• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer
  • Home
  • Buy a Domain Name
  • Create your own VM ($25 Credit)
  • Setup Domain Email
  • Setup Server Monitoring
  • About

Code, InfoSec and Server Stuff

Views are my own and not my employer's

Personal Development Blog...

Coding for fun since 1996, Learn by doing and sharing.

Buy a domain name, then create your own server (get $25 free credit)

"If you're not still learning, you're already dying."
- Ryan Holiday - Ego is the Enemy

Follow me on Twitter: @FearbySoftware

View All Posts.

  • Cloud
    • I moved my domain to UpCloud (on the other side of the world) from Vultr (Sydney) and could not be happier with the performance.
    • How to buy a new domain and SSL cert from NameCheap, a Server from Digital Ocean and configure it.
    • Setting up a Vultr VM and configuring it
    • All Cloud Articles
  • Development
    • I moved my domain to UpCloud (on the other side of the world) from Vultr (Sydney) and could not be happier with the performance.
    • How to setup pooled MySQL connections in Node JS that don’t disconnect
    • NodeJS code to handle App logins via API (using MySQL connection pools (1000 connections) and query parameters)
    • Infographic: So you have an idea for an app
    • All Development Articles
  • MySQL
    • Using the free Adminer GUI for MySQL on your website
    • PHP 7 code to send object oriented sanitised input data via bound parameters to a MYSQL database
    • All MySQL Articles
  • Performance
    • I moved my domain to UpCloud (on the other side of the world) from Vultr (Sydney) and could not be happier with the performance.
    • Measuring VM performance (CPU, Disk, Latency, Concurrent Users etc) on Ubuntu and comparing Vultr, Digital Ocean and UpCloud – Part 1 of 4
    • Speeding up WordPress with the ewww.io ExactDN CDN and Image Compression Plugin
    • Setting up a website to use Cloudflare on a VM hosted on Vultr and Namecheap
    • All Performance Articles
  • Security
    • Using the Qualys FreeScan Scanner to test your website for online vulnerabilities
    • Using OWASP ZAP GUI to scan your Applications for security issues
    • Setting up the Debian Kali Linux distro to perform penetration testing of your systems
    • Enabling TLS 1.3 SSL on a NGINX Website (Ubuntu 16.04 server) that is using Cloudflare
    • PHP implementation to check a password exposure level with Troy Hunt’s pwnedpasswords API
    • Setting strong SSL cryptographic protocols and ciphers on Ubuntu and NGINX
    • Securing Google G Suite email by setting up SPF, DKIM and DMARC with Cloudflare
    • All Security Articles
  • Server
    • I moved my domain to UpCloud (on the other side of the world) from Vultr (Sydney) and could not be happier with the performance.
    • All Server Articles
  • Ubuntu
    • I moved my domain to UpCloud (on the other side of the world) from Vultr (Sydney) and could not be happier with the performance.
    • Useful Linux Terminal Commands
    • All Ubuntu Articles
  • VM
    • I moved my domain to UpCloud (on the other side of the world) from Vultr (Sydney) and could not be happier with the performance.
    • All VM Articles
  • WordPress
    • Speeding up WordPress with the ewww.io ExactDN CDN and Image Compression Plugin
    • Installing and managing WordPress with WP-CLI from the command line on Ubuntu
    • How to backup WordPress on a host that has CPanel
    • Moving WordPress to a new self managed server away from CPanel
    • Moving a CPanel domain with email to a self managed VPS and Gmail
    • All WordPress Articles
  • All

WPA

Flaw in WPA2 protocol (KRACK) is a reminder of the limited life of all technology.

October 17, 2017 by Simon

The recent KRACK flaw in the WPA2 protocol is a reminder of the limited life of all technology. All technology has a finite lifespan (intended or not) and you should not bet on a piece of technology being around long.

Advertisement:



Wireless Broken (Again)

WEP wireless security was launched in 1997 and lasted until 2004, WPA and WPA2 replaced WEP but the recent flaw in WPA2 (originated from WEP) will forge an update to WPA2 or launch a WPA3. WPA2 was just a certified WPA.

WPA wireless encryption uses TKIP and AES encryption subsets, TKIP is similar to WEP and should not be used. AES subset is a more rigorous encryption subset available in WPA2 (and is used by the US Government. AES’s main weakness is a brute force attack to find the wireless password so ALL of your passwords must be unique and strong. Do not use common or shared passwords and make sure passwords are as strong as allowed.  I personally use the 1Password Password Manager to generate strong passwords and if you are feeling nerdy you can use the GRC Password Generator. https://howsecureismypassword.net/ is a good site that allows you to see how secure a password is (how long a brute force attack would take to obtain your password by brute force).

