When do Wifi attacks Succeed? It depends on your setup Some basics: First of all, change your default admin password (since default admin passwords are on the Internet so that users can manage their WiFi Access points). New access points may look like this: and the support page shows how to access the WiFi … Read more
Aanchal Malhotra, Isaac E. Cohen, Erik Brakke, and Sharon Goldberg wrote a paper (out of Boston University) http://www.cs.bu.edu/~goldbe/papers/NTPattack.pdf “Attacking the Networking Time Protocol” Apparently if your servers and clients (which all have NTP) have their time changed can affect various processes. To Attack … Change time by … TLS Certs … Read more
After seeing a good ISACA presentation today at the Renaissance in Saint Louis (near airport) http://www.isaca.org/chapters5/Saint-Louis/Pages/default.aspx by Josh Vander Veen with SpearTip Here are my notes: Sophistication of criminal attack is on the rise. Many small businesses have a false sense of security and say the following: I’m just a small company why would they … Read more
The Internet Storm Center has a great article on the most common vulnerabilities in web applications (XSS or Cross Site Scripting) https://isc.sans.edu/forums/diary/When+encoding+saves+the+day/20277/ This is where some data is attempted insertion into the web application somehow. So the unfortunate browser response from Internet explorer is Internet Explorer: GET /myform/action/post?myparam=”>%20Test So what you say I … Read more
http://www.christian-rossow.de/publications/tcpamplification-woot2014.pdf written by: Marc Kührer, Thomas Hupperich, Christian Rossow, Thorsten Holz Horst Görtz Institute for IT-Security, Ruhr-University Bochum, Germany The researchers did a variety of scans – udp and tcp based scans to test the Internet. This table means that there are hundreds of thousands potential computers(network devices) on the Internet that can be used … Read more
