News https://tech.feedyourhead.at/tags/news en I "tried harder" and passed the exam https://tech.feedyourhead.at/content/oscp <span class="field field--name-title field--type-string field--label-hidden">I &quot;tried harder&quot; and passed the exam</span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p><img alt="oscp" data-entity-type="file" data-entity-uuid="8718df2a-31d3-46d8-a49b-f690e04168f1" src="/sites/default/files/inline-images/offsec-student-certified-emblem-rgb-oscp_0.png" /></p> <p>The "<a href="https://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/">Offensive Security Certified Professional</a>" is a unique penetration testing certification offered by the company "<a href="https://www.offensive-security.com/">Offensive Security</a>". After registering the students will receive course materials and a VPN connection to a huge lab with many vulnerable servers. Everything has to be learned autodidactically using the course materials and the Internet. The grand finale of this certification is the 24-hours exam where the students have to proof that they have the knowledge and the routine to penetrate systems in a quite short amount of time.</p> <p>I tried to complete the course and the lab in two months and I really did all the exercises and studied the complete materials. Even if I was experienced before, I learned a lot. To hack the different servers in the lab was so much fun, but also kind of exhausting. I was so excited and full with ideas in my mind, that I had some troubles with sleeping. Due to private life, I had not so much time for studying. That's why it took me one month for the course materials and exercises. After that I just had another month for the lab. There is am IRC channel at <a href="https://freenode.net/">Freenode</a> and a forum. Both can be very helpful for the lab. My recommendation for people who want to earn the extra points that you can get by reporting the lab: start writing the report immediately when the lab starts. It takes much time to write the report and the exercises.</p> <p>The exam wasn't as hard as I expected. Although it could get very difficult if you get stuck with something. In the end it is a creative process with all it's traps. I was very lucky with some things and found them quickly. After 8 hours I had most of the points and at the end I completed all exercises. The exam report is a lot of work. It took me a while and I regretted that I didn't start writing immediately after the exam was over. I really really recommend to document as detailed as possible during the exam.</p> <p>I want to thank the "Offensive Security"-team for this amazing experience.</p></div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">Jan 08 2019</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/security" hreflang="en">Security</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/news" hreflang="en">News</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=274&amp;2=comment&amp;3=comment" token="5mF1AQi1zyVAq21jQb-cngdGJm97tvmeo2RL85JMvtk"></drupal-render-placeholder> </section> Tue, 08 Jan 2019 11:48:03 +0000 Hoti 274 at https://tech.feedyourhead.at What the hack is "E-Brief" https://tech.feedyourhead.at/content/words-about-e-post <span class="field field--name-title field--type-string field--label-hidden">What the hack is &quot;E-Brief&quot;</span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p>This week I received an email from my bank company. They advertised that they are cooperating with the "Post"(Austrian mailprovider) and recommended to use "E-Brief" for notifications from them. My first thought was: "it's E-Mail". Because E-Brief translated from german means: "E-Mail". So I took a look in the FAQ's from the Post and they wrote things like(translated from German):</p> <blockquote> <p>Your E-"Letter Box" from everywhere</p> </blockquote> <blockquote> <p>High security</p> </blockquote> <blockquote> <p>E-Brief is not E-Mail. Documents, policies and bills will be transmitted digitally and delivered to your "E-Briefkasten"(Letterbox). It's not just comfortable and fast but also secure. Emails are transmitted insecure but E-Brief is delivered in a secure and certificated portal(E-Briefkasten).</p> </blockquote> <p>I have my own mailserver that can DANE. So E-mails aren't always transported insecure. We have standardizes protocols and techniques for that, that's why I wonder what the Post does differently. Maybe they do end-to-end encryption. But why didn't they mention that in the FAQs? If they do end-to-end encryption, are the private keys secured with a password that only the person who receives the email knows? I had a lot of questions, so I wrote the Post an Email and just asked:</p> <blockquote> <p>I would like to know more technical details about E-Brief. Which methods are used for transport encryption? Which methods are used for content encryption? How do you store the data? Do you do backups? Is the backup encrypted? How do you ensure that only the recipient can access to the mailbox? Is your webapplication secure and what do you do to ensure that it is?  </p> </blockquote> <p>I waited very naively for a honest reply and after a few days I got at least a reply(translated from German):</p> <blockquote> <p>Of course we do end-to-end encryption. For security reasons we are not allowed to give you more details about E-Brief</p> </blockquote> <p>It is very interesting that they didn't mention end-to-end encryption in the FAQ's. When it comes to encryption, I prefer open standards and open-source. I want to know whats behind it in order to trust it or not. In the digital world "THINGS" happen so easily. "THINGS" like manipulating data or unauthorized reading it. Today data can be accessed from everywhere and if we are dealing with very important data, we have to be aware of the dangers.</p></div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">Dec 08 2018</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/security" hreflang="en">Security</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/news" hreflang="en">News</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=272&amp;2=comment&amp;3=comment" token="kiyx9mxMz42HhQhOz9MKiOMvCbuLYfrZf675ph_t41w"></drupal-render-placeholder> </section> Sat, 08 Dec 2018 09:50:17 +0000 Hoti 272 at https://tech.feedyourhead.at Happy 20 Birthday to Nmap https://tech.feedyourhead.at/content/happy-20-birthday-nmap <span class="field field--name-title field--type-string field--label-hidden">Happy 20 Birthday to Nmap</span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p>The legendary portscanner <a href="https://nmap.org/">nmap</a> was  released 20 years ago in <a href="https://nmap.org/p51-11.html">Phrack #51</a>. Happy Birthday nmap.</p> <p><img alt="nmap 20 birthday" data-entity-type="file" data-entity-uuid="662e5bfa-c7cd-476d-b63c-988e5a8db770" src="/sites/default/files/inline-images/2018-09-01-23%3A06%3A20.png" /></p></div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">Sep 01 2018</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/news" hreflang="en">News</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=269&amp;2=comment&amp;3=comment" token="HsrgLvKjNiIQag4zn86arzYiVNpY9hN-qBnGmznvEHA"></drupal-render-placeholder> </section> Sat, 01 Sep 2018 21:06:00 +0000 Hoti 269 at https://tech.feedyourhead.at Happy Sysadminday https://tech.feedyourhead.at/content/sysadminday2018 <span class="field field--name-title field--type-string field--label-hidden">Happy Sysadminday</span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p>Sysadmins are the heros who bring back our cat-pictures from the heights of the filesystem-tree. So let's honour our firefighters of the internet.</p></div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">Jul 27 2018</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/sysadmin" hreflang="en">Sysadmin</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/news" hreflang="en">News</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=268&amp;2=comment&amp;3=comment" token="Wssl8ZtZSOX4u3ylGkaWHQxezQssIMaRhR4OT18LOm8"></drupal-render-placeholder> </section> Fri, 27 Jul 2018 08:12:55 +0000 Hoti 268 at https://tech.feedyourhead.at Debian Stretch released https://tech.feedyourhead.at/content/debian-stretch-released <span class="field field--name-title field--type-string field--label-hidden">Debian Stretch released</span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p><a href="https://www.debian.org/News/2017/20170617.en.html">On Saturday the Debian Project announced the release of Debian 9 "Stretch".</a> This means that Jessie will be oldstable and Wheezy won't recieve any updates anymore. So it's time to dist-upgrade.</p></div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">Jun 18 2017</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/debian" hreflang="en">Debian</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/news" hreflang="en">News</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=240&amp;2=comment&amp;3=comment" token="v6rrzvW9Gl_uyKw22p81VdwPN-EEK_WYSalGYJJYWes"></drupal-render-placeholder> </section> Sun, 18 Jun 2017 11:02:10 +0000 Hoti 240 at https://tech.feedyourhead.at Impressions of the Open Source Datacenter Conference https://tech.feedyourhead.at/content/impressions-of-the-osdc <span class="field field--name-title field--type-string field--label-hidden">Impressions of the Open Source Datacenter Conference</span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p><img alt="osdc2017" data-entity-type="file" data-entity-uuid="89860874-9585-46a3-a164-518d38a5e8c4" height="2236" src="/sites/default/files/inline-images/IMG_20170518_104559_0.jpg" width="2981" /></p> <p>This year I participated the <a href="https://www.netways.de/events/osdc/program/">OSDC</a> again. The main topics of this year  were Linux Containers and Configuration Management. Some talks were about experiences of some companies with containers. Casey Callendrello from CoreOs talked about the container network interface used by some container technologies. A highlight was Seth Vargo from <a href="https://www.hashicorp.com/">HashiCorp</a> who explained some of HashiCorps Open-Source products like "vault". Another really cool talk was about <a href="https://www.inspec.io/">inspec</a>, a security testing framework.