AllExJ – WindowsTechs.com

What attacks can be performed by changing header of IP packet if I apply only ESPv2 of IPsec(so not providing intergrity for the IP header)

Posted on April 15, 2024 by AllExJ

For ESPv2 I’m referring to this: https://datatracker.ietf.org/doc/html/rfc2406 so the version which supports of course confidentiality, but also authentication ONLY FOR THE PAYLOAD, NOT of the IP header.
My professor warns against using ES… Continue reading What attacks can be performed by changing header of IP packet if I apply only ESPv2 of IPsec(so not providing intergrity for the IP header)→

What attacks can be performed by changing header of IP packet if I apply only ESPv2(so confidentiality and integrity of payload(no header integrity))?

Posted on February 17, 2024 by AllExJ

What attacks can occur by altering the IP packet header with only ESPv2 (so having ONLY payload confidentiality&integrity but NOT integrity)?
My professor warns against using ESPv2 without header integrity due to potential header manip… Continue reading What attacks can be performed by changing header of IP packet if I apply only ESPv2(so confidentiality and integrity of payload(no header integrity))?→

Why does IPsec use tunnel-mode for an external laptop? Could transport-mode be used? Why can’t a gateway control access in transport-mode?

Posted on February 15, 2024 by AllExJ

In an IPsec Secure gateway setup, why is tunnel-mode used when an external laptop wants to access an internal service protected by a firewall? Is tunnel-mode necessary or could transport-mode be used instead? Why can’t a gateway perform ac… Continue reading Why does IPsec use tunnel-mode for an external laptop? Could transport-mode be used? Why can’t a gateway control access in transport-mode?→

What if in IPsec I have confidentiality BUT NOT integrity? What are the dangers?

Posted on February 15, 2024 by AllExJ

ESP in IPsec v2 only provides integrity of the payload, not of the header. So my question is about that. The possible dangers in not having integrity of header, while having ESP active for payload.
What are the potential risks if an attack… Continue reading What if in IPsec I have confidentiality BUT NOT integrity? What are the dangers?→

Is FIDO authN vulnerable to relay attacks?

Posted on December 9, 2023 by AllExJ

In this question: Is FIDO2 authentication vulnerable to a social engineering replay attack?
it was answered that no, not vulnerable because "the keypair used to by the FIDO device to authenticate with the credential harvesting site w… Continue reading Is FIDO authN vulnerable to relay attacks?→

If I hibernate my Linux distro (which has an encrypted partition) and store it in a unencrypted swap partition, can an attacker access all my data?

Posted on November 17, 2023 by AllExJ

Is it possible? How? Should I encrypt my swap partition? If I don’t encrypt it, basically I make encryption in the main partition useless.

Continue reading If I hibernate my Linux distro (which has an encrypted partition) and store it in a unencrypted swap partition, can an attacker access all my data?→

Why is my TPM bugged? If I enable checks on PCR 8,9,10, it ALWAYS asks for decryption password even if it shouldn’t [migrated]

Posted on November 16, 2023 by AllExJ

I’ve also checked with systemd-analyze pcrs if PCRs are the same at every reboot, and they are.
Only at first reboot I don’t know why the only PCRs that change are 8,9,10 lol(I don’t know why)… but in next reboots they are always the sam… Continue reading Why is my TPM bugged? If I enable checks on PCR 8,9,10, it ALWAYS asks for decryption password even if it shouldn’t [migrated]→

Why the TPM PCRs does not consider a UEFI settings change? If someone resets CMOS, it’s undetected

Posted on November 16, 2023 by AllExJ

In my laptop I’ve set up a bios password when I power on the laptop, and once I enter it the laptop starts my linux distro and decrypts the disk without asking any other password. To do this I’ve set up TPM to automatically decrypts the di… Continue reading Why the TPM PCRs does not consider a UEFI settings change? If someone resets CMOS, it’s undetected→

Why in "openssl pkeyutl -verify" is needed both public and private keys? Why isn’t public key enough?

Posted on November 10, 2023 by AllExJ

I created a signature with:
openssl pkeyutl -sign -inkey rsa.key.bob -in plain -out plain.sig.bob

and to verify, Alice just needs to use Bob public key to check the authenticity of the message.
So why I have to use this (which require th… Continue reading Why in "openssl pkeyutl -verify" is needed both public and private keys? Why isn’t public key enough?→

DNS Spoofing attack works in host machine but does not work in guest VM machine. I’m curious about why

Posted on October 30, 2023 by AllExJ

I am practicing in these attacks and countermeasures.
I did attack against a computer and it works. I did it against a bridged-network guest VM machine and it does not work. I’m curious about why.
As you can see I receive multiple response… Continue reading DNS Spoofing attack works in host machine but does not work in guest VM machine. I’m curious about why→