Archive

Category Archives for "Networking"

Hackers show off long-distance Wi-Fi radio proxy at DEF CON

A talk about a radio-based privacy device dubbed ProxyHam that promised to allow hackers to connect to Wi-Fi networks from as far as 2.5 miles away was abruptly pulled from the DEF CON schedule by its creator a few weeks ago.The incident, which some speculated was the result of pressure from the FBI or the NSA, outraged the security community. But as hackers are not the type to give up easily, they quickly came up with a replacement that in many respects is better than the original.Called HamSammich, the new device is the creation of security researchers Robert Graham and David Maynor and can proxy data over the 900 Mhz radio band from 20 miles away at up to 56kbps—the top speed of a dial-up modem from the late 1990s. It was presented at the DEF CON hacking conference on Friday.To read this article in full or to leave a comment, please click here

golang – some constructs part 1

Since starting to play with golang I’ve run into a couple of interesting items I thought worth writing about.  For those of you that are seasoned developers, I assure you, this wont be interesting.  But for us that are getting started this might be worth reading. 

Pointers
Nothing super exciting here if you’ve used them in other languages but it’s worth talking about since it can be confusing.  Pointers are really just a way for us to gain access to the ‘real’ variable when you aren’t in the function that defines it.  Put another way, when you call a function that takes a variable, you are only giving that function a copy of the variable, not the real variable.  Pointers  allow us to reference the actual location in memory where the value is stored rather than the value itself.  Examples always make this more clear.  Take for instance this example of code…

package main

import "fmt"

func main() {
        //Define myname and set it to 'jonlangemak'
        myname := "jonlangemak"
        //Rename without using pointers
        rename(myname)
        fmt.Println(myname)
        //Rename using pointers
        pointerrename(&myname)
        fmt.Println(myname)
}

//Function without pointers
func rename(myname string) {
        myname =  Continue reading

Address Transfers in APNIC

In 2010 the Asia Pacific Regional Address Policy community adopted a policy that permitted address holders in the region to transfer address registration records, enabling an aftermarket in IPv4 addresses to operate with the support of the APNIC registry function. While APNIC was still able to allocate addresses to meet demands there was very little in the way of activity in this market, but once APNIC was down to its last /8 of addresses in April 2011 the level of transfer activity has picked up. In this article I’d like to take a more detailed look at APNIC’s transfer log and see what it can tell us about the level of activity in the address market in the Asia Pacific region.

Microsoft will let shareholders nominate board members

Microsoft added a provision to its bylaws Friday that allowed shareholders with a significant stake in the company to directly nominate up to two candidates to its board of directors.With the change, Microsoft will allow consortiums of up to 20 shareholders, who have owned a combined 3 percent stake in Microsoft for the past three years, to put forward nominations for up to 2 candidates or 20 percent of the board, whichever is larger. Functionally, that means a very small number of people and institutional investors have the power to nominate board members through the process.To read this article in full or to leave a comment, please click here

IRS warns yet again on scam artist trickery

The IRS this week said some 4,000 victims have lost over $20 million to scammers and the rip-offs continue at a startling pace.+More on Network World: FBI and IRS warn of pervasive, maddening business, consumer scams+ The IRS noted what it called a number of new variations on old schemes: Scammers alter what appears on your telephone caller ID to make it seem like they are with the IRS or another agency such as the Department of Motor Vehicles. They use fake names, titles and badge numbers. They use online resources to get your name, address and other details about your life to make the call sound official. They even go as far as copying official IRS letterhead for use in email or regular mail. Brazen scammers will even provide their victims with directions to the nearest bank or business where the victim can obtain a means of payment such as a debit card. And in another new variation of these scams, con artists may then provide an actual IRS address where the victim can mail a receipt for the payment – all in an attempt to make the scheme look official. Scammers try to scare people Continue reading

Black Hat 2015: Spectacular floor distractions

May Black Hat be with youAs if hacked cars and massive Android vulnerabilities weren’t enough to keep the attention of security experts attending Black Hat 2015 in Las Vegas, the vendors at this increasingly vendor-driven show were wheeling out shiny distractions ranging from food and drink to celebrity lookalikes to custom art and free giveaways. Here’s a look at some of what helped keep Black Hat entertained. (See all the stories from Black Hat.)To read this article in full or to leave a comment, please click here

Attack on Sabre reportedly conducted by Anthem, OPA hackers

Travel industry software maker Sabre is the latest company said to have been hit by the same hackers who recently attacked U.S. health insurer Anthem and the U.S. Office of Personnel Management (OPM), while American Airlines has been investigating its own systems for evidence of a similar breach.Texas-based Sabre, whose technology processes reservations for hundreds of airlines and thousands of hotel properties, on Friday confirmed that its systems were compromised.“We recently learned of a cybersecurity incident, and we are conducting an investigation into it now,” Sabre said. “At this time, we are not aware that this incident has compromised sensitive protected information, such as credit card data or personally identifiable information, but our investigation is ongoing.”To read this article in full or to leave a comment, please click here

PlexxiPulse—CRN’s Top 100

This week, CRN named Rich Napolitano to their Top 100 list of the IT industry’s foremost channel leaders. The annual list recognizes the efforts of agile decision-makers who play an integral role in evolving the way the channel does business. CRN selects leaders that represent the pre-eminent innovators, influencers, disrupters and channel sales leaders in the IT channel today.

Our solutions enable success in the next era of IT as virtualization, hyperconvergence, Big Data and scale-out applications and with Rich’s guidance we are working with great partners to bring our solutions to the market. Congratulations to all of the leaders named to this year’s CRN® Top 100 list.

Below please find a few of our top picks for our favorite news articles of the week. Have a great weekend!

SearchITChannel: Is bimodal IT the future of the channel?
By John Moore
CHICAGO — In CIO circles, bimodal IT has been a conversation starter: How can an enterprise’s information leadership balance the necessity of keeping the lights on against the challenge of adopting emerging, business-changing technologies? That same discussion is now surfacing in the channel. Speakers at this week’s CompTIA ChannelCon 2015 here suggested the possibility of partners becoming bimodal and the Continue reading

Black Hat 2015: DHS deputy says ‘just trust us’

The deputy head of the Department of Homeland Security implored a group of skeptical security pros at Black Hat 2015 to share information about security incidents and to trust the government to keep it safe.“We understand the trust deficit that exists in the [security] community,” says Alejandro Mayorkas, deputy secretary of Homeland Security, encouraging attendees to participate in a government program where private businesses share information about cyber threats they encounter.+ MISS BLACK HAT? Get caught up with our stories from the show +Part of the trust problem is that businesses lack confidence that government can secure information it receives, Mayorkas says, citing the massive breach at the Office of Personnel Management. (It didn’t help his cause that as the meeting broke up news also broke that unclassified emails for the Joint Chiefs of Staff had been hacked and the email system shut down for two weeks.)To read this article in full or to leave a comment, please click here

Linux Core 6.3 as Network Host on VMware Disk

The Core Linux is a small modular Linux distribution that provides only a command line interface and tools that allows you to build your own application extensions. Thanks to these extensions you can easily turn your Core installation to a custom appliance such as network host, router, switch, server. Moreover choosing the Core Linux as an operating system for your appliance significantly reduces the size of the appliance.

Two weeks ago I started to build a network host that can handle network traffic. I installed the latest 64 bit Linux Core 6.3 on VMware virtual disk and loaded Core with extensions that can generate traffic, measure bandwidth, route, forward and filter traffic.  A list of the extensions, their purpose and configuration changes is mentioned here.

I share my own network host VMware disk in Linux Core download section. You can create a new virtual machine (VirtualBox, VMware Workstation/Player, Qemu) with the disk attached and use it in your GNS3 labs in order to simulate network host. The disk contains the following tcz extensions:

bash - 4.3.39(1) with patches up to 39
bash-completion - 2.1
d-itg - 2.8.1-r1023
hping3 - 3.0.0-alpha-1
iperf3 - 3.1b3
iproute2 - 3.14.0
iptables Continue reading

University technology program launched to give peace a chance

Computer science and engineering students at Drexel University will have a new opportunity to use their skills for good with the launch of a technology program for promoting world peace.The Young Engineers Program, a partnership between the private university in Philadelphia and PeaceTech Lab in Washington, D.C., will give computer science and engineering students and researchers at Drexel a chance to focus on conflict zones around the world.The goal of the program is to use technology, media and data to prevent violent conflict in hot spots like Afghanistan, Sudan and Colombia, said Sheldon Himelfarb, president and CEO of the PeaceTech Lab.To read this article in full or to leave a comment, please click here

Researchers find way to steal Windows Active Directory credentials from the Internet

An attack using the SMB file sharing protocol that has been believed to work only within local area networks for over a decade can also be executed over the Internet, two researchers showed at the Black Hat security conference.The attack, called an SMB relay, causes a Windows computer that’s part of an Active Directory domain to leak the user’s credentials to an attacker when visiting a Web page, reading an email in Outlook or opening a video in Windows Media Player.Those credentials can then be used by the attacker to authenticate as the user on any Windows servers where the user has an account, including those hosted in the cloud.In an Active Directory network, Windows computers automatically send their credentials when they want to access different types of services like remote file shares, Microsoft Exchange email servers or SharePoint enterprise collaboration tools. This is done using the NTLM version 2 (NTLMv2) authentication protocol and the credentials that get sent are the computer and user name in plain text and a cryptographic hash derived from the user’s password.To read this article in full or to leave a comment, please click here

1 3,011 3,012 3,013 3,014 3,015 3,465