How To Crack WEP
Posted by creining | Filed under Security
Yes, everybody knows WEP is insecure and is easily breakable. However, I found this 3 part series at tom’s networking:
Setup & Network Recon
Performing the Crack
Securing your WLAN
to be an informative read even as a seasoned security professional. Alot of times we know that a protocol, a piece of software, or a process has inherent flaws but we wouldn’t know how to go about exploiting that without significant research. These articles offer the “how” aspect of breaking WEP, in minutes as a matter of fact, in a step by step fashion. I particularly like the second article, which showed the crack and the third article offers sound advice for securing WLANs.
How to fake a fingerprint
Posted by creining | Filed under Security
This article explains how to make a fake fingerprint, usable in testing out fingerprint biometric devices. I’ve read that some fingerprint readers can be easily fooled countering the claim by their manufacturers that they are very secure and impossible to fool. In fact, I recall that one manufacturers fingerprint reader would be fooled by simply blowing (warm air) on the reader as the latent fingerprint from the previous user is still there.
Snort ClamAV virus scanning preprocessor and new snort2pf
Posted by creining | Filed under Security
I read that a new preprocessor for Snort integrates ClamAV which will scan packets for viruses before passing the data on to Snort for detection. I really like this idea. The virus rules in the offical Snort rules tarball have been defunct for quite some time so it’s nice to implement some level of virus detection within Snort. The Snort ClamAV virusscanning preprocessor project page is hosted at Bleeding Snort. The addition of ClamAV with Snort reminds be of the ability within the Snort analysis frontend Pigris (still not released publicly) to scan the payload of one or several alerts with ClamAV. In related Snort news, I saw that the OpenBSD based snort2pf which was written in Perl has been rewritten in C and released as snort2c. These programs use Snort in order to act as an IDS/IPS by blocking traffic using Snort alerts. Additional support was added to snort2c during the rewrite to provide in-program whitelisting and logging to syslog.