What can you do to fix wifi

  1. If you are using TKIP in WPA use AES instead.
  2. Check your WiFi routers manufacturer and ask for a new firmware that will fix the KRACK attack.

@TPLINK @TPLINKHelp When will new firmware be available for the TD-W8961N fo fix krackattacks.com ?

It is up to you to know the rick for each technology you use and when you stop using it.

Support Windows

Most operating systems and web browsers have support windows but security protocols, encryption and cyphers do not? why?

Not just Wifi is Broken

As a developer always assume things are insecure and always prepare for the worst, you should ensure brute force attacks are blocked by setting up a firewall on your serves, run a security audit and install software level plugins to ban IP’s when brute force attacks happen.  Don’t forget to set up an SSL certificate (read my Lets Encrypt guide here) and if you want extra security read here on SSL certificate Public Key Pinning.

You can deploy a server in the cloud for as low as $2.5 a month (guide here) on Vultr or set up a server on Digital Ocean (first 2 months are free) read my setup guide here.

Depreciation of libraries and code

Software developers are all too familiar with the depreciation of libraries and code, recently I had to switch from mysql_connect routines that was deprecated in PHP 5.5, luckily a mysqli_connect was available so not a real problem.

Having to switch technology to a faster and or more secure version is a win-win IMHO.

 

Backup

Whats your backup plan? Don’t forget you can easily backup with RSync. There is no excuse for backing up your data.

Git

You should also use source code repositories like GitHub or BitBucket to manage code versions and restore environments when things go bad.

Social Media

Security-related twitter followers I personally follow to keep up to date with security news.
 
GFDI Foundation:
https://twitter.com/GDI_FDN
 
0xDUDE
https://twitter.com/0xDUDE
 
Security Now Podcaster:
https://twitter.com/SGgrc
 
Australian Security Researcher Troy Hunt:
https://twitter.com/troyhunt

Hashtags are also a great way to stay up to date on exploits (#KRACK, #vuln, #CVE etc).

Handy links

Read more on hackers Tactics, Techniques & Common Knowledge.

Read the OWASP guide to pick up software security best practices.

Stay safe: Research, Secure and Backup.

More Soon..

 

Donate and make this blog better




Ask a question or recommend an article

Your Name (required)

Your Email (required)

Your Question

Revision History

v1.1 Added support windows..

etc

Filed Under: Security Tagged With: CRACK, CVE, security, WAp, wireless, WPA, WPA2

Primary Sidebar

Advertisement:



Poll

What would you like to see more posts about?
Results

Support this Blog

Create your own server today (support me by using these links

Create your own server on UpCloud here ($25 free credit).

Create your own server on Vultr here.

Create your own server on Digital Ocean here ($10 free credit).

Remember you can install the Runcloud server management dashboard here if you need DevOps help.

Tags

Advice (15) Analytics (7) Android (6) App (9) Apple (8) AWS (8) Backup (13) Blog (6) Business (8) CDN (7) Cloud (45) Cloudflare (8) Cost (6) Development (26) Digital Ocean (12) DNS (10) Domain (25) Firewall (12) Hosting (18) IoT (6) JIRA (6) LetsEncrypt (7) Linux (17) Marketing (11) MySQL (21) Networking (6) NGINX (9) NodeJS (10) OS (9) PHP (11) Scalability (12) Scalable (14) Security (39) SEO (7) Server (25) Software (7) ssl (17) Status (6) Tech Advice (9) Ubuntu (37) UpCloud (10) VM (41) Vultr (23) Website (13) Wordpress (25)

Disclaimer

Terms And Conditions Of UseAll content provided on this "www.fearby.com" blog is for informational purposes only. Views are his own and not his employers. The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site. Never make changes to a live site without backing it up first.

Footer

Popular

  • Add two factor auth login protection to WordPress with YubiCo hardware YubiKeys and or 2FA Authenticator App
  • Setup two factor authenticator protection at login on Ubuntu or Debian
  • Using the Yubico YubiKey NEO hardware-based two-factor authentication device to improve authentication and logins to OSX and software
  • I moved my domain to UpCloud (on the other side of the world) from Vultr (Sydney) and could not be happier with the performance.
  • How to setup pooled MySQL connections in Node JS that don’t disconnect
  • Measuring VM performance (CPU, Disk, Latency, Concurrent Users etc) on Ubuntu and comparing Vultr, Digital Ocean and UpCloud – Part 1 of 4
  • Monitor server performance with NixStats and receive alerts by SMS, Push, Email, Telegram etc
  • Speeding up WordPress with the ewww.io ExactDN CDN and Image Compression Plugin
  • Add Google AdWords to your WordPress blog

