background preloader

HowTo

Facebook Twitter

Secure Salted Password Hashing - How to do it Properly. If you're a web developer, you've probably had to make a user account system.

Secure Salted Password Hashing - How to do it Properly

The most important aspect of a user account system is how user passwords are protected. User account databases are hacked frequently, so you absolutely must do something to protect your users' passwords if your website is ever breached. The best way to protect passwords is to employ salted password hashing. This page will explain why it's done the way it is. There are a lot of conflicting ideas and misconceptions on how to do password hashing properly, probably due to the abundance of misinformation on the web. IMPORTANT WARNING: If you are thinking of writing your own password hashing code, please don't!. If for some reason you missed that big red warning note, please go read it now.

You may use the following links to jump to the different sections of this page. What is password hashing? Hash algorithms are one way functions. How to Monitor Network Activity Using Windows 10 Packet Monitor (PKTMON) - Petri. Packet Monitor is a command-line tool that first appeared in Windows 10 version 1809.

How to Monitor Network Activity Using Windows 10 Packet Monitor (PKTMON) - Petri

Although you could be forgiven for not noticing as Microsoft is only beginning to speak about it now. Packet Monitor is designed to help debug network issues, specifically those where network virtualization is involved. Before the advent of Software Defined Networking (SDN) and virtualization, the network stack was much simpler. It had three layers: TCP/IP, filter drivers, and a network adapter. But as you can see in the diagram below, once you add SDN and virtualization, the stack becomes more complicated. Packet Monitor (PacketMon) can intercept packets at all the different layers of the network stack so that you can trace the packet route. PacketMon also provides extra information, like why a packet was dropped. Create PacketMon filters and start monitoring Before you can use PacketMon, you need to open an elevated command-line prompt.

Let’s add two filters for ports 80 and 443. Decrypting TLS Browser Traffic With Wireshark – The Easy Way! Intro Most IT people are somewhat familiar with Wireshark.

Decrypting TLS Browser Traffic With Wireshark – The Easy Way!

It is a traffic analyzer, that helps you learn how networking works, diagnose problems and much more. One of the problems with the way Wireshark works is that it can’t easily analyze encrypted traffic, like TLS. It used to be if you had the private key(s) you could feed them into Wireshark and it would decrypt the traffic on the fly, but it only worked when using RSA for the key exchange mechanism. As people have started to embrace forward secrecy this broke, as having the private key is no longer enough derive the actual session key used to decrypt the data. Session Key Logging to the Rescue! Well my friends I’m here to tell you that there is an easier way!

Setting up our Browsers We need to set an environmental variable. On Windows: Go into your computer properties, then click “Advance system settings” then “Environment Variables…” On Linux or Mac OS X: Ever wonder how Bitcoin (and other cryptocurrencies) actually work? Diffie-Hellman Key Exchange. The Illustrated TLS 1.3 Connection: Every Byte Explained. Wireless Report. 18 commands to monitor network bandwidth on Linux server – BinaryTides. Network monitoring on Linux This post mentions some linux command line tools that can be used to monitor the network usage.

18 commands to monitor network bandwidth on Linux server – BinaryTides

These tools monitor the traffic flowing through network interfaces and measure the speed at which data is currently being transferred. Incoming and outgoing traffic is shown separately. Some of the commands, show the bandwidth used by individual processes. This makes it easy to detect a process that is overusing network bandwidth. The tools have different mechanisms of generating the traffic report. Here is a list of the commands, sorted by their features. 1. 1. Nload is a commandline tool that allows users to monitor the incoming and outgoing traffic separately. So if you just need to take a quick look at the total bandwidth usage without details of individual processes, then nload will be handy. $ nload Installing Nload - Fedora and Ubuntu have got it in the default repos.

. # fedora or centos $ yum install nload -y # ubuntu/debian $ sudo apt-get install nload.