All posts by admin

Wi-Fi- IEEE 802.11i-2004-Wireless security

In summary an attacker can clone your existing wifi connection. After which point you will connect to the clone connection without knowing. The attack method will also remove any secure connection ( https – SSL ) . Let see you visit this live and vulnerable website http://www.artsandscraps.org/ . This site is a Joomla based website and you enter your login details at http://www.artsandscraps.org/administrator/ . The attacker can grab those details unecrypted because they have clone your wifi connection. The website owner should force all web traffic to https://www.artsandscraps.org/administrator/ . which is a secure connect and encrypted. Here is the downside. The website owner is allowing secure and unsecure connection which puts you the user at risk.

We will documents some work around and ways you can protect yourself. Keep in mind the attacker do not need your wifi key for this to work.

From the searchers who discovered the vulnerability . krackattacks.com
As a proof-of-concept we executed a key reinstallation attack against an Android smartphone. In this demonstration, the attacker is able to decrypt all data that the victim transmits. For an attacker this is easy to accomplish, because our key reinstallation attack is exceptionally devastating against Linux and Android 6.0 or higher. This is because Android and Linux can be tricked into (re)installing an all-zero encryption key (see below for more info). When attacking other devices, it is harder to decrypt all packets, although a large number of packets can nevertheless be decrypted. In any case, the following demonstration highlights the type of information that an attacker can obtain when performing key reinstallation attacks against protected Wi-Fi networks:

Additional reading arstechnica.com

GNOME : gsettings

gsettings configurations :

GSettings — High-level API for application settings

Set the screen blank timeout settings to 30 min
Timeout for blanking the screen (seconds; 0 = never):
gsettings set org.gnome.desktop.session idle-delay 1800

Set the Screensaver lock timer
Timeout for locking the screen after blanking (seconds; 0 = instant):
gsettings set org.gnome.desktop.screensaver lock-delay 0

Upgrading Fedora 25 Workstation to Fedora 26

Using the command line

If you’ve upgraded from past Fedora releases, you are likely familiar with the dnf upgrade plugin. This method is the recommended and supported way to upgrade from Fedora 25 to Fedora 26. Using this plugin will make your upgrade to Fedora 26 simple and easy.

1. Update software and back up your system

Before you do anything, you will want to make sure you have the latest software for Fedora 25 before beginning the upgrade process. To update your software, use GNOME Software or enter the following command in a terminal.

sudo dnf upgrade –refresh
Additionally, make sure you back up your system before proceeding. For help with taking a backup, see the backup series on the Fedora Magazine.

2. Install the DNF plugin

Next, open a terminal and type the following command to install the plugin:

sudo dnf install dnf-plugin-system-upgrade
3. Start the update with DNF

Now that your system is up-to-date, backed up, and you have the DNF plugin installed, you can begin the upgrade by using the following command in a terminal:

sudo dnf system-upgrade download –releasever=26
Then
sudo dnf system-upgrade reboot

Reference Fedora Mag