Category Archives: Information Security

Exploits Censorship

Many people wanted, many times without success, criminalize any researcher investing time in bug hunting, specially in security related applications.

In many societies, this is a TABU, some people think that found a vulnerability and develop a proof of concept, is the equivalent of making a weapon. They argue that such exploits could be used to carry attacks, at the end of day, that could affect the property and life.

Continue reading Exploits Censorship

Alice and bob are no longer online

In the past few years Diffie-Hellman has become unsupported in the main internet websites, do you know the implications?

But this is not the only thing happening, many reputable websites, including banks, social networks and search engines have chosen to continue to support for TLSv1.0 and SSLv2 “for compatibility reasons”

Continue reading Alice and bob are no longer online

Speeding up or Securing up the Encrypted Root Filesystem on Fedora 10

Fedora, and some others Linux distributions doesn’t provide you any simple way to setup the cypher properties on root filesystem.

Here, we will provide you enough information about the cypher process on fedora and one technique to speed up and/or secure up the cypher using XTS instead CBC-ESSIV
Continue reading Speeding up or Securing up the Encrypted Root Filesystem on Fedora 10

Corporate LDAP Servers Weakness Statistics

Based in my securityfocus topic responce, and also in some information security audits that i’ve done, i think in the idea to statistical prove the attack risk level at some organization.

Number of accounts Having almost one weak key probability
10 0.401 – 40.1%
25 0.722 – 72.2%
50 0.923 – 92.3%
100 0.994 – 99.4%

Continue reading Corporate LDAP Servers Weakness Statistics

SPAN Port / Mirroring Monitoring

Some network administrators dont know how to handle and correctly install network monitoring applications, IDS and other products who requires network traffic inspection, there is no knowledgment about how span port where designed and it limitations for full-duplex networks.

When the network are in full-duplex mode, the span port have a natural loss of packets that not vary across the hardware.
Continue reading SPAN Port / Mirroring Monitoring