Archive for 'Security'

Wiping disk drive data with Darek’s boot and nuke

Over the years I have accumulated dozens of disk drives. As I upgrade drives and donate my older hardware to friends and charities, I like to make sure the data on those drives is wiped. I’ve been using Darik’s boot and nuke (DBAN) to wipe my drives for the past year or two, and the […]

Securing your Linux vsftp installations by locking down your server and chroot()’ing users

As much as we all hate FTP and the insecurities of the protocol, I’ve given up on the fact that it’s going to be retired anytime soon. A lot of old legacy systems (mainframes, AS400s, etc.) don’t support SSH, but they so support the infamous FTP protocol. These two factors force a lot of companies […]

Running an SSH client inside your Firefox web browser

I recently came across FireSSH, which is an SSH client that runs inside Firefox. The FireSSH plug-in allows you to create an SSH connection to a remote host using just a web browser, and I can see all kinds of uses for this! The plug-in is written entirely in javascript, and uses a couple of […]

Making sense of the various routing / firewall solutions that are available

I am currently running dd-wrt at home. Dd-wrt works pretty well, but I recently started to do some digging to see what other routing / firewall solutions existed. There are a bunch of routing / firewall gateway solutions available, and each one provides a unique experience. Some run on Linux, some on OpenBSD, and others […]

Displaying GPG public keys in ASCII format

I was debugging a gpg issue earlier this week, and needed to dump the contents of a public key in some type of human readable form. After a bit of googling I came across the crazy awesome pgpdump utility, which provides a command line interface to display the contents of a GPG public key. To […]

Wide open remote root exploit on dd-wrt

As reported on Slashdot, there is a wide open exploit on dd-wrt due to how the httpd server handles and parses incoming requests without being authenticated.  The HTTP get code to execute has been posted on milw0rm. If you haven’t already, you should either update your dd-wrt installation to build 11533 (most router firmwares have […]

« Older Entries