Для заворота всего трафика средствами SecureCRT создаем подключение к нашему промежуточному (master) хосту и указываем параметры проброса -
В глобальных настройках создаем новое firewall правило -
14.02.2017
02.08.2016
A start job is running for raise network interfaces
A start job is running for raise network interfaces:
/etc/systemd/system/network-online.targets.wants/networking.service
21:TimeoutStartSec=30sec
/etc/systemd/system/network-online.targets.wants/networking.service
21:TimeoutStartSec=30sec
13.06.2016
Windows LPE check tool
Тулза позволяет произвести аудит системы Windows, на предмет возможности локального повышения привилегий в системе.
Windows-privesc-check is standalone executable that runs on Windows systems. It tries to find misconfigurations that could allow local unprivileged users to escalate privileges to other users or to access local apps (e.g. databases).
It is written in python and converted to an executable using pyinstaller so it can be easily uploaded and run (as opposed to unzipping python + other dependencies). It can run either as a normal user or as Administrator (obviously it does a better job when running as Administrator because it can read more files).
QuickStartUsage:
It is written in python and converted to an executable using pyinstaller so it can be easily uploaded and run (as opposed to unzipping python + other dependencies). It can run either as a normal user or as Administrator (obviously it does a better job when running as Administrator because it can read more files).
C:\>windows-privesc-check2.exe --audit -a -o wpc-report
20.05.2016
SANS топ 20 утилит контроля ИБ
Part 1 - we look at Inventory of Authorized and Unauthorized Devices.
Part 2 - we look at Inventory of Authorized and Unauthorized Software.
Part 3 - we look at Secure Configurations.
Part 4 - we look at Continuous Vulnerability Assessment and Remediation.
Part 5 - we look at Malware Defenses.
Part 6 - we look at Application Security
Part 7 - we look at Wireless Access Control
Part 8/9 – we look at Data Recovery and Security Training.
Part 10/11 - we look at Secure Configurations for Network Devices such as Firewalls, Routers, and Switches and Limitation and Control of Network Ports, Protocols and Services.
Part 2 - we look at Inventory of Authorized and Unauthorized Software.
Part 3 - we look at Secure Configurations.
Part 4 - we look at Continuous Vulnerability Assessment and Remediation.
Part 5 - we look at Malware Defenses.
Part 6 - we look at Application Security
Part 7 - we look at Wireless Access Control
Part 8/9 – we look at Data Recovery and Security Training.
Part 10/11 - we look at Secure Configurations for Network Devices such as Firewalls, Routers, and Switches and Limitation and Control of Network Ports, Protocols and Services.
13.05.2016
Fortinet Fortimail and iRedMail configuration. [Gateway mode]
Мой опыт базовой настройки связки Fortimail и почтового сервера iRedMail.
Для начала, прописал MX записи, и доменные имена для нашей тестовой почты:
MX прописана на Fortimail
Почтовый сервер я поднял на базе iRedmail.
04.05.2016
20.04.2016
История взлома [Hacking Team]
"Хакер, называющий себя Финиас Фишер (Phineas Fisher), обнародовал на PasteBin длинный и подробный рассказ о том, как летом 2015 года ему в одиночку удалось взломать известного поставщика шпионского ПО — компанию Hacking Team."
Разбор взлома: https://xakep.ru/2016/04/18/hacking-team-hack/
Реакция HT: https://xakep.ru/2016/04/20/hacking-team-letter/
_ _ _ ____ _ _
| | | | __ _ ___| | __ | __ ) __ _ ___| | _| |
| |_| |/ _` |/ __| |/ / | _ \ / _` |/ __| |/ / |
| _ | (_| | (__| < | |_) | (_| | (__| <|_|
|_| |_|\__,_|\___|_|\_\ |____/ \__,_|\___|_|\_(_)
A DIY Guide
Ransomware [Database]
"База данных" известных криптолокеров, а так же помощь в расшифровке файлов.
названия --- расширения --- паттерны --- декрипторы
Подписаться на:
Сообщения (Atom)