|
|
Si vous voulez bloquer ce service sur vos fils RSS
Si vous voulez nous contacter ou nous proposer un fil RSS
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
randup trickery Par C skillsLe [2015-12-03] à 12:18:30
Présentation : We at opmsg team take security very serious. Really. So at times we end up digging in underlying libs which we use, to understand entropy and key generation. Since we take security so serious really , we are very Nazi about entropy. If we find anything that might be an issue or could be an issue if used in certain environments, we take all necessary actions to protect you. So this time we inform you, our valued customer, that usage of libressl in certain Linux environments could be dangerous with regard to key generation. In nested container environments cloud the state of the PRNG may be cloned and there is nothing you, our valued customer, can do about it via the libcrypto API. Thats why we, who take security very serious, informed the libressl team and proposed a solution. PoC and solution may be found here. Please note that this is different from the CLONE_PID issue in past which allowed for reuse of pids but is no longer possible on recent Linux kernels. Beside that, opmsg team acknowledges time and effort libressl developers invest into the project and found libressl code clean and mature. We continue supporting and recommend use of libressl in opmsg.
Les derniers articles du site "C skills" :
- ZeroCopy sshttp
- packet trickery
- Ads trickery
- deniability trickery
- randup trickery
- more packet trickery
- da packets
- opmsg BoringSSL tests
- Contact trickery
- EC persona trickery
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Si vous voulez bloquer ce service sur vos fils RSS :
- avec iptables "iptables -A INPUT -s 88.190.17.190 --dport 80 -j DROP"
- avec ipfw et wipfw "ipfw add deny from 88.190.17.190 to any 80"
- Nous contacter par mail
| Mini-Tagwall des articles publiés sur SecuObs : | | | | sécurité, exploit, windows, attaque, outil, microsoft, réseau, audit, metasploit, vulnérabilité, système, virus, internet, usbsploit, données, source, linux, protocol, présentation, scanne, réseaux, scanner, bluetooth, conférence, reverse, shell, meterpreter, vista, rootkit, détection, mobile, security, malicieux, engineering, téléphone, paquet, trames, https, noyau, utilisant, intel, wishmaster, google, sysun, libre |
| Mini-Tagwall de l'annuaire video : | | | | curit, security, biomet, metasploit, biometric, cking, password, windows, botnet, defcon, tutorial, crypt, xploit, exploit, lockpicking, linux, attack, wireshark, vmware, rootkit, conference, network, shmoocon, backtrack, virus, conficker, elcom, etter, elcomsoft, server, meterpreter, openvpn, ettercap, openbs, iphone, shell, openbsd, iptables, securitytube, deepsec, source, office, systm, openssh, radio |
| Mini-Tagwall des articles de la revue de presse : | | | | security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone, server, inject, patch, apple, twitter, mobile, virus, ebook, facebook, vulnérabilité, crypt, source, linux, password, intel, research, virtual, phish, access, tutorial, trojan, social, privacy, firefox, adobe, overflow, office, cisco, conficker, botnet, pirate, sécurité |
| Mini-Tagwall des Tweets de la revue Twitter : | | | | security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall, network, twitter, vmware, windows, microsoft, compliance, vulnerability, python, engineering, source, kernel, crypt, social, overflow, nessus, crack, hacker, virus, iphone, patch, virtual, javascript, malware, conficker, pentest, research, email, password, adobe, apache, proxy, backtrack |
|
|
|
|
|
