Posts

Useful Trick for the Computers

Image
Useful Tricks for the Computer. In Photoshop, when using the marquee tool, hold down the space bar to drag the marquee without losing the ability to size it. When watching a movie on vlc player if the audio isn’t lined up simply press “k” to back up the audio accordingly. Always choose custom installation to avoid programs to install annoying toolbars/adwares. When typing an address into your browsers, pressing CTRL + Enter will wrap whatever you typed with the http://www before it and .com after it. Windows button + L locks your screen. Windows button + P lets you quickly set up projectors or second monitors. When setting up a new PC,  Ninite  will save you lot of time. You can hit CTRL + L or F6 or ALT+D as a shortcut to the address bar in your browser. CTRL + Shift + Esc will open task manager. Pressing Tab while filling a form will move to the next input box, pressing Shift + Tab will back up to the previous box. The Caps Lock key works at a hardware level

Get information about SSL protocols

Image
  Get the information about the SSL version using and strength by utilizting the SSL Disagnos SSL Diagnos is used to test SSL strength; Get information about SSL protocols (pct, ssl2, ssl3, tls, dtls) and cipher suites. It can also be used for testing and rating ciphers on SSL clients. It has also specific support for pop3s, sip, smtp and explicit ftps. Tests for heartbleed (including dtls). Furthermore a separate tool, SSLPressure, not using openssl can be used to check the whole spectrum of possible SSL protocols on a server. Can also be used for testing ssl for mssql-servers (was added since nessus did not support this) and contains mitm poc for stripping ssl from mssql-connections. Features SSL scanner including rating of SSL cipher suite strength for server and clients Test SSL strength in for example https, smtp, sip, pop3s, ftps Can be used for OWASP-CM-001 Uses OpenSSL to test ssl2, ssl3, tls, dtls, explicit ftps Tests renegotiation and availability

Kali Linux on MS Windows10

Image
Kali on the Windows Subsystem for Linux We’re always on the prowl for novel environments to run Kali on, and with the introduction of the  Windows Subsystem for Linux  (WSL) in Windows 10, new and exciting possibilities have surfaced. After all, if the WSL can support Ubuntu, it shouldn’t be too hard to incorporate another Debian-like distribution, right? This is especially true with the  Windows Subsystem for Linux Distribution Switcher  utility. Kali on … Windows? Really? While this setup of Kali on Windows is not optimal due to various environmental restrictions (such as the lack of raw sockets and lack of customised Kali kernel), there are still many situations where having Kali Linux alongside your Windows 10 machine can be beneficial. One example that comes to mind is consolidation of workspaces, especially if Windows is your main working environment. Other useful situations that crossed our minds were standardizing tools and scripts to run across

Radius

Image

Radius and integrated with AD for Wireless AP

Image
Freeradius and integrated with AD, with Wireless (Aruba-controller)         Here you go,  FreeRADIUS , an open-sourced project that will please you. Prerequisite Active Directory domain Ubuntu server Below are the used settings assuming FreeRADIUS 192.168.1.12 mydomain.com : domain name mydc.mydomain.com : domain controller MYNTDOMAIN : nt domain name Radiussrv : Radius server hostname             1. Install samba, winbind, krb5-user: sudo apt install samba winbind krb5-user 2. Config samba by editing: a. /etc/samba/smb.conf: ... [global] ## Browsing/Identification ### # Change this to the workgroup/NT-domain name your Samba server will part of    workgroup = MYNTDOMAIN # need to add these    security = ads    password server = mydc.mydomain.com    realm = MYDOMAIN.COM    winbind use default domain = true ... b. /etc/krb5.conf: [libdefaults]         default_realm = MYDOMAIN.COM ... [realms]         MYDOMAIN.COM = {                 kdc = mydc.mydomain.com                 admin_server =

Block access to consumer / Personal Gmail accounts

Image
  Block access to consumer / Personal Gmail accounts Short answer: To block access to some Google accounts and services while allowing access to your managed Google accounts (such as G Suite or Cloud Identity), you need a web proxy server that can perform SSL interception and insert HTTP headers. As an administrator, you may want to prevent users from signing in to Google services using any accounts other than the accounts you provided them with. For example, you may not want them to use their personal Gmail accounts or a managed Google account from another domain. A common means of blocking access to web services is using a web proxy server to filter traffic directed at particular URLs. This approach won’t work in this case, because legitimate traffic from a user’s managed Google account goes to the same URL as the traffic you want to block. To only allow users to access Google services using specific Google accounts from your domain, you need the web proxy server to

VMware ESX Upgrade 5.1 to 5.5

Image
The following ESX/ESXi 4.x and ESXi 5.0 versions are supported for upgrade to ESXi version 5.5: ESX/ESXi 4.0.x (including all released updates and patches) ESX/ESXi 4.1.x (including all released updates and patches) ESXi 5.0.x (including all released updates and patches) ESXi 5.1.x (including all released updates and patches) Download the ESXi 5.5 from the VMware Website. My post related to  Download vSphere 5.5 software. 1. Attach the ISO image of the ESXi 5.5 to your ESXi 5.1 if you have any remote management server tools like ILO, DRAC or insert the installation media into the server. 2. Make sure Server BIOS is configured to boot from CD-ROM 3.Once It is booted with installation media, Select  ESXi-5.5.0-1331820-standard Installer and Press Enter 4. ESXi 5.5 installer will load the Files and it may take few minutes to complete. Once it is loaded , It will Relocate the Modules and start the kernel. 5.In the Welcome Screen of VMware ESXi 5.5.0 Ins

WPA3- Coming in 2018

Image
WPA3- Coming in 2018 WPA3 is not an immediate replacement for WPA2, which will continue to be maintained and enhanced. In particular, the Alliance will introduce new testing enhancements for WPA2 to reduce the potential for vulnerabilities caused by network misconfigurations; and will further safeguard managed networks with centralized authentication services. New Wi-Fi Alliance WPA3 certified devices will take some time to filter into widespread use. Use of the new specification will require WPA3 devices and WPA3 routers -- and since the vast majority of home wi-fi users never buy a router but use the one supplied by their ISP, many users won't become WPA3 compatible before they change ISPs. That could take several years. Nevertheless, there are some welcome enhancements over the WP2 specification that has kept users largely, but not entirely, protected for around two decades. Four new capabilities for both personal and enterprise networks have been announced. Th

Prevention Guide for Petya Ransomware

Image
    While analyzing the ransomware's inner workings, Serper was the first to discover that NotPetya would search for a local file and would exit its encryption routine if that file already existed on disk. The researcher's initial findings have been later confirmed by other security researchers, such as PT Security , TrustedSec , and Emsisoft. This means victims can create that file on their PCs, set it to read-only, and block the NotPetya ransomware from executing. While this does prevent the ransomware from running, this method is more of a vaccination than a kill switch. This is because each computer user must independently create this file, compared to a "switch" that the ransomware developer could turn on to globally prevent all ransomware infections. How to Enable the NotPetya/Petna/Petya Vaccine To vaccinate your computer so that you are unable to get infected with the current strain of NotPetya/Petya/Petna (yeah, this naming is annoying), simply create a file