Security

Area 41

Area41 Looking Forward to the next Security Congress in Zurich https://www.area41.io . It’s sold out since a while, happy i got a early ticket :) … and all the Talks are online … https://www.youtube.com/watch?v=Hs5olUBX2cg&list=PLv-PXy2JVviu32C4U6F8KHKcyL4s-i_Fo sha256: 07f41198ed084963405456466b567179077366052c560295e9868a0046f0a714

Nginx - Log Headers

How to enable Logging with Headers for Nginx Assuming you have a running setup and you want to enable logging with headers for debug and learning purposes ? Add Lua doas pkg_add nginx-lua-- and you get … doas pkg_info -L nginx-lua-- Information for inst:nginx-lua-1.20.1p0 Files: /var/www/modules/ndk_http_module.so /var/www/modules/ngx_http_lua_module.so Enable Modules in /etc/nginx/nginx.conf add two lines on Top load_module "modules/ndk_http_module.so"; load_module "modules/ngx_http_lua_module.so"; Enhance Logging add the following to the “http” Section log_format log_req_resp '$remote_addr - $remote_user [$time_local] ' '"$request" $status $body_bytes_sent ' '"$http_referer" "$http_user_agent" ' '$request_time req_header:"$req_header" ' 'resp_header:"$resp_header"'; Enable Logging add the following lines to your virtual Host Section

IPSEC OpenBSD <-> Linux

Environment OpenBSD 7.0 Debian 11.2 with Strongswan IPv4 only IKE v1 ToDo IPv6 and Dualstack IKE v2 Debian ipsec.conf conn puffy authby = secret ike = aes256-sha256-modp2048 keyexchange = ikev1 ikelifetime = 1h keyingtries = 0 left = %defaultroute right = 193.xx.xx.xx leftid = 212.xx.xx.xx rightid = 193.xx.xx.xx lifetime = 1200s leftsubnet = 10.11.1.8/30 rightsubnet = 10.1.6.0/24 esp = aes256-sha256-modp2048 dpddelay = 30 dpdtimeout = 120 dpdaction = restart auto = start OpenBSD /etc/sysctl.

AGE - Encrypt Files with SSH Keys

Stumbled upon something that I’ve missed for a long time: encrypting files with the ssh public key :) Source https://github.com/FiloSottile/age Install Package OpenBSD (and most others *nix systems) got a package for age. Just install it. doas pkg_add age Asymmetric Encryption Asymmetric Encryption encrypts and decrypts the data using two separate yet mathematically connected cryptographic keys. These keys are known as a ‘Public Key’ and a ‘Private Key’. Together, they’re called a ‘Public and Private Key Pair’

Honeypot

i like to run honeypots … ok, to be honest, it’s not a honeypot. It’s a productive maschine for me, but all the bots trying to get in get’s redirected to a Honeypot, the credentials were captured and last but not least, you can watch them live in your browser :) http://honeypot.nolink.ch btw. 100k failed login attempts in 10 Day … have fun ! sha256: 8ae49e2283f894d5ab59ec16309f4f1d4aa547c0fd90705f969bae0d20d3b6f2

RPKI for Home Usage

Resource Public Key Infrastructure you may know what RPKI is … It’s a PKI Framework for improving Security for the Internet Routing Infrastructure based on BGP. As a HomeUser or Small/Medium Size Company, you normally don’t have a Full BGP Table and multipe Upstream Providers. You have one Internet Router or Firewall and you get a Default Route from your ISP. With OpenBGPD and the current rpki extensions, you “just” need a Full BGP Feed and then, you can filter all invalid ROA’s and keep your Routing (and Internet Access) more Secure.

RC3

some cool Movies/Audios from “Remote Chaos Experience” RC3 RC3 Video, ordered by ViewCount Amateurfunk hacken Spot the Surveillance DevOps Disasters 3.1 Elektrogruselkabinet Indien-Edition 36C3 - Boeing 737MAX: Automated Crashes 36C3 - BahnMining - Pünktlichkeit ist eine Zier 36C3 - Finfisher verklagen 36C3 - Hirne Hacken 35C3 - Du kannst alles hacken – du darfst dich nur nicht erwischen lassen 35C3 - Hackerethik - eine Einführung sha256: ec267b020ffdde11711eff23057df1a9b74a0fed1c262c0ab9dd28b5c08d512e