought we'd give you our best antivirus apps for Android in 2015.
(This is a preview - click here to read the entire entry.)
I'm using django-rest-framework-jwt in one of my APIs. As you might know, the concept is simple: you send username and password and you get a token back. The token is not stored any where on the server.
By sending the token in the header of request, the user associated with the token is extracted from database. I'm curious as to how this is implemented. How the server can extract the user and also the expiration time of the token by just having the token?
I know the concept of public/private keys but if this is implemented with the same idea, what would be the private and public key here?
I often run into infected devices in my environment and would like to learn more about the specific infections that have gotten in. What are the best tools and techniques I could use to do this? I was think taking an image of the device and creating a virtual machine so I could run tests, kill it and create a new infected vm from scratch.
The HTC One M9+ (One M9 Plus) seems to have been confirmed. Here's what we know about the HTC One M9+ release date, price, specs, features and rumors
(This is a preview - click here to read the entire entry.)
WhatsApp call functionality has finally been added to the instant messaging app. The new feature lets you make free WhatsApp voice calls. Here's how to get it.
(This is a preview - click here to read the entire entry.)
According to the abbreviated handshake protocol, the client hello will contains a session id if it knows one. So my question here is: what is the key for a client to find session id if it is talking with multiple hosts and using multiple client certificate?
Bob has a mistress. Her name is Alice. Bob`s wife Eve knows Bob is unfaithful, but she does not know who the mistress is. Alice does not know Bob is married.
Bob needs to communicate with Alice over e-mail, but he needs to use his personal address (bob@bob.bob) and the e-mails must be sent to personal address of Alice (alice@alice.alice), otherwise Alice would be suspicious why she could not use her personal address.
Eve decides to monitor Bob`s e-mail communication and e-mail communication of all his possible girlfriends to find out, who the mistress is.
Is there any way for Bob to hide the fact he communicates with Alice? PGP encryption is not a solution: it hides only content of message, not a sender nor a receipient.
I thought there could be some trusted "friend-in-the-middle" Fred who communicates with both Bob and Alice. Bob could send e-mails to Fred with a real receipient in the first line of PGP encrypted message. Fred would decrypt the message, read the receipient, encrypt it again and send to Alice, so Eve would think Bob communicates with Fred and Fred communicates with Alice and there is no communication between Bob and Alice.
Is there any typical solution of this problem?
EDIT: Alice can cooperate in the way she encrypts her messages (because Bob's mistress would surely be security-conscious), but she needs to use her personal address and she needs to recieve e-mails from Bob`s address.
EDIT II: (for my girlfriend) I am not Bob, I have no mistress and my girlfriend is no monitoring my e-mail communication, well, I hope :-). I am looking for a technical solution how to hide communication between two given e-mail addresses. That is why a divorce is not a solution and changing one of these addresses is also not a solution, because it changes the original meaning of my question :-)...
i woke up this morning and could see over 1000+ of these alerts and they
They came in the time space 23:34 - 23:35
Can anybody tell me what that was about and should i be worried for an eventual ddos attack ?
I am running pfsense and behind that box i have my lan and a nic where my server is in a separate environment.
Someone appears to be logging into my machine remotely, I am running Avast anti virus with Comodo Firewall both report no attacks.I only noticed this because on my router security logs I see the following.
I have scanned the machine with 6 different anti virus scanners and all report the machine is clean, so it's probably a zero day attack. It happened after I stupidly downloaded a .doc from a torrent. I suspect a Trojan on my machine, is there anyway I can block this attack and find out manually which program is dialing home to the attacker?
Router Logs
Line 4: [LAN access from remote] from 221.163.250.228:3389 to 192.168.1.58:2345, Thursday, March 26,2015 19:59:59
Line 5: [LAN access from remote] from 142.4.215.8:27010 to 192.168.1.58:27015, Thursday, March 26,2015 19:59:34
Line 6: [LAN access from remote] from 188.138.9.50:36877 to 192.168.1.58:2323, Thursday, March 26,2015 19:13:36
Line 26: [LAN access from remote] from 221.163.250.228:3389 to 192.168.1.58:2345, Thursday, March 26,2015 00:15:44
Line 53: [LAN access from remote] from 223.130.239.89:1010 to 192.168.1.58:2345, Wednesday, March 25,2015 01:39:57
Line 76: [LAN access from remote] from 223.130.239.89:1010 to 192.168.1.58:2345, Tuesday, March 24,2015 17:28:28
Line 81: [LAN access from remote] from 103.249.103.31:6003 to 192.168.1.58:2345, Tuesday, March 24,2015 16:01:15
Line 86: [LAN access from remote] from 107.20.201.237:4244 to 192.168.1.58:60615, Tuesday, March 24,2015 11:38:33
In our Galaxy S6 review, we discuss the Galaxy S6 Edge price, features and specs to tell you why it's one of the best devices we've ever seen.
(This is a preview - click here to read the entire entry.)
I have a simple login form on my web page and the URL looks like this:
http://ift.tt/1GkhKfa
If I try something like this:
http://ift.tt/1BlRDPs
I'm redirected to a stack dump that looks something like this:
exception 'DOMException' with message 'Invalid Character Error' in /<mydirectory>/a_xml.class.php:74
Stack trace:
#0 /<mydirectoy>/a_xml.class.php(74): DOMDocument->createElement('()')
...
#6 {main}
Is this a big problem in terms of security? Are there any attacks a malicious user can perform that will allow him to deface or steal my database? Or is this relatively benign and I can ignore it?
I work in a call center, I am not in a mood to work today, how can I block internet in all the lan connected computers so that today will be holiday.
All the computers are connected on lan. Please tell me is there any way or a virus or batch file which I can use to block all internet for some time.
Please help me out.
The Samsung Galaxy S6 has proven itself to be the best Android smartphone on the market. Read our Galaxy S6 review for release date, price, features, specs and more.
