security

Bookmarks for 22 Apr 2016 through 23 Apr 2016

These are my links for 22 Apr 2016 through 23 Apr 2016:

  • How to use Powershell in an exploit · rapid7/metasploit-framework Wiki
    PowerShell is a scripting language developed by Microsoft. It provides API access to almost everything in a Windows platform, less detectable by countermeasures, easy to learn, therefore it is incredibly powerful for penetration testing during post exploitation, or exploit development for payload execution. Take Metasploit’s windows/smb/psexec_psh.rb module for example: it mimics the psexec utility from SysInternals, the payload is compressed and executed from the command line, which allows it to be somewhat stealthy against antivirus. There’s only less than 30 lines of code in psexec_psh.rb (excluding the metadata that describes what the module is about), because most of the work is done by the Powershell mixin, nothing is easier than that. The command line will automatically attempt to detect the architecture (x86 or x86_64) that it is being run in, as well as the payload architecture that it contains. If there is a mismatch it will spawn the correct PowerShell architecture to inject the payload into, so there is no need to worry about the architecture of the target system.
  • HOWTO use geoiplookup – Fail2ban
    You may be interested in a quick summary of the countries where the attacks come from. This document explains how to find these information.
  • IP Address Details – ipinfo.io – Simple, reliable, and affordable IP geolocation data.
  • Cryptocat – Chat with your friends, privately.Cryptocat is free software with a simple mission: everyone should be able to chat with their friends in privacy.Open source. All Cryptocat software is published transparently.
    Encrypted by default. Every message is encrypted, always.
    Forward secure. Chats can’t be decrypted even if your keys are stolen.
    Multiple devices. All devices linked to your account will receive forward secure messages, even when offline.
    File sharing. Securely share files with friends.
    Group chat. Chat with multiple buddies at once (coming soon).

Bookmarks for 29 Mar 2016 through 8 Apr 2016

These are my links for 29 Mar 2016 through 8 Apr 2016:

  • VMware: Add PortGroup to all hosts in cluster with PowerCLI – […]
    Today we configured a new VLAN on the physical switches, now we need to configure a portgroup with vlan id on multiple ESX hosts in our cluster. To do this by hand it will cost 3 minutes per host, to script this.. you configure this in 10 seconds![…]
  • Creating Active Directory Accounts – Microsoft stores a quoted password in little endian UTF16 base64 encoded.
  • LVM Loopback HOW-TO | Anthony’s Blog – This is a simple tutorial on setting up LVM on loopback devices, I’ve used it a few times for creating dynamic virtual disks; it came in particularly handy when archiving NEXRAD radar data for my radarwatchd project – using up all your inodes on several hundreds of thousands of 15Kb files doesn’t sound like my idea of fun. Creating a virtual volume with reiserfs was a particularly handy solution in this case.
  • Retroshare – Retroshare creates encrypted connections to your friends. Nobody can spy on you. Retroshare is completely decentralized. This means there are no central servers. It is entirely Open-Source and free. There are no costs, no ads and no Terms of Service.

Bookmarks for 24 Mar 2016 through 25 Mar 2016

These are my links for 24 Mar 2016 through 25 Mar 2016:

  • Coderwall | Dump all variables – For debugging purposes it can be useful to not just dump hostvars but also all other variables and group information. You can do this using a jinja template which you could include in a debug task
  • Using Ansible to create AWS instances | Tivix – Ansible is a great tool for enhancing productivity. With a vast array of modules to choose from, it can save you a lot of time by automating away common tasks. At Tivix we use it for single-command deployment, with the most common destination being Amazon EC2 instances created beforehand. Since Ansible is capable of managing EC2 resources, we can improve this setup by making a playbook to create an instance for us.
  • Home | OpenSCAP portal – The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement and enforcement of security baselines. We maintain great flexibility and interoperability, reducing costs of performing security audits.
    The OpenSCAP project provides a wide variety of hardening guides and configuration baselines developed by the open source community, ensuring that you can choose a security policy which best suits the needs of your organization, regardless of its size.
    SCAP is U.S. standard maintained by National Institute of Standards and Technology (NIST). The OpenSCAP project is a collection of open source tools for implementing and enforcing this standard, and has been awarded the SCAP 1.2 certification by NIST in 2014.
  • Wazuh | Augmenting OSSEC Host IDS – Wazuh contributes to Open Source Security developing and integrating new modules to extend OSSEC capabilities and functionality.

