Bash reads aliases from a file only; however, this file does not have to reside on the server you are connecting to. With OpenSSH, we have to ability to send environment variables that the server allows.
This post will capture some important links I discovered following the weekly Docker newsletter.
Assessing a SAProuter’s Security with Onapsis Bizploit
part 1: http://blog.onapsis.com/assessing-a-saprouters-security-with-onapsis-bizploit-part-i/
and part 2: http://www.onapsis.com/blog/assessing-a-saprouters-security-with-onapsis-bizploit-part-ii/
For more information about vulnerabilities affecting the SAProuter, attacks and countermeasures, you should have a look at our SAP Security In Depth publication “Securing the Gate to the Kingdom: Auditing the SAProuter”.
... registration required to get the file Onapsis_SAP_Security_In-Depth_Volume_6.pdf
Testing SAProuter Basic Functions
http://help.sap.com/saphelp_nw70/helpdata/en/4f/992dd7446d11d189700000e8322d00/content.htm
Piercing SAProuter with Metasploit
https://community.rapid7.com/community/metasploit/blog/2014/01/09/piercing-saprouter-with-metasploit
I got a new esp8266 yesterday. an ICSP programmer and a hackaday trinket pro.
for some serial interface magic. now just need a voltage regulator for 3.7v lipos for the tiny little esp8266
amazing. 6$ for a wifi AP and client and microcontroler all in one tiny little chip
serial interface and two GPIO pins
so can connect the trinket up to it to conect more GPIO via arduino software :-)
esp82666 is a good add on to ANYTHING
the esp runs a compilled programm only so no OS
It's so cheap it's hard not to get one :-)
http://www.seeedstudio.com/depot/s/esp8266.html?search_in_description=0
http://hackaday.com/tag/esp8266/
some examples in the second link and a china shop to order from in the first.
you MIGHT like the trinket pro also: just for artistic reasons :-) :http://store.hackaday.com/products/trinket-pro-with-black-solder-mask-and-the-hackaday-io-logo
...
https://nurdspace.nl/ESP8266
http://www.zoobab.com/esp8266-serial2wifi-bridge
how to export serial consoles through the network with the ESP-LINK firmware: https://github.com/jeelabs/esp-link
to be completed
C’est une nouvelle vulnérabilité touchant le protocole TLS qui vient de faire son apparition. Baptisée LogJam, elle touche les connexions chiffrées via l’algorithme Diffie-Hellman.
source en anglais
The Logjam attack https://weakdh.org/
Guide to Deploying Diffie-Hellman for TLS https://weakdh.org/sysadmin.html (recommendations pour serveurs)
Increasing the minimum TLS DH group size to 1024 bits https://groups.google.com/a/chromium.org/forum/#!topic/security-dev/WyGIpevBV1s
à voir
décortiquer une clef ssh privée, et conversion en PKCS8
Dubbed VENOM (Virtualized Environment Neglected Operations Manipulation), the zero-day flaw takes advantage of the “virtual floppy disk controller” and potentially allows attackers to escape out of the virtual machine and execute malicious code on its host.