No larger team can work with one data source and one incident management system today(at least we don’t know such team yet). That’s why every team is engaged in the development of their own tools or at least their own upgrade for already existing tools.
Knot DNS recursive weekly, July 24th 2015
IETF93 – prefetching and predictions – more cwrap – validating signatures
Knot DNS recursive weekly, July 15th 2015
I/O improvements – documenting – validation – Happy Eyeballs
Who’s poking at our Turris SSH honeypot
The Turris SSH honeypots are definitely not idle. There are currently 168 active honeypots that daily record 1000 to 2000 and on some days even up to 5000 SSH sessions containing at least one command.
Knot DNS recursive weekly, Blocking queries for fun and profit
A short tutorial on how to block DNS slow-drip attack with kresd.
Knot DNS recursive weekly, July 6th 2015
iced coffee, testing library, starting DNSSEC validation, prefetching queries, namebenching
Overview of multiplatform password managers
The news about LastPass hack broke recently. If the user had strong password, the password is not brute-forcable. However dictionary passwords along with passwords that are guessable with mutation and Markov chains can be broken up to length of 12 characters on one GPU even though LastPass’s key derivation function (KDF) using 100000 iterations. This means that if the attacker can crack user’s simple password, the attacker can download the encrypted blob containing passwords from LastPass and use the cracked password to decrypt them. The weakest link here is the password strength.
Making of Knot DNS Resolver
A storified tale of how we’re baking a modern resolver the hard way. Ingredients included.
How we let a router get “cracked”
In the previous two blog posts about project Turris, we described how a telnet “minipot” helped us to uncover a possible botnet consisting mainly of home routers from ASUS (1, 2). In this article, we will describe one possible way how these devices might have been compromised.
More about the honeypot for Telnet and botnets
Three weeks ago we published preliminary results of data analysis of the honeypot for the Telnet protocol, which we have launched in test mode. Today we will look at the situation change after we installed the tool on all the Turris routers.