Darth Null and... Information Security
@DarthNull avatar
David Schuetz presents random words from a cluttered mind.
menu button
Darth Null
and... Information Security
David Schuetz presents random words from a cluttered mind.
@DarthNull avatar

Update on August Ping Storms

post type iconOct 1, 2024 - 3900 Words -
A few days ago, I wrote about what GreyNoise have been calling “Noise Storms,” extended periods of high-volume ping traffic detected by many of their sensors, coming from…many different sources. The most intriguing of these were packets with the word “LOVE” in plaintext in the ping payload, and in my post, I offered a possible explanation of that traffic. At least, at a technical level – what they’re doing with those packets, well, that’s a different puzzle.

Ping Storms at GreyNoise

post type iconSep 27, 2024 - 2600 Words -
Earlier this month, I attended BSidesNoVA in Arlington, where the keynote was presented by Andrew Morris of GreyNoise. Using sensors distributed all over the world, GreyNoise collects…background noise…on the Internet. Basically, they watch and monitor activity that hits lots of hosts randomly – network mapping, port scanning, doorknob rattling. If you see someone trying to break into your SSH server, you can check GreyNoise to see if that person (well, their IP, anyway) has been seen doing such things in the past.

1Password - Full Trip from Unlock to Encryption

post type iconNov 12, 2018 - 1900 Words -
It occurred to me sometime after I’d finished my talk that I should have a single post that pulls all the elements together. So here’s a complete walkthrough from Master Password all the way to decrypted Vault Item. If you’ve missed the first parts of the series, here’s a good starting point. General Process First, let’s review the overall sequence of events. It’s a little complicated at the beginning, depending on which client we’re using.

BSidesDE - A deep dive into 1Password Security

post type iconNov 9, 2018 - 100 Words -
Thanks to BSides Delaware for the chance to go super-geeky about how 1Password works. Here are the slides from my talk, which give a basic introduction to how it all works. See this extended series for super-detailed technical information and examples. Click on the link above to download a copy of the slides.

1Password - Wrapping up with a few quick topics

post type iconNov 9, 2018 - 1400 Words -
Thanks for reading! I hope you’ve enjoyed this deep dive into how 1Password works. We’ve covered a lot: Why I even went down this path Unlocking macOS clients and the 2SKD process Unlocking Windows clients Decrypting data in the cloud-based vault system Unlocking and decrypting local vaults But there’s actually quite a bit I haven’t touched upon. Password Strength One thing I totally skipped over was the strength of the master password.