Bookmarks for 16 Mar 2016 through 24 Mar 2016

These are my links for 16 Mar 2016 through 24 Mar 2016:

  • “Reverse Engineering for Beginners” free book
  • Resolve Hardware Status Alert SEL_FULLNESS | Brian Ragazzi – […] I noticed an alert on two UCS B250M2 hosts in the vSphere Client. The alert Name was “Status of other host hardware objects”. This isn’t helpful. To get more information, you have to navigate to the Hardware Status tab of the host properties. Here I saw more information about the alert. It’s cryptically named “System Board 0 SEL_FULLNESS”. […]
  • Network Stack: Cisco ASA Packet Capture – […] The ASA platform has fantastic built-in packet capture capabilities which can come in very handy for troubleshooting issues. I will be demonstrating some of the capabilities using an ASA 5505 running version 9.0(1).Performing a packet capture is done using the capture command from privileged exec mode. […][ Fantastic… I won’t say that ]
  • Sanesecurity ClamAV Malware, Phishing, and Spam Signatures – Sanesecurity produces add-ons signatures to help improve the ClamAV detection rate on Zero-Day malware and even on Zero-Hour malware. Since 2006 we have provided professional quality ClamAV signatures to protect against the following email types: Macro malware, Zip malware, Rar malware, Javascript malware, 7z malware, Phishing, Spear phishing and other types of common emailed malware and spam. Sanesecurity 3rd Party ClamAV signatures can also help prevent TeslaCrypt, Cryptowall, Cryptolocker and other ransomware, who’s source usually starts as a malicious email.
  • Multistage environments with Ansible – Ross Tuck – Ansible has excellent documentation but one thing I was confused about was the best way to store the configuration for multistage projects: say, different passwords for dev, staging, production. This isn’t really covered in the ansible-examples repo because it’s specific to your project and while the documentation has recommendations, it doesn’t spell it out completely (which I need since I’m an idiot).

Bookmarks for 8 Mar 2016 through 14 Mar 2016

These are my links for 8 Mar 2016 through 14 Mar 2016:

  • Zsoldier’s Tech Blog: Add Portgroups/VLANs to vmware standard switches via PowerCLI – Wrote a simple little script to insert a portgroup into a targeted vSwitch of all VM hosts in a targeted cluster. This is not an issue if you use distributed vSwitches.
  • siph0n – exploits : leaks : dumps : papers : hashes – Hello and welcome to "siph0n", we are a group of security enthusiasts that want to make people
    more aware of security risks and the risks behind compromised(stolen) data.
    By using this Site, you signify your assent to these Terms of Service if you do not agree to any of these conditions,
    do not use this website.
  • Hardening Framework – […] Server hardening is a well-known topic with many guides out in the wild. Why this project? At Deutsche Telekom we need to manage thousands of servers for customers and ourselves. All servers need to be configured properly and maintained, which is difficult and time-consuming to get right. To answer these needs for security, compliance, and maintainability, we decided to launch this project as a common ground for requirements and their fulfillment.[…]
  • Node-RED – Node-RED is a tool for wiring together hardware devices, APIs and online services in new and interesting ways.
  • zachlatta/sshtron: Play Tron over SSH – SSHTron is a multiplayer lightcycle game that runs through SSH

Bookmarks for 25 nov 2015 through 2 dic 2015

These are my links for 25 nov 2015 through 2 dic 2015:

