9 to 5

posted 6 months ago @ 1396654300

Xeon Phi Resources

posted 1 year ago @ 1376484183

where is all the content?

well,.. i’ve changed to twitter for most of my link/info/whatever spam.
i’ll continue to use tumblr though, but rarely and for longer texts with original content.

for the time being visit my twitter profile, if you’re interested: https://twitter.com/a_z_e_t

posted 1 year ago @ 1356811265

l8security:

In regards to http://www.kb.cert.org/vuls/id/281284

I don’t have time to write up a full post on this like I wanted to. Here’s the details you wanted anyways:

File: NetWorkManager.class
......
public class NetworkManager
{
private static final int DEFAULT_PORT = 161;
private static final int[] DEFAULT_TIMEOUT = { 1000, 2000, 2000 };
private static final int DEFAULT_DELAY = 60000;
private static final int DEFAULT_PERIOD = 60000;
private static final String SECRET_PUBLIC = "s!a@m#n$p%c";
private static final int CUSTOM_TRAPPORT = 1118;
private static String m_sPublic = "s!a@m#n$p%c";
private static String m_sHost = null;
private static int m_iport = 161;
private static int[] m_timeout = DEFAULT_TIMEOUT;
private static URL m_SETURL = null;
....... 

(via l8security-deactivated20130523)

posted 1 year ago @ 1354195998
posted 2 years ago @ 1350559080

fail2ban update

for the moment i turned off my fail2ban script, since not even a single network operator responded to the automated e-mails. most DoS & brute force attempts are still coming out of asia. i’m quite lazy at the moment, but it might be a good idea in the future to automate the whole thing instead with public honeypot projects and/or APIs of content-delivery networks.

abuse mailboxes are obviously rarely read anymore.

posted 2 years ago @ 1345411002

ABSTRACT
In this paper we present a man-in-the-middle attack on the Universal Mobile Telecommunication Standard (UMTS), one of the newly emerging 3G mobile technologies. The attack allows an intruder to impersonate a valid GSM base station to a UMTS subscriber regardless of the fact that UMTS authentication and key agreement are used. As a result, an intruder can eavesdrop on all mobile-station-initiated traffic. Since the UMTS standard requires mutual authentication between the mobile station and the network, so far UMTS networks were considered to be secure against man-in-themiddle attacks. The network authentication defined in the UMTS standard depends on both the validity of the authentication token and the integrity protection of the subsequent security mode command. We show that both of these mechanisms are necessary in order to prevent a man-in-the-middle attack. As a consequence we show that an attacker can mount an impersonation attack since GSM base stations do not support integrity protection. Possible victims to our attack are all mobile stations that support the UTRAN and the GSM air interface simultaneously. In particular, this is the case for most of the equipment used during the transition phase from 2G (GSM) to 3G (UMTS) technology

posted 2 years ago @ 1341960495

"Towards a formal theory of computer insecurity: a language-theoretic approach"

posted: 2 years ago @ 1341262181
posted 2 years ago @ 1341173737

call for survey & update: fail2ban serve abuse notice

i’m running the script (see: http://mulog.azet.org/post/24057415513) now for a few days and am noticing that almost all anti-spam or abuse adresses provided by chinese ISPs bounce or are inexistent. addresses like “anti_spam@mail.hz.zj.cn” (this is a real one!) seem to be fake. can someone confirm this?

@terrorobe suggested a centralized abuse reporting website, someone willing to write this stuff? i don’t have enough free time at the moment, but this sounds like a great idea.

my idea was to permanently block malicious IP-networks and give v4 space back to the appropriate appointed authorities (RIPE and so forth) after some time. in my experience with ESPs (E-Mail Service Providers), you can’t use blacklisted IPs for months or even years once they are on them. so why waste precious IPv4 space?

posted 2 years ago @ 1338565560

fail2ban serve abuse notice

i wrote a short script intended to be used as a cronjob to warn network admins of attacks originating from their network, maybe you’ll find it useful: https://github.com/azet/fail2ban_serve_notice

posted 2 years ago @ 1338375381

NMDA receptors and alcohol

a short summary of recent papers:

http://www.ncbi.nlm.nih.gov/pubmed/10857388 - Regulation of NMDA receptors by ethanol. Kumari M, Ticku MK. - Department of Pharmacology, University of Texas Health Science Center, San Antonio 78229, USA.
http://www.scienceblog.com/community/older/2001/A/200110251.html - Probing alcohol’s actions in the brain
http://www.ncbi.nlm.nih.gov/books/NBK5284/ - Biology of the NMDA Receptor. Van Dongen AM, editor. Boca Raton (FL): CRC Press; 2009. - Chapter 4The NMDA Receptor and Alcohol Addiction
http://www.pnas.org/content/108/16/6650 - Alcohol inhibition of the NMDA receptor function, long-term potentiation, and fear learning requires striatal-enriched protein tyrosine phosphatase
http://bit.ly/IZBKEs - Involvement of NMDA receptors in alcohol-mediated behavior: mice with reduced affinity of the NMDA R1 glycine binding site display an attenuated sensitivity to ethanol

posted 2 years ago @ 1337201300
posted 2 years ago @ 1336843941
posted 2 years ago @ 1336673919

full text - open access.

posted 2 years ago @ 1333546800
»»»
- backtrace -