Robin – Page 16 – Interconnecting Worlds

March 6, 2008August 15, 2013

Goolag Scanner goes fishin

Storing ..um.. classified Information on your webserver in hidden directories is not exactly very bright because you can be sure that google will index anything it can get.

The goolag scanner, which was recently released by the famous hacker group cultDeadcow actually found pornography on chinese government owned (gov.cn) sites and security holes on western servers.

http://www.cultdeadcow.com/archives/2008/03/cult_of_the_dead_cow.php3

Please assume that files being stored in http://mydomain.com/_this/is/a_super/secret/directory/ will easily be found by simple methods such as specially designed search queries:

intitle:index.of +”last modified” +”parent directory” +(pdf|doc) +”Secret” -htm -html -php -asp

March 6, 2008August 15, 2013

Attacks on disk encryption keys

A Princeton computer scientist team has released a white paper which documents their cold boot attacks on encryption keys. The scenarios are based on a key recovery involving primarily laptop computers using various methods to keep the key stored in dram on a power off.

Very interesting article and a guideline on preventing attacks like this. The most effective way is certainly limiting boot options in order do prevent anyone booting up tools to steal your encryption key.

http://citp.princeton.edu.nyud.net/pub/coldboot.pdf
SecuriTeam Article

March 6, 2008August 15, 2013

Internet Nostalgia

This is how information was exchanged in on the net in the old bbs days. Textfiles.com Includes some really old stuff from the beginning of the private internet use.

Textfiles.com file directory

March 4, 2008August 15, 2013

Gnome SSH Tunnel Manager

If you use encrypted ssh tunnels a lot you may find this tool pretty interesting.

Gstm is a fully functional gui for managing all your ssh tunnels and redirects.I really like this on the EEE PC because it saves a lot of keyboard interaction.

A simple apt-get install gstm will immediately install the software package, providing you have the correct repositories.

http://sourceforge.net/projects/gstm/

March 2, 2008August 15, 2013

Debian 3.1/Sarge Security Support terminated

I highly reccomend anyone still running Sarge to start planning on an upgrade to Etch, the current stable release.

February 27, 2008August 15, 2013

Microsoft Exchange Best Practices Analyzer

If you have the joy of administrating a Microsoft Exchange Mail Server and need a nifty tool for analyzing i can highly recommend the Microsoft Exchange Best Practices Analyzer

The analyzer will help you find sources of instability and performance problems and will assist you in configuring general policies for eMail usage.

Great tool and until today, never heard of it. Sometimes i just wish Microsoft would include tools like these directly into their products – or at least with the occasional service packs.

February 27, 2008August 15, 2013

Chemnitzer Linuxtage

3 more days to the Linux event in Chemnitz.

The site features a pretty cool schedule planner.

Here is my schedule 🙂

http://chemnitzer.linux-tage.de/2008/vortraege….

February 24, 2008August 15, 2013

Outstanding TCP/IP overview from IBM Redbooks

I have currently found the IBM Redbook archive und stumbled upon the TCP/IP tutorial and technical Overview. The book features more than 1000 Pages with practically anything you need to know about the basics of TCP/IP.

This is a lot of material but i highly reccomend it for anyone interestetd in network communication technology.

TCP/IP Tutorial and Technical Overview

February 14, 2008August 15, 2013

Chaos Communication Camp 2007 DVD released

Finally, some decent video footage from the most awesome event i attended in the last few years.

ftp://ftp.ccc.de/camp2007/ccc_camp_2007_movie_DVD

Some news that might interest all the happy campers out there:

The Erlangen CCC organisation Bits n Bugs is hosting the ICMP4 this year. Not too much info up yet but be sure to check out the event wiki and the event site

Update

ICMP4 Website is up and the event ist sheduled for August 8-12

The ICMP is basically yet another outdoor hacker event which focuses on a lot of chill out and some lectures.

February 13, 2008August 15, 2013

OpenVPN Project launches portal site

OpenVPN the outstanding open source VPN software is going 2.0

The new project site will feature community functionality such as forums, wikis a subversion repository and many things to come.

Also there has currently been a new testing release: 2.1_rc7

check out http://www.openvpn.net

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.