Cet article montre un parfait exemple pourquoi on doit éviter d’utiliser les gestionnaires intégrés (trop automatisés) dans les navigateurs web.
The article Abusing Password Managers with XSS « Neohapsis Labs is the perfect example for why we avoid using automated password submission features in web browsers (either built-in, plugins or other tools). We somehow need to reach a balance between security and ease-of-use.
Ce site m’a aidé à installer Nessus 5.0.0 sous Backtrack 5 R2.
This site has helped me install Nessus 5.0.0 within my Backtrack 5 R2 VM.
Voici un site qui m’a aidé a installer les additions pour VirtualBox dans Backtrack 5 R2.
Here’s a site that helped me install the VirtualBox Guest Additions in Backtrack 5 R2.
À utiliser sur votre réseau domestique, les services de protection de OpenDNS.com. Il y a plusieurs options gratuite mais j’aime particulièrement le service OpenDNS HomeVIP qui coûte que 20$/an. Cette option permet d’obtenir des rapports sur notre utilisation de notre service Internet. Plus d’information ici: OpenDNS – Parental Controls.
Everybody should be using this service at home: OpenDNS – Parental Controls.
There are various options but I particularly like the HomeVIP option. It costs 20$/year but it provides reporting that is very useful to understand your Internet usage.
À traduire bientôt ce texte utile…
Brought to you by Tenable…
Nessus uses data provided by Internet Identity IID, a company that maintains a list of hosts it has determined through various technical means are part of a botnet. Nessus does not perform the technical checks itself; rather it compares the IP addresses being scanned against a list maintained by IID. Inclusion in IID’s list is typically accurate, they experience a very low rate of false positives.
If a host is reported as part of a botnet, there are several things you can do to help validate the finding and respond to the issue:
- Check the host against additional third-party lists to determine if the host shows up in those resources: http://isc.sans.edu/sources.html, http://www.malwaredomains.com, http://www.ipvoid.com
- Check the host against known Unsolicited Bulk E-mail UBE/spam blacklists: http://www.dmoz.org/Computers/Internet/E-mail/Spam/Blacklists
- Look for any evidence of the host being compromised e.g., suspicious activity, newly installed software, machine resources being heavily utilized.
- Perform a full vulnerability scan to determine if any high-risk or critical vulnerabilities are present, that may represent the point of intrusion. Ensure web application auditing is enabled, as Nessus can identify malicious web content related to botnet activities.
- Move the host to an isolated network and use a network sniffer to monitor traffic being sent from the machine.
If you still have questions about your host appearing in the list, you can contact IID at activeknowledge.signals.requests@internetidentity.com with questions. Your initial mail should include the IP address in question, when the IP was reported i.e., when you ran your Nessus scan and any additional information about the host that may be relevant.via Tenable Customer Support Portal (for registered users).
Voici un site intéressant qui montre comment cloner des cartes d’accès sans contact (proximity card). L’autre donne ses schémas électroniques et ses techniques de clonage.
Here’s a very interesting site that demonstrates how to clone contactless proximity cards. The author provides electronic schematics and cloning techniques.
Le site WebPagetest offre plusieurs options pour vérifier la performance d’un site web afin de l’optimiser.
The WebPagetest site provides a great way to check a web site’s performance.
Voici où on doit aller pour installer Google Chrome Frame, le module pour Internet Explorer. Pour en savoir davantage sur cette façon d’utiliser Chrome à même Internet Explorer, on peut aller ici pour une bonne introduction. Ceci permet, par exemple, d’obtenir les extensions HTML5.
Here’s where to go for installing Google Chrome Frame. To know more about this mechanism to use Chrome from within Internet Explorer, we can go here for a good intro. Adding this IE module will, for instance, allow you to use HTML5 extensions.
Voici des détails sur la vulnérabilité qui permettrait de pratiquement court-circuiter la sécurité WPA/WPA-2 lorsque “wifi protected setup” est activé (sur certains modèles). Un chiffrier est en construction (par la communauté) qui contient des résultats de tests de la vulnérabilité.
NB: j’ai essayé Reaver 1.3 avec peu de succès avec un DLink DIR-655. L’outil fonctionne en lui spécifiant un PIN spécifique pour obtenir le secret partagé (PSK). Mais après approximativement 60 à 80 requêtes pour deviner (bruteforce) le PIN, le DLink n’accepte plus d’essais sans une réinitialisation du routeur, ce qui rend l’attaque inutile. Selon mes tests (avec quelques autres modèles/manufacturiers), je crois que ce problème serait peut-être plus généralisé qu’on l’imagine…
Here’s some details on the vulnerability that allows the bypass of WPA/WPA-2 security when a Wireless Access Point has “WIFI Protected Setup” enabled (for certain models & manufacturers). A spreadsheet is currently in construction with the results of WPS Vulnerability Testing (by the security community). My testing with a DLink DIR655 have been non conclusive – i.e. the device doesn’t appear to be vulnerable.