  • ipfs/ipfs · GitHub – IPFS (the InterPlanetary File System) is a new hypermedia distribution protocol, addressed by content and identities. IPFS enables the creation of completely distributed applications. It aims to make the web faster, safer, and more open. IPFS is a distributed file system that seeks to connect all computing devices with the same system of files. In some ways, this is similar to the original aims of the Web, but IPFS is actually more similar to a single bittorrent swarm exchanging git objects. You can read more about its origins in the paper IPFS – Content Addressed, Versioned, P2P File System. IPFS is becoming a new major subsystem of the internet. If built right, it could complement or replace HTTP. It could complement or replace even more. It sounds crazy. It is crazy. [ via http://blog.quintarelli.it/2015/12/ipfs-davvero-figo.html ]
  • SSL Library mbed TLS / PolarSSL: Download for free or buy a commercial license – mbed TLS (formerly known as PolarSSL) makes it trivially easy for developers to include cryptographic and SSL/TLS capabilities in their (embedded) products, facilitating this functionality with a minimal coding footprint.
  • Wox – An effective launcher for windows A full-featured launcher, access programs and web contents as you type. Be more productive ever since. Wox is free for use and open-sourced at Github, Try it now!

Bookmarks for 3 nov 2015 through 11 nov 2015

These are my links for 3 nov 2015 through 11 nov 2015:

  • GPO to push out local administrators across a domain. – Spiceworks – This how to will walk you through using Restricted groups to put users in the local admin group on all PCs. It will also add them to the Remote Desktop user's group. The usefulness in this is keeping as many people out of the domain admin group as possible while allowing the techs to work.
  • xkcd Password Generator – The button below will generate a random phrase consisting of four common words. According to yesterday’s xkcd strip, such phrases are hard to guess (even by brute force), but easy to remember, making them interesting password choices.
  • welaika/wordmove · GitHub – Wordmove is a nice little gem that lets you automatically mirror local WordPress installations and DB data back and forth from your local development machine to the remote staging server. SSH and FTP connections are both supported. Think of it like Capistrano for WordPress, complete with push/pull capabilities.
  • How to send svn diff to meld | Thomas Cokelaer’s blog – On one hand meld provides a nice GUI to visualise the differences between 2 files. On the other hand, with SVN diff command, you can obtain the differences between 2 versions of the same file so you end up with one file.

Bookmarks for 6 ago 2015 through 21 set 2015

These are my links for 6 ago 2015 through 21 set 2015:

  • /bin/bash based SSL/TLS tester: testssl.sh – testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more. [ via quasi.dot: https://delicious.com/farmando ]
  • Policy NAT for L2L VPN • LearnIOS.com – I kind of missed the wood for the trees here. The static policy NAT is failing because you are trying to map a network 192.168.0.0 to a single IP address 172.20.n.1. However it's just occured, why are you doing policy NAT for the Internet. I tested in lab and if you do this
  • Encrypted Data Bags on Cloud on AWS – Many customers have asked us how they should handle shared secrets, passwords and other sensitive data in Chef and now we have a good solution. With the release of our stable-v4 stack, we introduced Chef 10 to the platform, and with it came data bags. Now with the 3.0 release of the engineyard gem, we can officially support data bags and encrypted data bags. You may be wondering what data bags are, how data bags work or how to implement data bags. This blog post will walk you through the entire process.
  • How to set disk alignment in Linux | Dirty Cache – As you might know, if disk partitions containing Oracle datafiles are not aligned with the underlying storage system, then some I/O’s can suffer from some overhead as they are effectively translated in two I/O’s. If you want more info, google for “EMC disk alignment” and you’ll find plenty of information, explaining the issue.
  • Add Private Route 53 DNS to your AWS VPC | CloudTrek – A really cool feature of Amazon’s Route 53 DNS Management Service is the private hosted DNS zone.  Basically, you get the ability to manage the DNS in your private VPC without setting up your own DNS infrastructure (yuck!) [ Just a friendly reminder Note 1: the resolution is working only inside the VPC. Note 2: if you don't have the AmazonProvidedDNS in your DHCP-OPTION you won't resolve the zone. Note 3: if you are using linux, you can use as DNS 169.254.169.253 it won't work on windows 2008 Ref: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_DHCP_Options.html http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/hosted-zones-private.html http://aws.amazon.com/route53/faqs/ ]

Bookmarks for 23 lug 2015 through 28 lug 2015

These are my links for 23 lug 2015 through 28 lug 2015:

Bookmarks for 23 giu 2015 through 17 lug 2015

These are my links for 23 giu 2015 through 17 lug 2015: