Developers Club geek daily blog

Kill switch for OpenVPN on the basis of iptables

1 year, 1 month ago
It is known that at connection to open Wi-Fi to networks your traffic can be easily listened. Of course, now more and more websites use HTTPS. Nevertheless, it is yet not 100%. There is a natural desire to secure the traffic at connection to such open Wi-Fi to networks.

Popular solution of this problem — connection through VPN. In that case your traffic is transferred in encrypted form to the VPN server, and already from there goes to the Internet.

Such solution has a small shortcoming: until VPN connection is not set yet, all applications on your computer (including open tabs of the browser) get Internet access bypassing VPN connection.

In this article I will tell how it is possible to avoid it.

Read more »


Microsoft will notify users on state-sponsored cyberattacks

1 year, 1 month ago
The Microsoft company published at itself in the blog information on additional measures for safety of users. She will report to the users that their accounts Microsoft, including, Outlook.com and OneDrive were compromised with the person or a group of persons belonging to state-sponsored to cybergroup.



Microsoft specifies that the used state-sponsored cybergroups methods of a compromise of users differ in the complexity from those which are used by the simple malefactors acting from the personal and mercenary interests. The notification of the user on a compromise will unambiguously not say that the account was compromised, but indicates that the company recorded suspicious activity. Activity means that the user needs to take additional measures for the protection and protection of the accounts of Microsoft.

Read more »


New Year's voice habrachat (2016)

1 year, 1 month ago
image

New year already not far off, and it can mean only one — time for warm, lamp communication in a voice habrachatik (there is also a normal chat).

Let's communicate in TeamSpeak 3.
It is possible to download it here.

For connection to the server it is enough to enter IP — speakserver.cloudapp.net and your nickname.

With coming, friends!

Read more »


Safety of web resources of banks of Russia

1 year, 1 month ago
image

In our company we constantly conduct different researches (list), selecting a subject, interesting to us, and as — representing a result to PDF public with results.

This article article just from discharge of such researches. Carrying out works on the analysis of security we give usually very similar (the general for all) advice which follows a little, some best practices which or just raise the overall level of security of system (for example — application of CSP), or really allow to prevent attack.

Introduction


It is known that the security level of system is defined by reliability of its most loose knot. On the practician, the ambassador of carrying out the analysis of security, based on the list of the found vulnerabilities, one gap or the whole chain is selected and the most problem link is defined. At once it is possible to tell that often correctly customized system can level risks of the existing vulnerability. During research we found out what potential vectors of attacks can be available to malefactors. For example, whether it is easy to steal session data of the user with vulnerability of a mezhsaytovy skripting. Also it was interesting to us to look, how simply to implement a phishing attack at users of bank. Having passed on these points and having conditionally put down "ticks", the malefactor can build vectors of further attacks to bank and its users.

Read more »


Printf Oriented Programming

1 year, 1 month ago


Intro


To the surprise did not find articles on Habré on this subject and this article I would like to improve a situation. In it I will try to tell most intelligibly from attacking about Format String Attacks, however with some simplifications. In practice they are rather just permitted, but not really there are a wish to go in cycles in them. Besides, the most resistant, dolistavshy up to the end, in addition to invaluable knowledge the small bonus waits.

Read more »


The Adobe company let out the emergency patch for correction of critical vulnerabilities of Flash Player

1 year, 1 month ago


On Monday December 28 the Adobe company released the emergency security update closing 19 vulnerabilities in Flash Player product. The found errors of safety can be used by malefactors for execution of a malicious code on the computer of the victim, receiving over it complete control. In a zone of risk there are users of Flash Player for all existing OS.

Read more »


Assembly and the FreeRADIUS 3 setup with support of SQLITE

1 year, 1 month ago
Kind day, dear.
I want to share with you a solution of one creative task. I hope to someone it will be useful.
So,

IT IS GIVEN:


low-power piece of iron with arm the processor both Debian 7 wheezy collected under it and set.

TASK:


to deliver to FreeRADIUS 3.0.X, to configure it for work with SQLITE DB. I.e., RADIUS has to take accounts of users (who need to be authenticated) from SQLITE DB.

Read more »


Safety scanners: automatic classification of vulnerabilities

1 year, 1 month ago


The growing number of threats forces developers of means of the analysis of security to improve the solutions constantly. Now a wide choice of scanners of safety from different vendors who differ by the efficiency is presented at the market of IB. It makes impossible release of new versions of scanners without competitive analysis of similar products.

The Positive Technologies company developed own methodology of the competitive analysis for testing and comparison of scanners by objective criteria, it as types and amount of the found vulnerabilities, completeness of scanning of the different purposes. Besides, the database of the competitive analysis (DBCA — Database of Competitive Analysis) was created in which the unique vulnerabilities found in process of manual checks and automatic scanning of the synthetic purposes, real websites, CMS, web applications and other information systems safety scanners are collected (WebEngine – built in PT AF and PT AI, Acunetix, AppScan, etc.). DBCA is used for comparison of results of scanning by new versions of the Positive Technologies scanners with results of third-party scanners and eliminations of false drops (false positive).

However filling of DBCA demands months of manual skills of highly skilled test engineers. Processes of setup of environments and scanning take a lot of time, time of week. There is a process of validation of the found vulnerabilities even longer. So, three engineers of department of QA within a year worked on filling of the current base. In this regard there was a need of acceleration and automation of works.

Use safety Scanners became a solution: automatic validation of vulnerabilities by means of indistinct sets and neural networks". Theoretical researches were included into a basis of the practical experiment put by engineers of Positive Technologies: Timur Gilmullin, Vladimir Sofin, Artem Yushkovsky.

The formal task of the DBCA conversion to the knowledge base, by use of NANOSECOND (as the decisive rule) and indistinct measuring scales was solved (for a linguistic assessment of results of classification in a form clear to the person). Practically DBCA was added with rules and mechanisms of elimination of the false drops which are in advance sorted by degree of confidence in their existence, estimated on an indistinct measuring scale. It allowed to accelerate work of test engineers on the analysis of results of scanning and elimination of false drops.

Read more »


And once again about need to close bases

1 year, 1 month ago
DataBreaches.net reports about the found base of personal data of 191 million voters of the USA. The website at the moment lies under habraeffektam, google cache.

The researcher of Chris Vickery who was earlier already finding the multimillion bases of accounts which are not protected properly told about existence of unlimited access to 300-gigabyte base of the registered voters including: names/surname, postal and e-mail addresses, phones, dates of birth and so forth.


Read more »


Why I recheck the written data, or History of one investigation …

1 year, 1 month ago
Recent habrastatya about distinctions in byte by byte identical files caused from memory depths (and a mailbox) a small piece of my correspondence with one of the engineers who were responsible at that time for the line of the disks MPG in the Fujitsu company. For convenience of English nonspeaking readers, I give transfer from English under a cat.

Read more »