SVP Technology at Fiserv; large scale system architecture/infrastructure, tech geek, reading, learning, hiking, GeoCaching, ham radio, married, kids
15520 stories
·
123 followers

SolarWinds Serv-U path-traversal flaw actively exploited in attacks

1 Share
Threat actors are actively exploiting a SolarWinds Serv-U path-traversal vulnerability, leveraging publicly available proof-of-concept (PoC) exploits. [...]
Read the whole story
JayM
10 hours ago
reply
Atlanta, GA
Share this story
Delete

Potatoes Are the Perfect Vegetable—but You’re Eating Them Wrong

1 Share
The humble potato is a miraculous vegetable, but Americans are eating less of them than ever before and have ditched fresh potatoes for frozen. Is it time to rebrand the spud?
Read the whole story
JayM
1 day ago
reply
Atlanta, GA
Share this story
Delete

Wireshark Challenge 01 Answers

1 Share

Did you get a chance to try out last week's Wireshark Challenge based on the chappell-WChallenge012024.pcapng? Too easy?


If you didn't - go back and grab the trace file and try it out before looking at the answers below. There's often more than one way to get an answer. Below, I have offered one option for each question.


1. What tool was used for the capture process?

Dumpcap (Wireshark) 4.2.5 (v4.2.5-0-g4aa814ac25a1) - Click the button next to the Expert down on the Status Bar - that launches the Capture File Properties window (or select Statistics > Capture File Properties).



2. What is Fred's machine's IPv4 address?

10.0.0.157 - Find a DNS Request, TCP SYN, or HTTP2 GET request and look at the source IP address.


3. What is Fred's machine's Ethernet address?

d8:bb:c1:56:61:63 - Since the instructions said the trace file was taken on Fred's machine, we simply need to look at the Source Ethernet address on packets sent from Fred's machine - any packets used for #2.


4. What is/are the IP address(es) of the DNS server(s)?

75.75.75.75 and 75.75.75.76 - A simple dns filter will reveal the answer here. If we want to view just DNS responses, we can filter on dns.flags.response == True to view only DNS responses.


5. What operating system is running on Fred's machine?

Windows - HTTP/2 GET requests contain a user-agent field that defines the browser and operating system of the source.


6. Is Fred likely located on the East or West coast of the US?

West coast - we might make that assumption given the answer to #9, but we can actually locate an indication inside a TLS Client Hello where the Server Name field offers interesting insights into the communications.


7. What browser is Fred using?

Firefox - This is visible in the user-agent field - see #5.


8. In what sport is Fred interested?

Ice Hockey - the DNS traffic gives this away - use that dns filter again - just like in #4. There are a lot of references to NHL - National Hockey League.


9. In what team is Fred interested?

San Jose Sharks (sad... what a terrible year they had) - again, the DNS traffic gives this away.


10. What TLS version(s) does Fred's machine support?

TLS 1.2 and TLS 1.3 - inside the TLS Client Hello packets, we must look for and expand the "supported versions" extension section.

How did you do? Did you add and sort any columns? Did you apply other display filters?

This is great practice!


Cheers!

Read the whole story
JayM
1 day ago
reply
Atlanta, GA
Share this story
Delete

An 'Algorithm' Turned Apartment Pools Green

1 Share
Comments
Read the whole story
JayM
1 day ago
reply
Atlanta, GA
Share this story
Delete

Three of Vietnam's Five Undersea Internet Cables Are Down

1 Comment
Three out of Vietnam's five active international undersea internet cables are down, state media said over the weekend, the second major round of outages in the country in just over a year. From a report: The problems with the three cables, which connect Vietnam with the United States, Europe and Asia, have "significantly affected Vietnam's internet connection with the world", reported the official Vietnam News Agency. Vietnam is connected to the global internet mainly via five undersea cables with a combined capacity of nearly 62 Tbps, according to data from FPT, one of the country's top internet service providers. It's not clear if the three cables referred to, which account for most of the bandwidth, are totally or partially down.

Read more of this story at Slashdot.

Read the whole story
JayM
2 days ago
reply
Ruh oh, Shaggy.
Atlanta, GA
Share this story
Delete

How to spot authoritarianism — and choose democracy | Ian Bassin

1 Share
Democracy is about having choices — and authoritarianism is about not having them, says lawyer and writer Ian Bassin. Detailing the seven steps of the authoritarian playbook, he invites us all to put aside our differences and rethink our role in the fight for freedom, revealing the hope and power behind every choice we make.



Download video: https://download.ted.com/products/177719.mp4?apikey=172BB350-0205
Read the whole story
JayM
2 days ago
reply
Atlanta, GA
Share this story
Delete
Next Page of Stories