(This is a preview - click here to read the entire entry.)
Besides turning off everything in Edit/Preferences/Advanced/Data Choices and browser.newtabpage.directory.pingbrowser.newtabpage.directory.sourcebrowser.safebrowsing...security.ssl.errorReporting.enabled
What should one change in Firefox settings to avoid sending extra info to Mozilla?
Let's say I have 2 different VPN services (vpn1 and vpn2) both using OpenVPN and a Linux host running a guest VM.
Now let's suppose I connect from the Linux host to vpn1. Then I connect from the guest VM to vpn2 and I browse the Internet from there. The situation, I suppose, should look like this (but I'm not sure):
me-->vpn1-->vpn2-->server
My questions are:
vpn2 know my IP?vpn1 see the web sites I am visiting?I am interested in utilizing ADCS to generate trusted certificates for internal web applications. However, from my readings it appears that I need to purchase an OID, which looks pretty expensive. Is there a way to do this without paying? This is only to be used internally.
Today Amazon announced their Cloud Drive with unlimited storage for only 60$/yr. Microsoft did the same with Office 365 a while ago. I don't really want to entrust either service with my dearest documents in an unencrypted way.
So now I'd like to use one of these services with some workaround that...
My first thought is something like a fuse system that mounts the cloud service as a local drive and that encrypts all files with my gpg key (e.g. a bit like this combine with onedrive-fuse-fs).
Background
I have a Java application, one part of it is to call a HTTPS web service regarding payment (offered by a company called PayPoint). The application is sitting on a IBM Websphere server.
Problem
Someone told me that you need to implement a Java client and call the secure web service. During the process, you will specify the SSL/TLS protocol etc.
Another guy told me that we don't have to care about Java,because what the Java client (PayPoint client) does is only firing a request to PayPoint. The actual handshaking is done and managed by Websphere.
Which of the above is correct? And is there some way I can find out?
Any guidance is much appreciated.
I want to encrypt my private stuff like credit cards, money, rsa private keys...
and so on but I don't know if I should use AES-256 only or in combo like Serpent-Twofish-AES. (I am using Veracrypt).
And do the US goverment really use ONLY AES as encryption?
Get get more than 25 percent off the KeySmart 2.0 compact key organizer in today's amazing AndroidPIT deal.
(This is a preview - click here to read the entire entry.)
Hundreds of straight men on Tinder have been tricked by a plucky programmer into flirting with each other, when they thought they were flirting with women.
(This is a preview - click here to read the entire entry.)
I have a landing page setup for my business located at www.jdmxchange.com and have been getting some strange error logs from ELMAH. I apparently have users (or bots) in the Ukraine probing the hell out of my site. It seems they are trying to figure out what technology I have running under the hood. I get exceptions for invalid paths such as
.../wp-login .../webalizer .../js/javascriptfile.js .../user
and so forth. At one point I received about 32 errors within a few minutes. This is my first time with a public facing site and I am not sure which direction to go into reading up on making sure my site is secured. Can anyone point me to a good place to start?
The Nexus 6 is already receiving the Android 5.1 Lollipop update to fix some bugs. In fact, it's received three 5.1 builds in three weeks. We tell you which one to ge
(This is a preview - click here to read the entire entry.)
We are running online press media library, in this site many brands are uploading images and track press users download and views per image. But some brand now want to add unique code in image so they can track own images.
We tried some steganography tools:
Both works fine, but issue is that secure code disappeared after image resize or crop.
Simple way would be watermark, but we don't want to disturb images, because images are being used in press printing.
Is there any way to put secure code in JPG format image and track that code after resize or cropping of that image?
TCP is a stateful protocol and HTTP is a stateless protocol. Web application needs to maintain the session so why we use HTTP instead of TCP?
An anonymous VPN service will typically assign the same public IP address to many VPN users. This procedure ensures that a connection cannot be traced back to the VPN subscriber: behind the veil of the VPN’s public IP are perhaps hundreds of potential clients. This statement assumes the VPN provider does not keep any logs, and assumes the trace occurs after the connection has terminated. The VPN provider’s entire scope of knowledge is limited to a subscriber’s credentials.
Some VPN providers offer a service known as remote port forwarding. Some providers claim it is a way to operate a server behind the VPN, or forward traffic for BitTorrent. The remote port forward will pass inbound connections into the VPN’s public IP onto the VPN subscriber that requested the port forward. The VPN provider’s scope of knowledge now includes a link tying a specific port to a specific subscriber.
Doesn’t this practice eviscerate the point of a shared-IP system, wherein multiple subscribers are assigned the same public IP to promote anonymity?
This DMCA takedown notice was sent to a popular anonymous VPN service, and their response is indicated at the bottom of the page. The VPN provider reset port forwards pertaining to this particular notice, while also claiming that nothing could identify a single account. How can this be true? A basic tenant of port forwarding is that the port must be unique. Multiple users cannot share the same port forward rule on the same public IP. Even if the provider’s port forwarding rule list is “provider wide” as opposed to “server wide,” what are the odds that multiple subscribers happen to be forwarding the same port out of a range of over 65,000 available ports?
Perhaps there is no rule list at all; perhaps the port forward instruction is coming from the subscriber’s client when it connects to the service, and upon disconnect there is no evidence remaining that the port forward existed. Even if this is true, the purpose of port forwarding is often to engage in serving content. Web servers, FTP servers, p2p, torrent seeding, etc. All these activities are typically best served with maximum uptime. The subscriber is likely not disconnecting their VPN session regularly, instead they are keeping the connection alive as long as possible. Perhaps for weeks or months at a time. The VPN provider’s knowledge, while a port-forwarding subscriber is connected, now includes a VPN IP to subscriber IP relationship, due to the port forwarding rule. This pierces the VPN veil and singles out a specific subscriber (worse – their public IP as well).
How, then, can anonymous VPN providers offer this service and yet promote anonymity? Is it possible to remain anonymous while utilizing a VPN’s remote port forward service?
