Network Namespaces have been around for a while, but there may be be some very practical ways to use them that you’ve never considered. Wes does a deep dive into a very flexible tool.

Plus what might be the world’s most important killswitch, the real dollar values for stolen credentials & the 19 year old attack that’s back.

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

• HD Video
• MP3 Audio
• YouTube
• HD Torrent

RSS Feeds:

HD Video Feed | MP3 Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

Show Notes:

The Market for Stolen Account Credentials

Usernames and passwords to active accounts at military personnel-only credit union NavyFederal.com fetch $60 apiece,

while credentials to various legal and data aggregation services from Thomson Reuters properties command a $50 price tag.

Hackers Target Plant Safety Systems

FireEye reported that a plant of an unmentioned nature and location (other firms believe it’s in the Middle East) was forced to shut down after a hack targeted its industrial safety system

— it’s the first known instance of a breach like this taking place.

• Source at FireEye

R OBOT Attack: 19-Year-Old Bleichenbacher Attack On Encrypted Web Reintroduced

A 19-year-old vulnerability has been re-discovered in the RSA implementation from at least 8 different vendors—including F5, Citrix, and Cisco—that can give man-in-the-middle attackers access to encrypted messages.

• The ROBOT Attack – Return of Bleichenbacher’s Oracle Threat

• robot-detect: Detection script for the ROBOT vulnerability

WannaCry: End of Year Retrospective

Last November marked the six-month anniversary of WannaCry, arguably the most impactful global cyberattack in history. The persisting WannaCry attack is a re-purposed ransomware strain amplified by (allegedly) leaked exploit code from the NSA.

• Why NSA spied on inexplicably unencrypted Windows crash reports | Ars Technica

Linux Network Namespaces Explained

• Namespaces in operation, part 7: Network namespaces

• namespaces(7) – Linux manual page

• Network Namespaces » ADMIN Magazine

• Network namespaces – Unweaving the web

• How to Get the Network Namespace Associated With a Socket

• Virtual Ethernet devices

• Testing network software with pytest and Linux namespaces

• lldpd » implementation of IEEE 802.1ab (LLDP)

• Routing & Network Namespaces

• VRF for Linux – Cumulus Networks Blog

• linux/vrf.txt at master · torvalds/linux

• Using VRFs with linux

Feedback

Reboot Follow Up

• People REALLY love the MP3 Chapters. Check to see if your Podcast player supports them.

• Overcast

• Pocket Casts
• AntennaPod – Android Apps on Google Play

• Podcast Addict – Android Apps on Google Play

• Why someone would need a keylogger for developing a audio driver.

• DHCPDECLINE over and over again

• DHCP Snooping

Hidden Backdoor Found In WordPress Captcha Plugin Affects Over 300,000 Sites

This backdoor code was designed to create a login session for the attacker, who is the plugin author in this case, with administrative privileges, allowing them to gain access to any of the 300,000 websites (using this plugin) remotely without requiring any authentication.