TL;DR Dell delivered a faulty high end laptop, refused to refund under the Consumer Rights Act 2015, and their ProSupport “fix” that, at the present time, looks like will take in excess of two months; even though it only took 11 days to order and deliver the new (faulty) laptop. I’ve been purchasing Dell computers […]
A Dell Pro Max Plus turned me from Pro Dell to no! Dell Read More »
Ever wanted to run multiple VPNs at the same time from the same device? Route a client down a different VPN at a boundary linux router? Introduction Linux has a wealth of networking capabilities, to the degree that it can operate as quite a powerful router, just without the hardware acceleration you get with a
Multiple VPN tunnel selection using policy routing Read More »
Over the weekend I enabled DNSSec on this site and blogged about it [1]. Today Lets Encrypt renewed the certificate on the Origin Server via DNS-01 – its setup uses CNAMEs to allow internal devices to get public certs, described in an earlier blog post [2]. The certificate renewal failed. Considering it has worked since
Lets Encrypt Failure – It was DNS(ish) – a conspiracy of coincidences Read More »
DNSSec is a technology that adds a layer of protection so that domain names and websites like this one are more resistant to being hijacked by a spoofed domain. In this case it provides an additional layer of authentication to allow a DNS resolver to prove that the answers it got are valid and not
DNSSec All The Things – An Easy (and free) Way Read More »
During a recent red team engagement, we came across several useful artefacts after compromising an IT helpdesk user account. One of particular interest contained a list of useful sites, including a well-known password generator site. This is one of a class of sites that generate a password by selecting a number, say 4, random words
Three Random Words – An adventure in passphrase cracking Read More »
Several months ago, whilst on a client engagement, I identified a number of zerodays in an enterprise asset management application called EasyInstall. This gave me, among other things, elevation of privilege on managed assets, a wealth of information for recon, and – most interestingly – unauthenticated remote secure wipe of any asset. The blog on
Vulnerabilities in EasyInstall asset management Read More »
As an adversary it is useful to establish a base of operations from within the target network that is not controlled by the target organisation. This avoids the need to circumvent various EDR/AV solutions that could not only block our actions, but worse, expose us to the target. Homeworking solutions can offer malicious insiders a
Insiders, Homeworking and Split-VPN Read More »
For the first blog on this new site I wanted to talk about a simple technique to get LetsEncrypt certificates for internal devices (those not exposed to incoming Internet connections). Some may ask why do this – isn’t it exposing information about your internal network to the outside world. Well, yes. However, I want to
Lets Encrypt Inside Read More »