While running the simpleWebRTC example Step8 of the WebRTC codelab tutorial on my local computer 192.168.2.101 (in my own home private network), when someone (that I don't know) joined in (video + audio) (???)
I am wondering how could this have happened since I am running the WebRTC in my private network.
Could that person have sniffed packets on the simpleWebRTC STUN server while the browser was negotiating the session? I am trying to understand how he exactly did this.
I'm trying to design a secure and sustainable web app for messaging. The purpose is to learn how to create secure web application.
The application is suppose to be written in Javascript for web based clients and PHP for server-side.
Clients using the web application will log in to be able to use the service on a wide variety of devices.
Clients can then send messages to other users - securely without any middle hand being able to read the message in clear text. I don't want the server to be able to read the messages either, therefore the main encryption will have to happen client-side.
The whole application will obviously be built using SSL / TLS to allow secure and validated communication between the client and the server.
To ensure that only the intended parties get access to the sent data, asymmetric encryption is used. Every client has their own private keys stored client-side and their public keys stored on the server attatched to the user in a database.
When Alice wants to write a message to Bob, she encrypts the data with a strong AES key - since RSA can only handle a finite data size. To ensure that only Bob can read the message, she retrieves Bob's public key from the database and encrypts her generated AES key with it. The encrypted message is then sent to the server - along with the key used - encrypted with Bob's public key.
Bob retrieves this message / key pair from the server. Since Bob has the private key related to the used public key for encrypting Alice's message's key - he and only he can retrieve the used key in plain text. Using this unencrypted key he can then decrypt the main message and read it as plain text.
The public and private key pair has to be generated server-side. This forces the private key to be sent to the user for use. How can this be made safe, since any middle-man can retrieve the private key to further use to decrypt all of Alice's messages.
To ensure that the server doesn't know what messages users send, it cannot have access / store the private keys. This forces the keys to be stored client-side - using Javascript, a language and platform rarely associated to security or secure data persistence. Since security is of my main concern, not properly storing the private keys is a major problem.
Let's say the user wants to log in and use the application from another device, then the private key has to 'magically' appear there as well. Forcing the server to store the private keys anyway. Is there any other way to do this encryption / key management?
If the above topics are too long to read, confusing or if you're just in a hurry, below are simplified questions.
How can I ensure messages being sent between can only be read by those two parties?
How can I ensure my users that I / the server or anyone else for that matter, can read their messages?
If their is a way of storing the private keys securely client-side, how bad is it?
The new Facebook Messenger update has received a design overhaul and added SMS support, like Google Hangouts, but it doesn't work half as well.
(This is a preview - click here to read the entire entry.)
It appears that Java Keystore is often used by web server using a configuration file, with the password opening the JKS written in it and also the password protecting the specific entry.
How could that be considered secure ? With this scheme, the "secret problem" has moved to the file. Even if the file is protected by user rights, it needs to be encrypted, doesn't it ? But that would mean that each time webserver is started, admin must enter a password to generate the symmetric key (PBKDF2) and decrypt the file ?
I would like to know more about how this is managed in secure way.
The Nexus 5 was an early adopter of Android Lollipop 5.0.1, and is now one of the first to get Android 5.1. Read on to find out how to get it.
(This is a preview - click here to read the entire entry.)
we are having a Redhat linux server network proxy server [Apache http] with openssl version standing on
[jae@myserver~]$ openssl version
OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
I am planning to upgrade to to the latest available SSL version
I want to know what are the dependencies that are available at the system level , does it makes any issues on the applications that are used in this server i,e compatibility problem
If I didn't updated the openssl version , what are the serious security bugs I am gonna encounter ?
As a hosting provider, I'd like to make the process of generating a certificate for a customer's domain as convenient as possible.
I was pondering creating a webpage where anyone could:
Is there any danger in allowing anyone to generate potentially thousands of CSRs based off our private key?
Addressing some concerns/questions:
I think the real danger here is re-using the same private key for a lot of domains.
Is it really any different (from a security point of view, not management) than having a single certificate with many SANs? For instance, the certificate presented by our Cloudflare CDN has these SANs:
DNS:ssl2917.cloudflare.com, DNS:*.app.com.pk, DNS:*.boldstatementmarketing.com, DNS:*.lacasadivetro.com, DNS:forospyware.com, DNS:*.reportcrowd.com, DNS:*.vladtv.com, DNS:*.1bse.com, DNS:*.discourse.org, DNS:*.forospyware.com, DNS:*.gossipbrigade.com, DNS:*.gsmcodigos.com, DNS:*.is.gl, DNS:*.madepal.co, DNS:*.mejorando.la, DNS:*.oceanvillageresort.com, DNS:*.pinside.com, DNS:*.ratelossprogram.com, DNS:*.soopermexican.com, DNS:*.tequierocali.org, DNS:1bse.com, DNS:app.com.pk, DNS:boldstatementmarketing.com, DNS:discourse.org, DNS:gossipbrigade.com, DNS:gsmcodigos.com, DNS:is.gl, DNS:lacasadivetro.com, DNS:madepal.co, DNS:mejorando.la, DNS:oceanvillageresort.com, DNS:pinside.com, DNS:ratelossprogram.com, DNS:reportcrowd.com, DNS:soopermexican.com, DNS:tequierocali.org, DNS:vladtv.com
Is there are realistic scenario in which you would have reason to believe the key of one site has leaked, while the keys of the other sites remain secure.
Not really. Should a customer using one of these keys request to move his site we wouldn't hand out the key.
You should be generating a new private key for each CSR you generate.
Right, we should. This is a case of trading off convenience (on our end) for security. For banking, hell no. Forum sites? Possibly worth it.
What you really need to think about in your setup is integrity of the CSR. The customers need to be absolutely certain, that the public key in the CSR they have signed is indeed the correct public key.
