Sibwara – WindowsTechs.com

Why it is so widely tolerated to allow SMTP server in DMZ to initiate connection to the LAN

Posted on October 21, 2022 by Sibwara

I was surprised to see that the French cybersecurity agency tolerates an SMTP relay server in the DMZ (which collects emails received from the Internet) to reach the Email server in the LAN.
In my opinion, the relay SMTP server in the DMZ … Continue reading Why it is so widely tolerated to allow SMTP server in DMZ to initiate connection to the LAN→

Is this Wikipedia article about SCRAM wrong?

Posted on October 6, 2020 by Sibwara

At my Company, we put a honeypot in our network and it raised us the Lansweeper SSH password used to connect to the scanned assets (and it is reusable over many boxes…).
So it is a way for an attacker to get sensitive passwords in a corp… Continue reading Is this Wikipedia article about SCRAM wrong?→

Why not signing a certificate with more than one Certification Authority [duplicate]

Posted on September 22, 2020 by Sibwara

A student asked me a good question today when I was explaining the concept of certificates chain.
As I said "if a CA is compromised by an attacker he can emit false certificates for the entities the CA is allowed to sign (e.g all the … Continue reading Why not signing a certificate with more than one Certification Authority [duplicate]→

Do docker images have the same root password?

Posted on July 27, 2020 by Sibwara

If two persons are pulling the same docker image (let’s say Debian:10.4), they will obtain the same "files" (layers) from the docker repo.
So, from what I understand, launching a docker image is not exactly like a fresh install, … Continue reading Do docker images have the same root password?→

How to validate client side safety in a Zero Knowlegde model

Posted on July 21, 2020 by Sibwara

What is sometimes called Zero Knowledge, sometimes end to end encryption occurs when a server only processes ciphered data (at least for sensitive data) with a result where a compromise of this server does not threat the confidentiality of… Continue reading How to validate client side safety in a Zero Knowlegde model→

Send GET request from a PDF file

Posted on November 14, 2018 by Sibwara

I’m currently working on a security Proof Of Concept where I need to show the danger of opening an unknown PDF file.
Internet says that many malwares use Javascript in PDF document (AcroJS) to download their malicious payload… Continue reading Send GET request from a PDF file→

Why WPA2 did not design a PTK based on asymmetric cryptography?

Posted on May 16, 2018 by Sibwara

I was shocked to learn how the PTK is crafted from the PMK in WPA2 WiFi.

PMK is made with crypt_hash(SSID + PSK). OK, seems good.

Then, the client and the Access Point (AP) make the famous 4 way handshake:

Client -> [A… Continue reading Why WPA2 did not design a PTK based on asymmetric cryptography?→