May 25, 2019

Recent Posts

Crypto Jacking – The New Threat

In this post I will discuss the new threat of Crypto Jacking – what it is, where it came from and why you should be on the look out. What is Crypto Jacking? Crypto Jacking is where malicious code is installed on your infrastructure/Computer with the aim of using your processing power to mine Crypto […]

DNS Sinkhole – What is it & Why do I need one?

In this post I will talk about DNS Sinkholing, what it is and how it can help you identify potentially infected machines. Useful in the fight against malware such as viruses, Ransomware and Crypto Jacking! What is DNS? Domain Name System – in very basic terms, the internet (and local networks) are all routed by […]

FortiGate :: HA Routed Failover w/ Session Failover

A recent requirement that came up was for there to be a redundant pair of firewalls, which allowed for session failover, configuration synchronisation and also maintain different external IPs and seperate BGP peering. A niche request, but something that was supported with FortiGates. Below details some configuration examples to achieve this. Config and Session Sync […]

How to configure a Rotating, long term packet capture using Wireshark.

Introduction Wireshark is an awesome tool for troubleshooting network traffic. Although the Wireshark GUI is not designed for long term packet captures and left running would simply fill the hard drive of the server/pc running the program. Within Wireshark there is a tiny built in Windows command line tool called ‘dumpcap’ which at less than […]

OSPFv3 Virtual Link Configuration

In this article, you find many use cases for OSPF virtual links when and how they are used. We will dive into OSPFv3 for this example. All areas in an OSPF autonomous system must be physically connected to the backbone area (area 0). In some cases where this physical connection is not possible, Virtual-Links are […]

Getting really low :: Backdooring an EXE

So recently I started my OSCE and part of it is backdooring an executable and doing some other things.  There are loads  of guides on the interwebz that basically just regurgitate the course content verbatim and claim it as their own.  I won’t provide links but trust me, they are out there.  These sites / blogs […]

Security Concerns :: Ransomware

Working for a security consultancy/MSSP business, I come across a lot of customers who in the past have gone to companies seeking advice on a particular security threat that is getting more media attention at that particular moment. More often than not, the “Security Expert” (salesman…) sells them a device; promising them it will fix all […]

How secure is IEEE802.1x?

I’m a huge fan of deploying “dot1x”.  With very little configuration (a Windows NPS server, a little group policy and some access switch commands) you can authenticate every device that connects to your network.  Unlike MAC based security, dot1x ensures that your devices must be successfully authenticated by a centralised RADIUS server before they are […]

Kali Linux :: Email Harvesting

In this post, I will show you a tool in Kali Linux that’s able to harvest email addresses that are publicly available on the internet. Why do I want to harvest emails? When working with a company to run a phishing campaign against you (for testing purposes), or indeed a hacker running a malicious phishing […]

My first Exploit-DB Post!!

Recently I’ve started to get interested in bug hunting to further my understanding of all sorts of programming languages and I highly recommend it! Today I decided to turn my attention to the Netman 204 card by Riello which is a small network management card which provides the ability to monitor Riello UPS products and […]
Page 2 of 6«12345 » ...Last »

Subscribe to SYNACK via Email