Come to think of it, the best option here is probably to forego the requirement of generating a CSR… we could just hand out a single CSR to everyone and have them sign it with the hostname they prefer (similar to what startssl does - when signing the CSR they throw away the requested hostname and use what you enter on their webpage.
I don't know if all (any?) CAs will do that, but it's an option.
Since our security course doesn't have a lab, i'm trying to solve the Seed project's lab .
But there seems to be a problem , The code is not doing the exploit instead it's giving segmentation fault error . Is there something else must be added to the code in order to make it functional ?
Thanks in advance for your advice
We have to implement VPN connection for nearly 7 countries
Option 1 :
As we have private MPLS link to all 7 countries. It is been outsourced Third party.
As usual, please provide your highly valuable comments/answers/opinion. Which is the best way to go
Fix common Nexus 6 problems relating to Wi-Fi, crashes, Bluetooth, charging, battery life and more after updating to Android Lollipop.
(This is a preview - click here to read the entire entry.)
I want to carry out resource exhaustion attacks on access points which would lead to DOS condition of the access point.
I would like to exhaust the client association table,by imitating a large number of wireless clients with spoofed MAC addresses. Each one of these imitated clients attempts association and authentication with the target access point. The 802.11 authentication typically completes because most deployments use 802.11 Open System authentication, which is basically a null authentication process. Association with these imitated clients follows the authentication process. These imitated clients do not, however, follow up with higher level authentication such as 802.1x or VPN, which would leave the protocol transaction half-finished. At this point, the attacked access point maintains a state in the client association table for each imitated client. Once the access point's resources and client association table is filled with these imitated clients and their state information, legitimate clients can no longer be serviced by the attacked access point. This creates a DoS (denial of service) attack.
Could someone please tell me how to carry out this association table flooding attack with detailed steps including the tool which is to be used for both open authentication and authentication using WEP, WPA/WPA2-PSK.
In our HTC One M9 review, we ask whether HTC's new flagship looks a lot like its predecessor on the outside, but has all the necessary upgrades on the inside.
(This is a preview - click here to read the entire entry.)
Here is our list of the best offline Android apps to help you out when you find yourself in a dark place without internet.
(This is a preview - click here to read the entire entry.)
Access Data's .ad1 file type is a real pain to work with, and I acquired a .ad1 image that I need to analyze. Has anyone here been successful in converting .ad1 to a more amenable file type... maybe .dd? I would really like to be a able to parse the file contents using tools like those found within SleuthKit, but .ad1 is not agreeable.
This question is the same one I asked here. Since I haven't got any response or even a comment I will post it here as well.
Is there any naive implementation of Hellman's cryptanalytic time memory tradeoff in C and/or a naive implementation of Oechslin's rainbow table algorithm in C as well?
I have seen some implementations of rainbow table but they are always focused on being fast through the usage of assembly-level operations or being designed to work on a specific platform such as CUDA or FPGAs.
Below is the PHP code I wrote that allows SQL injection with one parameter ie 'id' in this case.
On trying SQL injection via putting this 2' ORDER BY 1;--' in the parameter (id field ), I get only SQL errors on the page.
On executing the query directly on mysql server ie SELECT * FROM users WHERE id = '2' ORDER BY 1;--''; I get the below result that is 1 row set along with the error.
mysql> SELECT * FROM users WHERE id = '2' ORDER BY 1;--''; +----+----------+-----------+------------------+ | id | username | password | creditcard | +----+----------+-----------+------------------+ | 2 | John | password! | 3123456769384659 | +----+----------+-----------+------------------+ 1 row in set (0.00 sec)
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '--''' at line 1
PHP code
<?php
require_once 'login.php';
if (!isset($_GET['id']))
{
echo <<<_END
<pre> <h1>WELCOME to the KINGDOM</h1>
<form action = 'si2.php' method = 'GET'>
id <input type = 'text' name = 'id'>
<input type = 'submit' value = 'cl1ck M3'></pre></form>
_END;
}
if(!get_magic_quotes_gpc())
{
$id = stripslashes($_GET['id']);
}
$connection = mysql_connect($db_hostname,$db_username,$db_password);
if(!$connection) die ("Unable to connect with MySql " . mysql_error());
mysql_select_db($db_database,$connection) or die('Could not connect with the database');
$query = "SELECT * FROM users WHERE id = '$id'";
$result = mysql_query($query);
if($result)
{
$rows = mysql_num_rows($result);
}
else { echo "Could not execute the Query: <br>" . mysql_error();}
if($rows >= 1)
{
for ($j=0 ; $j < $rows; ++$j)
{
$row = mysql_fetch_row($result);
echo "Hello $row[1]"."<br>";
echo "Your Credit Card Number is $row[3]"."<br><br>";
echo $query."<br>";
//echo $row[3];
}
}
else
{
echo "<br><br><br>Sorry no rows/results could be fetched on query execution <br><br><br>";
//echo $query;
}
?>
My question is why my code isn't able to fetch the row set and displaying the table entries ? And in case I want to then what changes should I try.
I have a private/public key pair saved as key BLOBs which were in fact exported with the Microsoft "CryptExportKey" API. Now I need to use the same key pair (specially the public key) under Linux environment. Is there anyway to import the public key from my "public key BLOB" in Linux?
My requirement is, I create a document and then sign it with my private key. This part is done under Windows environment with Microsoft Cryptography API. Now I have to use this document from Linux. To do that I need to use the public key.
Does any know what is scrncap.exe and what it does? my Security Task Manager gave it danger rating of 100 and i have quarantined it.
Samsung has officially confirmed that you can "remove" it's bloatware, but the amount of apps which can be cut will depend on region and carriers.
(This is a preview - click here to read the entire entry.)
SHA-1 is being phased out by a lot of major companies due to vulnerabilities. For example Chrome no longer considers it safe for public web PKI.
Is it insecure to use SHA-1 for PGP email signatures?
