Month: July 2016

Creating a Highly Interactive Honeypot With HonSSH

HonSSH is essentially an SSH proxy, acting like a Man-in-The-Middle attack. It sits between the attacker and a honeypot and proxies the SSH connections. By doing this it can log all interactions, spoof (rewrite) login passwords and even capture files downloaded by the attacker on to the honeypot for later analysis. Below is my topology: Configuring the Honeypot Server For the honeypot server (the server attackers will login to), I’m using Ubuntu 14.04

Read More

A Guide to Using Let’s Encrypt

Up until a few moments ago, I was using CAcert for all my certificate needs. A free service offering SSL/TLS certificates. The only issue with CAcert is that their Root Certificate is not included in all mainstream Operating Systems or browsers, meaning users will get a certificate error unless they choose to install the Root Certificate. But now Let’s Encrypt is on the scene. A free, open and automated certificate authority that is

Read More

Reviving an Acer Aspire One ZG5 Netbook

I was given an Acer Aspire One ZG5 (A110) and asked to try to update it. There were a few problems with it. Firstly, it was running Ubuntu 12.04 but the upgrade to Precise Pangolin had broken and wasn’t easily recoverable. Secondly, the battery appeared to be dead and wouldn’t charge. In addition I also found that a BIOS password (“user” and “supervisor”) had been set but the password wasn’t

Read More