Collaborate Disseminate
We know that we have to create a private key on a server and generate its public key and create a certificate.
But what if we get a private key which someone already has? Doesn’t the security become weak in this case?
Continue reading What happens if two parties have a same pair of public & private keys
I have played with DNS a lot lately, and I have found that some big companies’ web sites use the Akamai NS as the Name Server for their WWW servers, for example:
$>nslookup
> www.redhat.com
Server: 192.168.43.1
Address: 192.1… Continue reading What is the Akamai Name Server I see for some big companies?
Why types of media are Write Once Read Many (WORM) other than CD-R, and DVD-R, say, something in the 100GB range?
Are there such devices?
What would it take to read them?
Are the devices like this that can do their one wri… Continue reading WORM media types
I’m developing some software for schools. I’ve found severe flaws with the current popular school LAN protection that I feel needs fixing so I plan on releasing my own software. One the those problems was that if a student … Continue reading Is using a flash drive as a base for security a safe thing to do?
I would like to know if sniffing packets of a remote IP address is possible at all, if yes I would like to know:
what is the success rate, I mean how much percent of the packets you would capture?
What are the benefits of … Continue reading Is there a way to sniff packets of a remote IP address?
I would like to know if sniffing packets of a remote IP address is possible at all, if yes I would like to know:
what is the success rate, I mean how much percent of the packets you would capture?
What are the benefits of … Continue reading Is there a way to sniff packets of a remote IP address?
Cross-site scripting (XSS) vulnerability in the web interface in Red Hat Network (RHN) Satellite 5.4.1 allows remote authenticated users to inject arbitrary web script or HTML via the Description field of the asset tag in a Custom Info page. Continue reading CVE-2011-4346 (satellite)
Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response. Continue reading CVE-2011-4315 (fedora, nginx, studio, studio_onsite, webyast)
dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service (daemon crash) via a crafted request packet. Continue reading CVE-2011-4539 (debian_linux, dhcp, ubuntu_linux)
My workplace uses these SecurID tokens which provide you with a temporary password, the code will expire after a short time. I have always been fascinated by the things, because it seems as though all the logic to calculat… Continue reading Can the numbers on RSA SecurID tokens be predicted?