Many people pay for VPNs and select the VPN based on whether or not that VPN keeps logs of the user's activities and if so for how long. The motivation is privacy- they don't want their surfing habits to be known. Of course they take other steps , controlling cookies etc to control their privacy also.
My question is how privacy is potentially effected anti-virus software. As far as I can tell virtually all of the anti-virus makers now attempt to identify phishing sites and other malicious URLS. In order to do this, they intercept every url their customer surfs to, in order to examine it for viruses or check it against, say, a black list of known bad urls. \
My question is, aren't these companies in a position to benefit or monetize their user's definitive clickstreams? I read the privacy policy of two, BitDefender and Eset and they both sort of say, to the best of my ability to understand, that you're permitting them total access to all knowledge of when and where you surf, full stop. They then say they might share any information they collect with their partners yadda yadda yadda. This was my understanding of their privacy policies and maybe I am mistaken.
My question is- very many people go out of their way to read the TOS for their VPNs to make sure they're not being logged, but these anti-virus companies make NO promises about any logs they might keep or for how long.
People who are worried enough about getting hacked and privacy that they buy a VPN also are likely to use an anti-virus it seems to me. Is this an example of badly compartmentalized risk assessment ? It seems like the anti-virus companies have and may keep all the information users were so worried about their VPN having and keeping?
Have I got this wrong?
I've developed an API. I got confused and I've been reading articles for days. Actually my question is close to these but not exact (maybe a combination of them);
Securing REST API that will accessed from different clients
Secure no-login REST API for very few clients
I need to provide safety to my API. The API will used by client 3rd party applications. I've attached a schema the below.
What should I do?
HTTP-Basic with SSL\TLS, HTTP-Digest with SSL\TLS, OAuth 2.0 [Client Credential, Authorization Code Grant or Implicit Grant] or what else should be?
I'm writing a piece of software which will have to store a users password to allow authentication with a 3rd Party service. Unfortunately, this service currently requires the use of a password rather than some other method. A key feature/advantage of this software will be the elimination of a sign-in prompt (after the first authentication), and so it's imperative that we store the password.
I intend to use the .NET ProtectedData class for this operation.
I'm essentially asking - is this acceptable in 2015? Is there a better and more secure method of storing this data?
Further detail as requested: The software is client side, designed to run in the users context on Windows desktops. These machines are generally going to be "managed" machines (I.e., under the control of an IT department), but I'm building on the presumption that this software could be installed on any client, by any user.
Therefore, I essentially need to presume that at any point a machine could be lost/stolen. That said, if a users account is compromised then that's already more damaging than a potential compromise of this password.
I cam across this term called Satisfiability Modulo Theories which when i googled it was something that is related to various theories on low level languages ? How does this help in discovering 0days? i also saw people using something called " Z3 solver" could somebody give a shorter explaination of what this is ?
Does anyone have experience dealing with the Industrial and Commercial Bank of China Limited in Hong Kong? Are they at all receptive regarding inquiries into abuse/fraud perpetrated by their account holders against small businesses in the United States? I'm trying to track down some information regarding a possible attack where the attackers may have an account at this bank, but I wonder if it is worth my time and if so who at the bank would be contact point for this kind of information.
today i was trying to enter my routers page, i put the default ip address starting with 192.168. i couldtn't login so ran ipconfig, and i found my ip assigned to A class ip.i was confused because i didn't change my ip so i typed that A class ip which starts with 10.100 a file downloaded and installed in my computer. i ran network map in windows 7 i found a computer not in my network taking the routers name. i want to upload the images but i don't know how.
so is my isp hacking me? thank you
Win a 50" LG TV and a sound bar worth 800 dollars in just one easy step in our AndroidPIT epic giveaway. But act fast, because there's only one day left.
(This is a preview - click here to read the entire entry.)
Can anyone suggest good tools for recovering deleted files from mobile devices?
android devices are pretty easy, but the problem i am having is iPhones... one of my devices is an old iPhone 3g. this one has been defeating me for the last year (most places i look at when i google just say about recovering old back ups) I do not have ANY backups ever of this device... this phone (now my Mp3 player) has been preserved as much as possible as to not overwrite any sectors...
any suggestions? I have linux ubuntu 10.10, kali linux, OSx maverick and windows 7/8 as operating systems.. recovering files on computers and androids are easy. iphones, not so.
once again I only have the iPhone nothing else, so the data has to be ripped from the phone only.
Thank you in advance.
I have a client that is trying to access my VPN server from a newly allowed connection at his work place. He can connect to the internet and browse when he plugs in his laptop, but when he tries the VPN connection to my server it does not connect. Any help is appreciated. He has connected to my VPN previously from his home
I've done some reading in this area and there is very little information about the security of a HashMap. The only article I could find was on IBM's Developer Works site.
What hashing function is used for HashMap in Java. That's really the most important question regarding the security of HashMaps, right?
I just have a quick couple of questions. I used the program icopybot to look for old emails. Under the recents section there are email addresses as well as phone numbers that had mail & SMS sent to. There are time stamps beside them. My question is are those times only recorded if an email has DEFINITELY been sent (in this case a craigslist email link)? There are actually more than one time stamp beside each. Are those sent correspondence only or received correspondence as well?Lastly, the address hash number that's listed next to each of these email addresses.....is that something that can actually be used to find the actual message in this iTunes backup? Or is that even possible? i sent an email to icopybot twice with no response.
Thanks for the information!
With regards to encryption and preventing a 3rd party from viewing my emails (and ignoring validity/signing), is encrypting an email via PGP or S/MIME useful when I control my server and my recipient controls their server?
I'm assuming the servers are not compromised and do not have other untrustworthy admins. And, for the sake of this argument, they are both physical servers, so there shouldn't be a problem of virtual machine vulnerabilities.
From my understanding, email between servers is encrypted, as long as they are both set up to support that. Are there other security concerns that are still valid that would be negated by email encryption?
