Unfortunately, TLS has been plagued by several vulnerabilities in recent years, making every HTTPS connection potentially unsafe.
In this article I’ll show you how to get the Grade A+ on SSLLabs (https://www.ssllabs.com/) through the appropriate use of GnuTLS Priorities.
Continue reading GnuTLS Priorities 2015 →
I’ve always used Fedora, basically since it was RedHat 7.0 … However, from that time until now, it has changed a lot.
Continue reading Detox Fedora 19/20/21 →
Penetration testing and vulnerability assesment is a practice that every day becomes more important to our businesses. Today we need to make security stress tests in order to discover potential vulnerabilities that may exist in our systems.
Continue reading How to price a pentest →
In the past few years Diffie-Hellman has become unsupported in the main internet websites, do you know the implications?
But this is not the only thing happening, many reputable websites, including banks, social networks and search engines have chosen to continue to support for TLSv1.0 and SSLv2 “for compatibility reasons”
Continue reading Alice and bob are no longer online →
Some network administrators dont know how to handle and correctly install network monitoring applications, IDS and other products who requires network traffic inspection, there is no knowledgment about how span port where designed and it limitations for full-duplex networks.
When the network are in full-duplex mode, the span port have a natural loss of packets that not vary across the hardware.
Continue reading SPAN Port / Mirroring Monitoring →
אהרן מזרחי / Information Security, *NIX & Software-Development Blog.