security - Geek Memos

Android P: Private DNS

Android Pie, or P, offers the ability to use the DNS-over-TLS capable DNS servers of your choice. This also solves the problem of having to install third party applications to change the phone's default DNS servers without dealing with the mess of manual configurations. See more about the Private DNS

attacks

Root DNS Servers Experienced DDoS Attack with 5 Million Queries per Second

A report from Root [DNS] Server Operations or rootops published on December 4th, 2015 stated that the Internet Domain Name System’s root name servers received a high rate of DNS queries over two separate intervals. The incidents occurred on November 30, 2015 and December 1st, 2015. The queries were

bind

Bind DNS Server major flaw could let a script kiddie bring down large number of DNS servers

BIND is most widely used DNS Server to date. A major flaw was found in BIND’s versions from 9.1.0 to 9.8.x, 9.9.0 to 9.9.7-P1, and 9.10.0 to 9.10.2-P2. (CVE-2015-5477) Attackers can exploit it by sending vulnerable servers

anonymity

Internet Anonymity Pros and Cons

Anonymity over the Internet has largely helped journalists escape clinching firewalls and surveillance of their governments. In fact, Freedom of the Press Foundation recommends use of The Onion Router (TOR) to better protect journalists’ from surveillance and in many instances prison (Lee, 2013). Anonymity in the World Wide Web allows

dns

Automate DNS Zone Transfer

/bin/bash #Simple zone transfer bash script with $1 being first argument given #Tested against zonetransfer.me #for example ./zonetransfer.sh zonetransfer.me if [ -z "$1" ];then echo "[] Simple Zone Transfer script" echo "[] Usage : $0 " exit 0 fi #if argument was given, identify DNS

blogs

Google's No Captcha reCaptcha Breakable?

Egor Homakov of Sakurity claims, I’d say proved, that Google’s No Captcha reCaptcha might not be as bot proof as we thought. Due to reCAPTCHA’s reliance on user’s previous behavior (cookies), going incognito brings you to old school Captcha again. Now remember, this is same captcha

nmap

Scanning North Korean Public IP space

via http://nknetobserver.github.io/ **Some noteworthy points:**- The allocated North Korean network range is 175.45.176.0/22 - 210.52.109.0 – 210.52.109.255 block is assigned to North Korea through Chinese company China Unicom - 77.94.35.0/24 — this block is

grep

Quick Nmap ping sweep and output to grep-able format

Start with laying out what range of IP addresses you want to scan. I’d suggest keeping it limited to your specific targets. Then run this as root: nmap -sn -v -oG nmapped.txt 192.168.1.201-254 -sn (No port scan) .This option tells Nmap not to do a

hacking

PingSweep with Scapy

Want to get a bit geekier with your ping sweeps? Python Scapy can be used to create, modify, send, and intercept network packets and any TCP/IP layer. Here is a simple ping sweep script with Python Scapy: !/usr/bin/python from scapy.all import * TIMEOUT = 2 conf.verb = 0

certification

My journey towards OSCP

I’ve started studying for Offensive Security Certified Profession (OSCP) certification also called Penetration Testing with Kali (PWK). This certification claims to give you good grip on penetration testing which includes network and application side of things. When you sign up for 30, 60, or 90 days of labs ($$$) you

google

SSL3 Vulnerability code-named 'Poodle'

SSL version 3 is still being supported across all platforms. That is , even though this encryption mechanism for the web is 15 years old, almost as old as Windows XP. Google researchers revealed today that SSL 3 might be vulnerable to Man in the Middle (MITM) attacks. Basically, an attacker

hacking

Information Leakage

Contents 1) Introduction. 2 2) Information Leakage. 2 3) Types of Information Leakage. 4 a) Intentional Leaks. 4 i) Internal Agents. 5 ii) External Agents. 6 b) Accidental Leaks. 6 4) Exploitation Channels. 8 a) Electronic Mail 8 b) Hard Copy. 9 c) Improper Configuration of Security Systems. 9 i)

hacking

HTTPS Security Encryption Flaws Found

Mathew J. Schwartz | March 19, 2013 10:09 AM http://www.informationweek.com Security researchers have discovered weaknesses that could be exploited to crack some types of encrypted Web communications. The flaw exists in the RC4 encryption algorithm that’s often used to help secure the SSL/TLS communications that

rdp

Securing Remote Desktop Connection

Recently I’ve gotten tired of using logmein. Their servers are getting slow and finishing my daily tasks is getting difficult. So what am I gonna do? Remote Desktop. Well of course, I will have to do this in three steps: Use Dyndns to connect remotely to my home router

attacks

Nokia Performing Man-in-the-Middle Attacks

From Bruce Schneier’s Cryptogram: Man-in-the-Middle Attacks Against Browser Encryption Last week, a story broke about how Nokia mounts man-in-the-middle attacks against secure browser sessions. “The Finnish phone giant has since admitted that it decryption secure data that passes through HTTPS connections — including social networking accounts, online banking, email and