I need to create a system that allows a user to enter codes to charge an allowance. Embedded in this code should be the amount to charge the allowance.
The user would pay for a code which would then be generated on a server and then presented to the user. Then the user would enter the code into an embedded computer with no internet connection. The computer needs to decrypt the code to make sure the code is valid and also get the allowance out of the code.
To make this secure, I thought about doing this:
Please try to think of ways that would allow you to crack this system with the goal of adding allowance without having paid for a code (thus, generating a valid code on your own).
Physical access to the device (such as flashing it) is not an issue.
I have a question about implementing OpenID Connect I was hoping I could get some help on. I understand the different flows and get that the authorization code flow is good because it allow client credentials and server-to-server communication is more secure than communication through the user agent. But even so using the intermediary code seems unnecessary if the client and OP were to use authenticated encryption on their correspondence through the user agent. Groundhog Day attacks could either be restricted through the use of a very short expiration time specified within the message or eliminated with a preliminary request to the OP for a nonce. Assuming a strong enough encryption, i.e. AES-256, I would think that even refresh tokens could be sent through the user agent with negligible decrease in security. Are there any other considerations or reasons why this could/should not be done that I may have overlooked?
I'm part of a company that has at least 1000 PC's distributed in different buildings over a radius of 25 miles.
I've been asked to make a program to survey technical information on each PC.
Since not all of them share a LAN connection but all of them have internet access, my solution was to use a gmail account to share the encrypted data.
I've created client/server like services to send the data and retrieve it to the data base through emails, all of them using the same gmail account (to send and receive).
I know that this look a lot like a botnet...actually I think it is, since each client would be able to receive configuration mails from the server to request certain registry entries.
Anyway my question is: will gmail detect al this traffic made on the same account as a botnet and close it? if so, should I use several accounts?
Imagine this, you have a top down view of two LANs that reside in different locations.. You know which machines are on in each LAN and their private IP's.. Is it possible to send an ICMP packet from a machine in one of the LANS to a specified machine in the other LAN? Obviously the dest address of the packet can't be the private IP it is intended for, but instead the dest routers public IP, so is it possible to directly send the ICMP packet to a host in another network?
Bob has a mistress. Her name is Alice. Bob`s wife Eve knows Bob is unfaithful, but she does not know who the mistress is. Alice does not know Bob is married.
Bob needs to communicate with Alice over e-mail, but he needs to use his personal address (bob@bob.bob) and the e-mails must be sent to personal address of Alice (alice@alice.alice), otherwise Alice would be suspicious why she could not use her personal address.
Eve decides to monitor Bob`s e-mail communication and e-mail communication of all his possible girlfriends to find out, who the mistress is.
Is there any way for Bob to hide the fact he communicates with Alice? PGP encryption is not a solution: it hides only content of message, not a sender nor a receipient.
I thought there could be some trusted "friend-in-the-middle" Fred who communicates with both Bob and Alice. Bob could send e-mails to Fred with a real receipient in the first line of PGP encrypted message. Fred would decrypt the message, read the receipient, encrypt it again and send to Alice, so Eve would think Bob communicates with Fred and Fred communicates with Alice and there is no communication between Bob and Alice.
Is there any typical solution of this problem?
EDIT: Alice can cooperate in the way she encrypts her messages (because Bob's mistress would surely be security-conscious), but she needs to use her personal address and she needs to recieve e-mails from Bob`s address.
EDIT II: (for my girlfriend) I am not Bob, I have no mistress and my girlfriend is no monitoring my e-mail communication, well, I hope :-). I am looking for a technical solution how to hide communication between two given e-mail addresses. That is why a divorce is not a solution and changing one of these addresses is also not a solution, because it changes the original meaning of my question :-)...
I have a simple login form on my web page and the URL looks like this:
http://ift.tt/1GkhKfa
If I try something like this:
http://ift.tt/1BlRDPs
I'm redirected to a stack dump that looks something like this:
exception 'DOMException' with message 'Invalid Character Error' in /<mydirectory>/a_xml.class.php:74
Stack trace:
#0 /<mydirectoy>/a_xml.class.php(74): DOMDocument->createElement('()')
...
#6 {main}
Is this a big problem in terms of security? Are there any attacks a malicious user can perform that will allow him to deface or steal my database? Or is this relatively benign and I can ignore it?
From what I understand form various online resources (e.g. here) "Active Block" has precedence over "Active Allow" rules. My question is, what happens if a port does not have a rule specified in either of them? Is the default behavior to allow or to block?
Researchers figured out how to hack computers using heat
I read article about it here and it says:
Researchers at Ben-Gurion University have created a new piece of malware called BitWhisper. Infected machines can transmit data using heat they produce. Commands, for example, can be passed from one system to another by modulating its temperature. The target machine’s thermal sensors pick up on the fluctuations and execute a predefined action. Small bits of captured data (like passwords) can also be transmitted this way.
Can you please explain how this is possible in more simple and logical terms, and how can we protect yourself from this malware?
I've just set up a Raspberry Pi 2 with the latest raspbian and installed some services.
For remote access I've installed tightvnc server which I set up to only allow connections from localhost. I can still access it remotely by first starting a SSH connection which opens a tunnel to the used port (e.g. via putty, or from linux with the command ssh pi@10.0.0.1 -L 5901:localhost:5901).
I only opened my firewall for SSH, (S)FTP and HTTPS to the raspberry pi but obviously can access everything within the local network either from a SSH connection or from within the VNC connection to the Pi.
I can even access my local windows machines by opening a VNC/RDP connection from within a Pi VNC session and I'm thinking about enabling wake-on-lan on local devices so that I could even boot them from everywhere.
This access to the local network is pretty convenient but actually there's no real need for it so I'm asking myself (and you...) if I just opened up a big security whole.
What I actually would like to know:
I'd really appreciate opinions to those questions!
