Posts by Richard42

Fail2Ban?

Great to see an article about this.

Been running my own mail server for over 15 years, Postfix + Spamassassin + Dovecot + (can't remember the AV software) + fail2ban.

Fail2ban is great, I see a lot of connections from spammers trying to brute crack users passwords and Fail2ban is set to ban them after 3 attempts, and it automatically unblocks these attempts after a couple of hours. (usual config time to unblock is a few minutes IIRC)

There are a couple of things in here I either never quite got working fully, or haven't used (GreyList) so will read the next installment closely.

So the attacher has to gain physical access to the router and plug a hacked USB device in to, I assume, gain root access to the router?

After which they can find out the wifi password with a bit of memory dumping?

To a router they're standing next to, that will very likely have free network ports, that they can plug into to gain access to the network they're trying to gain access to?

I know doing it this way will give them network access remotely once they've done it, but I'm sure there are other ways of doing the same that are a lot easier (plugging your own AP in that doesn't transmit it's SSID?)

Just doesn't seem that realistic an attack to me, so the "Millions" in the article title is the usual headline grabbing drivel.

Innovative

I do like this.

I suspect it is a real keyboard that has capacitive sensing on each key, so the keyboard as a whole can act as a very low res, crude touchpad. Which for the purposes described should work just fine.

Costs too much

It's nice that people can say that iThings cost too much...

http://www.theregister.co.uk/2014/09/19/smartphones_its_the_economics_stupid/

Can anyone say "unsustainable manufacturer subsidies"?