Connecting to legacy servers with OpenSSH

Phasing out legacy cryptographic algorithms can always be an interesting endeavor as terminating to early breaks stuff and to late it can lead to a compromise. OpenSSH disabled DSA with version 7.0 in March 2015 as 5 years earlier it was discovered that DSA was compromised and labelled as insecure. Normally this shouldn’t be a […]

Emoji in URLs are probably a bad idea…

On the dns-operations mailing list there were already discussions about parties who bought domains like ♀.com (xn--e5h.com), but the following is also an interesting development. Emoji in URLs are probably a bad idea… probably: https://t.co/agIckLlvSC ? #phishing #unicode #emoji pic.twitter.com/hMuuTWO1fn — x0rz (NOT@DEFCON) (@x0rz) July 17, 2017 When will we find pages with “special” Web […]

Kali Linux 2016.2

Last week Kali Linux 2016.2 was released so it was time to make a new VirtualBox instance for it to see the difference from the release in January. But let’s automate a little bit to quickly rebuild virtual machines for Kali Linux. $ cd ~/Downloads $ wget http://cdimage.kali.org/kali-2016.2/kali-linux-2016.2-amd64.iso Let’s create the virtual machine and boot […]