Thanks & best regards
Ps: I'm talking about a private network so there's no company data at risk but I still don't want to open security vulnerabilities for some nice to have features...
Here I found a new terminology first time.
Looks like a spam seed is a post, which "is designed to allow spammers to post questions so it looks legitimate".
What means this exactly? Maybe it is some type of a spamfilter poisoning?
When I attempt the DOM injection exercise in WebGoat Ajax Security section I get a 408 Request Time-out response. What I've done is type a character in the WebGoat textbox and intercept the response with ZAP. I then, using ZAP, replace the body of the response with document.forms[0].submit.disabled=false; The WebGoat application contains eval() and I had expected that eval would process my code to enable a disabled button on the application's page - which is the point of the exercise. All I get back in ZAP id the timeout response. Any help appreciated. Thanks. P.S. For those who might not know, WebGoat is an deliberately insecure system from OWASP, the purpose of which is to learn security vulnerabilities with a view to hardening working applications against such vulnerabilities. I know that the vulnerability in the exercise in question is eval(), yet the Tomcat server in the WebGoat suite times out, preventing the predicted demonstration of an eval() vulnerability.
This week Noble and Barnes launched their newest main Ereader named the NOOKcolor. This newest develop sports a complete 7inch colour display, as you might anticipate in the title. It may not appear usual to proceed having the full colour Ereader compared to the more easy to read Eink grayscale displays but that is not your normal Ereader. The truth is, it is extremely near to truly being a pill Computer.
I don't have strong skills about this matter but I am very curious about the following communication so may I ask:
One institution sent a message to all network users saying that "all requests to the internet which are encrypted will be decrypted and then re-encrypted at firewall level". So my questions are: is this possible?! And how?
Examples are given: Google, Facebook, LinkedIn, ... which use encrypted connection. And also examples that stay out of this mechanism: sites tagged in the "financial" category.
If the keys are only shared by my computer and the website, how can the requests be decrypted? The institution is big and has resources, but I cannot imagine the firewall breaking the keys in run time for all requests.
I see that there are companies selling "SSL Decryption and Inspection" services.
Can someone explain me how this work please?
I'm presently in India and using a broadband cable Internet connection provided by a local ISP - surprisingly they did not provide a modem/router - they just a drew a cable in from a telephone pole near the house - and plugged it into the CPU using an RJ45 Connector. Does anyone know what kind of a connection this is ?
Now, most importantly - I think this connection is unencrypted and anyone could actually climb up that pole, draw some wires and freely steal data. I am unaware of what other security threats are possible on such a connection. Any advice on how to secure such a connection ? Also, does anyone else here have any experience with such a connection ?
I'm designing architecture for sending private messages (i.e. only sender and receiver are able to read a message).
Client side - iOS, server side - Parse.com
I'm thinking of using RSA to encrypt/decrypt messages as follows:
My goal is that no one except the participants of the conversation is able to read the messages. Will this system ensure that?
On the side note, would you recommend any iOS libraries for RSA encryption/decryption?
I need information about the is it possible to track a user with email headers
I am writing a code to perform encryption and decryption using CryptEncrypt and CryptDecrypt functions, a part of Crypto API in windows. Can anyone tell me that what kind of encryption this two function uses? I mean is it using AES or DES or 3DES or others??
quick question. I have been doing business with someone on fiverr. The person helping has been really good but I have concerns that they could potentially hack through teamviewer. I never leave sight of my pc and I follow every click that is made with the mouse.
however, is there a way that someone can hack without my knowledge? Is there a way for them to control my mouse on their end and make it appear as if my mouse pointer isnt moving on my end?
I make sure to completely log off and lock my pc after each session, however I am not sure how to check if my pc has been hacked without my knowledge
I found this from OWASP IOS Developer cheat sheet.
I want to know if there is a way to access the keystrokes in IOS(using Xcode or any other app installed in iphone). If so how? Thanks in advance.
We are a team of 20 people we have a machine that is used by everyone. We take remote desktop of that machine to work on. so if somebody is working and i want to take that i have to ask everyone in the team who is using it so that i can take the remote desktop of it. Is there any way so that i can directly know who is using remote desktop of that machine so that i don't have to ask everybody in the team.
I am having issues playing an audio file on the chrome browser!
This audio file plays on the chrome browser on my mobile LG G Pro-2(D838) running Kitkat 4.4.2 without any issues. But when i uploaded this same file to our server and tried to open it on chrome browser, it does not play. Here is the link to the file at our server.
Now the server is configured for HTTPS access only. When I tried playing the file after enabling HTTP access, the audio played. Also, the images and other content on our server is accessible on the same mobile device via HTTPS. The audio file also plays on other mobile devices running same Android version(Google Nexus 4 running 4.4.2).
We are using certificate provided by StartSSL(free version).
Is there something wrong with the SSL certificate we are using? Or is it the problem with the device?
I am using wordfence on my wordpress website and enabled sending message when someone logged in to my site after checking my email An uknown IP address was logged in as admin user to my wordpress admin. what should I do now?
I have read and done a lot of security tweaks and I am using two security plugin at the same time. I don't know what to do now.
I have been hacked before
I've heard that IMEI numbers are stored on an EEPROM, essentially letting them be erased and rewritten. Thieves misuse it to make stolen phones untraceable. Is there a reason why manufacturers don't use one-time programmable non-volatile memory for this?
There has been some weird activity with my wifi router after somebody threatened to ddos me. I am looking at my wifi router's activity logs and i don't know what i am looking for. What happens is my wifi turns off, for all the devices in my house, then i can't connect to the internet for 1 minute or so. This has happened twice now after i got a call on my home phone from a skype number that said "this is LizardSquad" and that they were going to hack me. Could somebody tell me what i am looking for in the logs and how i can better secure my wifi so that it doesn't happen again? Thanks.
Knowing how to do an Android backup is essential. So we've brought together the best ways to backup everything on Android: using Google, PC, apps or rooted solutions.
