7.5.2012 von tugrik.
Hi,
Just putting this out in the Internet so that when someone faces the same problem that I do this will, hopefully, give them a solution.
You’re using wicd-client to connect to wireless networks, you click Connect, the usual sequence appears… “Putting interface up”, “Validating Authentication”, “”Obtaining IP Address”, “Done connecting…” but then wicd says “Not connected”. Your wicd.log file ends in something like this:
DHCP connection successful
not verifying
Connecting thread exiting.
Sending connection attempt result success
The solutions are either:
killall dhcpcd” or “/etc/init.d/dhcpcd stop“.Geschrieben in general | Drucken | Keine Kommentare »
31.1.2012 von tugrik.
The “Social Engineering Vulnerability Evaluation and Recommendation (SEVER)” methodology, located at http://www.kgb.to/SEVER_Instructions_Final.pdf , was recently highlighted to me, and also appeared in the darknet.org.uk blog in December 2011, although the document appears to date from April 2011.
The SEVER project hopes to
The truth is far from this, and the detail is unnecessary - I started writing references and in the end realised I was referencing at least every page, if not every paragraph.
In summary, the document is an “eighties text file” style rant about the author’s personal irritants; it doesn’t really detail a methodology at all, and concentrates on how to attack a single person rather than an organisation or other goal. For example as part of a Social Engineering engagement the author appears to advocate the exploitation of phobias, use of lighting to induce migraines in the target, gaining rapport with the target through mutual use of illegal drugs, and torture. I strongly suggest reading for entertainment purposes only.
In stating the above I’m presuming that Penetration Testers all obey the law, their job being to simulate the effect of criminal acts rather than commit them; also their intention is to show the customer that they are can be trusted with the information and access they’ve been granted. Also that as part of the engagement a Penetration Tester is not permitted nor willing to cause permanent physical and/or psychological damage to their client’s employees. The legal liability incurred by trying out many of the techniques listed would be “interesting.”
Geschrieben in opinion | Drucken | Keine Kommentare »
22.4.2011 von tugrik.
There’s an excellent post on Security Principles and Maxims over at http://blog.blackswansecurity.com/2011/04/security-principles-maxims/
When discussing the ubiquitous and nebulous “Best Practice”, it’s handy to have an actual list of what that is - and this is a great start.
Geschrieben in general | Drucken | Keine Kommentare »
15.6.2010 von tugrik.
TSCrack… courtesy of this page…http://ahlindia.17.forumer.com/a/tscrack_post179.html
It can be downloadedfrom here: http://web.archive.org/web/20030503034543/http://ackers.org.uk/tscrack/tscrack.exe
Geschrieben in general | Drucken | Keine Kommentare »
7.6.2010 von tugrik.
We’ll see….
( time passes )
It didn’t…
Geschrieben in general | Drucken | 1 Kommentar »
30.5.2010 von tugrik.
The md5sum for Metasploitable.zip obtained from a torrent… well it’s e54089ba72fe0127d06528decad9a6ae for me, which either means it’s fine, or if it’s the same for you, then at least we know we’ll have both been owned by the same hackers…
Geschrieben in general | Drucken | 1 Kommentar »
5.1.2010 von tugrik.
Just in case you don’t read slashdot… as revealed on http://seattlewireless.net/~casey/?p=13 , the Kodak EasyShare Wireless Digital Picture Frames contain a lovely security issue.
As well as displaying pictures from an SD card, you can point the device at any RSS feed and have it display the contents. You just set up a FrameChannel account using the secret code that comes with the frame, and configure the feeds accordingly. However in the Advanced Settings of this interface there’s a URL that shows a feed of everything being displayed on your frame. This is a very predictable URL, based on the device’s MAC address, So you can see what other Frame owners are downloading to their device…
…and if you look through the comments at that URL, you’ll see that a lot of “informal assessment” of the service has taken place; it’s possible to reset to activation code for frames, determine the RSS feeds used by devices that have yet to be sold… and there’s some code in the comments to do that for you too.
