Preorder OpenBSD 5.1 today

Theo de Raadt announced today that it’s now possible to preorder OpenBSD 5.1 that will be released May 1 2012. As usual is the preorders delivered a few days before the release date.  It’s also important to buy since the money is used by the developers to keep the project running. It is that time again.  I have just activated pre-orders for CDs, tshirts, and posters for the 5.1 release…

Read More

Vulnerabilities in Remote Desktop Could Allow Remote Code Execution – Update is released

Microsoft just released a security bulletin MS12-02 where they stated that an attacker could execute code on the targeted machine via Remote Desktop (tcp port 3389) and it’s a critical vulnerability and the patch should be applied at once. If the computer by any reason can’t be updated it should be turned off at once. More info: http://technet.microsoft.com/en-us/security/bulletin/ms12-020 —  Johan Ryberg

Read More

How to compile Reaver under Ubuntu 12.04 (and aircrack-ng)

This is a quick how-to compile and install Reaver under Ubuntu 12.04 Steps: download source install required libraries and tools download and build aircrack-ng compile and install run =) Download Source First you need to download the latest source from http://code.google.com/p/reaver-wps/ wget http://reaver-wps.googlecode.com/files/reaver-1.4.tar.gz Extract the tarball tar -xzvf reaver-1.4.tar.gz Install Required Libraries and Tools Before you can build Reaver you need pcaplib and later on aircrack-ng (iw) to run Reaver…

Read More

Guide: How to make Gobi 2000 Wirless modem work under Ubuntu 12.04

Install 3G-modemet Sierra Wireless, Inc. Gobi 2000 Wireless Modem This is a how-to install the 3G modem “Sierra Wireless, Inc. Gobi 2000 Wireless Modem” under Ubuntu 12.04 LTS (Precise Pangolin) with basic support for GPS This guide should work with the following models: Fujitsu CELSIUS H700 Fujitsu LIFEBOOK A530 / AH530 Fujitsu LIFEBOOK A550 / AH550 (Intel Gfx) Fujitsu LIFEBOOK AH550 (NVidia Gfx) Fujitsu LIFEBOOK E780 (Intel Gfx) Fujitsu LIFEBOOK…

Read More

Configure SSH for high security

There are some steps to do after SSH is installed on a system and there is a old saying that says “A chain is only as strong as its weakest link” and if you are using a weak password for your root account (or any other account) then you are extremely vulnerable. It does not matter if the communication is secure when you are easily brute forced. All steps is…

Read More

How to compile Reaver on Ubuntu 11.10

This is a quick how-to compile and install Reaver on a Ubuntu 11.10. Steps: download source install required libraries and tools compile and install run =) Download Source First you need to download the latest source from http://code.google.com/p/reaver-wps/ wget http://reaver-wps.googlecode.com/files/reaver-1.3.tar.gz Extract the tarball tar -xzvf reaver-1.3.tar.gz Install Required Libraries and Tools Before you can build Reaver you need pcaplib and later on aircrack-ng to run Reaver sudo apt-get install libpcap-dev…

Read More

English version of the blogg

I’m just about to translate the blog from Swedish to English and in the meantime before the work is finished it may sometimes look odd. Most of the content is still in Swedish and some of the posts will never be translated —  Johan Ryberg

Read More

Ny snabbare version av Reaver

Reaver, det nya verktyget för att attackera accesspunkter/trådlösa routrar med WPS aktiverat och som knäcker de flesta inom 10 timmar har precis släppts som version 1.3 med nya utökade funktioner som tidigare bara fanns i den kommersiella produkten från Tactical Network Solutions. Nytt är att man kan pausa för att senare fortsätta på en viss PIN-kod om man tidigare avbrutit en attack men även hämta hem optimeringar för just den…

Read More

securit.se har fått DNSSEC

Binero som hostar denna sida har gett alla sina .SE-kunder en riktigt fin julklapp vilket är DNSSEC. I det stora hela går DNSSEC ut på att man förhindrar att DNS-svar förfalskas genom digitala signaturer så att man inte skall använda en felaktig IP-adress och på så sätt ansluter mot en tjänst som kontrolleras av illvilliga personer. För att enkelt kontrollera om man skickas till rätt hemsida när man surfar med…

Read More

Wi-Fi Protected Setup (WPS) PIN kan bli knäckt med hjälp av brute force (WPA/WPA2-routrar)

En sårbarhet i protokollet WPS (Wi-Fi Protected Setup) möjliggör att man på några timmar kan få fram PIN-koden till den trådlösa routern/accesspunkten med hjälp av en brute force-attack. Det flesta routrar efter 2007 då standarden först kom är troligtvis sårbara och enda skyddet är att stänga av funktionen. WPS är tänkt att underlätta installationen av det trådlösa nätverket men autentiseringen saknar skydd mot denna typ av attack vilket gör att…

Read More