Security

  • Check the compatibility of your WordPress theme and plugin code with PHP Compatibility Checker
  • Add two factor auth login protection to WordPress with YubiCo hardware YubiKeys and or 2FA Authenticator App
  • Setup two factor authenticator protection at login on Ubuntu or Debian
  • Using the Yubico YubiKey NEO hardware-based two-factor authentication device to improve authentication and logins to OSX and software
  • Setting up DNSSEC on a Namecheap domain hosted on UpCloud using CloudFlare
  • Set up Feature-Policy, Referrer-Policy and Content Security Policy headers in Nginx
  • Securing Google G Suite email by setting up SPF, DKIM and DMARC with Cloudflare
  • Enabling TLS 1.3 SSL on a NGINX Website (Ubuntu 16.04 server) that is using Cloudflare
  • Using the Qualys FreeScan Scanner to test your website for online vulnerabilities
  • Beyond SSL with Content Security Policy, Public Key Pinning etc
  • Upgraded to Wordfence Premium to get real-time login defence, malware scanner and two-factor authentication for WordPress logins
  • Run an Ubuntu VM system audit with Lynis
  • Securing Ubuntu in the cloud
  • No matter what server-provider you are using I strongly recommend you have a hot spare ready on a different provider

Code

  • Useful Java FX Code I use in a project using IntelliJ IDEA and jdk1.8.0_161.jdk
  • No matter what server-provider you are using I strongly recommend you have a hot spare ready on a different provider
  • How to setup PHP FPM on demand child workers in PHP 7.x to increase website traffic
  • Installing Android Studio 3 and creating your first Kotlin Android App
  • PHP 7 code to send object oriented sanitised input data via bound parameters to a MYSQL database
  • How to use Sublime Text editor locally to edit code files on a remote server via SSH
  • Creating your first Java FX app and using the Gluon Scene Builder in the IntelliJ IDEA IDE
  • Deploying nodejs apps in the background and monitoring them with PM2 from keymetrics.io

Tech

  • Check the compatibility of your WordPress theme and plugin code with PHP Compatibility Checker
  • Is OSX Mojave on a 2014 MacBook Pro slower or faster than High Sierra
  • Telstra promised Fibre to the house (FTTP) when I had FTTN and this is what happened..
  • The case of the overheating Mac Book Pro and Occam’s Razor
  • Useful Linux Terminal Commands
  • Useful OSX Terminal Commands
  • Useful Linux Terminal Commands
  • What is the difference between 2D, 3D, 360 Video, AR, AR2D, AR3D, MR, VR and HR?
  • Application scalability on a budget (my journey)
  • Monitor server performance with NixStats and receive alerts by SMS, Push, Email, Telegram etc
  • Why I will never buy a new Apple Laptop until they fix the hardware cooling issues.

Wordpress

  • Telstra promised Fibre to the house (FTTP) when I had FTTN and this is what happened..
  • Check the compatibility of your WordPress theme and plugin code with PHP Compatibility Checker
  • Add two factor auth login protection to WordPress with YubiCo hardware YubiKeys and or 2FA Authenticator App
  • Monitor server performance with NixStats and receive alerts by SMS, Push, Email, Telegram etc
  • Upgraded to Wordfence Premium to get real-time login defence, malware scanner and two-factor authentication for WordPress logins
  • Wordfence Security Plugin for WordPress
  • Speeding up WordPress with the ewww.io ExactDN CDN and Image Compression Plugin
  • Installing and managing WordPress with WP-CLI from the command line on Ubuntu
  • Moving WordPress to a new self managed server away from CPanel
  • Moving WordPress to a new self managed server away from CPanel

General

  • Infographic: So you have an idea for an app
  • Restoring lost files on a Windows FAT, FAT32, NTFS or Linux EXT, Linux XFS volume with iRecover from diydatarecovery.nl
  • Building faster web apps with google tools and exceed user expectations
  • Why I will never buy a new Apple Laptop until they fix the hardware cooling issues.
  • Telstra promised Fibre to the house (FTTP) when I had FTTN and this is what happened..

Copyright © 2019 · News Pro on Genesis Framework · WordPress · Log in

Some ads on this site use cookies. You can opt-out if of local analytics tracking by scrolling to the bottom of the front page or any article and clicking "You are not opted out. Click here to opt out.". Accept Reject Read More
GDPR, Privacy & Cookies Policy