As “Mike” aptly put it: “So Kodak has essentially built a system for letting complete strangers (a) browse your family photos, and (b) beam shock porn directly into your living-room?”
See also http://yro.slashdot.org/story/10/01/05/0413228/Kodak-Wireless-Picture-Frames-Open-To-Public
( on a side-note I was considering another posting, refuting the comments on http://www.altaware.com/articles/pentest.html, which I stumbled across recently. In the end I decided that was best left as an exercise for the reader, as the only retort I have that won’t take me an evening to write is “you’re not very familiar with pentesting are you?” )
Geschrieben in hacking, general | Drucken | 1 Kommentar »
28.12.2009 von tugrik.
I wanted to say something, but, of course, Schneier has said it so well already…
http://www.schneier.com/blog/archives/2009/12/separating_expl.html
Seeing as the existing methods worked so well in preventing this attempt, it’s a good job they’re bringing in newer and more effective protective mechanisms….
Geschrieben in opinion, general | Drucken | 1 Kommentar »
8.12.2009 von tugrik.
The Internet isn’t the real world. That’s not that hard a concept is it? In training courses I’ve felt a little embarrassed when making a point of this early on in the presentation, as it feels like such an elementary point.
But occasionally, due to the nature of some of the mailing lists I’m on, I have to explain this. Some annoyed spam recipient, or a user with new firewall software and mad whois skillz, wants to exact retribution on the dastardly IP address that just attacked him; and I explain how difficult it is to tie received traffic to an IP address, and an IP address to a person.
Then I read this:
“Real Security Is Threat-Centric” at http://taosecurity.blogspot.com/2009/11/real-security-is-threat-centric.html by Richard Bejtlich.
Now if you’re trying to pin down the source of a concentrated attack by many parties, and trying to generally attribute it to a foreign power or a criminal gang, or a concentrated concerted attack, I can see his point about attribution, just, if I squint. However the online equivalents of Bejtlich’s “local residents” are unlikely to come under such an attack, and will more likely be spammed using hacked email accounts or faked sender addresses, compromised through a drive-by download, infected by a worm, simply be some bot, or similar. In those cases attibution is very difficult, if not impossible.
To stretch Richard Bejtlich’s example even farther… imagine the situation, two suspects were questioned Friday, but the suspects claimed that their bodies had been compromised and were under the control of malicious ghosts, or that the evidence of the break-ins had been remotely faked by a rival of theirs from Brazil; or the victim’s possessions had only been copied, not removed, so no-one noticed they’d been “stolen” for several months, meaning all the forensic evidence of the break-in had been destroyed.
Ridiculous ideas, yes? But their online equivalents are possible because… wait for it… The Internet is not the Real World, don’t expect the same methods to work on here.
Geschrieben in opinion | Drucken | Keine Kommentare »
6.12.2009 von tugrik.
From http://www.wired.co.uk/wired-magazine/archive/2009/12/features/25-ideas-for-2010-neurosecurity.aspx ( 25 ideas for 2010: Neurosecurity ), a quote from Kevin Fu, of the Medical Device Security Centre:
“Hopefully the medical community will have the proper regulatory incentives to manufacture devices that can resist the security and privacy risks introduced by wireless communication,” says the MDSC’s Kevin Fu. “Otherwise it’s a no-brainer that some depraved person will attempt to cause harm.”
Undoubtedly this has been taken out of context. Partly because the second point doesn’t follow on from the first - the threat will be there regardless of whether it will be resisted or not. But mainly… hoping that a community will come together to provide regulatory incentives is obviously overly optimistic: the glacial evolution of the PCI DSS shows that it’s unlikely at best. I’m hoping the BioTechnology Indsutry Organisation Device Security Standard ( BIO DSS ) is alive and well by the time I require one of the devices.
Geschrieben in opinion | Drucken | Keine Kommentare »