(This is a preview - click here to read the entire entry.)
I have a situation where my web application is going to be deployed on multiple servers.
Now, what I was thinking of doing was implementing Encrypt and Decrypt library functions that utilize the AesManaged class. These would use an AES key that would be different for each server (we would generate a new one for each server on deployment) - that way, each server would be using a different key. We would then use SectionInformation.ProtectSection() to encrypt them in Web.config, so they were secure.
However, I've come accross the ProtectedData class. This hooks into the Windows DPAPI functionality and allows symmetric encryption and decryption. Now I'm wondering, is there any point in my using AesManaged with my own generated keys at all, or should I just encrypt and decrypt data using ProtectedData? What are the pros and cons of each?
How to how to factory reset the Nexus 7 (2013) - Is your Nexus 7 behaving erratically or running less than smoothly? A factory reset may give it renewed lust for life.
(This is a preview - click here to read the entire entry.)
I'm wondering if an antimalware vendor has ever whitelisted (or otherwise failed to detect) a piece of malware because the author/sponsor either paid them, threatened them, or legislated against them.
I have been studying to learn about various cipher suites and their performance; I'm wondering about the difference between DHE_DSS_AES256_CBC ciphersuites and DHE_RSA_AES256_CBC ciphersuites. I gathered that DSS is efficient when compared with RSA. Is that correct, and can anyone explain in more detail what the differences are and how they perform?
I know that on the server side it's very bad to display system-level errors instead of logging them to disk, because it could expose potentially sensitive information, but do the same concerns apply to client-side languages like JavaScript?
e.g.,
try {
foo();
} catch ( exception ) {
if ( window.console ) {
console.log( exception );
}
}
Since everything is already accessible to the browser/user, I can't think of real problems.
The only thing I could find on the web was one example of outputting a password on a login form:
But the troublesome thing is that there may be an easy temptation to console.log() something very sensitive, like console.log(password_entered). [...] the fact that they obviously have a process in place which does not properly filter out [temporary debugging output] means that at some point they may accidentally expose something they would otherwise not want to (or their users wouldn’t want!).
I'm as paranoid as the next guy, but that seems a bit silly. Even in an extreme case like a password being exposed, wouldn't an attacker who was able to view it already have all the access they need? Or am I overlooking something?
I wonder what kind of infections AV software is capable of detecting:
There are some inherent risks in owning a smartphone, but they rarely get discussed. In this article, we show you 3 ways your phone is killing you (and how to stay safe).
(This is a preview - click here to read the entire entry.)
How do you store a username/password securely in a rails app when using it for many ldap searches?
The connection in the app requires
ldap_bind_authenticate(Net::LDAP.new, username, password)
each time a search is made, and the credentials of the user are not stored at logon. I often see developers using a test user for the searches and storing a plaintext username/password pair in the user.rb model. Is there a more secure way to do this?
When you get a new Android phone or tablet, sometimes you just want a little help to find the best free Android apps. Here are the best free apps for Android in 2015.
(This is a preview - click here to read the entire entry.)
I lost my internet connection for about 15 minutes and i checked my netgear router log and found theese 3:
[DoS Attack: ACK Scan] from source: 114.77.184.189, port 44822, Tuesday, March 24,2015 19:08:15 [DoS Attack: ACK Scan] from source: 91.135.35.51, port 80, Tuesday, March 24,2015 18:53:17 [DoS Attack: ACK Scan] from source: 193.66.251.213, port 80, Tuesday, March 24,2015 18:51:31
My connection is slow and i loose internet completly from time to time, but i've never checked the logs before. Is this an attack?
Which school can i obtain a master degree in Information security? I reside in Nigeria and which to do my master in Information security.I have tried google search engines.
My husband is addicted to going and answering the personal ads on cregs list as a "destresser." He refuses to stop nomater how much it hurts me. I need to find a way to intercept both incoming and out going emails before they make it to their destination. (He has gotten to where he deletes them as soon as he reads/sends them) I just want this all to stop... Please teach me.
I own a Netbook and my external DVD Drive is possibly infected with Bad USB.
If i install Ubuntu using this infected DVD drive could my system be taken over during installation process or later when the drive is already unplugged considering the facts that i am installing offline and setting a strong sudo password during installation and unplugging the DVD drive right when the installation is finished and before there is an internet connection?
Thanks in advance for your replies.
Suppose H has taken C’s certificate and manually changed the subject information in C’s certificate from C to H. Would this modification be detected by A during the certificate verification process?
I am using vpn for port forwarding in kali linux . The problem is that i could not receive any reverse connection from target pc or I can say I could not receive data packets from my forwarded port ?? how to fix this??
Which attack takes place more often over the internet? I would have assumed DDOS due to the amount of botnets around today.
I have a situation where I keep receiving spam from several IT companies. I think I gave away my email to a company in the last couple of years for reading a white paper or something (I do not remember at all). And that company has been selling my email to various IT firms.
I reached out to a couple of companies asking them about how they were able to gather my email address but they were not willing to disclose.
What's the best (if any) way to deal with a SPAM situation like this?
I am currently a bit confused, I have read today an article about the BIOS-rootkit Lighteater made by John Loucaides and Andrew Furtaki. In their presentation 'How many million BIOSes would you like to infect?' they explain what they have done. They spoke at the CanSecWest this month. This is real serious, as in a concept of proof they were able to get a a private GPG key in plain text from memory, although using Tails that is just running in RAM.
They said: "The high amount of code reuse across UEFI BIOSes means that BIOS infection is automatable and reliable". As far as I know, UEFI is the successor of the old BIOS. So I am a bit confused about these two terms. What I do not understand is, they say that the UEFI is vulnerable, is the old BIOS vulnerable to these kind of attacks, too? I am asking because I still have an older BIOS and not UEFI, am I vulnerable to these attacks too and have to quickly flash a newer version on my board, if one exists? And what are you doing about this?