Customer site, their security policy for WiFi is an SSID with a secret PSK: the IT manager types the password on my PC to allows me to access the network. Maybe he’s not aware of my keylogger that the password con be easily retrieved in cleartext. Let’s see how. Windows 10: retrieve the WiFi PSK in cleartext Show a list of all WiFi profiles configured on the PC: netsh wlan show profiles Show the WiFi network currently in use:

Continue reading

The Cyberspace a.k.a. the Internet is full of bad guys wanting to mess with our computers right? Of course everyone of us have a firewall configured with proper access and inspection rules, don’t ya? Spamhaus and Team Cymru can help providing list of known bad IPs and subnets that should be filtered in our networks. Spamhaus DROP list “DROP (Don’t Route Or Peer) and EDROP are advisory “drop all traffic” lists, consisting of netblocks that are “hijacked” or leased by professional spam or cyber-crime operations (used for dissemination of malware, trojan downloaders, botnet controllers).

Continue reading

Tomahawk is a command line tool for testing network-based intrusion prevention systems (NIPS). The concept is simple, you can download virus,attacks,exploit pcaps from many sources and save them on the Tomahawk machine. To test an IPS you need tree network interfaces: one for management, one to send traffic and one to receive. If the attack sent on the interface is received on the other interface the IPS didn’t filtered it.

Continue reading

Author's picture

Where the vNic meets the SDN

Network Engineer