Quick thought on domain security

This week was a hard week for security companies (and some others). Most of you might have read about the KDMS and their recent DNS-Hijacking attacks to Leaseweb, Avira, AVG, WhatsApp, Alexa and even Redtube. Today they also hijacked metasploit.com.

Continue Reading 0

Blog post signing using GPG

In these days, I am thinking a lot about encryption and integrity of communication channels. Every mail I send, is automatically signed via my GPG key. I am doing this, not only to remind people of the fact, that GPG/PGP exists and that they should use it. I am primarily doing it for its main purpose, to give the recipients the possibility to verify the integrity of the mail and that it was really sent by myself. Today I thought… well, as I give the recipients of my mails this option, why shouldn’t I give this option also to the readers of my blog?

Continue Reading 0

The client-config-dir phenomenon in OpenVPN 2.3

Today I learned again, that sometimes the devil is in the details. We are running OpenVPN since years. We are running it in a way, that we differ between “normal users” and “power users”. While normal users are restricted to perform only the least needed within the VPN, power users (like NetOps) are granted a couple of more things. We are using the “client-config-dir” option for this. Basically a power user will have a special config file in that client-config-dir that assigns the different options to the user, once he connects.

Continue Reading 0

(ISC)² Security Congress 2013 review

Last week I attended the (ISC)² Security Congress 2013 in Chicago, which took part as sub-congress with the ASIS 59th Annual Seminar and Exhibits. As I am planning to do my CISSP certification in December, we (my company and I) though, that this would be a good opportunity to get prepared and to get some more background on the certification. Also the presentations and sessions sounded actually pretty interessting- eventually they weren’t.

Continue Reading 0

Poor man’s lsof unter Solaris

Da Solaris/SunOS ja per default kein “lsof” mitbringt, ich aber immer wieder mal rausfinden muss, welche Prozess auf einem bestimmten Port, hab’ ich schnell mal diesen Einzeiler zusammen gekleistert. Ist nicht gerade schnell und effizient- tut aber was ich benoetige… und schneller als “lsof” installieren ist es allemal.

 

Continue Reading 0

Patch for Net::SSH::Perl

Today I ran into an issue with one of my scripts which is generating a report and uploads it to the customer site via FTP. I lately added a SFTP features, as this was a requirement by one customer. To accomplish this, I used the Net::SFTP module which uses Net::SSH::Perl to connect to the SSH […]

Continue Reading 0