-
Recent Posts
- Forked-daapd path traversal vulnerability Nuclei template
- Impressive vulnerability fix turnaround
- How to fill storage space on an iPhone or iPad with little effort
- How to share a Bluetooth mouse between Windows 10 and Ubuntu Linux (dual boot)
- Secure administration of Splunk Free on Linux using SSH port forwarding (or tunnelling)
Archives
- June 2023
- March 2021
- December 2020
- October 2020
- June 2020
- January 2019
- August 2018
- April 2018
- December 2016
- May 2016
- March 2016
- February 2016
- December 2015
- November 2015
- May 2015
- October 2014
- September 2014
- January 2014
- May 2013
- April 2013
- September 2012
- May 2012
- November 2011
- October 2011
- June 2011
- May 2011
- April 2011
Categories
Meta
Top Posts & Pages
Category Archives: Security
Forked-daapd path traversal vulnerability Nuclei template
I went to a local OWASP chapter meeting last week and saw a presentation on the Nuclei vulnerability scanner by Alex Archondakis. I was previously vaguely aware of the tool, but thought this was a good opportunity to take a … Continue reading
Impressive vulnerability fix turnaround
I was probing the web service on Saturday on some software I have running on my Raspberry Pi, when I discovered a serious Path Traversal vulnerability, allowing access to arbitrary files on the system. I reported this privately on Saturday … Continue reading
How to fill storage space on an iPhone or iPad with little effort
Before I sell-on my old gadgets, I always try to do a factory reset and erase all data. I want to make it as difficult as I can for future owners to recover my personal data. As an additional step, … Continue reading
Secure administration of Splunk Free on Linux using SSH port forwarding (or tunnelling)
Splunk is a great data search, monitoring and analysis tool, and a cut-down version of the tool – Splunk Free – is available for learning/testing purposes. One of the limitations of the free version is that there are no user … Continue reading
Qualys Cloud Agent installation issue caused by ISP’s ‘helpful’ DNS response [Fixed!]
When I tried to do a Qualys vulnerability scan of a Fedora 29 system today, things didn’t go too smoothly. First, I downloaded and installed the Qualys Cloud Agent – so far, so good. The next step was to run … Continue reading
Secure hotel internet access #1 – Parallels FAIL
Before setting off on holiday recently, I wanted to come up with a solution for my family to be able to access the internet securely in our hotel. I’ve been playing around with using a couple of small USB wireless … Continue reading
IOS Speed Dial – .tel.qlnk.net – avoid!
Last night I was looking into how one might go about adding a ‘speed dial’ contact shortcut to the home screen on an iPhone. According to my Googling efforts, a commonly-proposed solution is to browse to 1111111111111.tel.qlnk.net in safari and … Continue reading
Facebook CTF (Capture The Flag) platform – Bad Gateway
Facebook recently released their CTF (Capture The Flag) platform as an Open Source project on GitHub, so I thought I’d check it out. I thought it might be fun to host some Capture The Flag competitions with friends and colleagues. What … Continue reading
Posted in Linux, Security
Tagged Capture The Flag, CTF, Facebook, Linux, open source, Security
Leave a comment
“Homeland” crypto challenge
My wife thinks I have gone a bit crypto crazy – I disagree! I spent a lot of time yesterday solving crypto and hacking puzzles as part of the University Of New South Wales’ Applied Cyber Security undergraduate course. Come the evening, … Continue reading
Posted in Cryptography, Security
Tagged Comp3441, Cryptography, education, Homeland, Security, UNSW
Leave a comment
Microsoft ‘Patch Tuesday’, MS15-124 patched but not remediated
As a home user of Microsoft Windows, I’ve become accustomed to receiving regular security patches from Microsoft as part of the monthly ‘Microsoft Patch Tuesday’ patching cycle. I’m generally pretty quick to patch my systems, so I was surprised when … Continue reading
Posted in Security
Tagged MS15-124, Nessus, Patch Tuesday, Security, Vulnerabilities
Leave a comment
Steve's Home Lab 