70 Things Every Computer Geek Should Know. | Arrow Webzine - StumbleUpon The term ‘geek’, once used to label a circus freak, has morphed in meaning over the years. What was once an unusual profession transferred into a word indicating social awkwardness. As time has gone on, the word has yet again morphed to indicate a new type of individual: someone who is obsessive over one (or more) particular subjects, whether it be science, photography, electronics, computers, media, or any other field. How to become a real computer Geek? Little known to most, there are many benefits to being a computer geek. You may get the answer here: The Meaning of Technical Acronyms USB – Universal Serial BusGPU – Graphics Processing UnitCPU – Central Processing UnitATA- AT Attachment (AT Attachment Packet Interface (ATAPI)SATA – Serial ATAHTML – Hyper-text Markup LanguageHTTP – Hypertext Transfer ProtocolFTP – File Transfer ProtocolP2P - peer to peer 1. One of the best list of default passwords. 1A. 2. 3. 4.
Security and risk Portail officiel de la sécurité informatique - ANSSI - République française 25 Best SSH Commands / Tricks - StumbleUpon OpenSSH is a FREE version of the SSH connectivity tools that technical users of the Internet rely on. Users of telnet, rlogin, and ftp may not realize that their password is transmitted across the Internet unencrypted, but it is. OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other attacks. SSH is an awesome powerful tool, there are unlimited possibility when it comes to SSH, heres the top Voted SSH commands 1) Copy ssh keys to user@host to enable password-less ssh logins. ssh-copy-id user@host To generate the keys use the command ssh-keygen 2) Start a tunnel from some machine’s port 80 to your local post 2001 ssh -N -L2001:localhost:80 somemachine Now you can acces the website by going to 3) Output your microphone to a remote computer’s speaker dd if=/dev/dsp | ssh -c arcfour -C username@host dd of=/dev/dsp This will output the sound from your microphone port to the ssh target computer’s speaker port.
Kioptrix Saying it’s been awhile is an understatement. Almost 2 years without a new vulnerable VM and over 2 years without a blog post. I only have myself to blame, but work and family life takes up most of my waking hours. This is a hobby and hobbies come last. I must start by saying how shocked I am with the reception my VMs have received since their inception. I never expected this little project would turn out the way it did. Why the new VM The original idea behind my VMs has always been about learning, not only for the people downloading them but for me as well. This new machine is no different. Why build these things… Which brings me to another point I wish to blabber about, why build these things. If you’re building a VM to submit to vulnhub.com (as an example), then you need to pay attention to how your machine reacts to scans and attacks. So I’ve come to the part where I’m babbling and writing for the sake of writing which is my queue to stop. -loneferret About the VM
Avec Firesheep, même les nuls en informatique vont pouvoir pirater votre compte Facebook Ce qu’il y a de bien avec le web, c’est la rapidité des processus de vulgarisation, qui transforment inéluctablement les techniques les plus pointues en applications pour le grand public. Et ça marche même pour le piratage et l’usurpation d’identité. En voici un dernier exemple. Selon le côté où vous vous placez et votre état Ce qu’il y a de bien avec le web, c’est la rapidité des processus de vulgarisation, qui transforment inéluctablement les techniques les plus pointues en applications pour le grand public. En voici un dernier exemple. Firesheep ? C’est ce que l’on appelle une session, dont les données de connexion privées sont stockées dans un cookie. Récapitulons : vous êtes dans une salle d’attente à l’aéroport, en train de surfer sur le web grâce à une connexion WiFi ouverte et non sécurisée que votre PC portable a repérée. Tout cela sans débourser un centime et en installant juste une extension Firefox. Pure philanthropie ? (source)
Krebs on Security ::eSploit:: Phishing - HTML5 fullscreen api Quick! Click this link to Bank Of America. There’s nothing fishy about it at all! I promise! Go ahead — hover your mouse over the link to see where it goes. There is only one way to find out if I’m telling the truth — just click the link already! [NOTE: The demo only works with a normal click on the link. What just happened? Ok, I lied — the link was pretty fishy afterall. The fake Bank of America site is adorned with OS and browser UI that indicates you are actually on Also, note the green lock in the location bar, which indicates that TLS (i.e. The “Fullscreen API” explained The Fullscreen API (see W3C docs and MDN docs) allows web developers show web content that fills up the user’s screen completely. Note that most browsers have had user-triggerable full-screen functionality for some time now. This is nice because the developer can design a fullscreen button which looks like part of their site (a la YouTube and Facbeook). How the attack works