Bundeshack – Was lernen wir daraus?

2018-03-26T15:46:44+00:00Autor: Daniel Morlock

Ende Februar 2018 wurde öffentlich bekannt, dass das bisher als sicher geltende IT-Netzwerk der Bundesregierung (IVBB) infiltriert wurde. Der Angriff wurde zwar bereits im Dezember 2017 entdeckt, er soll jedoch schon seit Ende 2016 aktiv gewesen sein. Das bedeutet, dass das IT-Netzwerk der Bundesregierung fast ein ganzes Jahr unentdeckt kompromittiert wurde. Dabei spielt es aus IT-Sicht erst einmal eine weniger wichtige Rolle, wer hinter der Cyberattacke steckt. Vielmehr sollte man darüber nachdenken, welche Gründe solch einen Angriff überhaupt möglich machen: Vor kurzem berichtete die Süddeutsche Zeitung (SZ) in einem Artikel, dass die Angreifer das Mailprogramm Microsoft Outlook verwendet haben, um mit der Schadsoftware auf den infizierten Systemen zu kommunizieren. Wie die Schadsoftware auf den Rechner gelangt war, ist bisher nicht öffentlich bekannt.

Android App: Remote Keyboard

2017-11-09T10:17:29+00:00Autor: Daniel Morlock

As a big fan of open source software, I'm running my Android phone without Google's Play Store. The only resource for apps I use is FDroid. And there are some really nice apps available. In this post I'll show you how to install and setup a remote keyboard app that also includes clipboard management. And the best part: It does not require any special software! Installation There are many ways to install the app on your phone: Install it using one of the available markets. Remote Keyboard is available in the FDroid and in the Play Store. The FDroid store also offers a direct download link, so you don't need to use an app store at all, if you don't want to. Another way is of course to compile the source

OCSP Stapling on Nginx

2017-11-09T10:20:01+00:00Autor: Daniel Morlock

OCSP (Online Certificate Status Protocol) is an internet protocol used for obtaining the status of SSL certificates. It was created as an alternative to CRL (Certificate Revocation Lists) and is described in RFC 6960. In this post I'll try to explain the differences between CRL and OCSP and what OCSP stapling is good for. CRL and OCSP Here is how certificate validation is supposed to work: Browers and other clients are supposed to check somehow if the certificate some HTTPS website presents to them is still valid or was already revoked for some reason. In case of CRLs the client downloads a list, which contains a number of serial numbers of certificates which are no longer valid. The problem here is, that in order to access an HTTPS website, the

Migrate Windows 2000/XP/2003 from VMWare to Ganeti/KVM

2017-11-09T10:14:53+00:00Autor: Daniel Morlock

The migration of a virtual Windows 2003 Server system from an existing VMWare ESXi 5.0 machine to a new Ganeti cluster based on KVM was way harder than expected. The process discribed on this page should work for other virtualisation platforms as well. Just replace the Ganeti and ESXi specific commands with the corresponding commands of your virtualisation software. Prepare it! Before we start, it is important to know that without the appropriate modifications to the registry, a Windows 2000/XP/2003 Server refuses to boot from a new disk controller. Hence before shutting down the virtual machine, you have to install this registry patch available from the Microsoft Knowledge Base. Just follow the instruction of the knowledge base article to install the registry patch. This concerns