</p></div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">May 20 2017</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/news" hreflang="en">News</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=238&amp;2=comment&amp;3=comment" token="CHQvF8drQT6lrF4i_7o488vWZqPUjZFYKDZHy8lcWuM"></drupal-render-placeholder> </section> Sat, 20 May 2017 07:54:59 +0000 Hoti 238 at https://tech.feedyourhead.at Nasty Cisco bug discovered https://tech.feedyourhead.at/content/nasty-cisco-bug-discovered <span class="field field--name-title field--type-string field--label-hidden">Nasty Cisco bug discovered</span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p><a href="http://thehackernews.com/2017/03/cisco-network-switch-exploit.html?utm_source=feedburner&amp;utm_medium=feed&amp;utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29">The latest wikileaks revealings gave also insights about an interesting bug in cisco products.  </a> No I am not talking about the <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3881">bug in the Cisco Cluster Management Protocol (CMP).</a> I am talking about the open telnet ports.Ten years ago it was already recommended to use ssh instead and there are still so many devices out there with open telnet ports. Now it really is time to close them.</p></div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">Mar 20 2017</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/security" hreflang="en">Security</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/news" hreflang="en">News</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/external" hreflang="en">External</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=234&amp;2=comment&amp;3=comment" token="YxofjnyF2RT8es-4pCtuo9SNHwHmzmd9QBf68BSAdjk"></drupal-render-placeholder> </section> Mon, 20 Mar 2017 20:43:30 +0000 Hoti 234 at https://tech.feedyourhead.at EFF: Digital Privacy at the U.S. Border https://tech.feedyourhead.at/content/eff-digital-privacy-at-the-us-border <span class="field field--name-title field--type-string field--label-hidden">EFF: Digital Privacy at the U.S. Border</span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p><a href="https://www.eff.org/wp/digital-privacy-us-border-2017">The Electronic Frontier Foundation released guidelines for protecting your data when you pass the U.S. Border.</a></p></div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">Mar 11 2017</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/news" hreflang="en">News</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/external" hreflang="en">External</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=232&amp;2=comment&amp;3=comment" token="xoSTz6d_2GY6Oe1Q1oEuv8wSoFMB45wo44DmnMsuP7s"></drupal-render-placeholder> </section> Sat, 11 Mar 2017 21:59:59 +0000 Hoti 232 at https://tech.feedyourhead.at Irssi: New version 1.0.0 has been released https://tech.feedyourhead.at/content/Irssi-new-version-1.0.0-has-been-released <span class="field field--name-title field--type-string field--label-hidden">Irssi: New version 1.0.0 has been released</span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p><a href="https://irssi.org/2017/01/05/irssi-1.0.0-released/">Irssi 1.0.0 has been released in January 2017. This is a major release with lots of new features and security fixes.</a></p></div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">Jan 06 2017</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/irssi" hreflang="en">irssi</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/Linux" hreflang="en">Linux</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/news" hreflang="en">News</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=223&amp;2=comment&amp;3=comment" token="lGhW9joBHVl6CKXSYXy401cYFK1c8SlyV_6tfTAIVbY"></drupal-render-placeholder> </section> Fri, 06 Jan 2017 19:55:53 +0000 Hoti 223 at https://tech.feedyourhead.at Happy 25th Birthday Vim https://tech.feedyourhead.at/content/happy-25th-birthday-vim <span class="field field--name-title field--type-string field--label-hidden">Happy 25th Birthday Vim</span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p><a href="http://www.vim.org/">The best editor of this world celebrates it's 25th anniversary</a></p> <blockquote> <p>Vim version 1.14 was the first public release of Vim, distributed on Fred Fish disk 591. The executable has the version information "Vi IMitation v1.14 (Nov 2 1991 0:36:35)". That is exactly 25 years ago. Raise your glass to Vim! (<em>Bram Moolenaar</em>)</p> </blockquote> <p>So HAPPY BIRTHDAY VIM</p> </div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">Nov 05 2016</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/vim" hreflang="en">vim</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/news" hreflang="en">News</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=214&amp;2=comment&amp;3=comment" token="JDLLR6x96xDR_veRwfhybb1bJ_XKzoGxJj64MPUrmD8"></drupal-render-placeholder> </section> Fri, 04 Nov 2016 23:49:16 +0000 Hoti 214 at https://tech.feedyourhead.at